hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-28 02:08:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
376 Commits 1,723 Branches 164 Tags
aaf1ac770db100aa50ad32cfaa4f2e4b9ec2d370
Commit Graph

376 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Esben Sparre Andreasen
aaf1ac770d JS: reduce declared precision of js/request-forgery 2018-09-09 21:30:43 +02:00
Esben Sparre Andreasen
f63a3b3f39 JS: add missing abstract modifier 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
6e1846b1ca JS: address doc review comments 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
89887e7dc8 JS: address review comments 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
2306afdebf JS: use extensible architecture for Electron- and NodeClientRequest 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
2dd8e95a51 JS: remove unused getOptions method 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
d578c7422d JS: docstring cleanup 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
0da14fccbd JS: renaming UrlRequests.qll -> ClientRequests.qll 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
6d78350fee JS: s/URLRequest/ClientRequest, merge with NodeJSLib::ClientRequest 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
cb2a6ede59 JS: support http.request URL requests 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
0a89f1a420 JS: eliminate DefaultUrlRequest: extract the got library 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
de6b83548a JS: refactor DefaultUrlRequest: extract the got library 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
1abdf2ffd5 JS: refactor DefaultUrlRequest: extract the http library 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
5f26c23582 JS: refactor DefaultUrlRequest: extract the fetch API 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
b3b997ca91 JS: refactor DefaultUrlRequest: extract the axios library 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
d7a81ef8ef JS: refactor DefaultUrlRequest: extract the request library 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
80b81b07c5 JS: refactor DefaultUrlRequest: extract names 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
68b7a8b57e JS: change notes for UrlRequest libraries and js/request-forgery 2018-09-04 09:26:45 +02:00
Esben Sparre Andreasen
f5a6af54e6 JS: add security query: js/request-forgery 2018-09-04 09:25:42 +02:00
Esben Sparre Andreasen
2104cf55e3 JS: add models of URL requests 2018-09-04 09:25:42 +02:00
calumgrant
af3f855491 Merge pull request #94 from hvitved/csharp/cfg/minor-fixes 
C#: Minor CFG improvements
 2018-09-03 17:41:18 +01:00
semmle-qlci
4dec7c5036 Merge pull request #127 from xiemaisi/js/incomplete-sanitisation-doc-improvement 
Approved by esben-semmle
 2018-09-03 16:25:44 +01:00
Nick Rolfe
5d5febf4d4 Merge pull request #137 from jbj/getEnclosingElement-changenote 
C++: Change note for getEnclosingElement macro changes
 2018-09-03 10:44:30 +01:00
Jonas Jensen
2fd73f2171 C++: getEnclosingElement-without-macros changenote 2018-09-03 11:29:03 +02:00
Jonas Jensen
b34dbfa68b C++: Correct change note formatting 
In Markdown, nested bullet lists are formatted with indented asterisks
rather than double asterisks.
 2018-09-03 11:29:02 +02:00
Jonas Jensen
18dc1d0af0 Merge pull request #129 from Semmle/changenote-desig-init 
cherry-pick onto rc/1.18: C++: change note for designated intializer fixes
 2018-09-03 11:28:20 +02:00
Max Schaefer
759d98661c Merge pull request #117 from esben-semmle/js/push-sort-taint-steps 
JS: support `push` and `sort` taint steps for arrays
 2018-09-03 09:20:35 +01:00
Max Schaefer
58e384558c JavaScript: Improve query name and help for js/incomplete-sanitization. 
The query applies more generally to all kinds of string escaping and encoding, not just sanitization.
 2018-09-03 08:20:01 +01:00
Max Schaefer
20bff709b1 Merge pull request #136 from esben-semmle/js/composed-function-taint 
JS: model composed functions (RC)
 2018-09-03 08:18:20 +01:00
Max Schaefer
7e3adec789 Merge pull request #135 from esben-semmle/js/pick-get-taint-steps 
JS: model property projection calls (RC)
 2018-09-03 08:17:42 +01:00
Nick Rolfe
f6e5be0af8 cherry-pick 35d31aee onto 1.18 branch 
This changenote was committed after the `rc/1.18 branch` was taken.
 2018-08-31 18:09:39 +01:00
Nick Rolfe
0589be1b8a C++: add qldoc comments for aggregate_{field,array}_init 2018-08-30 22:42:31 +01:00
Nick Rolfe
2130622028 C++: use underlyingElement & unresolveElement for get{Element,Field}Expr 2018-08-30 22:42:31 +01:00
Nick Rolfe
d8d3bfd857 C++: expand aggregate literals test to cover ordering of child exprs 2018-08-30 22:42:30 +01:00
Nick Rolfe
7556f22ff1 C++: stats for aggregate_{field,array}_init 2018-08-30 22:42:30 +01:00
Nick Rolfe
23c648904f C++: properly formatted comments for builtin type kinds 2018-08-30 22:42:30 +01:00
Nick Rolfe
afa7505cae C++: expand test for aggregate literals to include more nesting 2018-08-30 22:42:30 +01:00
Nick Rolfe
4abdeda857 C++: update test output to match corrected extractor behaviour 2018-08-30 22:42:30 +01:00
Nick Rolfe
d068d71ccb C++: dbscheme/library changes to support C99 designated initializers 2018-08-30 22:42:30 +01:00
Pavel Avgustinov
d9bc07cb91 Merge branch 'java-migration'. 2018-08-30 18:49:04 +01:00
Max Schaefer
fabd6c0864 Merge pull request #119 from esben-semmle/js/fix-change-note-libs 
JS: use https- and repo-links in change notes
 2018-08-30 14:23:34 +01:00
Esben Sparre Andreasen
b7fd1e7a74 JS: use https- and repo-links in change notes 2018-08-30 14:54:15 +02:00
Pavel Avgustinov
846c9d5860 Migrate Java code to separate QL repo. 2018-08-30 10:48:05 +01:00
Esben Sparre Andreasen
6ee8f71d09 JS: add change notes for property projection libraries 2018-08-30 09:39:02 +02:00
Esben Sparre Andreasen
90b3902244 JS: add a taint step for property projection 2018-08-30 09:39:02 +02:00
Esben Sparre Andreasen
df97132519 JS: add model for property projection 2018-08-30 09:39:02 +02:00
Esben Sparre Andreasen
c1e6280a0e JS: generalize change notes for improved array operation taint steps 2018-08-30 09:18:48 +02:00
Esben Sparre Andreasen
86ab9adb06 JS: support push and sort taint steps for arrays 2018-08-30 09:14:06 +02:00
Esben Sparre Andreasen
dc72788746 JS: add a model of some function composition libraries 2018-08-30 08:17:01 +02:00
Kevin Backhouse
6c5009225c Merge pull request #111 from olehermanse/gmtime 
Fixed error in gmtime example
 2018-08-29 15:55:52 -04:00