hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,226 Commits 1,741 Branches 165 Tags
a07c0944375d3f49821c93b04e119d3ae875cdd5
Commit Graph

234 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
a07c094437 JS: introduce TypeInferredCalleeWithAnalyzedReturnFlow 2018-11-06 16:04:46 +01:00
Esben Sparre Andreasen
fef3573152 JS: use global layer in AnalyzedNode::getABooleanValue and -getAType 2018-11-06 16:04:46 +01:00
semmle-qlci
8b866ade0e Merge pull request #373 from asger-semmle/jsx-factory-import 
Approved by xiemaisi
 2018-10-30 10:35:49 +00:00
semmle-qlci
1509752df6 Merge pull request #345 from esben-semmle/js/intro-getUnderlying 
Approved by xiemaisi
 2018-10-30 10:34:00 +00:00
Esben Sparre Andreasen
c9890fee1e JS: address review comments 2018-10-29 09:22:53 +01:00
Esben Sparre Andreasen
ec1722c4db JS: add utility SyntacticConstants::isNullOrUndefined 2018-10-29 09:22:53 +01:00
Esben Sparre Andreasen
7c7cd7c213 JS: make use of getUnderlyingValue 2018-10-29 09:22:53 +01:00
Esben Sparre Andreasen
376245da06 JS: introduce Expr::getUnderlyingReference 2018-10-29 09:22:53 +01:00
Esben Sparre Andreasen
8fc89e2e36 JS: introduce Expr::getUnderlyingValue 2018-10-29 09:22:53 +01:00
Esben Sparre Andreasen
244d8d5778 JS: introduce truncate utility 2018-10-26 15:20:58 +02:00
Esben Sparre Andreasen
2565b35c3d JS: Fix indentation 2018-10-26 15:19:43 +02:00
Asger F
47f59b4fd8 JS: fix typo 2018-10-26 14:08:44 +01:00
Asger F
3bd91bdf08 JS: introduce common class for Babel plugins 2018-10-26 12:55:37 +01:00
Asger F
91943ae2cb JS: support transform-react-jsx plugin 2018-10-26 12:06:56 +01:00
Max Schaefer
38534a6e2f JavaScript: Address review comment. 2018-10-25 15:31:46 +01:00
Max Schaefer
34b33ca04c JavaScript: Recognise rest patterns as lvalues. 2018-10-25 15:31:46 +01:00
Max Schaefer
8402ee8374 JavaScript: Refactor getDefReachingEndOf to improve performance. 2018-10-25 15:31:46 +01:00
Max Schaefer
09ef1a719a JavaScript: Pull out auxiliary predicates to improve join order in liveAfterDef. 2018-10-25 15:31:46 +01:00
Max Schaefer
59bbd025a5 JavaScript: Pull out auxiliary predicate to improve join order in TPhi. 2018-10-25 15:31:46 +01:00
Max Schaefer
d2993b9e04 JavaScript: Model data flow of destructuring assignments more precisely. 2018-10-25 15:31:46 +01:00
Tom Hvitved
97904eb202 Revert "JavaScript: Patch CFG to improve support for non-top level import declarations." 
This reverts commit f05e777e64.
 2018-10-24 10:45:57 +01:00
Max Schaefer
212edc2e18 Merge pull request #307 from esben-semmle/js/unused-import 
JS: make js/unused-local-variable flag import statements
 2018-10-22 13:13:02 +01:00
Max Schaefer
7702b58794 Merge pull request #305 from asger-semmle/json-taint-kind 
JS: Add flow label for tainted objects and sharpen NosqlInjection
 2018-10-22 11:58:50 +01:00
Asger F
b72e2aa602 JS: address comments and introduce LabeledBarrierGuardNode 2018-10-19 15:26:52 +01:00
Esben Sparre Andreasen
c65bc5cc90 JS: add Util::pluralize, also add tests for Util::capitalize 2018-10-18 11:49:28 +02:00
semmle-qlci
e55eaefded Merge pull request #310 from esben-semmle/js/additional-client-request-data-nodes 
Approved by xiemaisi
 2018-10-16 12:59:22 +01:00
semmle-qlci
e319159a59 Merge pull request #316 from xiemaisi/js/odasa-7355-workaround 
Approved by esben-semmle
 2018-10-16 12:47:58 +01:00
Esben Sparre Andreasen
c7fe96d4bd JS: implement getADataNode for Electron::ClientRequest 2018-10-16 08:51:32 +02:00
Esben Sparre Andreasen
e7836d74ab JS: implement getADataNode for NodeHttpUrlRequest 2018-10-16 08:51:32 +02:00
Esben Sparre Andreasen
3c07b4faf1 JS: implement getADataNode for SuperAgentUrlRequest 2018-10-16 08:51:32 +02:00
Esben Sparre Andreasen
eef0b8c94d JS: implement getADataNode for GotUrlRequest 2018-10-16 08:51:32 +02:00
Esben Sparre Andreasen
977b287129 JS: implement getADataNode for FetchUrlRequest 2018-10-16 08:51:30 +02:00
Esben Sparre Andreasen
c21a0472d4 JS: implement getADataNode for AxiosUrlRequest 2018-10-16 08:50:56 +02:00
Esben Sparre Andreasen
1e115bce2c JS: add SourceNode support for chained method calls 2018-10-16 08:48:09 +02:00
Max Schaefer
df5a8651c3 JavaScript: Reinstate override. 2018-10-16 07:31:28 +01:00
semmle-qlci
1e7696664e Merge pull request #302 from xiemaisi/js/google-spanner 
Approved by esben-semmle
 2018-10-16 06:48:43 +01:00
Max Schaefer
6835815673 JavaScript: Address review comments. 2018-10-15 20:14:40 +01:00
semmle-qlci
7543fa4a10 Merge pull request #298 from asger-semmle/partial-calls-merged 
Approved by xiemaisi
 2018-10-15 14:58:22 +01:00
Max Schaefer
0cfd04dfa2 JavaScript: Eliminate slow antijoin predicate. 2018-10-12 13:01:01 +01:00
Max Schaefer
080f974663 JavaScript: Refactor AnalyzedPropertyWrite::writes to enable correct modelling of variable exports. 2018-10-12 13:00:52 +01:00
semmle-qlci
16b29b2d08 Merge pull request #299 from asger-semmle/nosql-sinks 
Approved by xiemaisi
 2018-10-12 07:12:05 +01:00
Asger F
da3e960e39 JS: address review comments 2018-10-11 12:45:45 +01:00
Max Schaefer
cd284b2f97 JavaScript: Add support for Google Cloud Spanner. 2018-10-11 09:30:39 +01:00
Asger F
9b10254cd4 JS: support label-specific sanitizer guards 2018-10-10 18:27:14 +01:00
Asger F
5e720486d5 JS: recognize req.query.x as deep object taint 2018-10-10 17:15:56 +01:00
Asger F
d72d7345b8 JS: make NosqlInjection use object taint 2018-10-10 17:05:59 +01:00
Asger F
b70f70f722 JS: Add TaintedObject flow label library 2018-10-10 17:05:59 +01:00
Asger F
396ad336a3 JS: add RemoteFlowSource.isDeepObject() and populate it 2018-10-10 17:05:59 +01:00
Asger F
46b2015065 JS: fix an outdated comment 2018-10-10 17:05:59 +01:00
Asger F
03b479114f JS: preserve document.url label out of .href property 2018-10-10 17:05:59 +01:00