hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,351 Commits 1,671 Branches 157 Tags
7c21ebb526288f1377c4321ea93ae3b0535b51a1
Commit Graph

2375 Commits

Author SHA1 Message Date
Max Schaefer
770a4703c9 Merge pull request #2237 from asger-semmle/typescript3.7-rc 
TS: Add support for TypeScript 3.7
 2019-11-04 16:36:11 +00:00
Asger F
57aa166bff TS: Clean up yarn.lock 2019-11-04 14:59:42 +00:00
Asger F
b6f4ce0244 TS: Depend on typescript 3.7.2 2019-11-04 14:58:38 +00:00
Esben Sparre Andreasen
7f55e3f336 JS: classify Doxygen-generated files as "generated" 2019-11-04 09:57:41 +01:00
Asger F
2d7443ef98 TS: Add upgrade script 2019-11-04 07:55:20 +00:00
Asger F
79dbdac8fa TS: Support declare modifier for fields 2019-11-04 07:54:38 +00:00
Asger F
9bc45f351c TS: Fix typo in stats file 2019-11-04 07:54:38 +00:00
Asger F
09a2542477 TS: Update a javadoc comment 2019-11-04 07:54:38 +00:00
Asger F
4846e53a10 TS: Blacklist another cyclic property 2019-11-04 07:54:38 +00:00
Asger F
7dfd4e0687 TS: Stop using the deprecated TypeReference.typeArguments 2019-11-04 07:54:38 +00:00
Asger F
341c11523c TS: Add recursive type alias tests (already works) 2019-11-04 07:54:38 +00:00
Asger F
b81931e402 TS: Support assertion types 2019-11-04 07:54:38 +00:00
Asger F
4e7b987fa3 TS: Rename IsTypeExpr -> PredicateTypeExpr 2019-11-04 07:54:38 +00:00
Asger F
f50f3b48c4 TS: Add test for ?? operator (already works) 2019-11-04 07:54:38 +00:00
Asger F
869fe4558f TS: Support optional chaining 2019-11-04 07:54:38 +00:00
Asger F
f76006e490 JS: Delete duplicate test case (typo) 2019-11-04 07:54:38 +00:00
Asger F
36b6c32f4f TS: Update expected output 2019-11-04 07:54:37 +00:00
Asger F
637394fb62 TS: Add TypeScript-3.7.1-rc 2019-11-04 07:54:37 +00:00
Asger F
f48d16fcb7 JS: Support barrier guards that are reflective calls 2019-11-01 15:23:38 +00:00
Asger F
d6158427c5 JS: Generalize SanitizerFunction to data flow configs and flow labels 2019-11-01 15:23:38 +00:00
Asger F
e2b0ec5696 JS: Handle multiple and/or operators in SanitizerFunction 2019-11-01 15:23:38 +00:00
semmle-qlci
e8e2f7bb20 Merge pull request #2240 from max-schaefer/js/indirect-command-argument-data-flow 
Approved by esbena
 2019-11-01 11:00:22 +00:00
semmle-qlci
d03aecaa98 Merge pull request #2235 from max-schaefer/js/issue-2233 
Approved by esbena
 2019-10-31 14:17:58 +00:00
Max Schaefer
03c9a40ba3 JavaScript: Add libraries for forward and backward data-flow exploration. 2019-10-31 12:37:31 +00:00
Max Schaefer
8aae1f443f JavaScript: Use type tracking instead of auxiliary data-flow configuration to track indirect command arguments. 2019-10-31 12:13:55 +00:00
Max Schaefer
311cbd824c JavaScript: Recognize ":" pseudo-directive. 2019-10-31 11:39:09 +00:00
semmle-qlci
2a3980222b Merge pull request #2201 from max-schaefer/js/avoid-duplicate-source-and-sink-nodes 
Approved by asger-semmle
 2019-10-31 10:47:30 +00:00
Max Schaefer
3bbded57d3 JavaScript: Autoformat. 2019-10-30 14:49:18 +00:00
Max Schaefer
bb0771b36c JavaScript: Deal with escape-unescape-escape (and similar) chains. 2019-10-30 14:49:01 +00:00
Max Schaefer
8c133ff61d JavaScript: Deal with (un-)escaping on captured variables. 2019-10-30 14:46:50 +00:00
Max Schaefer
a8214ce7ee JavaScript: Fix regexes for escaping schemes. 2019-10-30 14:15:59 +00:00
Max Schaefer
5349e0f881 JavaScript: Recognise wrapped chains of replacements. 2019-10-30 13:14:38 +00:00
Max Schaefer
02d16b1dc9 JavaScript: Recognise wrapped string replacement functions. 2019-10-30 13:01:17 +00:00
Max Schaefer
aaeca32519 JavaScript: Recognize string escaping using .replace with a callback. 2019-10-30 12:45:32 +00:00
Max Schaefer
bd1c99d8a4 JavaScript: Recognise JSON.stringify and JSON.parse as escaper/unescaper. 2019-10-30 12:38:05 +00:00
semmle-qlci
a778efe71e Merge pull request #2216 from asger-semmle/xss-encodeURIComponent 
Approved by max-schaefer
 2019-10-30 11:49:31 +00:00
Max Schaefer
63f24476e9 JavaScript: Refactor DoubleEscaping.ql. 2019-10-30 10:59:14 +00:00
Luke Cartey
d9d4aa30a9 Merge pull request #2214 from hmakholm/pr/upgrade-packs 
Make each upgrade directory a QL pack
 2019-10-29 16:45:02 +00:00
Max Schaefer
b42026a90a JavaScript: Update expected output. 2019-10-29 15:36:24 +00:00
Max Schaefer
530fa2c11c JavaScript: Collapse edges instead of hiding nodes. 
Instead of skipping over initial and final nodes, we now introduce edges from source and to sink nodes that circumvent these nodes entirely.
 2019-10-29 15:30:24 +00:00
Max Schaefer
dc1d1c2f22 JavaScript: Update expected output. 2019-10-29 15:30:06 +00:00
Max Schaefer
278ea90049 JavaScript: Collapse flow labels at start/end nodes to avoid duplication. 2019-10-29 15:24:40 +00:00
Max Schaefer
316962233c JavaScript: Factor out MidPathNode into its own class. 2019-10-29 15:24:40 +00:00
Max Schaefer
7c56c9f999 JavaScript: Move suppression of hidden nodes into edges predicate. 
They should really only be hidden for display purposes.
 2019-10-29 15:19:26 +00:00
Max Schaefer
3373742077 JavaScript: Turn PathNode::getASuccessorInternal and PathNode::getAHiddenSuccessor into top-level predicates. 2019-10-29 15:19:26 +00:00
Max Schaefer
b6f4785645 JavaScript: Rename MkPathNode to MkMidNode. 2019-10-29 15:19:26 +00:00
Max Schaefer
d71faaa5f9 JavaScript: Introduce PathNode::wraps. 2019-10-29 15:19:26 +00:00
Max Schaefer
98e0932de5 JavaScript: Make Configuration::isLive nullary. 
This makes it more obvious to the evaluator that it is a good predicate to pick as a sentinel, and in practice we mostly just have one configuration in scope anyway.
 2019-10-29 15:19:26 +00:00
Max Schaefer
6964945c74 JavaScript: Restrict edges to only contain nodes. 2019-10-29 15:03:52 +00:00
Erik Krogh Kristensen
2d01e7c5ed simplify the callsArray predicate 2019-10-29 12:13:01 +01:00