hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,769 Commits 1,672 Branches 157 Tags
0f9113905536d145c72b52bc69c20c43ed50f08d
Commit Graph

1238 Commits

Author SHA1 Message Date
semmle-qlci
5c3c8eb35d Merge pull request #2406 from erik-krogh/returnlessFp 
Approved by asgerf
 2019-11-22 13:06:03 +00:00
Esben Sparre Andreasen
5d34806e50 Merge pull request #2379 from asger-semmle/typescript-fixes 
TS: A bunch of TypeScript fixes
 2019-11-22 13:31:30 +01:00
Max Schaefer
0edb70f373 JavaScript: Deal with escape-unescape-escape (and similar) chains. 2019-11-22 09:24:34 +00:00
Max Schaefer
cb54618a5d JavaScript: Deal with (un-)escaping on captured variables. 2019-11-22 09:24:34 +00:00
Max Schaefer
61aa075e8d JavaScript: Fix regexes for escaping schemes. 2019-11-22 09:24:34 +00:00
Max Schaefer
4f899a9b0d JavaScript: Recognize string escaping using .replace with a callback. 2019-11-22 09:24:34 +00:00
semmle-qlci
62859d140d Merge pull request #2394 from esbena/js/support-getDerivedFromError 
Approved by max-schaefer
 2019-11-22 07:45:45 +00:00
Asger F
01ab8f07eb TS: Fix a crash when allowJs: true was set 2019-11-21 15:39:37 +00:00
Asger F
dd50d29827 TS: Fix crash in case of missing type roots 2019-11-21 15:39:37 +00:00
Asger F
4a885cbf92 TS: Expose optional parameters at syntax level 2019-11-21 15:39:37 +00:00
Asger F
b6b8213e13 TS: Handle rest parameters in call signatures 2019-11-21 15:39:37 +00:00
Asger F
f2c3d734ea TS: Update some more tests 2019-11-21 15:39:37 +00:00
Asger F
0c41d6910f TS: Pass tsconfig options correctly 2019-11-21 15:39:37 +00:00
Asger F
8205a59688 TS: Unfold aliases in Type.unfold() 2019-11-21 15:39:37 +00:00
Asger F
e25ee182a0 TS: Extract type alias relation 2019-11-21 15:39:37 +00:00
Asger F
f11dc11ade TS: Fix type of RHS of TypeAliasDeclaration 2019-11-21 15:39:37 +00:00
Asger F
a3aef1e4e0 TS: Update TypeAlias test 2019-11-21 15:39:37 +00:00
Erik Krogh Kristensen
42a0a62e4c remove 3 FP sources from use-of-returnless-function 2019-11-21 14:27:04 +01:00
Esben Sparre Andreasen
03c83c9c9d JS: model React's getDerivedStateFromError 2019-11-21 13:18:43 +01:00
Esben Sparre Andreasen
6328a0a8b9 JS: improve FP filter for js/unbound-event-handler-receiver 2019-11-21 13:13:40 +01:00
semmle-qlci
77c869f528 Merge pull request #2220 from erik-krogh/processEnvTaint 
Approved by esbena, max-schaefer
 2019-11-20 13:16:43 +00:00
Max Schaefer
5565be14fc JavaScript: Teach IncompleteSanitization to flag incomplete path sanitizers. 2019-11-19 15:06:16 +00:00
Erik Krogh Kristensen
a59a414e0b update expected output 2019-11-16 15:20:42 +01:00
Erik Krogh Kristensen
8ff515a58d address review feedback on MaskingReplacer 2019-11-16 15:20:42 +01:00
Erik Krogh Kristensen
4ec2070e48 remove property reads on process.env as a taint step, and add a barrier for masking replace calls 2019-11-16 15:20:42 +01:00
Erik Krogh Kristensen
92dc759cf9 remove type cast, and fix expected test results 2019-11-16 15:20:42 +01:00
Erik Krogh Kristensen
850278c62f some changes based on review. And change to only flag unknown reads of process.env 2019-11-16 15:20:42 +01:00
Erik Krogh Kristensen
68c30aaef3 add flowlabels to js/clear-text-logging 2019-11-16 15:20:42 +01:00
Erik Krogh Kristensen
14e4decffa changes based on review feedback. No flow-labels yet 2019-11-16 15:20:42 +01:00
Erik Krogh Kristensen
297c71a64b add process.env as source for js/clear-text-logging 2019-11-16 15:20:41 +01:00
semmle-qlci
2f63b89941 Merge pull request #2338 from esbena/js/model-get-them-args 
Approved by max-schaefer
 2019-11-15 11:50:45 +00:00
Asger F
37aa85fe81 JS: Fix parsing of non-BMP chars before a quantifier 2019-11-15 09:27:21 +00:00
Asger F
57a9cad721 JS: Fix offsets of octal and unicode escape 2019-11-15 09:27:20 +00:00
Asger F
e01a9846d8 JS: Update test annotations 2019-11-15 09:27:20 +00:00
Asger F
153d34638b JS: Fix a FP 2019-11-15 09:27:20 +00:00
Asger F
8c5b9b9195 JS: Add missing post-anchor case to MissingRegExpAnchor 2019-11-15 09:27:20 +00:00
Asger F
17ad97812e JS: Fix FPs from TLDs without a domain name 2019-11-15 09:27:20 +00:00
Asger F
e45c361d64 JS: Port IncompleteHostnameRegExp 2019-11-15 09:27:20 +00:00
Asger F
9ecab1b5d5 JS: Port unanchored RegExp query but for hostnames only 2019-11-15 09:27:20 +00:00
Asger F
e5f2f9e43e JS: Do not flag semi-anchored regexps in .replace() 2019-11-15 09:27:20 +00:00
Asger F
cae09a447b JS: Update test case 2019-11-15 09:27:20 +00:00
Asger F
3e37950170 JS: Whitelist one more FP case 2019-11-15 09:27:20 +00:00
Asger F
2b151cd587 JS: Include anchor direction in message 2019-11-15 09:27:20 +00:00
Asger F
3e952cf564 JS: Restrict semi-anchored regex query more 2019-11-15 09:27:19 +00:00
Asger F
0726bd8cac JS: Add double semi-anchored test case 2019-11-15 09:27:19 +00:00
Asger F
9fa9729470 JS: Shift line numbers in SemiAnchoredRegExp testcase 2019-11-15 09:27:19 +00:00
Asger F
8bc89ee254 JS: Update semi-anchored regex query 2019-11-15 09:27:19 +00:00
Asger F
c21d095d38 JS: Restrict RegExp queries to actual regular expressions 2019-11-15 09:27:19 +00:00
Asger F
e0bdc777b9 JS: Make ReDoS check string-based regexes 2019-11-15 09:27:19 +00:00
Asger F
97e5da1046 JS: Update ReDoS query 2019-11-15 09:27:19 +00:00