hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,854 Commits 1,671 Branches 157 Tags
c20b688a3fbd0054ada4b3bb13f7316ab7180c24
Commit Graph

79 Commits

Author SHA1 Message Date
semmle-qlci
04c2b23abd Merge pull request #520 from esben-semmle/js/clear-text-logging-taint-kinds 
Approved by asger-semmle
 2018-11-23 12:40:40 +00:00
Esben Sparre Andreasen
b780f82869 JS: sharpen js/clear-text-logging (ODASA-7485) 2018-11-22 13:38:43 +01:00
semmle-qlci
4e72a08b8d Merge pull request #507 from esben-semmle/js/mixed-static-intance-this-access-inheritance 
Approved by xiemaisi
 2018-11-21 16:07:25 +00:00
semmle-qlci
f5d3274655 Merge pull request #508 from esben-semmle/js/indirect-global-call-with-default-arguments 
Approved by xiemaisi
 2018-11-21 16:06:46 +00:00
Esben Sparre Andreasen
caea6212ed JS: use inheritance in js/mixed-static-instance-this-access 2018-11-21 09:48:37 +01:00
Esben Sparre Andreasen
82fc8ae32a JS: support indirection with extra args in js/missing-this-qualifier 2018-11-20 11:29:03 +01:00
Esben Sparre Andreasen
54fea1a4cb JS: support "xyz:nomunge" YUI compressor directives 2018-11-20 09:00:33 +01:00
Max Schaefer
1b59a28be0 JavaScript: Downgrade a few "error" rules to "warning". 
For all of these queries, the results we tend to see in practice are certainly worth investigating, but aren't crashing bugs, so making them warnings seems more appropriate.
 2018-11-19 09:09:26 +00:00
Max Schaefer
db175f5584 JavaScript: Sort change notes alphabetically. 2018-11-19 09:00:38 +00:00
Asger F
0153a4794e JS: add change note 2018-11-16 10:44:52 +00:00
semmle-qlci
0647743333 Merge pull request #467 from xiemaisi/js/amd-imports 
Approved by asger-semmle
 2018-11-16 09:31:50 +00:00
Max Schaefer
19b9b85c22 JavaScript: Add change note. 2018-11-14 12:03:04 +00:00
Max Schaefer
4112af5b3f JavaScript: Add change note. 2018-11-14 09:35:17 +00:00
Max Schaefer
a499009f59 Merge pull request #395 from esben-semmle/js/useless-defensive-code 
JS: add query: js/useless-defensive-code
 2018-11-13 16:55:59 +00:00
Esben Sparre Andreasen
5666deac14 JS: rename js/useless-defensive-code to js/unneeded-defensive-code 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
a636319c97 JS: change notes for js/useless-defensive-code 2018-11-13 08:19:38 +01:00
Esben Sparre Andreasen
37b7b39ec6 JS: change notes for improved js/request-forgery 2018-11-13 08:17:24 +01:00
Esben Sparre Andreasen
577b225429 JS: sort change notes table 2018-11-13 08:17:24 +01:00
Max Schaefer
663bdd60a0 Merge pull request #396 from esben-semmle/js/unconditional-property-override 
JS: add query: js/unconditional-property-override
 2018-11-12 17:10:32 +00:00
semmle-qlci
c9d77a2d6d Merge pull request #443 from xiemaisi/js/improve-stack-trace-exposure 
Approved by asger-semmle
 2018-11-12 08:40:26 +00:00
Max Schaefer
bdfe938d02 JavaScript: Improve StackTraceExposure query. 
It now also flags exposure of the entire exception object (not just the `stack` property).
