hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-24 11:52:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,038 Commits 1,686 Branches 158 Tags
0df3d2ce602a76b5dd8b67e9016631c7148042ea
Commit Graph

2291 Commits

Author SHA1 Message Date
Max Schaefer
770a4703c9 Merge pull request #2237 from asger-semmle/typescript3.7-rc 
TS: Add support for TypeScript 3.7
 2019-11-04 16:36:11 +00:00
Asger F
57aa166bff TS: Clean up yarn.lock 2019-11-04 14:59:42 +00:00
Asger F
b6f4ce0244 TS: Depend on typescript 3.7.2 2019-11-04 14:58:38 +00:00
Esben Sparre Andreasen
7f55e3f336 JS: classify Doxygen-generated files as "generated" 2019-11-04 09:57:41 +01:00
Asger F
2d7443ef98 TS: Add upgrade script 2019-11-04 07:55:20 +00:00
Asger F
79dbdac8fa TS: Support declare modifier for fields 2019-11-04 07:54:38 +00:00
Asger F
9bc45f351c TS: Fix typo in stats file 2019-11-04 07:54:38 +00:00
Asger F
09a2542477 TS: Update a javadoc comment 2019-11-04 07:54:38 +00:00
Asger F
4846e53a10 TS: Blacklist another cyclic property 2019-11-04 07:54:38 +00:00
Asger F
7dfd4e0687 TS: Stop using the deprecated TypeReference.typeArguments 2019-11-04 07:54:38 +00:00
Asger F
341c11523c TS: Add recursive type alias tests (already works) 2019-11-04 07:54:38 +00:00
Asger F
b81931e402 TS: Support assertion types 2019-11-04 07:54:38 +00:00
Asger F
4e7b987fa3 TS: Rename IsTypeExpr -> PredicateTypeExpr 2019-11-04 07:54:38 +00:00
Asger F
f50f3b48c4 TS: Add test for ?? operator (already works) 2019-11-04 07:54:38 +00:00
Asger F
869fe4558f TS: Support optional chaining 2019-11-04 07:54:38 +00:00
Asger F
f76006e490 JS: Delete duplicate test case (typo) 2019-11-04 07:54:38 +00:00
Asger F
36b6c32f4f TS: Update expected output 2019-11-04 07:54:37 +00:00
Asger F
637394fb62 TS: Add TypeScript-3.7.1-rc 2019-11-04 07:54:37 +00:00
semmle-qlci
e8e2f7bb20 Merge pull request #2240 from max-schaefer/js/indirect-command-argument-data-flow 
Approved by esbena
 2019-11-01 11:00:22 +00:00
semmle-qlci
d03aecaa98 Merge pull request #2235 from max-schaefer/js/issue-2233 
Approved by esbena
 2019-10-31 14:17:58 +00:00
Max Schaefer
8aae1f443f JavaScript: Use type tracking instead of auxiliary data-flow configuration to track indirect command arguments. 2019-10-31 12:13:55 +00:00
Max Schaefer
311cbd824c JavaScript: Recognize ":" pseudo-directive. 2019-10-31 11:39:09 +00:00
semmle-qlci
2a3980222b Merge pull request #2201 from max-schaefer/js/avoid-duplicate-source-and-sink-nodes 
Approved by asger-semmle
 2019-10-31 10:47:30 +00:00
semmle-qlci
a778efe71e Merge pull request #2216 from asger-semmle/xss-encodeURIComponent 
Approved by max-schaefer
 2019-10-30 11:49:31 +00:00
Luke Cartey
d9d4aa30a9 Merge pull request #2214 from hmakholm/pr/upgrade-packs 
Make each upgrade directory a QL pack
 2019-10-29 16:45:02 +00:00
Max Schaefer
b42026a90a JavaScript: Update expected output. 2019-10-29 15:36:24 +00:00
Max Schaefer
530fa2c11c JavaScript: Collapse edges instead of hiding nodes. 
Instead of skipping over initial and final nodes, we now introduce edges from source and to sink nodes that circumvent these nodes entirely.
 2019-10-29 15:30:24 +00:00
Max Schaefer
dc1d1c2f22 JavaScript: Update expected output. 2019-10-29 15:30:06 +00:00
Max Schaefer
278ea90049 JavaScript: Collapse flow labels at start/end nodes to avoid duplication. 2019-10-29 15:24:40 +00:00
Max Schaefer
316962233c JavaScript: Factor out MidPathNode into its own class. 2019-10-29 15:24:40 +00:00
Max Schaefer
7c56c9f999 JavaScript: Move suppression of hidden nodes into edges predicate. 
They should really only be hidden for display purposes.
 2019-10-29 15:19:26 +00:00
Max Schaefer
3373742077 JavaScript: Turn PathNode::getASuccessorInternal and PathNode::getAHiddenSuccessor into top-level predicates. 2019-10-29 15:19:26 +00:00
Max Schaefer
b6f4785645 JavaScript: Rename MkPathNode to MkMidNode. 2019-10-29 15:19:26 +00:00
Max Schaefer
d71faaa5f9 JavaScript: Introduce PathNode::wraps. 2019-10-29 15:19:26 +00:00
Max Schaefer
98e0932de5 JavaScript: Make Configuration::isLive nullary. 
This makes it more obvious to the evaluator that it is a good predicate to pick as a sentinel, and in practice we mostly just have one configuration in scope anyway.
 2019-10-29 15:19:26 +00:00
Max Schaefer
6964945c74 JavaScript: Restrict edges to only contain nodes. 2019-10-29 15:03:52 +00:00
semmle-qlci
2cddb82f10 Merge pull request #2210 from max-schaefer/js/better-destructuring-type-inference 
Approved by asger-semmle, esbena
 2019-10-29 08:08:51 +00:00
Asger F
94dd9a1c04 JS: Block XSS flow through encodeURIComponent 2019-10-28 17:12:40 +00:00
Henning Makholm
ae554cf1e9 Make each upgrade directory a QL pack 2019-10-28 17:14:31 +01:00
semmle-qlci
30a907861b Merge pull request #2193 from max-schaefer/js/autobuilder-exclude-node_modules 
Approved by asger-semmle
 2019-10-28 11:26:51 +00:00
semmle-qlci
33374ee089 Merge pull request #2202 from asger-semmle/express-sendfile 
Approved by esbena
 2019-10-28 09:24:34 +00:00
Max Schaefer
b333c6a214 Merge pull request #2106 from asger-semmle/call-graph-3 
JS: Call graph changes
 2019-10-28 09:24:10 +00:00
semmle-qlci
d2f3574427 Merge pull request #2165 from erik-krogh/dosHigh 
Approved by asger-semmle
 2019-10-25 16:28:07 +01:00
Max Schaefer
d4b9beb010 JavaScript: Teach autobuilder not to extract node_modules and bower_components folders. 2019-10-25 14:25:02 +01:00
Max Schaefer
bd6109484d JavaScript: Rename node_modules to vendor in AutoBuildTests. 2019-10-25 14:25:02 +01:00
Max Schaefer
89f68f47a0 JavaScript: Improve type inference for captured variables. 2019-10-25 14:22:24 +01:00
Max Schaefer
6269dd99ab JavaScript: Improve type inference for destructuring assignments. 2019-10-25 14:22:24 +01:00
Asger F
04ee483c9e JS: update test output 2019-10-25 14:10:18 +01:00
Asger F
7ed31baeea JS: Rename to upward navigation 2019-10-25 13:07:07 +01:00
Asger F
39e2d1480e JS: Default to imprecision zero by default 2019-10-25 12:20:16 +01:00