hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 13:11:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,147 Commits 1,689 Branches 160 Tags
ca52fe59e87fbf837593eb31d33e11bfeb09af1c
Commit Graph

2364 Commits

Author SHA1 Message Date
Asger F
ca52fe59e8 Merge pull request #20918 from asgerf/js/response-default-content-type 
JS: Handle default 'content-type' header in Response() objects
 2026-01-13 10:34:40 +01:00
Asger F
635f008bb2 Merge branch 'main' into js/use-cache-directives 2026-01-05 10:59:50 +01:00
Asger F
806fcb2a15 Merge branch 'main' into knewbury01/add-react-useref-step 2025-12-18 12:10:10 +01:00
Óscar San José
d972af9ef8 Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main 2025-12-12 13:22:08 +01:00
tesseractjh
789ea8b247 Allow arbitrary suffixes for use cache directives 2025-12-09 08:59:16 +01:00
tesseractjh
2e840dcd5f Add use cache directives 2025-12-09 08:59:16 +01:00
Asger F
4d1200fd13 Revert changes in synced files 2025-12-08 13:26:19 +01:00
Asger F
294089fe35 JS: Use question-mark variant in all overlay annotations 2025-12-08 13:13:09 +01:00
Anders Schack-Mulligen
78e1879c9e Use more flowTo. 2025-12-03 14:12:08 +01:00
Asger F
b8cff77cab Merge pull request #20873 from github/shared-xml-discard 
Share XML discard predicates
 2025-12-01 10:06:02 +01:00
Asger F
6257bed089 Sync OverlayXml.qll 2025-11-28 09:23:49 +01:00
Asger F
0896be0df6 Merge pull request #20844 from Eliav2/20823-globalVarRef-document-defaultView 
javascript: Add support for `document.defaultView` in global variable references
 2025-11-27 11:50:23 +01:00
Asger F
d8027fb6d6 Merge pull request #20885 from asgerf/js/local-module-exports 
JS: Split module exports into a local and global variant
 2025-11-27 10:05:22 +01:00
Eliav2
69ba764e9d Merge branch 'main' into 20823-globalVarRef-document-defaultView 2025-11-26 23:26:26 +02:00
Asger F
cc7bf4e880 JS: Handle default 'content-type' header in Response() objects 2025-11-26 13:49:48 +01:00
Asger F
dbf14c190a Factor XML discard predicates into OverlayXml.qll 2025-11-26 11:48:32 +01:00
Asger F
b33af5b377 JS: Fix typo 2025-11-26 11:40:41 +01:00
Asger F
e95b3590f0 JS: Fix project layout detection for Next.js apps 
Some parts of the code did not handle case where 'pages' was located at 'app/pages'.
 2025-11-25 15:54:45 +01:00
Asger F
51e1bda608 JS: Move isTypeOnly() check into a direct check, instead of an override 2025-11-21 13:10:32 +01:00
Asger F
9c4f85f15b JS: Split getSourceNode into getDirectSourceNode and getReExportedSourceNode 2025-11-21 12:42:30 +01:00
Asger F
94566e5e1e JS: Remove unnecessary override in OriginalExportDeclaration 2025-11-21 12:42:10 +01:00
Asger F
3a393ecd54 Fixup! qldoc for reExportsAs 2025-11-21 12:41:34 +01:00
Asger F
78c8ab11f2 JS: Split exportsAs into exportsDirectlyAs and reExportsAs 2025-11-21 12:31:34 +01:00
Asger F
74d725ef21 JS: Remove unnecessary override in OriginalExportDeclaration 2025-11-21 12:31:09 +01:00
Asger F
ce9986c449 JS: Change signature of isShadowedFromBulkExport 2025-11-21 12:30:31 +01:00
Eliav2
6df789d114 Merge branch 'main' into 20823-globalVarRef-document-defaultView 2025-11-20 15:18:15 +02:00
Asger F
efa438a352 JS: Move identityFunctionStep back into CachedSteps module 2025-11-19 13:47:30 +01:00
Asger F
8fef60464e JS: Remove out-commented code 2025-11-19 13:46:10 +01:00
Asger F
a0965f33e3 JS: Also discard JSON, YAML, and XML 2025-11-18 13:29:00 +01:00
Asger F
4b57b4418f JS: Factor out some code 2025-11-17 10:48:15 +01:00
Asger F
a405b7b3e0 JS: Add discard predicates for locations 2025-11-17 10:47:37 +01:00
eliav
8047450668 javascript: Update property access for `document.defaultView as getAPropertyRead 
Changed the method for accessing `defaultView` from `getAPropertyReference` to `getAPropertyRead` to improve accuracy in data flow analysis for global variable references.
 2025-11-17 01:05:58 +02:00
eliav
30cc91421d javascript: Add support for document.defaultView in global variable references 
Updated the data flow analysis to include `document.defaultView` as a source node for global variable references. Added a new test file `tst4.js` and updated existing tests to verify the inclusion of `defaultView` and its properties in the expected results.
 2025-11-17 00:52:06 +02:00
Kristen Newbury
7b8a3d044e Update javascript/ql/lib/semmle/javascript/frameworks/React.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-13 15:38:41 +01:00
Kristen Newbury
ee60f8e6c6 Update javascript/ql/lib/semmle/javascript/frameworks/React.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-11-13 15:38:41 +01:00
Kristen Newbury
7f8ccb7d46 Simplify addition 2025-11-13 15:38:41 +01:00
Kristen Newbury
dd6db16550 Add DomValueSource for react useRef output (object's prop named current) 2025-11-13 15:38:41 +01:00
Kristen Newbury
9534188f1f Add react precallgraphstep useRef 2025-11-13 15:38:41 +01:00
Asger F
c7341f295d JS: Fix bad join in BarrierGuards.qll 2025-11-13 09:46:27 +01:00
Asger F
578355ac27 JS: Fix bad join in CallGraphs.qll 2025-11-13 09:46:25 +01:00
Asger F
46b1387846 JS: Make isAssignedInUniqueFile global, as it should be 2025-11-13 09:46:20 +01:00
Asger F
6498cd1b07 JS: Remove obsolete overlay[global] annotations 2025-11-13 09:46:18 +01:00
Asger F
0594f84dfc JS: Improve join orders related to getABooleanValue() 2025-11-13 09:46:16 +01:00
Asger F
4645f327a5 JS: Avoid more bad joins due to locality 2025-11-13 09:46:14 +01:00
Asger F
269489e817 JS: Avoid bad join in shared predicate induced by 'forex'. 
Use manual recursion instead.
 2025-11-13 09:46:12 +01:00
Asger F
e72232fd1d JS: Add more overlay[caller?] annotations 2025-11-13 09:46:06 +01:00
Asger F
66febb263d JS: Add some overlay[caller] and a pragma[nomagic] annotations 2025-11-13 09:46:05 +01:00
Asger F
c09563f775 JS: Make more general-purpose data flow things local 2025-11-13 09:46:01 +01:00
Asger F
b1418e1d70 JS: Add overlay[local?] to new summaries after rebasing 2025-11-13 09:46:00 +01:00
Asger F
2b338fc1d9 JS: Fix getRawEnclosingStmt call 2025-11-13 09:45:58 +01:00