hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-25 21:26:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,912 Commits 1,673 Branches 157 Tags
7d84cfacefe2682b414951fe1fbb48efa8d7ac8a
Commit Graph

96 Commits

Author SHA1 Message Date
CodeQL CI
653c900d62 Merge pull request #4987 from erik-krogh/defensiveFunctions 
Approved by esbena
 2021-02-02 14:47:23 -08:00
Asger Feldthaus
1637b72092 JS: Ignore Angular templates in a few non-security queries 2021-01-27 11:02:19 +00:00
Erik Krogh Kristensen
d86705fe7a remove benign result for js/whitespace-contradicts-precedence related to " | 0" expressions 2021-01-25 10:43:39 +01:00
Erik Krogh Kristensen
bf518f1c90 flag less overly general functions with js/unneeded-defensive-code 2021-01-20 15:48:12 +01:00
Erik Krogh Kristensen
2e024c3c61 fix that type inference assumed every compound-assignment have type number 2021-01-20 15:26:39 +01:00
CodeQL CI
897d8de65a Merge pull request #4523 from erik-krogh/optionalPromise 
Approved by asgerf
 2020-10-21 00:34:12 -07:00
Erik Krogh Kristensen
bdbc8f5c91 add support for OptionalUse in js/missing-await 2020-10-20 16:52:57 +02:00
Erik Krogh Kristensen
8c8cf4fc01 autoformat 2020-10-20 11:17:06 +02:00
Erik Krogh Kristensen
eb786078cb support modern compund-assignment in js/implicit-operand-conversion 2020-10-20 10:40:47 +02:00
Erik Krogh Kristensen
b09015380a add support for String.prototype.replaceAll 2020-09-21 10:50:04 +02:00
Erik Krogh Kristensen
f1dc36244c update tests and queries that used getId() 2020-08-05 14:32:09 +00:00
Asger Feldthaus
ea3560fe07 JS: Ignore document.all checks explicitly 2020-06-25 11:03:06 +01:00
Max Schaefer
a803120414 Lower precision for a number of queries. 
These queries are currently run by default, but don't have their results displayed.

Looking through results on LGTM.com, they are either false positives (e.g., `BitwiseSignCheck` which flags many perfectly harmless operations and `CompareIdenticalValues` which mostly flags NaN checks) or harmless results that developers are unlikely to care about (e.g., `EmptyArrayInit` or `MisspelledIdentifier`).

