hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-10 01:24:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
25,515 Commits 1,738 Branches 164 Tags
51243454c890c3c58c0d9ba767dfec8a030ba2ed
Commit Graph

25515 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
bc73d9f431 JS: Support templates importing each other 2021-08-11 12:36:35 +02:00
Asger Feldthaus
bb80fdddbd JS: Handle leading ../ in template resolution 2021-08-11 12:36:35 +02:00
Asger Feldthaus
6954a9ac23 JS: Treat EJS-include calls as template instantiations 
JS: Fixup EJS include call (API node)
 2021-08-11 12:36:35 +02:00
Asger Feldthaus
248715c743 JS: Restrict FileAccessToHttp a bit 2021-08-11 12:36:35 +02:00
Asger Feldthaus
8a50d99f33 JS: Treat GeneratedCodeExpr as DirectEval in UnusedVariable.ql 2021-08-11 12:36:35 +02:00
Asger Feldthaus
623557ba39 JS: "this" in a template is not the global object 2021-08-11 12:36:35 +02:00
Asger Feldthaus
ee33c593e0 JS: Autoformat 2021-08-11 12:36:34 +02:00
Asger Feldthaus
0f27bffb05 JS: Add sinks for server-template tags in AngularJS templates 2021-08-11 12:36:34 +02:00
Asger Feldthaus
d6dbabf9e0 JS: Ignore empty char sequences 2021-08-11 12:36:34 +02:00
Asger Feldthaus
745f9b36e0 JS: Exclude non-code script tags 2021-08-11 12:36:34 +02:00
Asger Feldthaus
2412f530f9 JS: Add steps and sinks for pipes 2021-08-11 12:36:34 +02:00
Asger Feldthaus
23eeb49959 JS: Detect relevant templating syntax, and add sinks 2021-08-11 12:36:34 +02:00
Asger Feldthaus
f3b97f05c9 JS: Add steps to/from placeholder tags 2021-08-11 12:36:34 +02:00
Asger Feldthaus
f1c663b01b JS: Add steps from instantiation site to placeholder expr 2021-08-11 12:36:34 +02:00
Asger Feldthaus
5659a8a30f JS: Add template resolution logic 2021-08-11 12:36:34 +02:00
Asger Feldthaus
1474c0788b JS: Introduce TemplateInstantiation 2021-08-11 12:36:34 +02:00
Asger Feldthaus
8fe2d84d53 JS: Move template-related classes to Templating file 2021-08-11 12:36:34 +02:00
Asger Feldthaus
f26e94c0db JS: Rename to Angular-style template 2021-08-11 12:36:34 +02:00
Asger Feldthaus
66cec65bfb JS: Format HTMLExtractor 2021-08-11 12:36:34 +02:00
Asger Feldthaus
8666bc1894 JS: Extract placeholders in HTML 2021-08-11 12:36:31 +02:00
Chris Smowton
d45d58804b Merge pull request #6466 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-08-11 07:56:55 +01:00
github-actions[bot]
5db82651fe Add changed framework coverage reports 2021-08-11 00:13:37 +00:00
jorgectf
e6ce10b5c5 Merge remote-tracking branch 'origin/main' into jty/python/nosqlInjection 2021-08-10 20:01:08 +02:00
Joe Farebrother
7462180dcd Improve handling or array types 2021-08-10 16:52:38 +01:00
Joe Farebrother
207c753f6f Update model for getAll 2021-08-10 15:05:02 +01:00
Tamas Vajk
243424063a Add pragma inline to getMember/Method/Callable 2021-08-10 13:25:56 +02:00
Tamas Vajk
51661bfa62 Add pragma noinline to fix uselessUpcast check 2021-08-10 13:24:30 +02:00
Owen Mansel-Chan
2000985509 Remove duplicate test 2021-08-10 11:58:28 +01:00
Owen Mansel-Chan
a55a32f50a Add more missing models 
And corresponding tests
 2021-08-10 11:35:20 +01:00
Erik Krogh Kristensen
01a202fa10 fix cfg and dataflow for logical compound assignments 2021-08-10 12:17:59 +02:00
Asger Feldthaus
b1ce3d1c5a JS: Do not extract binary HTML 2021-08-10 12:15:44 +02:00
Asger Feldthaus
96a2c3f2db JS: Extract .hbs and .ejs as HTML 2021-08-10 12:15:44 +02:00
Asger Feldthaus
e678c16d59 JS: Parse EJS-style template tags 2021-08-10 12:15:44 +02:00
Asger Feldthaus
a7cdf532fa JS: Parse mustache-style tags as expressions 2021-08-10 12:15:43 +02:00
Asger Feldthaus
d1c31db06f JS: Reset implicit variable scope when leaving template expr 2021-08-10 12:15:43 +02:00
Tom Hvitved
d658ef1dcd Merge pull request #6449 from hvitved/python/contains-in-scope-perf 
Python: Avoid bad join in `AstExtended::AstNode::containsInScope`
 2021-08-10 10:27:00 +02:00
Chris Smowton
cb73100717 Merge pull request #6458 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2021-08-10 09:23:53 +01:00
Chris Smowton
9f9c76390f Nudge CI 2021-08-10 09:12:18 +01:00
Asger Feldthaus
d83f5a9cd7 JS: Update StringConcatenation tests after handling 0-arg join calls 2021-08-10 08:56:36 +02:00
Asger Feldthaus
a3e56dea5e JS: Factor out StringOps::substringMethodName 2021-08-10 08:55:04 +02:00
Asger Feldthaus
1074d409fb JS: Autoformat 2021-08-10 08:55:03 +02:00
Asger Feldthaus
6ef83f8015 JS: Change note 2021-08-10 08:55:03 +02:00
Asger Feldthaus
f1bcfa287b JS: Add more tests 2021-08-10 08:55:03 +02:00
Asger Feldthaus
4efea4316e JS: Use TaintedUrlSuffix flow label in jQuery xss 2021-08-10 08:55:03 +02:00
Asger F
077aa05336 Merge pull request #6448 from asgerf/js/handlebars-extraction-preliminary 
JS: Update locations in Angular2 test
 2021-08-10 08:50:18 +02:00
github-actions[bot]
22fe354aab Add changed framework coverage reports 2021-08-10 00:07:47 +00:00
Owen Mansel-Chan
54fdfe3906 Make helper functions more consistent 2021-08-09 17:18:03 +01:00
Owen Mansel-Chan
2d31bb8d64 Remove toString taint propagation 
We do not do this for other overrides of toString
 2021-08-09 17:18:02 +01:00
Owen Mansel-Chan
487a46ae77 Improve treatment of new and old package name 2021-08-09 16:25:11 +01:00
Chris Smowton
021e405294 Elaborate change note a little 2021-08-09 15:33:21 +01:00