hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,981 Commits 1,671 Branches 157 Tags
bf4a324a8658cfc59463b9a26fdcffd6d8aed8ab
Commit Graph

44 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
bf4a324a86 JS: add query js/indirect-command-line-injection 2019-07-31 09:24:25 +02:00
Esben Sparre Andreasen
0fa73b8331 JS: add query js/regex/missing-regexp-anchor 2019-06-03 08:29:52 +02:00
Max Schaefer
74688bb600 Merge pull request #1341 from esben-semmle/js/sync-suites 
JS: Add queries to the manual suite for LGTM constistency
 2019-05-31 08:18:08 +01:00
Esben Sparre Andreasen
189ac6c2bd JS: add js/prototype-pollution to the security suite 2019-05-27 22:32:32 +02:00
Esben Sparre Andreasen
c651e3a155 JS: Add queries to the manual suite for LGTM constistency 2019-05-20 12:32:11 +02:00
Max Schaefer
83e0f3bc8d Merge pull request #946 from esben-semmle/js/captured-nodes-query-and-type-inference-1 
JS: Captured Nodes, type inference + a query
 2019-03-01 10:48:52 +00:00
Jason Reed
86bbb5fb18 JS: Add ZipSlip query to security suite 2019-02-28 15:46:34 -05:00
Esben Sparre Andreasen
91dccc3356 JS: add query js/unused-property 2019-02-21 21:44:28 +01:00
Esben Sparre Andreasen
235625d03a Merge branch 'master' into js/vue-support-1 2019-02-06 16:57:16 +01:00
Esben Sparre Andreasen
a78dd422b6 JS: add query js/vue/arrow-method-on-vue-instance 2019-02-06 09:38:00 +01:00
Max Schaefer
aeb8cc62b2 JavaScript: Reclassify PostMessageStar as CWE-201. 2019-01-31 08:08:52 +00:00
Max Schaefer
769e407c24 JavaScript: Add new query PostMessageStar. 2019-01-30 10:26:43 +00:00
Max Schaefer
94242b3b94 JavaScript: Exclude step summary query from flow-summaries suite. 
In its current form, this query produces way too many results.
 2019-01-09 09:09:58 +00:00
Max Schaefer
f4fed3657d JavaScript: Add flow summary extraction queries. 2019-01-09 09:09:58 +00:00
Max Schaefer
b4f400fb23 Merge remote-tracking branch 'upstream/next' into qlucie/master 2019-01-04 10:35:57 +00:00
semmle-qlci
8174fb51ae Merge pull request #705 from asger-semmle/loop-index-concurrent-modification 
Approved by mc-semmle, xiemaisi
 2019-01-03 17:06:12 +00:00
Asger F
bc59e65222 JS: update suite file 2019-01-02 11:42:47 +00:00
Asger F
d595f20cb1 JS: add to correctness-more suite 2018-12-17 15:29:10 +00:00
Jonas Jensen
5ac5aa0c2a Merge remote-tracking branch 'upstream/master' into mergeback-20181217 2018-12-17 13:42:45 +01:00
Aditya Sharad
f92456fcad Merge master into next. 
Conflict in `cpp/ql/test/library-tests/sideEffects/functions/sideEffects.expected`,
resolved by accepting test output (combining changes).
 2018-12-12 17:26:18 +00:00
Esben Sparre Andreasen
ab519d4abf JS: rename query 
"Incomplete URL regular expression" -> "Incomplete regular expression for hostnames".
 2018-12-10 22:22:54 +01:00
Esben Sparre Andreasen
52ca696ff4 JS: add query js/incomplete-url-regexp 2018-12-10 22:20:29 +01:00
Esben Sparre Andreasen
229eea00dc JS: add query js/incomplete-url-substring-sanitization 2018-12-06 15:53:20 +01:00
Asger F
0462eb4b50 JS: add IncorrectSuffixCheck query 2018-12-03 11:23:02 +00:00
Max Schaefer
52b8a6bb56 Merge branch 'master' into js/invalid-entity-transcoding 2018-11-30 16:49:20 +00:00
Max Schaefer
10166be535 JavaScript: Add new query DoubleEscaping. 2018-11-30 09:39:00 +00:00
Asger F
f85e30aa6c Merge pull request #571 from xiemaisi/js/numeric-constant-interpreted-as-code 
JavaScript: Add new query `HardcodedDataInterpretedAsCode`.
 2018-11-29 17:07:48 +00:00
Asger F
6d7ac885ec JS: add to correctness-more suite 2018-11-29 11:22:14 +00:00
Max Schaefer
5f16406ad7 JavaScript: Add new query HardcodedDataInterpretedAsCode. 2018-11-29 09:52:31 +00:00
Max Schaefer
2889e07eb8 JavaScript: Add new query UnvalidatedDynamicMethodCall. 2018-11-28 08:16:31 +00:00
Asger F
4ae2493798 JS: rename query to Unsafe Dynamic Method Access 2018-11-21 12:34:18 +00:00
Asger F
a2e5003c09 JS: add to security suite 2018-11-20 15:57:18 +00:00
Esben Sparre Andreasen
7585e61af6 JS: rename query file in suite 2018-11-14 12:55:53 +01:00
Esben Sparre Andreasen
b073fcfca2 JS: add query: js/useless-defensive-code 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
33a297c829 JS: add query: js/useless-assignment-to-property 2018-11-08 13:23:19 +01:00
Max Schaefer
768368498f JavaScript: Introduce new query UnclearOperatorPrecedence. 2018-10-02 08:46:51 +01:00
Asger F
433db7a3e6 JS: add to security suite 2018-09-27 10:20:35 +01:00
Max Schaefer
1ab11109f9 JavaScript: Add new query flagging identity replacements. 2018-09-25 11:27:11 +01:00
Esben Sparre Andreasen
2cedc81774 JS: polish js/enabling-electron-renderer-node-integration meta info 2018-09-19 13:45:42 +02:00
Esben Sparre Andreasen
33f98dd1a7 JS: add query: js/stored-xss 2018-09-14 15:30:44 +02:00
Esben Sparre Andreasen
f5a6af54e6 JS: add security query: js/request-forgery 2018-09-04 09:25:42 +02:00
Esben Sparre Andreasen
0c4fb15651 JS: add query js/cleartext-logging 2018-08-20 08:34:16 +02:00
Max Schaefer
33741045f6 JavaScrip: Move deprecated HTMLComments query to compatibility suite. 2018-08-06 09:17:11 +01:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00