hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-14 17:31:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,951 Commits 1,785 Branches 169 Tags
d7b69fcfeab214a83aec22e812ba76700c282be3
Commit Graph

3090 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
d7b69fcfea autoformat 2020-03-17 09:52:08 +01:00
Erik Krogh Kristensen
7145a57db3 refactor StepSummary into an internal .qll 2020-03-16 17:52:04 +01:00
Erik Krogh Kristensen
cd6fe8115d Update javascript/ql/src/semmle/javascript/Promises.qll 
Co-Authored-By: Asger F <asgerf@github.com>
 2020-03-16 16:27:50 +01:00
Erik Krogh Kristensen
4f39c28741 Merge branch 'master' of git.semmle.com:Semmle/ql into CustomTrack 2020-03-14 14:37:52 +01:00
semmle-qlci
20cae302fd Merge pull request #3054 from erik-krogh/NoDeferred 
Approved by asgerf
 2020-03-14 13:36:16 +00:00
Esben Sparre Andreasen
4d6aa20990 Merge pull request #3004 from esbena/js/additional-mongodb-and-mongoose-injection-sinks 
JS: Mongoose and MongoDB improvements
 2020-03-14 12:31:43 +01:00
semmle-qlci
25b9fcfafd Merge pull request #3058 from asger-semmle/js/may-receive-argument-fix 
Approved by max-schaefer
 2020-03-13 11:49:49 +00:00
Erik Krogh Kristensen
799c3eb06c remove model of Deferred 2020-03-12 16:38:20 +01:00
Erik Krogh Kristensen
59d2d6d4fd autoformat 2020-03-12 14:48:16 +01:00
Asger Feldthaus
4391b70b5f JS: Fix perf issue in mayReceiveArgument 2020-03-12 13:45:34 +00:00
semmle-qlci
4355f8d2b4 Merge pull request #3023 from erik-krogh/RedundantUpdate 
Approved by esbena
 2020-03-12 09:34:53 +00:00
Pavel Avgustinov
ecded4c11c Merge pull request #3048 from jbj/desemmlify 
Docs: Remove some Semmle references
 2020-03-12 09:27:36 +00:00
Jonas Jensen
86ad4d0357 Docs: Remove some Semmle references 
The only Semmle references now left in the public Markdown files are in
URLs and in legal text. There are also two Semmle references left in
`docs/language/vale-styles/README.md` because I didn't understand them
well enough to change them.
 2020-03-11 15:20:15 +01:00
Erik Krogh Kristensen
e88dac3dea remove FP for js/redundant-operation 2020-03-11 14:42:32 +01:00
semmle-qlci
1d5fba85f9 Merge pull request #3034 from esbena/js/sharpen-useless-regexp-character-escape 
Approved by asgerf
 2020-03-11 12:29:45 +00:00
Erik Krogh Kristensen
7f147221f5 refactor to include promise tracking as a core part of type tracking 2020-03-11 10:44:11 +01:00
semmle-qlci
e3fed39f88 Merge pull request #3000 from asger-semmle/js/late-barrier-guards 
Approved by erik-krogh
 2020-03-10 15:38:35 +00:00
semmle-qlci
570f095ae3 Merge pull request #2998 from asger-semmle/js/typescript-memory 
Approved by erik-krogh
 2020-03-10 12:24:52 +00:00
Esben Sparre Andreasen
5c8800a1c7 JS: make autoformatter happy 2020-03-10 13:11:31 +01:00
Erik Krogh Kristensen
066568ea60 add promise tracking to Files.qll 2020-03-10 12:36:42 +01:00
Erik Krogh Kristensen
a24bc564a4 add extra tests for file-name with promises 2020-03-10 12:35:34 +01:00
Erik Krogh Kristensen
97f2760583 refactor Files.qll to use type-tracking (without tracking anything) 2020-03-10 12:34:20 +01:00
Erik Krogh Kristensen
6110f85748 refactor chrome-remote-interface to use type-tracking promise steps 2020-03-10 12:27:21 +01:00
Esben Sparre Andreasen
5b1b945c35 JS: distinguishes escapes in strings and regular expression literals 2020-03-10 12:26:20 +01:00
Erik Krogh Kristensen
3ddfd7ba73 add extra promise test for chrome-remote-interface 2020-03-10 12:24:16 +01:00
Erik Krogh Kristensen
69d8cf643d add type tracking predicates for promises 2020-03-10 12:23:23 +01:00
Esben Sparre Andreasen
3bfda6cd38 JS: refactoring: make separate modules for mongoose Model and Query 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
480be06d86 JS: replace Model class with opaque type tracking predicate 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
dbeb216af0 JS: make use of TypeScript types for mongoose Model and Query 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
0c46e4d1af JS: fixup typetracking usage: t2 -> t2.continue() 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
aae92ad795 JS: add test for DatabaseAccess 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
6b9bd8bd97 JS: adjust tests slightly to also support DatabaseAccess testing 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
7a2faa0b6b JS: add additional mongoose and mongodb js/nosql-injection sinks 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
b6c616efd3 JS: support optional options argument to MongoClient.connect 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
f24f03e1f8 JS: add mongodb .connect tests 2020-03-10 09:57:45 +01:00
Esben Sparre Andreasen
21e6e69f22 JS: support mongodb v3 (minimally) 
https://github.com/github/codeql-javascript-team/issues/79
 2020-03-10 09:57:45 +01:00
Max Schaefer
3c785ecaa7 JavaScript: Move flow summaries to experimental. 
Also update description and change note to call out their experimental character more clearly.
 2020-03-09 12:57:20 +00:00
Asger Feldthaus
6c1f98a5ae JS: Update vague variable name 2020-03-09 11:58:38 +00:00
Asger Feldthaus
a1d479e975 JS: Declassify sensitive exprs with special characters 2020-03-07 15:15:13 +00:00
Asger Feldthaus
759631ae56 JS: Raise default memory limit to 2.4G 2020-03-07 15:13:53 +00:00
Asger Feldthaus
c55dcf88d5 JS: Improve error reporting 2020-03-07 15:13:52 +00:00
Asger Feldthaus
549d4e9b57 JS: Do not restart in the middle of a message 2020-03-07 15:13:52 +00:00
Asger Feldthaus
e1657b237b JS: Extract compiler-restarting into a function 2020-03-07 15:13:52 +00:00
Asger Feldthaus
2ef21ea4b8 JS: Only evaluate relevant barrier guards 2020-03-07 15:13:20 +00:00
Asger Feldthaus
fd1a14d3bd JS: Add qldoc to a private predicate 2020-03-07 15:13:20 +00:00
Asger Feldthaus
eed4204e04 JS: Lift some internal members to private top-level 2020-03-07 15:13:20 +00:00
semmle-qlci
7891f8621e Merge pull request #2982 from esbena/js/request-model-with-chaining 
Approved by asgerf
 2020-03-06 08:57:42 +00:00
Asger Feldthaus
2c8eae22d1 JS: Autoformat 2020-03-05 16:58:49 +00:00
semmle-qlci
0d76c71ed7 Merge pull request #2981 from asger-semmle/js/lower-syntax-error-severity 
Approved by max-schaefer
 2020-03-05 09:47:56 +00:00
semmle-qlci
98cee5cc1d Merge pull request #2967 from asger-semmle/js/flow-through-prop 
Approved by esbena
 2020-03-05 09:46:35 +00:00