codeql

mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00

Author	SHA1	Message	Date
Asger F	8ecdb5cefe	Update VariableCapture.qll	2024-03-13 15:24:20 +01:00
Asger F	82abd867a0	JS: Update uses of AccessPathSyntax This doesn't yet migrate to the FlowSummaryImpl.qll in a qlpack, just trying to make things compile first	2024-03-13 15:17:58 +01:00
Asger F	e5bc8db2f0	JS: Fix conflicting default for visbleImplInCallContext	2024-03-13 15:17:08 +01:00
Asger F	bb1f729a3f	Update VariableCapture.qll	2024-03-13 15:16:37 +01:00
Asger F	97567f412e	JS: Update VariableCapture.qll after changes to API	2024-03-13 14:53:00 +01:00
Asger F	5e7d1d5c2c	Merge branch 'main' into js/shared-dataflow-merged	2024-03-13 14:27:16 +01:00
Asger F	c5a02dae2b	Merge pull request #15768 from asgerf/js/amd-pseudo-deps JS: Do not treat AMD pseudo-dependencies as imports	2024-03-13 12:49:17 +01:00
Asger F	fa8933eb41	JS: Reduce duplication in UnsafeDynamicMethodAccessQuery	2024-03-13 12:30:05 +01:00
Asger F	ea4bc9cdbb	JS: Comment about manually applying taint steps	2024-03-13 12:30:05 +01:00
Asger F	406b080ce3	JS: Add comment about allowImplicitRead in PostMessageStar	2024-03-13 11:30:52 +01:00
Asger F	0a2050bc42	JS: Deduplicate predicate in HostHeaderPoisoningQuery	2024-03-13 11:27:18 +01:00
Asger F	11983faccf	JS: Remove out-commented code	2024-03-13 11:26:56 +01:00
Asger F	b31f20a64e	JS: Explain why ObjetWrapperFlowLabel is deprecated	2024-03-13 11:08:25 +01:00
Asger F	e0aae53ac7	JS: Remove unnecessary BarrierGuardLegacy class	2024-03-13 11:05:23 +01:00
Asger F	fce2be0af3	JS: Use BarrierGuardLegacy in TaintedPath	2024-03-13 11:02:09 +01:00
Asger F	e640154048	JS: Be backwards compatible with AdditionalBarrierGuardNode I've confirmed that the 'legacyBarrier' predicate does not occur in the DIL	2024-03-13 10:54:02 +01:00
Asger F	14e75be510	JS: Expand comments and synthetic node name in ForOfLoops	2024-03-13 09:27:00 +01:00
Asger F	e66f27cfe3	JS: Move hasWildcardReplaceRegExp to a shared place	2024-03-13 09:19:26 +01:00
Asger F	4043bc13ab	JS: Explicit mark comment as a TODO	2024-03-13 09:19:03 +01:00
Asger F	858c79e395	JS: Add plain taint step through Promise.all()	2024-03-13 08:57:42 +01:00
Asger F	13a8e0fbf0	JS: Add failing test for Promise.all()	2024-03-13 08:54:06 +01:00
Asger F	2c1aa08f79	JS: Rename Strings2 -> Strings	2024-03-12 21:18:14 +01:00
Asger F	478dd25f3e	JS: Rename Sets2 -> Sets	2024-03-12 21:17:29 +01:00
Asger F	433489478d	JS: Rename Promise2 -> Promise	2024-03-12 21:16:43 +01:00
Asger F	e2f3565227	JS: Rename Maps2 -> Maps	2024-03-12 21:14:29 +01:00
Asger F	b3fad7a8dc	JS: Rename Iterators2 -> Iterators	2024-03-12 15:12:07 +01:00
Asger F	5aafd33cec	JS: Rename Arrays2 -> Arrays	2024-03-12 15:11:29 +01:00
Asger F	76e0445af0	JS: Be consistent about caching in PreCallGraphStep	2024-03-12 15:08:59 +01:00
Asger F	28fc8ba0c1	JS: Remove EmptyType	2024-03-12 14:59:04 +01:00
Asger F	f94aa2ceec	Update javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowNode.qll	2024-03-12 14:41:11 +01:00
Asger F	7c35309732	Merge pull request #15823 from asgerf/js/lift-cg-restriction JS: Call graph improvements	2024-03-08 13:40:38 +01:00
Asger F	245cd5c0b5	Merge pull request #15760 from asgerf/js/summarised-tt-store-steps JS: Summarise store steps for type tracking	2024-03-08 13:16:25 +01:00
Asger F	ac4601cb8f	Update javascript/ql/lib/semmle/javascript/dataflow/internal/CallGraphs.qll Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>	2024-03-08 13:01:38 +01:00
Asger F	fc5b9e2796	JS: Expand test case	2024-03-08 10:34:39 +01:00
Asger F	81b04863b2	JS: Change note	2024-03-07 13:35:50 +01:00
Asger F	c7295a09cd	JS: Benign test output update	2024-03-07 11:55:56 +01:00
Asger F	a54a73c9a2	JS: Detect more FunctionStyleClasses	2024-03-06 11:37:20 +01:00
Asger F	4ab7acedb6	JS: Do not track instance methods	2024-03-04 10:36:13 +01:00
Asger F	f5d014baa5	JS: Remove allocation site restriction in CG	2024-03-01 23:20:35 +01:00
Asger F	13e3a5158e	JS: Fix qldoc	2024-02-29 13:59:25 +01:00
Asger F	6a0adff1dc	JS: More precise detection of classes with escaping instances	2024-02-29 11:15:37 +01:00
Asger F	eeaa2bcc55	JS: Add test for class instance escaping into dependency	2024-02-29 11:14:23 +01:00
Asger F	853397361f	JS: Do not treat AMD pseudo-dependencies as file paths	2024-02-29 10:23:28 +01:00
Asger F	052a8e7f81	JS: Avoid spurious recursion in AMD	2024-02-29 10:23:28 +01:00
Asger F	f384afbaf6	JS: Also summarize loadStore steps	2024-02-29 10:11:16 +01:00
Asger F	3ad83cc098	JS: Summarise store steps for type tracking	2024-02-29 10:10:39 +01:00
Asger F	7cd84c8f0a	JS: Add type-tracking test	2024-02-29 10:10:07 +01:00
Tom Hvitved	2683e40038	Merge pull request #15708 from hvitved/share-ide-contextual Share `getFileBySourceArchiveName` implementation	2024-02-23 19:56:33 +01:00
Tom Hvitved	62b16c0fa3	Share `getFileBySourceArchiveName` implementation	2024-02-23 11:25:49 +01:00
erik-krogh	bf22f4a870	update expected output	2024-02-22 13:21:11 +01:00

1 2 3 4 5 ...

8852 Commits