hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,671 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

4615 Commits

Author SHA1 Message Date
Asger F
29258ad8c2 WIP new aliasing rule 2024-02-19 13:59:15 +01:00
Asger F
4ef1ac9250 JS: Accept bad test output 2024-02-19 13:59:12 +01:00
Asger F
15bc3c282f JS: Add test with wrapper function 2024-02-19 13:58:40 +01:00
Asger F
d94d4591da JS: Name instance methods using API nodes instead of special-casing 2024-02-14 15:08:19 +01:00
Asger F
c4a0f36a08 JS: Fix handling of unknown properties 
These would shorten the expected distance to a node, but would never be usable as an edge, meaning we failed to pick a preferred predecessor.
 2024-02-14 15:08:19 +01:00
Asger F
3ff950660b JS: Add test with unknown property name 2024-02-14 15:08:19 +01:00
Asger F
a3dc19fd31 JS: Check privacy earlier 2024-02-14 15:08:19 +01:00
Asger F
5c454944a9 JS: Add test for private fields 2024-02-14 15:08:19 +01:00
Asger F
2a91bb8c54 JS: Add test showing ambiguous predecessor 2024-02-14 15:08:19 +01:00
Asger F
75a95ffcd1 Merge pull request #15602 from asgerf/js/block-logical-and-flow 
JS: Fix flow through &&
 2024-02-14 12:29:40 +01:00
Asger F
2172c4863f Merge pull request #15380 from asgerf/js/endpoint-naming 
JS: Add library for naming endpoints
 2024-02-14 10:48:13 +01:00
Asger F
18db769d6d JS: Update expected output 2024-02-14 10:45:51 +01:00
Asger F
bafe5e3d8e JS: Add test case (with old expected data) 2024-02-14 10:45:51 +01:00
Asger F
f5c437694c Update UselessConditional.expected 2024-02-13 18:31:24 +01:00
Asger F
f27fda801e Update tests.expected 2024-02-13 18:30:23 +01:00
Asger F
6598a669a1 JS: Use set literal 2024-02-13 09:30:35 +01:00
Asger F
baa3c35d6f JS: Refactor aliasing relation 2024-02-13 09:24:00 +01:00
erik-krogh
94b7bda3dc exclude tagged template literals from js/superfluous-trailing-arguments 2024-02-06 09:36:30 +01:00
Rasmus Lerchedahl Petersen
f275531542 Add support for TS 5.4-beta 2024-02-02 11:03:44 +01:00
Asger F
1737ba1a6b JS: Add library for naming endpoints 2024-01-30 16:36:51 +01:00
Asger F
6cfdd7aec4 JS: Add InlineExpectationsTest 2024-01-30 13:20:57 +01:00
Sid Shankar
b1d7a635f5 Renames diagnostic query files and tests 
This commit renames the files relating to the diagnostic query that produces information on the number of files extracted. The files have been renamed from "SuccessfullExtractedFiles.*" to "ExtractedFiles.*". All related tests and test files have been renamed too.

The `@tags` and `@id` attributes of the queries have been left untouched, consistent with the `@tags` and `@id` for similar queries in other languages.
 2024-01-29 20:19:20 +00:00
erik-krogh
396da117bb remove an FP in overly-large-range for [@-Z] 2024-01-25 14:15:06 +01:00
GitHub Security Lab
df10a7e7f0 Merge branch 'main' into amammad-js-bombs 2024-01-25 11:23:38 +01:00
Sid Shankar
2d71294f61 Merge pull request #15256 from sidshank/change/adjust-extracted-files-diagnostics 
Js/Py/Rb: Report any extracted file as successfully extracted
 2024-01-17 11:04:06 -05:00
erik-krogh
1a8a70dc1b mark the range [0-?] as good in the overly-large-range query 2024-01-17 13:11:57 +01:00
Sid Shankar
59098be8c4 Merge branch 'main' into change/adjust-extracted-files-diagnostics 2024-01-16 21:51:41 -05:00
Erik Krogh Kristensen
d782bd9b1f Merge pull request #13624 from jorgectf/seclab/dotjs 
JS: Add `dot.js` support
 2024-01-11 14:57:19 +01:00
Sid Shankar
e30a0d1e83 JS: Report any extracted file as successfully extracted 2024-01-08 22:19:33 +00:00
erik-krogh
58dc14d5bb update expected output 2024-01-04 11:38:58 +01:00
erik-krogh
a9f2b3fad6 promote PropsTaintStep to a PreCallGraphStep 2024-01-04 10:45:22 +01:00
erik-krogh
fe3e768414 update expected output of tests 2023-12-20 14:10:36 +01:00
Jorge
f8cfd698fa Merge branch 'main' into seclab/dotjs 2023-12-19 10:44:52 +01:00
amammad
102f09aa23 extend tests 2023-12-10 20:33:00 +01:00
amammad
18d0b28024 v1 2023-12-10 20:27:21 +01:00
Tom Hvitved
28373e0fdf JS: Adapt to changes in shared code 2023-12-10 11:25:43 +01:00
erik-krogh
e8f9e366d5 remove redundant imports for JS 2023-12-08 16:56:54 +01:00
amammad
1547cd0546 added inline tests, move to experimental dir 2023-12-05 18:59:46 +01:00
amammad
2c4d2d3069 Merge branch 'main' into amammad-js-CodeInjection_execa 2023-12-05 18:38:09 +01:00
amammad
67fb802f29 fix conflict 2023-12-05 18:37:50 +01:00
Jorge
8abd1d9855 Merge branch 'main' into seclab/dotjs 2023-11-30 19:42:18 +01:00
Rafael
1a05c2e704 Added Django test 2023-11-29 08:26:49 +01:00
erik-krogh
abb8d65483 Merge branch 'main' into amammad-js-SQLI 2023-11-23 21:17:58 +01:00
amammad
60b422a35c fix second round of code review. improve documents, fix better-sqlite3 method 2023-11-23 14:01:38 +01:00
Maiky
d661f7f482 Add Flow Labels 2023-11-22 19:50:16 +01:00
amammad
5cc4206e00 add a temporary Query file to demonstrate unsuccessful usage of two DataFlow configs 2023-11-22 08:30:59 +01:00
amammad
eb552b7c93 add failingPositiveTests to inlinetests 2023-11-22 08:00:38 +01:00
amammad
0328a2986d move TypeORM library file and tests to experimental 
add inline tests :)
Fix TypeORM fuzzy method according to Review
 2023-11-21 19:59:06 +01:00
Max Schaefer
2c5ce3216e Merge pull request #14846 from github/max-schaefer/js/path-injection 
Update qhelp for js/path-injection.
 2023-11-21 13:50:41 +00:00
Max Schaefer
dfffa1e237 Apply suggestions from code review 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2023-11-21 10:07:11 +00:00