hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
39,499 Commits 1,671 Branches 157 Tags
097d5189e9bbaecfd0e239e5198ac8e8ac14f2f6
Commit Graph

96 Commits

Author SHA1 Message Date
Max Schaefer
74e3709de1 JavaScript: Add missing query id in change notes. 2018-12-07 08:25:28 +00:00
Felicity Chapman
6a7b528280 1.19: Finalize change notes for JavaScript 2018-12-06 08:44:35 +00:00
Max Schaefer
2e45c50067 JavaScript: Correct change note for new query. 
"Hard-coded data interpreted as code" is run, but not shown by default.
 2018-12-04 14:40:03 +00:00
semmle-qlci
3d058a2895 Merge pull request #603 from xiemaisi/js/fix-inconsistent-new 
Approved by asger-semmle, esben-semmle
 2018-12-03 16:48:55 +00:00
Max Schaefer
1a3e3baf80 JavaScript: Add change note. 2018-12-03 09:06:48 +00:00
semmle-qlci
608d84cfa3 Merge pull request #561 from asger-semmle/useless-conditional-change-note 
Approved by esben-semmle
 2018-11-30 11:37:51 +00:00
Asger F
f85e30aa6c Merge pull request #571 from xiemaisi/js/numeric-constant-interpreted-as-code 
JavaScript: Add new query `HardcodedDataInterpretedAsCode`.
 2018-11-29 17:07:48 +00:00
Max Schaefer
73ce0f17d6 JavaScript: Americanise change note spelling. 2018-11-29 11:23:47 +00:00
Max Schaefer
8637eaf100 JavaScript: Address review comments. 2018-11-29 10:48:44 +00:00
Max Schaefer
5f16406ad7 JavaScript: Add new query HardcodedDataInterpretedAsCode. 2018-11-29 09:52:31 +00:00
Asger F
8017df1750 JS: add change note for UselessConditional.ql 2018-11-28 14:14:58 +00:00
Max Schaefer
31d23b6295 JavaScript: Sort change notes alphabetically. 2018-11-28 08:16:31 +00:00
Max Schaefer
f9de1d44ca JavaScript: Add change notes. 2018-11-28 08:16:31 +00:00
Max Schaefer
8e54c7ab6c Merge pull request #503 from asger-semmle/unsafe-global-object-access 
JS: add method name injection query
 2018-11-26 15:56:20 +00:00
semmle-qlci
04c2b23abd Merge pull request #520 from esben-semmle/js/clear-text-logging-taint-kinds 
Approved by asger-semmle
 2018-11-23 12:40:40 +00:00
Esben Sparre Andreasen
b780f82869 JS: sharpen js/clear-text-logging (ODASA-7485) 2018-11-22 13:38:43 +01:00
semmle-qlci
4e72a08b8d Merge pull request #507 from esben-semmle/js/mixed-static-intance-this-access-inheritance 
Approved by xiemaisi
 2018-11-21 16:07:25 +00:00
semmle-qlci
f5d3274655 Merge pull request #508 from esben-semmle/js/indirect-global-call-with-default-arguments 
Approved by xiemaisi
 2018-11-21 16:06:46 +00:00
Asger F
27c9326e70 JS: address doc review 2018-11-21 14:19:14 +00:00
Asger F
4ae2493798 JS: rename query to Unsafe Dynamic Method Access 2018-11-21 12:34:18 +00:00
Esben Sparre Andreasen
caea6212ed JS: use inheritance in js/mixed-static-instance-this-access 2018-11-21 09:48:37 +01:00
Asger F
2239f863f7 JS: add query MethodNameInjection 2018-11-20 15:57:18 +00:00
Esben Sparre Andreasen
82fc8ae32a JS: support indirection with extra args in js/missing-this-qualifier 2018-11-20 11:29:03 +01:00
Esben Sparre Andreasen
54fea1a4cb JS: support "xyz:nomunge" YUI compressor directives 2018-11-20 09:00:33 +01:00
Max Schaefer
1b59a28be0 JavaScript: Downgrade a few "error" rules to "warning". 
