204 Commits

Author	SHA1	Message	Date
Asger F	c3ad805fe8	JS: Sharpen up EnumerationRegExp	2025-02-28 13:58:11 +01:00
Asger F	d97d67359b	JS: Add test case showing lack of flow through non-sanitising regexp	2025-02-28 13:58:08 +01:00
Asger F	cd6ebb103e	JS: Make test not assume implicit through for maps	2024-12-19 15:25:45 +01:00
Asger F	dc2f39c399	JS: Add model of Map#groupBy	2024-12-19 15:25:43 +01:00
Asger F	de5e6ddeed	JS: Update with changes in TaintTracking test	2024-12-19 15:25:42 +01:00
Asger F	33e8bd5032	JS: Update testUtilities import	2024-12-19 15:25:39 +01:00
Asger F	3acd4814de	Merge branch 'main' into js/shared-dataflow-merge-main	2024-12-19 10:14:38 +01:00
Asger F	3f0d0e3a05	JS: Deprecate DataFlow::BarrierGuardNode	2024-12-03 14:30:50 +01:00
Asger F	62c17d3f4e	JS: Update SanitizerGuardNode use in BasicTaintTracking test	2024-12-03 14:30:34 +01:00
Asger F	08d25c122d	JS: Deprecate more uses of ConsistencyConfiguration	2024-12-03 14:30:27 +01:00
Asger F	0ce1fe767d	JS: Deprecate ConsistencyChecking to avoid deprecation warnings	2024-12-03 14:30:23 +01:00
Asger F	4d7401a074	JS: Deprecate tests for deprecated APIs ... Mainly adds 'deprecated' in front of a bunch of tests for deprecated APIs.	2024-12-03 14:30:12 +01:00
Asger F	3548544970	JS: Avoid some uses of deprecated guard classes in tests	2024-12-03 14:30:11 +01:00
Asger F	8818fcc207	JS: Benign test output changes	2024-11-26 15:47:13 +01:00
Asger F	82d61e4194	Merge branch 'js/shared-dataflow-branch' into js/shared-dataflow-merge-main	2024-11-26 15:36:16 +01:00
Napalys Klicius	61e00861e5	Merge pull request #18008 from Napalys/napalys/ES2024-group-functions ... JS: Added support for [Object, Map].groupBy ES2024 feature	2024-11-21 19:03:57 +01:00
Asger F	1ac7591faf	JS: Update missed flow in capture-flow.js ... We previously caught this flow because of a heuristic in capture flow. We'll have to fix it properly later.	2024-11-21 12:57:34 +01:00
Napalys	afc2d3e6d2	JS: Add: String.protytpe.toWellFormed to StringManipulationTaintStep	2024-11-20 17:42:25 +01:00
Napalys	09f73d8d6f	JS: Add: test cases for toWellFormed	2024-11-20 17:36:43 +01:00
Asger F	d52bc971b8	Merge branch 'main' into js/shared-dataflow-merge-main	2024-11-20 14:05:03 +01:00
Napalys Klicius	a957e00fe5	Merge branch 'main' into napalys/ES2024-group-functions	2024-11-20 14:03:31 +01:00
Napalys	58faa2d71e	JS: Add: dataflow step for static method of groupBy from Map.	2024-11-20 13:34:11 +01:00
Napalys	6344f83e4b	JS: Add: tests for taint tracking in groupBy functions	2024-11-20 13:22:53 +01:00
Napalys	213ce225e0	JS: Add: taint step for Object.groupBy function, fixed test cases from 8ae05d8be4	2024-11-18 12:58:07 +01:00
Napalys	8ae05d8be4	JS: Add: test case for Object.groupBy	2024-11-18 12:55:17 +01:00
Napalys	c02ad65fdc	JS: Add: taint step for Map.groupBy function	2024-11-18 12:50:06 +01:00
Napalys	3786ad4277	JS: Add: test case for Map.groupBy	2024-11-18 12:44:49 +01:00
Napalys	bed1f25b3f	JS: Fix: Now Array.prototype.with is properly flagged as taint step	2024-11-15 10:35:34 +01:00
Napalys	f04fd5cdcc	JS: Add: Test case for Array.protype.with taint step	2024-11-15 10:27:44 +01:00
Napalys Klicius	6fa3ff39a0	Merge branch 'main' into napalys/toSpliced-support	2024-11-14 16:56:32 +01:00
Napalys	84234d59b9	JS: Fix: Ensure toSpliced with spread operator is flagged	2024-11-13 17:21:34 +01:00
Napalys	8512cb44ff	JS: Add: Test cases for toSpliced with spread operator	2024-11-13 17:18:09 +01:00
Napalys	cf90430ec0	JS: Add: Missing test case for splice spread operator	2024-11-13 17:07:17 +01:00
Napalys	2df3d1b251	JS: Fix: Ensure toSpliced is flagged by taint tracking in test suite (ed44358143)	2024-11-13 15:58:20 +01:00
Napalys	ed44358143	Added toSpliced test cases for mutation arrays	2024-11-13 15:51:00 +01:00
Napalys	b4c84d3d3c	Added taint step for toSpliced, handles test from a65f80ef76	2024-11-13 12:41:41 +01:00
Napalys	a65f80ef76	Added basic taint tracking test for Array.prototype.toSpliced()	2024-11-13 12:28:14 +01:00
Napalys	7427a24ca1	Added test case for Array.prototype.toReversed, which is currently not flagged as a taint sink.	2024-11-12 12:02:37 +01:00
Napalys	3215967cbc	Added toReserved test case	2024-11-12 12:02:20 +01:00
Napalys	3f0a54c2e8	Added support for Array.prototype.toSorted function	2024-11-12 12:02:04 +01:00
Napalys	def8d75cb8	Added test case for Array.prototype.toSorted, which is currently not flagged as a taint sink.	2024-11-12 12:01:51 +01:00
Napalys	81bc7cd19f	Refactored SortTaintStep to ArrayInPlaceManipulationTaintStep to support both sort and reverse functions. Fixed newly added test case. from 8026a99db7	2024-11-11 08:32:03 +01:00
Napalys	1c298f0231	Added test case for Array.prototype.reverse, which is currently not flagged as a potential sink.	2024-11-11 08:32:02 +01:00
Asger F	1b85feb1fa	JS: Add imprecise post-update steps for when a captured var/this is not tracked precisely ... With the capture library we sometimes bails out of handling certain functions for scalability reasons. This means we have a notion of "captured but imprecisely-tracked" variables and 'this'. In these cases we go back to propagating flow from a post-update node to the local source.	2024-10-29 08:32:07 +01:00
Asger F	d557c7689c	JS: Update a test that now has more precise output	2024-10-29 08:32:06 +01:00
Asger F	12e316b99d	JS: Update test output after merging in 'main' ... - Paths are now relative to the test case, not the qlpack - Paths going through an implicit reads have changed slightly	2024-10-08 10:11:15 +02:00
Asger F	094112c905	Merge pull request #17213 from asgerf/jss/spread-argument ... JS: Improve handling of spread arguments and rest parameters [shared data flow branch]	2024-09-09 13:15:22 +02:00
Asger F	cb5dbb919d	JS: Update test to reflect implicit read flow has been fixed ... Shows the effect of https://github.com/github/codeql/pull/17262	2024-08-27 11:35:36 +02:00
Asger F	aa8bd332bf	JS: Add a few more tests	2024-08-27 11:35:31 +02:00
Asger F	371f7ef551	JS: Add implicit taint read of array elements	2024-08-27 11:35:31 +02:00