hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-22 07:07:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
65,054 Commits 1,759 Branches 167 Tags
7b3810eb8f88c0cd9489e0cca577ee1ea24b6ede
Commit Graph

1714 Commits

Author SHA1 Message Date
Asger F
7b3810eb8f Merge branch 'js/endpoint-naming-expose-synthetic' into js/vea-hacking 2024-03-19 14:04:00 +01:00
Asger F
ae903abb4b JS: Expose whether an endpoint name is synthetic 2024-03-19 14:03:33 +01:00
Tom Hvitved
5ab1047b14 Merge pull request #15882 from hvitved/js/dataflow-node-get-location 
JS: Add `DataFlow::Node.getLocation`
 2024-03-19 09:21:00 +01:00
Tom Hvitved
54fa8181da Address review comment 2024-03-13 20:03:01 +01:00
Erik Krogh Kristensen
bd121b98ae Merge pull request #15893 from erik-krogh/more-filter-taint 
JS: allow more flow through .filter()
 2024-03-13 16:19:28 +01:00
Erik Krogh Kristensen
53502a8662 Merge pull request #15510 from yoff/ts-54 
JS: Add support for TS 5.4
 2024-03-13 14:22:24 +01:00
Tom Hvitved
16cef92106 JS: Add DataFlow::Node.getLocation 2024-03-13 13:06:16 +01:00
Asger F
c5a02dae2b Merge pull request #15768 from asgerf/js/amd-pseudo-deps 
JS: Do not treat AMD pseudo-dependencies as imports
 2024-03-13 12:49:17 +01:00
erik-krogh
129286aa1c allow more flow through .filter() 2024-03-13 12:03:00 +01:00
Asger F
3cd4969499 WIP: Add NoPropStep and LoadAnyProp() 2024-03-12 13:01:39 +01:00
erik-krogh
9f410eb2d6 Merge branch 'main' into ts-54 2024-03-11 18:07:52 +01:00
Asger F
ba86c93e67 Revert "JS: More aggressive tracking of objects with methods" 
This reverts commit 5ed2e033f1.
 2024-03-11 15:33:12 +01:00
Asger F
5ed2e033f1 JS: More aggressive tracking of objects with methods 2024-03-11 10:43:15 +01:00
Asger F
7c35309732 Merge pull request #15823 from asgerf/js/lift-cg-restriction 
JS: Call graph improvements
 2024-03-08 13:40:38 +01:00
Asger F
245cd5c0b5 Merge pull request #15760 from asgerf/js/summarised-tt-store-steps 
JS: Summarise store steps for type tracking
 2024-03-08 13:16:25 +01:00
Asger F
ac4601cb8f Update javascript/ql/lib/semmle/javascript/dataflow/internal/CallGraphs.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2024-03-08 13:01:38 +01:00
Asger F
f546383cee JS: More implied receiver steps 2024-03-07 11:51:06 +01:00
Asger F
d9482441f0 Merge branch 'js/lift-cg-restriction' into js/vea-hacking 2024-03-06 11:42:55 +01:00
Asger F
a54a73c9a2 JS: Detect more FunctionStyleClasses 2024-03-06 11:37:20 +01:00
Asger F
941097b639 Update ModuleInterop.qll 2024-03-05 19:09:22 +01:00
Asger F
7ae28ceee0 More Module interop code 2024-03-04 15:46:55 +01:00
Asger F
4ab7acedb6 JS: Do not track instance methods 2024-03-04 10:36:13 +01:00
Asger F
f5d014baa5 JS: Remove allocation site restriction in CG 2024-03-01 23:20:35 +01:00
Asger F
5340a89107 JS: Remove allocation site restriction in CG 2024-03-01 21:36:29 +01:00
Asger F
c43856d8ea JS: Add steps to better handle module interop code 2024-03-01 21:30:04 +01:00
Asger F
af1382a6ca Merge branch 'js/summarised-tt-store-steps' into js/vea-hacking 2024-03-01 20:26:46 +01:00
Asger F
13e3a5158e JS: Fix qldoc 2024-02-29 13:59:25 +01:00
Asger F
dc590756b5 Merge branch 'js/escaping-instance-detection' into js/vea-hacking 2024-02-29 11:19:31 +01:00
Asger F
6a0adff1dc JS: More precise detection of classes with escaping instances 2024-02-29 11:15:37 +01:00
Asger F
34b48f51de Merge branch 'js/summarised-tt-store-steps' into js/vea-hacking 2024-02-29 10:30:15 +01:00
Asger F
853397361f JS: Do not treat AMD pseudo-dependencies as file paths 2024-02-29 10:23:28 +01:00
Asger F
052a8e7f81 JS: Avoid spurious recursion in AMD 2024-02-29 10:23:28 +01:00
Asger F
f384afbaf6 JS: Also summarize loadStore steps 2024-02-29 10:11:16 +01:00
Asger F
3ad83cc098 JS: Summarise store steps for type tracking 2024-02-29 10:10:39 +01:00
erik-krogh
0056067a17 Merge branch 'main' into ts-54 2024-02-25 21:20:43 +01:00
Tom Hvitved
62b16c0fa3 Share getFileBySourceArchiveName implementation 2024-02-23 11:25:49 +01:00
Asger F
db10c229de Merge pull request #15663 from asgerf/js/endpoint-naming2 
JS: Improvements to endpoint naming
 2024-02-21 19:36:57 +01:00
github-actions[bot]
37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot]
6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
Asger F
29ffeb6da5 JS: Fix qldoc 2024-02-20 14:00:32 +01:00
Asger F
c324b2aed8 JS: Refactor 2024-02-19 13:59:49 +01:00
Asger F
eb7d0244c2 JS: Global names don't have to be defined in externs 2024-02-19 13:59:49 +01:00
Asger F
493b37774f JS: More precise isFunctionSource 2024-02-19 13:59:49 +01:00
Asger F
6d597bea0d JS: Refactor 2024-02-19 13:59:49 +01:00
Asger F
8a5b907912 JS: Handle wrapper functions more gracefully 2024-02-19 13:59:48 +01:00
Asger F
d96f29d6c2 JS: Disallow return steps in getASinkNode 2024-02-19 13:59:48 +01:00
Asger F
29258ad8c2 WIP new aliasing rule 2024-02-19 13:59:15 +01:00
Asger F
d94d4591da JS: Name instance methods using API nodes instead of special-casing 2024-02-14 15:08:19 +01:00
Asger F
c4a0f36a08 JS: Fix handling of unknown properties 
These would shorten the expected distance to a node, but would never be usable as an edge, meaning we failed to pick a preferred predecessor.
 2024-02-14 15:08:19 +01:00
Asger F
9838da5395 JS: Simplify isExported 2024-02-14 15:08:19 +01:00