codeql

mirror of https://github.com/github/codeql.git synced 2026-03-28 10:18:17 +01:00

Author	SHA1	Message	Date
Max Schaefer	f9106b3bfe	Merge pull request #685 from asger-semmle/useless-conditional-as-value JS: fix FPs in UselessConditional	2018-12-14 08:44:10 +00:00
semmle-qlci	7f21f145e2	Merge pull request #678 from asger-semmle/function-receiver Approved by xiemaisi	2018-12-14 08:39:04 +00:00
Asger F	ae4b55de9a	JS: fix FPs in UselessConditional	2018-12-13 15:41:41 +00:00
Asger F	cb349348e7	JS: rename getThisParameter to getReceiver	2018-12-13 10:19:44 +00:00
Max Schaefer	e194021c3b	Merge pull request #629 from esben-semmle/js/persistent-read-taint JS: add persistent storage taint steps	2018-12-13 08:24:42 +00:00
Max Schaefer	969fe6e4f1	Merge pull request #657 from esben-semmle/js/classify-more-files JS: classify additional files	2018-12-13 08:20:33 +00:00
Max Schaefer	e8c8360ad1	Merge pull request #659 from esben-semmle/js/more-constant-string-usage JS: replace StringLiteral with ConstantString in two queries	2018-12-13 08:19:22 +00:00
Max Schaefer	54bb9d185f	Merge pull request #632 from asger-semmle/pseudo-random-bytes JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql	2018-12-13 08:14:40 +00:00
Max Schaefer	df42707050	Merge pull request #675 from asger-semmle/window.name JS: Add window.name as remote flow source	2018-12-13 08:13:15 +00:00
Asger F	635a3cb1ec	JS: add FunctionNode.getThisParameter	2018-12-12 16:26:02 +00:00
Asger F	a96c53f9b8	JS: restrict when a variable reference is considered a source	2018-12-12 12:28:26 +00:00
Max Schaefer	4fc27aaa51	Merge branch 'master' into pseudo-random-bytes	2018-12-12 08:19:57 +00:00
semmle-qlci	06dd5f3616	Merge pull request #656 from xiemaisi/js/unused-local-underscore Approved by esben-semmle	2018-12-12 08:11:37 +00:00
Esben Sparre Andreasen	fac638ffab	JS: improve alert location of js/angular/unused-dependency	2018-12-11 21:47:08 +01:00
Esben Sparre Andreasen	b5bbf990b0	JS: improve alert location of js/angular/repeated-dependency-injection	2018-12-11 21:47:08 +01:00
Esben Sparre Andreasen	5acd1ca26d	JS: improve alert location of js/angular/duplicate-dependency	2018-12-11 21:47:08 +01:00
Asger F	a01a9dc5cc	JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql	2018-12-11 16:06:22 +00:00
Esben Sparre Andreasen	376ed7a4d2	JS: generalize js/command-line-injection to handle ConstantString	2018-12-11 13:39:15 +01:00
Esben Sparre Andreasen	a1d92bfa50	JS: generalize js/incomplete-sanitization to handle ConstantString	2018-12-11 13:39:15 +01:00
Esben Sparre Andreasen	7cc6f2f4d8	JS: add test case	2018-12-11 10:17:25 +01:00
Esben Sparre Andreasen	73aa223b08	JS: handle additional multi-license file patterns	2018-12-11 09:55:38 +01:00
Max Schaefer	4d186e0edc	JavaScript: Teach `Unused{Variable,Parameter}` to ignore variables with leading underscore.	2018-12-11 08:50:50 +00:00
Esben Sparre Andreasen	edbef289a7	JS: improve whitespace handling for multi-license file recognition	2018-12-11 09:30:10 +01:00
Esben Sparre Andreasen	e016098f86	JS: support purs classification	2018-12-11 09:17:01 +01:00
Esben Sparre Andreasen	3879e57f18	JS: support <meta name="generator"/> classification	2018-12-11 09:12:39 +01:00
Esben Sparre Andreasen	a295dfd2c5	JS: support AutoRest classification	2018-12-11 08:54:19 +01:00
semmle-qlci	9e73ed71b9	Merge pull request #623 from esben-semmle/js/incomplete-url-sanitization Approved by mc-semmle	2018-12-06 20:46:37 +00:00
Esben Sparre Andreasen	4f53411397	JS: recognize HTTP URLs in js/incomplete-url-sanitization	2018-12-06 15:53:20 +01:00
Esben Sparre Andreasen	229eea00dc	JS: add query js/incomplete-url-substring-sanitization	2018-12-06 15:53:20 +01:00
semmle-qlci	3397533045	Merge pull request #628 from xiemaisi/js/setUnsafeHTML Approved by esben-semmle	2018-12-06 13:58:52 +00:00
Esben Sparre Andreasen	45b207c21b	JS: introduce models of three cookie libraries	2018-12-06 14:53:22 +01:00
Esben Sparre Andreasen	28b4a78430	JS: introduce DOM::PersistentWebStorage	2018-12-06 14:53:22 +01:00
Max Schaefer	ef347b3870	JavaScript: Teach Xss query about WinJS HTML injection functions.	2018-12-06 09:13:21 +00:00
Max Schaefer	3c00d4be6d	Merge pull request #607 from esben-semmle/js/more-react-methods JS: model additional React component methods	2018-12-05 08:00:16 +00:00
Esben Sparre Andreasen	d63d838534	JS: add regression test for ODASA-7506	2018-12-04 22:22:46 +01:00
semmle-qlci	d05b11f00d	Merge pull request #587 from asger-semmle/incorrect-suffix-check Approved by mc-semmle, xiemaisi	2018-12-04 16:18:42 +00:00
Esben Sparre Andreasen	a342fa36c6	JS: support React getSnapshotBeforeUpdate	2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen	67b1487384	JS: support React shouldComponentUpdate	2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen	417dac7ad6	JS: support React getDerivedStateFromProps	2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen	0d62191d84	JS: add more React tests	2018-12-04 10:48:35 +01:00
semmle-qlci	b58c263fd0	Merge pull request #602 from esben-semmle/js/additional-route-handlers-from-context Approved by xiemaisi	2018-12-03 14:31:10 +00:00
Asger F	374f7ab65d	JS: address comments	2018-12-03 11:23:02 +00:00
Asger F	0462eb4b50	JS: add IncorrectSuffixCheck query	2018-12-03 11:23:02 +00:00
Esben Sparre Andreasen	a3bd072590	JS: add Hapi::RouteHandlerCandidate	2018-12-03 09:22:21 +01:00
Max Schaefer	52b8a6bb56	Merge branch 'master' into js/invalid-entity-transcoding	2018-11-30 16:49:20 +00:00
Max Schaefer	10166be535	JavaScript: Add new query `DoubleEscaping`.	2018-11-30 09:39:00 +00:00
Max Schaefer	3ed40d5da1	Merge branch 'master' into range-analysis	2018-11-30 09:36:40 +00:00
semmle-qlci	1c5322274a	Merge pull request #557 from esben-semmle/js/unused-react-variable Approved by xiemaisi	2018-11-30 09:35:36 +00:00
Asger F	959776b775	JS: add test case	2018-11-29 11:22:15 +00:00
Asger F	d69e584cc2	JS: fix bug in foldedComparisonEdge	2018-11-29 11:22:15 +00:00

1 2 3 4 5 ...

346 Commits