 2018-11-09 09:42:09 +00:00
Max Schaefer
71bbbb77eb JavaScript: Update 1.19 change notes to remove changes that ended up in 1.18.1. 2018-11-09 09:17:14 +00:00
Esben Sparre Andreasen
e82f5157c6 JS: change note for js/useless-assignment-to-property 2018-11-08 13:23:19 +01:00
Asger F
92f1c9a521 JS: add change note 2018-11-07 11:31:52 +00:00
semmle-qlci
4225e0bb44 Merge pull request #356 from asger-semmle/parameter-node 
Approved by xiemaisi
 2018-11-07 08:31:05 +00:00
semmle-qlci
2457eb98df Merge pull request #166 from asger-semmle/documentable-self-assign 
Approved by esben-semmle, xiemaisi
 2018-11-07 08:30:17 +00:00
semmle-qlci
c20e24d549 Merge pull request #385 from asger-semmle/async-model 
Approved by xiemaisi
 2018-11-07 08:28:37 +00:00
Max Schaefer
212a78b5fc Merge pull request #323 from esben-semmle/js/always-return-type-inference 
JS: additional return type inference
 2018-11-07 08:25:28 +00:00
Esben Sparre Andreasen
e396a55653 JS: change notes for type inference improvements 2018-11-06 16:04:46 +01:00
Asger F
799cd33b88 JS: add change note 2018-11-06 12:13:34 +00:00
Asger F
ad7ecc1df0 JavaScript: added change note 2018-11-05 11:31:32 +00:00
semmle-qlci
08833465a0 Merge pull request #386 from xiemaisi/js/lodash_partial 
Approved by esben-semmle
 2018-11-01 09:44:14 +00:00
semmle-qlci
a22aa3524e Merge pull request #388 from asger-semmle/revert-useless-conditional 
Approved by esben-semmle
 2018-11-01 09:23:19 +00:00
semmle-qlci
f00863fb58 Merge pull request #383 from esben-semmle/js/unused-eval-variable 
Approved by xiemaisi
 2018-10-31 10:42:55 +00:00
Asger F
2c11844c5b Revert "Merge pull request #380 from asger-semmle/generalize-useless-conditional" 
This reverts commit 28f3b686a7, reversing
changes made to dc3c5a684c.
 2018-10-31 10:38:38 +00:00
Max Schaefer
c75d785684 JavaScript: Fix modelling of _.partial. 
Like `Function.prototype.bind` (but unlike `ramda.partial`) it takes the curried arguments as rest arguments, not as an array;
cf. https://lodash.com/docs/4.17.10#partial and https://underscorejs.org/#partial.
 2018-10-31 06:31:59 -04:00
Asger F
0bc30003af JS: add change note 2018-10-31 10:28:31 +00:00
Asger F
1568d5dadd JS: add change note 2018-10-30 14:25:05 +00:00
Esben Sparre Andreasen
eb7add6f15 JS: change note for js/unused-local-variable eval whitelisting 2018-10-30 13:08:24 +01:00
Asger F
7285562c72 JS: add change note 2018-10-26 12:09:10 +01:00
Esben Sparre Andreasen
9c2ca9a7fa JS: make js/unused-local-variable flag import statements 2018-10-18 11:49:45 +02:00
semmle-qlci
1da873e819 Merge pull request #315 from esben-semmle/js/conditional-bypass-early-return 
Approved by xiemaisi
 2018-10-17 08:25:55 +01:00
Esben Sparre Andreasen
870811a509 JS: change note for improved ClientRequests (overdue) 2018-10-16 08:51:32 +02:00
Esben Sparre Andreasen
ffbbb807f4 JS: avoid flagging early returns in js/user-controlled-bypass 2018-10-16 08:39:59 +02:00
semmle-qlci
1e7696664e Merge pull request #302 from xiemaisi/js/google-spanner 
Approved by esben-semmle
 2018-10-16 06:48:43 +01:00
Max Schaefer
cd284b2f97 JavaScript: Add support for Google Cloud Spanner. 2018-10-11 09:30:39 +01:00
Esben Sparre Andreasen
358b6c3413 JS: change "remote request" to "network request" 2018-10-10 15:34:39 +02:00
Esben Sparre Andreasen
e93545d16e JS: address more review comments 2018-10-10 15:28:42 +02:00
Esben Sparre Andreasen
6b8fd49fba JS: add change notes for two new queries 2018-10-10 12:17:46 +02:00
Asger F
9fb73f41c9 JS: rename ReactComponent::getAThisAccess -> getAThisNode 2018-10-09 08:54:44 +01:00