hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,672 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

1989 Commits

Author SHA1 Message Date
Asger F
107ec3b687 JS: add test with self=this variable 2019-01-18 10:39:02 +00:00
Asger F
78bd76048a JS: add test with closures 2019-01-18 10:39:02 +00:00
Asger F
0bb6692c19 JS: add 'this' as possible access path root 2019-01-18 10:39:02 +00:00
semmle-qlci
5e712b3ff6 Merge pull request #784 from asger-semmle/dedup-promiseTaintStep 
Approved by esben-semmle
 2019-01-18 08:52:09 +00:00
Asger F
7a344c8546 JS: Add resolved promise taint test case 2019-01-17 13:08:55 +00:00
Asger F
9aaea40719 JS: address comments and support TrackedNode 2019-01-16 11:12:38 +00:00
Asger F
6d1eab8a4b JS: support flow out of "this" in constructor call 2019-01-16 11:09:38 +00:00
Max Schaefer
4a7e0fe104 Merge pull request #766 from asger-semmle/ts-compiler-3.2 
TS: Support TypeScript 3.2
 2019-01-16 08:49:45 +00:00
semmle-qlci
8655e5ae17 Merge pull request #768 from xiemaisi/js/call-summaries 
Approved by asger-semmle
 2019-01-16 08:35:31 +00:00
Asger F
3ed9575529 TS: add support for bigints 2019-01-14 18:26:09 +00:00
Asger F
1c6deb65cd TS: update test expectation 2019-01-14 18:15:30 +00:00
semmle-qlci
955bad0618 Merge pull request #640 from asger-semmle/lodash-case 
Approved by esben-semmle
 2019-01-14 07:59:59 +00:00
semmle-qlci
04c15028ab Merge pull request #750 from aschackmull/javascript/autoformat 
Approved by xiemaisi
 2019-01-11 16:35:38 +00:00
Anders Schack-Mulligen
e58094c732 Javascript: Autoformat. 2019-01-11 11:02:42 +01:00
Max Schaefer
7d2d33840a JavaScript: Track flow through forwarding higher-order calls. 2019-01-11 09:15:58 +00:00
Max Schaefer
edc5117dfd JavaScript: Track flow into (simple) higher-order function calls. 
The only case we support for now are functions that invoke one of their arguments, passing another argument as input.
 2019-01-11 08:11:15 +00:00
Max Schaefer
8f1c5db8be JavaScript: Change encoding of member and parameter portals for readability. 2019-01-09 09:10:45 +00:00
Max Schaefer
8e36c60326 JavaScript: Add a few examples that cause cyclic portals. 2019-01-09 09:09:58 +00:00
Max Schaefer
98a763ae4b JavaScript: Add QL library for modelling portals between npm packages. 2019-01-09 09:06:55 +00:00
Asger F
6816f33a3d JS: Handle case-insensitive lodash imports 2019-01-08 12:29:28 +00:00
Max Schaefer
b4f400fb23 Merge remote-tracking branch 'upstream/next' into qlucie/master 2019-01-04 10:35:57 +00:00
semmle-qlci
b11b714152 Merge pull request #696 from esben-semmle/js/host-request-forgery 
Approved by asger-semmle
 2018-12-19 15:04:08 +00:00
Esben Sparre Andreasen
50cba92f5f JS: remove slow test Security/heuristics/AdditionalCommandInjections 2018-12-17 10:58:46 +01:00
Esben Sparre Andreasen
60fe0176ed JS: add ClientRequest::getHost 2018-12-17 10:32:30 +01:00
Aditya Sharad
7bc729a7dc Merge master into next. 2018-12-14 10:16:47 +00:00
semmle-qlci
7f21f145e2 Merge pull request #678 from asger-semmle/function-receiver 
Approved by xiemaisi
 2018-12-14 08:39:04 +00:00
Aditya Sharad
f71e5ac338 Merge master into next. 2018-12-13 17:57:31 +00:00
Asger F
cb349348e7 JS: rename getThisParameter to getReceiver 2018-12-13 10:19:44 +00:00
Max Schaefer
e194021c3b Merge pull request #629 from esben-semmle/js/persistent-read-taint 
JS: add persistent storage taint steps
 2018-12-13 08:24:42 +00:00
Max Schaefer
f1dcec8369 Merge pull request #667 from asger-semmle/ts-binding-pattern-with-defaults 
TS: fix extraction of binding pattern with default
 2018-12-13 08:18:22 +00:00
Aditya Sharad
f92456fcad Merge master into next. 
Conflict in `cpp/ql/test/library-tests/sideEffects/functions/sideEffects.expected`,
resolved by accepting test output (combining changes).
 2018-12-12 17:26:18 +00:00
Asger F
635a3cb1ec JS: add FunctionNode.getThisParameter 2018-12-12 16:26:02 +00:00
Asger F
aa04e9c77f TS: fix extraction of binding pattern with default 2018-12-12 10:36:30 +00:00
Asger F
a01a9dc5cc JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql 2018-12-11 16:06:22 +00:00
Esben Sparre Andreasen
45b207c21b JS: introduce models of three cookie libraries 2018-12-06 14:53:22 +01:00
Esben Sparre Andreasen
28b4a78430 JS: introduce DOM::PersistentWebStorage 2018-12-06 14:53:22 +01:00
Aditya Sharad
3caf4e52a7 Merge rc/1.19 into next. 2018-12-04 12:39:41 +00:00
Esben Sparre Andreasen
a342fa36c6 JS: support React getSnapshotBeforeUpdate 2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen
67b1487384 JS: support React shouldComponentUpdate 2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen
417dac7ad6 JS: support React getDerivedStateFromProps 2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen
0d62191d84 JS: add more React tests 2018-12-04 10:48:35 +01:00
Esben Sparre Andreasen
a3bd072590 JS: add Hapi::RouteHandlerCandidate 2018-12-03 09:22:21 +01:00
Jonas Jensen
9babb4366b Merge remote-tracking branch 'upstream/master' into mergeback-20181130 2018-11-30 10:13:33 +01:00
Asger F
959776b775 JS: add test case 2018-11-29 11:22:15 +00:00
Asger F
d69e584cc2 JS: fix bug in foldedComparisonEdge 2018-11-29 11:22:15 +00:00
Asger F
43df9538bf JS: be conservative in presence of NaN comments 2018-11-29 11:22:14 +00:00
Asger F
6c53ad80c7 JS: add constant constraints in range analysis 2018-11-29 11:22:13 +00:00
Asger F
064b1099eb JS: range analysis through phi nodes 2018-11-29 11:22:13 +00:00
Asger F
09ca6652fb JS: Support return value of x++ 2018-11-29 11:22:13 +00:00
Asger F
a374540c55 JS: Range analysis library 2018-11-29 11:22:13 +00:00