96 Commits

Author	SHA1	Message	Date
Stephan Brandauer	6a786a2000	ATM: new feature to list all imports in an endpoint's file	2022-04-29 17:00:44 +02:00
Esben Sparre Andreasen	930591801f	remove Input_ArgumentIndexAndAccessPathFromCallee	2022-04-29 16:58:22 +02:00
Esben Sparre Andreasen	1064dc4efc	add docstring examples	2022-04-29 16:58:22 +02:00
Esben Sparre Andreasen	17ce41165d	address review comments	2022-04-29 16:58:22 +02:00
Esben Sparre Andreasen	9e2a211b16	fix semantic merge conflict	2022-04-29 16:58:21 +02:00
Esben Sparre Andreasen	437f48c908	rename new features	2022-04-29 16:58:21 +02:00
Esben Sparre Andreasen	a1925b5bd6	add more features	2022-04-29 16:58:21 +02:00
Esben Sparre Andreasen	bf186dd441	improve feature documentation	2022-04-29 16:58:21 +02:00
Esben Sparre Andreasen	e524792a4d	improve access path strings	2022-04-29 16:58:20 +02:00
Esben Sparre Andreasen	daa64dbaff	support import in getSimpleAccessPath	2022-04-29 16:58:20 +02:00
Esben Sparre Andreasen	a46a802000	support await in getSimpleAccessPath	2022-04-29 16:58:20 +02:00
Esben Sparre Andreasen	df2ca897cb	avoid using new feautes by default	2022-04-29 16:58:20 +02:00
Esben Sparre Andreasen	6c8c2b2044	Document EndpointFeatures.qll	2022-04-29 16:58:19 +02:00
Esben Sparre Andreasen	dde084ca1a	add ParameterAccessPathSimpleFromArgumentTraversal	2022-04-29 16:58:19 +02:00
Esben Sparre Andreasen	93551a3145	improve getSimpleAccessPath	2022-04-29 16:58:19 +02:00
Esben Sparre Andreasen	5800c9d83d	refactor calleeAccessPath feature to class	2022-04-29 16:58:19 +02:00
Stephan Brandauer	4eb4929a5d	refactor getACallBasedTokenFeature to class-use	2022-04-29 16:58:19 +02:00
Esben Sparre Andreasen	8fe5f54cd7	Add CalleeAccessPathSimpleFromArgumentTraversal	2022-04-29 16:58:18 +02:00
Esben Sparre Andreasen	66a5e57e59	refactor EndpointFeatures.ql to use classes	2022-04-29 16:58:18 +02:00
Erik Krogh Kristensen	b74d1fdb1a	Merge pull request #8783 from erik-krogh/jsAbstractBi ... JS: don't initialize sanitizer-guards in the standard library	2022-04-29 11:12:16 +02:00
Erik Krogh Kristensen	e1c7d369be	Merge pull request #8796 from erik-krogh/redundantImport ... Remove redundant imports	2022-04-27 12:39:51 +02:00
Erik Krogh Kristensen	ff73dbc35c	delete redundant imports	2022-04-22 12:55:28 +02:00
Erik Krogh Kristensen	81ce8ac715	ATM: fix compiler warnings about unused variables	2022-04-20 18:10:59 +02:00
Erik Krogh Kristensen	b1bad271d5	only activate the PrefixString label in Query.qll files	2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen	8a5b1668f9	move initialization of sanitizer-guards to Query.qll files	2022-04-20 18:10:53 +02:00
annarailton	de4e01a8f2	Change NotASinkType to NegativeType ... Fixes https://github.com/github/ml-ql-adaptive-threat-modeling/issues/1819	2022-04-08 10:22:13 +01:00
Erik Krogh Kristensen	67e1ffdd3e	fix isKnownStepSrc such that it actually includes taint/dataflow-steps	2022-03-31 09:46:01 +02:00
github-actions[bot]	1e620c99c6	JS: Bump patch version of ML-powered library and query packs post-release	2022-03-23 11:53:34 +00:00
github-actions[bot]	dc0c8374d2	JS: Bump minor version of ML-powered library and query packs	2022-03-23 11:47:53 +00:00
Erik Krogh Kristensen	b0fc958b32	simplify imports ... Co-authored-by: Henry Mercer <henry.mercer@me.com>	2022-03-15 15:10:04 +01:00
Erik Krogh Kristensen	89af50f6d5	rename all lower-case import-as statements	2022-03-15 14:40:38 +01:00
Henry Mercer	f38b498eed	Merge pull request #8433 from github/henrymercer/js-atm-remove-isEffectiveSinkWithOverridingScore ... JS: Remove `isEffectiveSinkWithOverridingScore` from ML-powered libraries	2022-03-15 10:04:30 +00:00
Henry Mercer	5102cadf8e	Merge pull request #8404 from github/codeql-ci/js-atm-new-release ... JS: Bump version numbers of ML-powered packs after 0.1.0 release	2022-03-14 17:32:37 +00:00
Henry Mercer	8b1b2af2d8	JS: Remove isEffectiveSinkWithOverridingScore ... This was previously used in the ATM external API query, but is now dead code.	2022-03-14 14:25:36 +00:00
github-actions[bot]	7ac7657ffc	JS: Bump patch version of ML-powered library and query packs post-release	2022-03-11 12:17:13 +00:00
github-actions[bot]	2f6886642c	JS: Bump minor version of ML-powered library and query packs	2022-03-11 12:13:03 +00:00
Erik Krogh Kristensen	69353bb014	patch upper-case acronyms to be PascalCase	2022-03-11 11:10:33 +01:00
Erik Krogh Kristensen	1b5c7392f0	restrict the size of the getASubexpressionWithinQuery predicate, and remove double-recursion	2022-03-01 11:18:42 +01:00
Erik Krogh Kristensen	1407b49a8f	fix some instances of ql/pred-doc-style for JS	2022-02-21 15:02:21 +01:00
Erik Krogh Kristensen	a1c5724be7	fix most ql-for-ql warnings in JS	2022-02-11 17:57:37 +01:00
Ian Wright	be5e8dae05	Update javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll ... Co-authored-by: Henry Mercer <henrymercer@github.com>	2022-02-04 15:41:50 +00:00
Ian Wright	e57a0e0e2f	Update javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll ... Co-authored-by: Henry Mercer <henrymercer@github.com>	2022-02-04 15:21:56 +00:00
Ian Wright	b38335a6c2	add QL comment; inline a predicate; restore a comment	2022-02-04 15:21:09 +00:00
Ian Wright	dca03d7b5d	reinstate the AST node limit to minimize change to feature values	2022-02-03 09:45:35 +00:00
Ian Wright	d5ab119039	actually count the number of chars	2022-02-03 09:41:51 +00:00
Ian Wright	83ecc065ab	restrict size of strings	2022-01-31 12:28:46 +00:00
Ian Wright	aceeb7324c	restrict AST nodes according to string length	2022-01-28 15:06:10 +00:00
Henry Mercer	c134e6c9ef	JS: Bump ML-powered query packs to v0.0.6	2022-01-19 14:40:42 +00:00
Henry Mercer	d467725ccd	JS: Bump ML-powered query packs to v0.0.5	2022-01-19 12:08:33 +00:00
Henry Mercer	1893b9f7a9	Merge pull request #7376 from github/henrymercer/js-atm-absent-features-optimization ... JS: Update featurization for absent features optimization	2022-01-18 10:15:53 +00:00