codeql

mirror of https://github.com/github/codeql.git synced 2026-05-09 07:31:37 +02:00

Author	SHA1	Message	Date
Asger Feldthaus	3d567eb889	JS: Close an unterminated code block	2020-01-27 12:03:58 +00:00
Erik Krogh Kristensen	8492f6031f	reuse existing type-tracking for classes	2020-01-24 13:36:32 +01:00
semmle-qlci	007b0795ec	Merge pull request #2636 from erik-krogh/NewSocketIO Approved by esbena	2020-01-22 13:46:11 +00:00
Erik Krogh Kristensen	86477a2249	changes based on review	2020-01-21 16:45:53 +01:00
Erik Krogh Kristensen	569ee8fc8d	add support for subclasses of EventEmitter	2020-01-21 12:08:50 +01:00
Erik Krogh Kristensen	026092559c	changes based on review	2020-01-20 15:53:58 +01:00
semmle-qlci	4efc418e2c	Merge pull request #2617 from asger-semmle/prototype-pollution-utility Approved by esbena, mchammer01	2020-01-16 13:02:07 +00:00
Erik Krogh Kristensen	4e880e2f96	implement SocketIO on top of the EventEmitter model	2020-01-16 11:02:36 +01:00
Asger Feldthaus	d76859b7df	JS: Address review comments	2020-01-14 10:53:00 +00:00
Asger F	52cec25035	JS: Build access paths for array accesses	2020-01-14 10:52:59 +00:00
Erik Krogh Kristensen	1619a98bc8	make the default registration/dispatch extend DataFlow::InvokeNode	2020-01-10 17:40:16 +01:00
Erik Krogh Kristensen	87bbbd643c	changes based on review feedback	2020-01-09 16:18:32 +01:00
Erik Krogh Kristensen	af8b36b750	Merge remote-tracking branch 'upstream/master' into EventEmitter	2020-01-09 15:09:43 +01:00
Max Schaefer	308da0774d	Merge pull request #2525 from asger-semmle/promise-missing-await JS: New query: missing await	2020-01-08 15:29:45 +00:00
Max Schaefer	de15ecf47b	Merge pull request #2593 from asger-semmle/regexp-always-matches JS: Add RegExpAlwaysMatches query	2020-01-08 15:21:39 +00:00
Max Schaefer	9160fbf106	Merge pull request #2435 from asger-semmle/phi-edge-barrier-guards JS: Phi edge barrier guards	2020-01-06 14:14:18 +00:00
semmle-qlci	0c0073fb02	Merge pull request #2582 from asger-semmle/spurious-css-import Approved by max-schaefer	2020-01-06 14:00:08 +00:00
Asger F	9928762769	JS: Add RegExpAlwaysMatches query	2020-01-06 13:48:02 +00:00
semmle-qlci	39531c6516	Merge pull request #2574 from max-schaefer/js/fix-17 Approved by erik-krogh	2020-01-06 12:43:56 +00:00
Asger F	aa6572b5c8	JS: Sanitize phi edges from barrier guards	2020-01-06 11:37:21 +00:00
Asger F	4772798d7b	JS: do not resolve arbitrary extensions to JavaScript files	2020-01-03 11:37:51 +00:00
semmle-qlci	06d812a6ff	Merge pull request #2556 from erik-krogh/RegexpVoidCxt Approved by max-schaefer	2020-01-03 08:38:56 +00:00
Erik Krogh Kristensen	d1a77d6993	refactor isInterpretedAsRegExp to directly work on a DataFlow node	2020-01-02 11:18:14 +01:00
Max Schaefer	de02bb4a0d	JavaScript: Prevent joining on configuration in `onPath`.	2020-01-02 09:49:09 +00:00
Max Schaefer	2a55ba5d4f	JavaScript: Fix join order in `PathNode.getASuccessor`.	2020-01-02 09:48:57 +00:00
semmle-qlci	f921cf7d01	Merge pull request #2512 from erik-krogh/moarExceptions Approved by esbena, max-schaefer	2019-12-20 20:31:50 +00:00
Erik Krogh Kristensen	a0b5aa5ae4	more precise heuristic to identify allowed call targets	2019-12-20 10:51:39 +01:00
Erik Krogh Kristensen	15d74b7d03	remove FP from js/regexpinjection where no regexp was constructed	2019-12-19 10:47:03 +01:00
Tom Hvitved	29cd6a9e30	Sync `XML.qll`	2019-12-19 10:29:30 +01:00
Erik Krogh Kristensen	2e5b7273ab	changes based on review feedback.	2019-12-17 17:30:05 +01:00
Erik Krogh Kristensen	0a8a2ecc61	make EventEmitter classses non final, and add a comment about extending EventEmitter::Range	2019-12-17 16:37:03 +01:00
Erik Krogh Kristensen	fed9302996	uppercase E in Electron Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>	2019-12-17 16:29:55 +01:00
Erik Krogh Kristensen	9dd7d1c6d7	changes based on review feedback	2019-12-17 13:19:53 +01:00
Erik Krogh Kristensen	f9ddd5891a	minor documentation fixes Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>	2019-12-17 13:05:20 +01:00
Max Schaefer	09ee106333	Java/JavaScript: Add two deprecated predicates to XML.qll. This makes XML.qll identical across C++, Java, JavaScript and Python.	2019-12-17 10:15:43 +00:00
Max Schaefer	923e36ba4f	C++/Java/JavaScript/Python: Make qldoc consistent.	2019-12-17 10:15:43 +00:00
Max Schaefer	a2fe678464	C++/Java/JavaScript/Python: Unify `import`s in `XML.qll`.	2019-12-17 10:15:43 +00:00
Erik Krogh Kristensen	8f17db6670	changes based on review feedback	2019-12-16 14:43:29 +01:00
Erik Krogh Kristensen	7c931452d9	autoformat	2019-12-16 13:45:42 +01:00
Erik Krogh Kristensen	3ca3fa7e9e	add quotes on code in documentation Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>	2019-12-16 13:32:01 +01:00
Erik Krogh Kristensen	c19d8ecb73	refactorizations and preparations for SocketIO implementation	2019-12-16 10:13:27 +01:00
Erik Krogh Kristensen	8c0b6f26da	Merge remote-tracking branch 'upstream/master' into moarExceptions	2019-12-16 08:35:45 +01:00
Erik Krogh Kristensen	1efe2ba167	inline ifStmt field	2019-12-13 19:00:54 +01:00
Erik Krogh Kristensen	3b2cc4674e	autoformat	2019-12-13 11:44:52 +01:00
Erik Krogh Kristensen	e164f46330	changes based on review feedback	2019-12-13 11:44:31 +01:00
Erik Krogh Kristensen	f35dc5d274	Merge remote-tracking branch 'upstream/master' into moarExceptions	2019-12-12 16:13:52 +01:00
Erik Krogh Kristensen	17358606cb	change callback to rely on an behavior heuristic rather than a naming heuristic	2019-12-12 16:12:37 +01:00
Asger F	f398247d2f	JS: Step through rephinements in getImmediatePredecessor	2019-12-12 15:11:25 +00:00
Erik Krogh Kristensen	08d0cb795b	revert the introduction of getEnclosingCall	2019-12-12 15:14:02 +01:00
Max Schaefer	dfeca63677	JavaScript: Fix characteristic predicate of `XMLParent`. The database type `@xmlparent` is defined a bit too loosely in that it includes all of `@file`, not just XML files. Fixing that would involve fiddling with the extractor/dbscheme, so I have opted to fix it at the QL level instead.	2019-12-12 12:38:29 +00:00

1 2 3 4 5 ...

1445 Commits