hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-03 04:40:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,824 Commits 1,773 Branches 168 Tags
63d7b9086ee92524f96255358f8cc4abff12b8d5
Commit Graph

7431 Commits

Author SHA1 Message Date
Stephan Brandauer
63d7b9086e use ? for unknown parameternames 2022-04-28 09:33:09 +02:00
Stephan Brandauer
1806264c3d add documentations and rename a feature 2022-04-28 09:33:00 +02:00
Stephan Brandauer
ddb75311aa add functionInterfacesInFile and surroundingFunctionParameters features 2022-04-26 10:11:37 +02:00
Stephan Brandauer
a16c756a1d documentation for calleeImports ATM feature 2022-04-26 10:04:06 +02:00
Stephan Brandauer
29558feeb1 ATM: new feature to list all imports that are used in a callee 2022-04-26 10:04:01 +02:00
Stephan Brandauer
55477bb94b documentation for new feature 2022-04-26 09:59:54 +02:00
Stephan Brandauer
8a78cb68ad ATM: new feature to list all imports in an endpoint's file 2022-04-26 09:59:54 +02:00
Esben Sparre Andreasen
9a24ebd0d4 use proper import instead of inlining 2022-04-25 22:02:22 +02:00
Esben Sparre Andreasen
6f64db1a06 remove Input_ArgumentIndexAndAccessPathFromCallee 2022-04-25 22:00:19 +02:00
Esben Sparre Andreasen
94b0f1adc0 add docstring examples 2022-04-22 15:34:09 +02:00
Esben Sparre Andreasen
f67a586fb5 address review comments 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
df34784834 Apply suggestions from code review 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
cd2761b8f2 fix semantic merge conflict 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
446fbcdbe1 rename new features 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
b3f09e0203 add more features 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
c466fab22d improve feature documentation 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
c74857f44d improve feature tests with more cases 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
b65db6c07c improve access path strings 2022-04-22 14:39:44 +02:00
Esben Sparre Andreasen
1cea33d80e support import in getSimpleAccessPath 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
09a273927a support await in getSimpleAccessPath 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
aa37ae6b70 avoid using new feautes by default 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
5f9d3e1e58 add CompareFeatures.ql 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
bf708b9181 add generic tests for features 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
6277650a0d Document EndpointFeatures.qll 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
3baa9de45d add ParameterAccessPathSimpleFromArgumentTraversal 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
e5ddc57aa6 improve getSimpleAccessPath 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
62bf841c5d refactor calleeAccessPath feature to class 2022-04-22 14:39:43 +02:00
Stephan Brandauer
b14feb0022 refactor getACallBasedTokenFeature to class-use 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
09db824078 Add CalleeAccessPathSimpleFromArgumentTraversal 2022-04-22 14:39:43 +02:00
Esben Sparre Andreasen
eaba3c120f refactor EndpointFeatures.ql to use classes 2022-04-22 14:39:43 +02:00
CodeQL CI
06e5962da7 Merge pull request #8791 from asgerf/js/static-accessors 
Approved by erik-krogh
 2022-04-22 13:39:32 +01:00
Erik Krogh Kristensen
8fcbaea273 Merge branch 'main' into labelNaming 2022-04-22 13:19:44 +02:00
Khang. Võ Vĩ
f4581ae866 fix PrototypePollutingAssignment examples 2022-04-22 11:55:45 +07:00
Tom Hvitved
bd09c61504 Merge pull request #8786 from hvitved/ruby/dataflow/argument-tokens 
Ruby: Implement `Argument[any]` and `Argument[n..]`
 2022-04-21 16:31:24 +02:00
Asger Feldthaus
c6e66edb97 JS: Change note 2022-04-21 08:32:01 +02:00
Erik Krogh Kristensen
9927a82520 Merge pull request #8789 from erik-krogh/apiIpaBranches 
JS/PY: mention newtype constructors in API graph label classes
 2022-04-20 23:39:46 +02:00
Erik Krogh Kristensen
ff5b873557 Merge pull request #8773 from erik-krogh/exhaustion 
JS: promote `js/resource-exhaustion` out of experimental
 2022-04-20 19:33:42 +02:00
Erik Krogh Kristensen
ef51b46795 JS: mention newtype constructors in API graph label classes 2022-04-20 18:37:19 +02:00
Tom Hvitved
ea229d361c Sync files 2022-04-20 13:55:18 +02:00
Asger Feldthaus
44216b29a9 JS: Autoformat 2022-04-20 11:14:42 +02:00
Asger Feldthaus
4c66f50352 JS: More tests 2022-04-20 11:14:42 +02:00
Asger Feldthaus
fec2837c1e JS: Ensure accessors do not appear to be calls 2022-04-20 11:14:42 +02:00
Asger Feldthaus
ddb682b181 JS: Show all accessor calls in CG test 2022-04-20 11:14:41 +02:00
Asger Feldthaus
37a76f4441 JS: PropWrite is not a SourceNode 2022-04-20 11:14:41 +02:00
Asger Feldthaus
c9db6201ef JS: Add call-graph test for accessor calls 2022-04-20 11:14:41 +02:00
Asger Feldthaus
7d5c80433d JS: Handle accessor-calls to static accessors 2022-04-20 11:14:41 +02:00
Asger Feldthaus
37b3a6e5c0 JS: Add ClassNode.getStaticMember 2022-04-20 11:14:41 +02:00
Erik Krogh Kristensen
10130eef6d Merge pull request #8678 from erik-krogh/fileSource 
JS: Add files as a source for `js/xss-through-dom`
 2022-04-20 09:18:38 +02:00
Stephan Brandauer
2fb3147b7b Merge pull request #8430 from kaeluka/js/CVE-2022-24718 
JS: Add taint step for handlebars model
 2022-04-19 15:57:58 +01:00
Erik Krogh Kristensen
8669bbd948 update expected output of rate-limit query after test reorg 2022-04-19 14:27:24 +02:00