hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-09 15:41:36 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,796 Commits 1,754 Branches 167 Tags
b1f9db914571c36ba0aa550bee58f95949d5f5bf
Commit Graph

1112 Commits

Author SHA1 Message Date
Asger F
b1f9db9145 JS: Make getAFunctionValue follow global access paths 2019-08-30 18:19:19 +01:00
Asger F
8d59df229a JS: Allow calls to externs 2019-08-30 18:19:19 +01:00
Asger F
cfa2ec1084 JS: Remove fake JSONType from es5.js externs 2019-08-30 18:19:19 +01:00
Asger F
e7166c2a1c JS: Workaround for JSON externs 2019-08-30 18:19:19 +01:00
Asger F
221d94961a JS: Resolve simple calls based on qualified name 2019-08-30 18:19:19 +01:00
Asger F
ca71d3117e JS: Use access paths from Closure module 2019-08-30 18:19:19 +01:00
Asger F
8c5b6b256b JS: Remove globalFlowPred() 2019-08-30 18:19:18 +01:00
Asger F
96d9e66ced JS: cache things 2019-08-30 18:19:18 +01:00
Asger F
313579c258 JS: Restrict flow to access paths assigned in a unique file 2019-08-30 18:19:18 +01:00
Asger F
7315a2baee JS: Make type tracking work through access paths 2019-08-30 18:19:18 +01:00
Asger F
2105e0bdee JS: use JSDoc types in class tracking 2019-08-30 18:19:18 +01:00
Asger F
6b05aa129c JS: Use global access paths to recognize .prototype 2019-08-30 18:19:18 +01:00
Asger F
5874c14a9c JS: Avoid materializing JSONValue.getFile() 2019-08-30 16:02:42 +01:00
Asger F
6c0f9be6df JS: Avoid materializing HTML::Element.getFile() 2019-08-30 16:02:42 +01:00
Asger F
33267067e0 JS: Deprecate and remove path resolution for reference comments 2019-08-30 16:02:42 +01:00
Asger F
fa3532ca8c TS: Handle locally defined packages 2019-08-30 16:02:42 +01:00
Asger F
ec81e368da JS: Use type info in Firebase model 2019-08-30 16:02:41 +01:00
Asger F
efa7e1112b JS: Add Node.hasUnderlyingType 2019-08-30 16:02:41 +01:00
Max Schaefer
b6220998d1 JavaScript: Restrict setAttribute sink to potentially dangerous attribute names. 2019-08-30 11:57:29 +01:00
Max Schaefer
78ce290de3 JavaScript: Fix DomMethodCallExpr.interpretsArgumentsAsHTML. 2019-08-28 11:22:03 +01:00
semmle-qlci
fc59dd6819 Merge pull request #1788 from asger-semmle/additional-type-tracking-step 
Approved by xiemaisi
 2019-08-24 11:55:16 +01:00
semmle-qlci
cf24c9ff4a Merge pull request #1804 from asger-semmle/template-literal-tag 
Approved by esben-semmle
 2019-08-23 09:37:38 +01:00
Asger F
45d4b83fc8 TS: Extract type args to tagged template exprs 2019-08-22 18:07:29 +01:00
Asger F
fd7cfedf4b JS: Add AdditionalTypeTrackingStep 2019-08-21 13:44:03 +01:00
Asger F
ad67015720 JS: Address comments 2019-08-19 10:57:26 +01:00
Max Schaefer
d2f4575978 JavaScript: Expand qldoc for {Barrier,Sanitizer}GuardNode. 2019-08-09 14:19:53 +01:00
semmle-qlci
6c3d1d676b Merge pull request #1694 from asger-semmle/concatenation-operand 
Approved by xiemaisi
 2019-08-08 12:41:30 +01:00
semmle-qlci
7482233a02 Merge pull request #1693 from asger-semmle/request-response 
Approved by esben-semmle, xiemaisi
 2019-08-08 12:40:35 +01:00
Asger F
d83f152f39 JS: Address review comments 2019-08-07 10:53:17 +01:00
Asger F
5e87d5c751 JS: Update syntactic heuristics 2019-08-07 10:53:17 +01:00
Asger F
f173e3024a JS: Add getConstantStringParts() and HTML concat node 2019-08-07 10:53:17 +01:00
Asger F
f101944c92 JS: Expand on the StringOps::Concatenation API 2019-08-07 10:53:17 +01:00
Asger F
687534e647 JS: Address review comments 2019-08-07 10:47:08 +01:00
Asger F
41bdd8a7cc JS: Fix qldoc indentation 2019-08-07 10:38:22 +01:00
semmle-qlci
d0a761477b Merge pull request #1704 from xiemaisi/js/fix-export-default-examples 
Approved by asger-semmle
 2019-08-07 09:34:36 +01:00
Asger F
075e47dce2 JS: Add header/headers response type 2019-08-06 15:42:22 +01:00
Asger F
ea4bfda2d1 JS: Add predicate that disappeared during conflict resolution 2019-08-06 15:33:33 +01:00
Asger F
4fb3fd992d JS: Address comments 2019-08-06 15:28:53 +01:00
Asger F
55ab7e6abf JS: Add qldoc 2019-08-06 15:28:53 +01:00
Asger F
64f1260220 JS: Rename getResponseFormat => getResponseType 2019-08-06 15:28:53 +01:00
Asger F
ea507db638 JS: Fix a qldoc comment 2019-08-06 15:28:52 +01:00
Asger F
a697a1b700 JS: Fix indentation of qldoc comment 2019-08-06 15:28:52 +01:00
Asger F
d3e796decc JS: Add caution to XMLHttpRequest class 2019-08-06 15:28:52 +01:00
Asger F
02fba482fa JS: Bugfixes 2019-08-06 15:28:52 +01:00
Asger F
0950b4d0f7 JS: Move ClientRequest classes into a module and publish them 2019-08-06 15:28:49 +01:00
Asger F
55ad3bb65f JS: add ClientRequest.getAResponseDataNode() 2019-08-06 15:28:13 +01:00
semmle-qlci
327d5acdcf Merge pull request #1686 from asger-semmle/lvalue-node 
Approved by xiemaisi
 2019-08-06 14:43:46 +01:00
Max Schaefer
82e15ada5f JavaScript: Fix export default examples. 
Only hoistable (function) declarations and class declarations can be default-exported (https://www.ecma-international.org/ecma-262/10.0/index.html#sec-exports).
 2019-08-06 14:40:53 +01:00
semmle-qlci
5de6da4ee4 Merge pull request #1697 from esben-semmle/js/fix-missing-this-in-method 
Approved by xiemaisi
 2019-08-06 11:38:11 +01:00
Max Schaefer
5026a55c25 JavaScript: Fix a Cartesian product. 2019-08-05 15:42:20 +01:00