With this PR, the only queries that are still run but not displayed are security queries, where different considerations may apply.
 2020-05-19 13:43:17 +01:00
Erik Krogh Kristensen
970ddcac7b autoformat 2020-05-11 15:38:45 +02:00
Erik Krogh Kristensen
acb0f2e54f exclude "@babel/helpers - .." from js/unknown-directive 2020-05-11 12:42:18 +02:00
Erik Krogh Kristensen
eb7e0d6a62 still flag single-expression files that contain a function 2020-05-04 18:37:26 +02:00
Erik Krogh Kristensen
cee986fa76 skip expressions that are alone in a file for js/useless-expression 2020-05-04 09:08:41 +02:00
semmle-qlci
2b055de4d6 Merge pull request #3154 from erik-krogh/ImplicitConv 
Approved by asgerf
 2020-04-29 16:05:19 +01:00
Erik Krogh Kristensen
2ef13ef6e8 cousing -> sibling 2020-04-29 14:30:03 +02:00
Erik Krogh Kristensen
c713ba7bfe fix typo 2020-04-20 10:51:42 +02:00
Erik Krogh Kristensen
427c32f211 report a local variable as the misspelling if there any many occourances of the global 2020-04-17 11:25:23 +02:00
Asger Feldthaus
3a9d047cf5 JS: Ignore delete expressions in js/missing-await 2020-04-02 11:35:09 +01:00
Erik Krogh Kristensen
f55005a0ec more precise warning message for implicit string/number conversions 2020-03-30 11:17:56 +02:00
Erik Krogh Kristensen
e88dac3dea remove FP for js/redundant-operation 2020-03-11 14:42:32 +01:00
Asger Feldthaus
fefcf1a7a6 JS: Autoformat everything 2020-02-27 09:41:01 +00:00
Asger Feldthaus
77105f6572 JS: Do not flag void operands MissingAwait 2020-02-19 09:30:03 +00:00
Asger Feldthaus
6d9306366c JS: ignore useless-expr in first stmt in try block 2020-01-15 11:49:23 +00:00
Max Schaefer
308da0774d Merge pull request #2525 from asger-semmle/promise-missing-await 
JS: New query: missing await
 2020-01-08 15:29:45 +00:00
Asger F
ef79023e52 Update javascript/ql/src/Expressions/MissingAwait.qhelp 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-01-08 10:23:30 +00:00
Asger F
503bcdc5d7 JS: Dont capitalize Promise in prose 2020-01-03 14:16:31 +00:00
Asger F
3c601fce74 Apply suggestions from code review 
Co-Authored-By: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-01-03 14:15:52 +00:00
Asger F
30a8769dad JS: Add more bad promise contexts 2020-01-03 14:12:55 +00:00
Erik Krogh Kristensen
f140820511 fix FP related to block-level flow type annotations 2019-12-17 16:10:20 +01:00
Asger F
e8f0e3811a JS: Replace backticks with <code> 2019-12-12 15:52:09 +00:00
Asger F
eb82b17f16 JS: QHelp and a bit of qldoc 2019-12-12 15:40:41 +00:00
Asger F
a30f991b5e JS: Add query for missing await 2019-12-12 15:11:25 +00:00
Esben Sparre Andreasen
23d29a80db JS: improve comment syntax 2019-11-21 13:16:40 +01:00
Esben Sparre Andreasen
6328a0a8b9 JS: improve FP filter for js/unbound-event-handler-receiver 2019-11-21 13:13:40 +01:00
semmle-qlci
794d5bda6d Merge pull request #2116 from erik-krogh/arrayCBRet 
Approved by max-schaefer
 2019-11-05 11:32:13 +00:00
Max Schaefer
311cbd824c JavaScript: Recognize ":" pseudo-directive. 2019-10-31 11:39:09 +00:00
Erik Krogh Kristensen
2e0244cda6 address review feedback 2019-10-21 20:32:45 +02:00
Max Schaefer
55fb86d618 JavaScript: Remove deprecated queries. 
These queries have all been deprecated since 1.17 (released in July 2018). I think it's time to say goodbye.
 2019-10-21 14:42:02 +01:00
Erik Krogh Kristensen
592cb18bf4 add array callbacks to useOfReturnlessFunction query 2019-10-11 16:26:27 +02:00
Erik Krogh Kristensen
7fb8f8453d fix for when the concatenation root is in parentheses 2019-09-26 16:35:38 +02:00
Erik Krogh Kristensen
69365ccd03 remove false positive in missingSpaceInAppend by requring the presence of a word-like fragment 2019-09-26 12:59:05 +02:00
Esben Sparre Andreasen
aab17850d1 JS: eliminate redundant ConstantString casts 2019-09-11 10:56:49 +02:00
Anders Schack-Mulligen
ca45fb5a60 JavaScript: Autoformat. 2019-09-06 09:04:51 +02:00
Max Schaefer
e35fde322b JavaScript: Teach ShiftOutOfRange about BigInt. 2019-06-26 09:16:34 -07:00
Esben Sparre Andreasen
b86f43be98 JS: reformulate CallToObjectDefineProperty::getAPropertyAttribute 2019-04-10 14:03:28 +02:00
Esben Sparre Andreasen
bd7eef08e8 JS: introduce CallToObjectDefineProperty::getAPropertyAttribute 2019-03-14 11:59:27 +01:00