codeql

mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00

Author	SHA1	Message	Date
Asger F	5c12780b1c	JS: Change note	2022-09-07 13:45:38 +02:00
Asger F	d31b59e61d	JS: Call super in isBarrier() override	2022-09-07 13:40:30 +02:00
Asger F	e3c84eefc1	JS: Correctly recognize Array.isArray calls	2022-09-07 13:39:52 +02:00
Asger F	3184ddb38a	JS: Fix test case	2022-09-07 13:39:51 +02:00
Asger F	0cc3b8a9ec	JS: Update test output	2022-09-06 18:48:14 +02:00
Asger F	e8864d072d	JS: Remove stray module DF export	2022-09-06 15:06:33 +02:00
Asger F	95c60858d4	Export as DataFlow instead of DF	2022-09-06 15:02:48 +02:00
erik-krogh	24f2e3cc07	update alert-messages of the sensitive data queries to match #10314	2022-09-06 12:25:36 +02:00
Rasmus Wriedt Larsen	a9e1e72196	Merge branch 'main' into shared-http-client-request	2022-09-06 10:52:27 +02:00
erik-krogh	0776687991	fix leftover todo in js/insecure-temporary-file	2022-09-06 10:05:50 +02:00
Asger F	f07e0592d0	JS: Drive-by fix for accidental recursion	2022-09-06 09:30:02 +02:00
Asger F	2cbba65617	JS: Sync with JS fixup JS	2022-09-06 09:30:02 +02:00
Erik Krogh Kristensen	4e14177614	fix typo in change-note	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	54eb0414cb	rename an upper-cased acronym	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	90bc8a5038	run the explicit-this patch on javascript/	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	b398f968e2	expand change-note to mention classes that have a changed basetype	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	e64f96c1ce	rewrite the change-note to emphasise that the change is potentially breaking	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	26f5643f3e	update the deprecation notice of `RouteExpr` such that it points to public APIs	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	e387ebaedd	add `domNode.innerHTML += sink` as a DOM sink	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	74a79f8622	simplify int check Co-authored-by: Asger F <asgerf@github.com>	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	73a936104a	fix typo in qldoc Co-authored-by: Asger F <asgerf@github.com>	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	833480d5c5	add change note	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	5b61db9fd3	refactor miscellaneous expression uses to dataflow nodes	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	6697dd1396	rewrite some expression based predicates in `TaintTracking.qll`	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	b4968eb645	refactor the SensitiveExpr to be a dataflow node	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	0c4f08c841	refactor the CredentialsExpr to be a dataflow node	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	c5b1588096	update the SQL/NoSQL models to use dataflow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	4d0534352e	refactor a use of MethodCallExpr in `ClientSideUrlRedirectCustomizations.qll`	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	e0e8085b95	update the cryptoLibraries to use dataflow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	5ebea8c75a	fix express in the POI test	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	aa9261f1b1	convert the AngularJS model to use DataFlow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	9bea110d24	convert the DOM model to use DataFlow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	2f429e7d29	convert some leftovers to use dataflow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	136124fbaa	convert the remaining Koa models to DataFlow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	fc54ba823b	update the existing expression based Express models	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	8266b083d7	update the predicates on `Express::RouteHandler` to use dataflow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	4cfbf15d18	deprecate `RouteHandlerExpr` and make `RouteHandlerNode` instead	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	3da34ca7a0	update `Express::RouteExpr` to a `DataFlow::Node`	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	3eb486610b	update `Express::RouterDefinition` to a `DataFlow::InvokeNode`	2022-09-05 16:11:51 +02:00
Erik Krogh Kristensen	92240384a9	update the tests to reflect the extra `DataFlow::Node`s	2022-09-05 15:47:38 +02:00
Erik Krogh Kristensen	dfb7782be0	replace `getA?RouteHandlerExpr` with `getA?RouteHandlerNode`	2022-09-05 15:46:27 +02:00
Erik Krogh Kristensen	288230d7cf	update tests to reflect the extra DataFlow::Nodes from `ResponseNode` and `RequestNode`	2022-09-05 15:46:27 +02:00
Erik Krogh Kristensen	30d929909c	deprecate `RequestExpr` and `ResponseExpr` and use `ResponseNode` and `RequestNode` instead	2022-09-05 15:46:25 +02:00
Erik Krogh Kristensen	9cb7522bc1	change `RouteSetup` to a `DataFlow::Node`	2022-09-05 15:45:31 +02:00
Erik Krogh Kristensen	d98028be1a	change `ServerDefinition` to a `DataFlow::Node`	2022-09-05 15:44:56 +02:00
Erik Krogh Kristensen	ced4843dd7	change `CookieDefinition` to a `DataFlow::Node`	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	24b845589d	change `ResponseBody` to a `DataFlow::Node`	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	19e808186d	refactor `definesExplicitly` to use DataFlow::Node	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	ce0175a046	don't use `astNode` in `StandardHeaderDefinition`	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	d4ccc75ce1	refactor RedirectInvocation to a DataFlow::Node	2022-09-05 15:44:13 +02:00

... 2 3 4 5 6 ...

8165 Commits