For all of these queries, the results we tend to see in practice are certainly worth investigating, but aren't crashing bugs, so making them warnings seems more appropriate.
 2018-11-19 09:09:26 +00:00
Max Schaefer
db175f5584 JavaScript: Sort change notes alphabetically. 2018-11-19 09:00:38 +00:00
Asger F
0153a4794e JS: add change note 2018-11-16 10:44:52 +00:00
semmle-qlci
0647743333 Merge pull request #467 from xiemaisi/js/amd-imports 
Approved by asger-semmle
 2018-11-16 09:31:50 +00:00
Max Schaefer
19b9b85c22 JavaScript: Add change note. 2018-11-14 12:03:04 +00:00
Max Schaefer
4112af5b3f JavaScript: Add change note. 2018-11-14 09:35:17 +00:00
Max Schaefer
a499009f59 Merge pull request #395 from esben-semmle/js/useless-defensive-code 
JS: add query: js/useless-defensive-code
 2018-11-13 16:55:59 +00:00
Esben Sparre Andreasen
5666deac14 JS: rename js/useless-defensive-code to js/unneeded-defensive-code 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
a636319c97 JS: change notes for js/useless-defensive-code 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
37b7b39ec6 JS: change notes for improved js/request-forgery 2018-11-13 08:17:24 +01:00
Esben Sparre Andreasen
577b225429 JS: sort change notes table 2018-11-13 08:17:24 +01:00
Max Schaefer
663bdd60a0 Merge pull request #396 from esben-semmle/js/unconditional-property-override 
JS: add query: js/unconditional-property-override
 2018-11-12 17:10:32 +00:00
semmle-qlci
c9d77a2d6d Merge pull request #443 from xiemaisi/js/improve-stack-trace-exposure 
Approved by asger-semmle
 2018-11-12 08:40:26 +00:00
Max Schaefer
bdfe938d02 JavaScript: Improve StackTraceExposure query. 
It now also flags exposure of the entire exception object (not just the `stack` property).
 2018-11-09 09:42:09 +00:00
Max Schaefer
71bbbb77eb JavaScript: Update 1.19 change notes to remove changes that ended up in 1.18.1. 2018-11-09 09:17:14 +00:00
Esben Sparre Andreasen
e82f5157c6 JS: change note for js/useless-assignment-to-property 2018-11-08 13:23:19 +01:00
Asger F
92f1c9a521 JS: add change note 2018-11-07 11:31:52 +00:00
semmle-qlci
4225e0bb44 Merge pull request #356 from asger-semmle/parameter-node 
Approved by xiemaisi
 2018-11-07 08:31:05 +00:00
semmle-qlci
2457eb98df Merge pull request #166 from asger-semmle/documentable-self-assign 
Approved by esben-semmle, xiemaisi
 2018-11-07 08:30:17 +00:00
semmle-qlci
c20e24d549 Merge pull request #385 from asger-semmle/async-model 
Approved by xiemaisi
 2018-11-07 08:28:37 +00:00
Max Schaefer
212a78b5fc Merge pull request #323 from esben-semmle/js/always-return-type-inference 
JS: additional return type inference
 2018-11-07 08:25:28 +00:00
Esben Sparre Andreasen
e396a55653 JS: change notes for type inference improvements 2018-11-06 16:04:46 +01:00
Asger F
799cd33b88 JS: add change note 2018-11-06 12:13:34 +00:00
Asger F
ad7ecc1df0 JavaScript: added change note 2018-11-05 11:31:32 +00:00
semmle-qlci
08833465a0 Merge pull request #386 from xiemaisi/js/lodash_partial 
Approved by esben-semmle
 2018-11-01 09:44:14 +00:00
semmle-qlci
a22aa3524e Merge pull request #388 from asger-semmle/revert-useless-conditional 
Approved by esben-semmle
 2018-11-01 09:23:19 +00:00