hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-17 00:14:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,225 Commits 1,679 Branches 158 Tags
b116a3e8eac052d7a0633e49311d361ff88506ac
Commit Graph

230 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
b31f83a5af JS: fixup expected output 2020-05-21 13:47:16 +02:00
Esben Sparre Andreasen
c400b45cd6 JS: make the Fastify model support isUserControlledObject 2020-05-21 13:42:28 +02:00
Esben Sparre Andreasen
a76c70d2d7 JS: model fastify 2020-05-21 13:42:27 +02:00
Asger Feldthaus
9581bb52cb JS: Update test output 2020-05-18 22:45:59 +01:00
Asger F
96d6115452 Merge branch 'master' into js/sql-type-tracking 2020-05-18 15:58:42 +01:00
Asger Feldthaus
5249e84359 JS: Type track spanner model 2020-05-15 17:27:30 +01:00
Asger Feldthaus
d225715828 JS: Type track mssql model 2020-05-15 17:27:30 +01:00
Asger Feldthaus
6dcee5a0ef JS: Type track sqlite model 2020-05-15 17:27:30 +01:00
Asger Feldthaus
84cd02cf01 JS: Type track pg model 2020-05-15 17:27:27 +01:00
Asger Feldthaus
f7771f17d1 JS: Type track mysql model 2020-05-15 17:27:27 +01:00
Asger Feldthaus
3e9849b7c4 JS: Type track sequelize model 2020-05-15 17:27:24 +01:00
Asger Feldthaus
d84f1b47c2 JS: Refactor RequestInputAccess to use source nodes 2020-05-15 09:59:28 +01:00
Asger Feldthaus
da974f1527 JS: Add test with dynamic access to req.query 2020-05-15 09:59:28 +01:00
Asger Feldthaus
bfbe70a7a9 JS: Fixes 2020-05-15 09:59:27 +01:00
Asger Feldthaus
9cacfab7c6 JS: Recognize Express param value callback as RemoteFlowSource 2020-05-15 09:59:26 +01:00
Erik Krogh Kristensen
efbd74a4a4 remove more spurious jQuery objects by using externs 2020-05-01 18:54:32 +02:00
Erik Krogh Kristensen
87365357ba remove spurious jQuery objects 2020-05-01 15:19:54 +02:00
semmle-qlci
28cfe548d5 Merge pull request #3325 from erik-krogh/MoreEventClasses 
Approved by asgerf
 2020-04-24 09:02:27 +01:00
Jonas Jensen
d98e956c2b Merge pull request #3322 from felicitymay/merge-124-master 
Merge rc/1.24 into master
 2020-04-24 08:48:54 +02:00
Erik Krogh Kristensen
6ada588dd1 add support for util.inherits 2020-04-22 22:55:12 +02:00
Erik Krogh Kristensen
957e4073b0 use getABoundCallbackParameter in SocketIO 2020-04-22 21:56:34 +02:00
Erik Krogh Kristensen
40822e10b4 add SocketIO test case 2020-04-22 21:55:20 +02:00
Felicity Chapman
89bf35cd43 Merge branch 'rc/1.24' into merge-124-master 
Conflicts:
	change-notes/1.24/analysis-javascript.md
    Resolved in favor of the rc/1.24 branch
 2020-04-22 19:01:47 +01:00
Asger Feldthaus
4fc79e38ec JS: Also fix typo in test case 2020-04-20 15:24:51 +01:00
Erik Krogh Kristensen
69a16af152 Merge branch 'master' into Maps 2020-04-15 20:41:22 +02:00
Asger Feldthaus
3515a2b412 JS: Update test output 2020-04-14 10:31:31 +01:00
Erik Krogh Kristensen
957b60f84b split fuzzy read/writes on collections into 2 pseudo-properties 2020-04-01 14:25:41 +02:00
Erik Krogh Kristensen
9fc8ed17cd remove unused import 2020-04-01 11:18:11 +02:00
Erik Krogh Kristensen
a188c6f804 qldoc changes and renaming 2020-04-01 11:12:54 +02:00
Erik Krogh Kristensen
49a8a48a72 autoformat 2020-03-31 20:27:05 +02:00
Erik Krogh Kristensen
546431c83d dataflow and typetracking steps for Maps and Sets 2020-03-31 11:21:34 +02:00
semmle-qlci
5c920eb625 Merge pull request #3120 from asger-semmle/js/prefer-typescript-file 
Approved by esbena
 2020-03-31 09:32:14 +01:00
semmle-qlci
fce04f0bd0 Merge pull request #3127 from erik-krogh/PromiseTrack 
Approved by asgerf
 2020-03-30 11:56:33 +01:00
semmle-qlci
1975a83cdd Merge pull request #3116 from max-schaefer/js/postgres-type-tracking 
Approved by asgerf
 2020-03-27 09:23:52 +00:00
Asger Feldthaus
816968d102 JS: Rename test files to avoid clash 2020-03-26 11:59:57 +00:00
Erik Krogh Kristensen
1cefa12315 update expected output 2020-03-25 23:54:57 +01:00
Erik Krogh Kristensen
00181e059b add tests for type-tracking promises 2020-03-25 23:54:56 +01:00
semmle-qlci
e7fd97e72b Merge pull request #3119 from erik-krogh/SockJS 
Approved by esbena
 2020-03-25 21:36:29 +00:00
Max Schaefer
efbcec09ef JavaScript: Add type tracking to Postgres model. 2020-03-24 17:30:07 +00:00
Erik Krogh Kristensen
5b4f091257 add test for remote flow sources in WebSockets 2020-03-23 23:58:20 +01:00
Erik Krogh Kristensen
6a1491d83d add SockJS to the existing WebSocket model 2020-03-23 23:56:11 +01:00
Erik Krogh Kristensen
9a18dc32c1 autoformat WebSocket tests 2020-03-23 23:49:26 +01:00
Erik Krogh Kristensen
7b7eddff1e remove previous SockJS implementation, and move example to WebSocket test 2020-03-23 23:45:05 +01:00
Erik Krogh Kristensen
f1e0d37273 Update javascript/ql/test/library-tests/frameworks/Concepts/file-access.js 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-03-23 14:02:22 +01:00
Erik Krogh Kristensen
90a324148d add extra sinks to js/tainted-path 2020-03-20 09:07:39 +01:00
semmle-qlci
fa08258c14 Merge pull request #3036 from erik-krogh/CustomTrack 
Approved by asgerf
 2020-03-17 13:44:51 +00:00
Erik Krogh Kristensen
f2548aa3b1 add more models for file related sinks and sources 2020-03-16 11:07:23 +01:00
Erik Krogh Kristensen
d32d14f572 model responseText and responseXml on jqXHR objects 2020-03-11 17:00:44 +01:00
Erik Krogh Kristensen
cb5ef7dbed add basic support for jqXHR with ajax calls 2020-03-11 13:05:41 +01:00
Erik Krogh Kristensen
13e855910e add more ClientRequest models for JQuery 2020-03-10 17:21:22 +01:00