hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,636 Commits 1,672 Branches 157 Tags
c0af3780c48d66cd71b29dd91756932ae684bafa
Commit Graph

2733 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
c0af3780c4 adjust the ReceiveNode docstrings 2020-01-24 10:06:28 +01:00
Erik Krogh Kristensen
2044b4bc82 changes based on review 2020-01-23 20:29:06 +01:00
Erik Krogh Kristensen
b526a2ea0f implement a model of WebSocket and ws based on the EventEmitter model 2020-01-22 14:46:53 +01:00
semmle-qlci
007b0795ec Merge pull request #2636 from erik-krogh/NewSocketIO 
Approved by esbena
 2020-01-22 13:46:11 +00:00
Erik Krogh Kristensen
86477a2249 changes based on review 2020-01-21 16:45:53 +01:00
Erik Krogh Kristensen
569ee8fc8d add support for subclasses of EventEmitter 2020-01-21 12:08:50 +01:00
Erik Krogh Kristensen
026092559c changes based on review 2020-01-20 15:53:58 +01:00
semmle-qlci
4efc418e2c Merge pull request #2617 from asger-semmle/prototype-pollution-utility 
Approved by esbena, mchammer01
 2020-01-16 13:02:07 +00:00
Erik Krogh Kristensen
4e880e2f96 implement SocketIO on top of the EventEmitter model 2020-01-16 11:02:36 +01:00
Asger F
7a1d068f1c Update javascript/ql/src/Security/CWE-400/PrototypePollutionUtility.qhelp 
Co-Authored-By: mc <42146119+mchammer01@users.noreply.github.com>
 2020-01-16 09:47:18 +00:00
semmle-qlci
8128d23b6e Merge pull request #2505 from erik-krogh/EventEmitter 
Approved by esbena, max-schaefer
 2020-01-16 08:47:38 +00:00
Asger Feldthaus
6d9306366c JS: ignore useless-expr in first stmt in try block 2020-01-15 11:49:23 +00:00
semmle-qlci
3c4749be88 Merge pull request #2624 from asger-semmle/js-duplicate-alert-strict-mode 
Approved by max-schaefer
 2020-01-14 11:59:45 +00:00
Asger Feldthaus
2245882441 JS: Add change note and fix cwe tags 2020-01-14 10:53:40 +00:00
Asger Feldthaus
d76859b7df JS: Address review comments 2020-01-14 10:53:00 +00:00
Asger F
2c05ee8ab8 JS: Add regression test 2020-01-14 10:53:00 +00:00
Asger F
9bd3c4a11c JS: Add sanitizer for "in" exprs 2020-01-14 10:53:00 +00:00
Asger Feldthaus
7ac30e2289 JS: Add test for rephinement nodes 2020-01-14 10:53:00 +00:00
Asger F
a447645c10 JS: Add test with typeof on value 2020-01-14 10:52:59 +00:00
Asger F
bd9405ab84 JS: Guard against more FPs 2020-01-14 10:52:59 +00:00
Asger F
738123d3f5 JS: More sanitizers 2020-01-14 10:52:59 +00:00
Asger F
f7543aec95 JS: Support Reflect.ownKeys 2020-01-14 10:52:59 +00:00
Asger F
8af233307a JS: Support enumeration through Object.entries 2020-01-14 10:52:59 +00:00
Asger F
ac2f0a8e11 JS: Do not require flow from key -> rhs 2020-01-14 10:52:59 +00:00
Asger F
96bf9db200 JS: Add another test and more barriers 2020-01-14 10:52:59 +00:00
Asger F
bc7871078a JS: Fix FPs from Object.create(null) 2020-01-14 10:52:59 +00:00
Asger F
c889420dd3 JS: Add qhelp samples to test suite 2020-01-14 10:52:59 +00:00
Asger F
654f145772 JS: Add PrototypePollutionUtility query 2020-01-14 10:52:59 +00:00
Asger F
52cec25035 JS: Build access paths for array accesses 2020-01-14 10:52:59 +00:00
Asger Feldthaus
73e60a7400 JS: Ignore strict-mode-call-stack-introspection for expr stmts 2020-01-13 16:03:03 +00:00
Erik Krogh Kristensen
1619a98bc8 make the default registration/dispatch extend DataFlow::InvokeNode 2020-01-10 17:40:16 +01:00
Erik Krogh Kristensen
87bbbd643c changes based on review feedback 2020-01-09 16:18:32 +01:00
Erik Krogh Kristensen
af8b36b750 Merge remote-tracking branch 'upstream/master' into EventEmitter 2020-01-09 15:09:43 +01:00
semmle-qlci
f1f69ef85d Merge pull request #2589 from esbena/js/ignore-duplicate-params-for-empty-functions 
Approved by erik-krogh
 2020-01-09 11:58:04 +00:00
Max Schaefer
308da0774d Merge pull request #2525 from asger-semmle/promise-missing-await 
JS: New query: missing await
 2020-01-08 15:29:45 +00:00
Max Schaefer
de15ecf47b Merge pull request #2593 from asger-semmle/regexp-always-matches 
JS: Add RegExpAlwaysMatches query
 2020-01-08 15:21:39 +00:00
Asger Feldthaus
775e63d9c0 JS: Fix qhelp validation error 2020-01-08 10:38:10 +00:00
Asger F
ef79023e52 Update javascript/ql/src/Expressions/MissingAwait.qhelp 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-01-08 10:23:30 +00:00
semmle-qlci
0e16969e15 Merge pull request #2591 from max-schaefer/js/fix-16 
Approved by asgerf
 2020-01-07 10:36:19 +00:00
Asger Feldthaus
d55d5cc4ed JS: Address comments from doc review 2020-01-07 10:27:46 +00:00
Asger Feldthaus
66a16d21a9 JS: Fix buggy test cases 2020-01-07 10:19:09 +00:00
Asger Feldthaus
2d534163d0 JS: Add test for empty regex 2020-01-07 10:10:29 +00:00
Asger Feldthaus
9f6e04887b JS: Fix FP from word boundaries 2020-01-07 10:09:17 +00:00
Asger F
b604be5cfb Apply suggestions from code review 
Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-01-06 14:44:02 +00:00
Asger Feldthaus
4c25d84b6e JS: Fix and expand test cases 2020-01-06 14:43:29 +00:00
Max Schaefer
9160fbf106 Merge pull request #2435 from asger-semmle/phi-edge-barrier-guards 
JS: Phi edge barrier guards
 2020-01-06 14:14:18 +00:00
semmle-qlci
f48e4bc2a0 Merge pull request #2580 from asger-semmle/typescript-unbounded-recursion 
Approved by max-schaefer
 2020-01-06 14:00:55 +00:00
semmle-qlci
0c0073fb02 Merge pull request #2582 from asger-semmle/spurious-css-import 
Approved by max-schaefer
 2020-01-06 14:00:08 +00:00
semmle-qlci
7e9b5b1036 Merge pull request #2590 from asger-semmle/ts-install-deps-unverbose 
Approved by max-schaefer
 2020-01-06 13:57:43 +00:00
Asger F
9928762769 JS: Add RegExpAlwaysMatches query 2020-01-06 13:48:02 +00:00