hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,189 Commits 1,672 Branches 157 Tags
ebd38eaf3bd0d5f4cb15bf4724fb2bb90ad1f8a6
Commit Graph

5733 Commits

Author SHA1 Message Date
CodeQL CI
a43bb1fb6d Merge pull request #5499 from asgerf/js/non-recursive-sourcenode 
Approved by erik-krogh
 2021-03-23 14:52:10 +00:00
Asger Feldthaus
6c8b4a82c1 JS: Autoformat 2021-03-23 11:55:37 +00:00
Asger Feldthaus
6b19e69d30 JS: Fix some join orders 2021-03-22 16:17:19 +00:00
Asger Feldthaus
42e6c7eb2e JS: Remove field from InvokeNode 2021-03-22 15:19:31 +00:00
Asger Feldthaus
c03e9d6c75 JS: Address review comments 2021-03-22 15:19:31 +00:00
Asger Feldthaus
5bfdca895b JS: Remove recursive def of SourceNode::Range 2021-03-22 15:07:38 +00:00
Asger Feldthaus
230b9cf5d3 JS: Avoid recursion in SourceNode::Range 2021-03-22 15:07:38 +00:00
Erik Krogh Kristensen
b565e3de91 expand outDir support in tsconfig files 2021-03-19 23:13:51 +01:00
Erik Krogh Kristensen
84e9229386 Merge branch 'main' into koa 2021-03-19 16:56:15 +01:00
Erik Krogh Kristensen
79feb3b689 Merge pull request #5454 from asgerf/js/fix-untrusted-checkout-id 
JS: Fix query ID for UntrustedCheckout
 2021-03-19 14:32:52 +01:00
CodeQL CI
3b117f5218 Merge pull request #5419 from erik-krogh/forgery 
Approved by asgerf
 2021-03-19 12:56:53 +00:00
Asger Feldthaus
42c4b22ea1 JS: Fix query ID for UntrustedCheckout 2021-03-19 12:41:34 +00:00
CodeQL CI
fc7f19f900 Merge pull request #5433 from erik-krogh/clientSocket 
Approved by esbena
 2021-03-19 02:12:19 -07:00
Erik Krogh Kristensen
58617c5c59 recognize client websockets as ClientRequests 2021-03-18 19:08:39 +01:00
Erik Krogh Kristensen
ed8e0fb593 remove CannonicalName API nodes 2021-03-18 15:34:17 +01:00
Erik Krogh Kristensen
7180a1ed52 add Type to MkHasUnderlyingType 2021-03-18 15:16:31 +01:00
Erik Krogh Kristensen
6bab41ce8b Merge pull request #5350 from JarLob/actions 
github actions queries
 2021-03-18 14:46:25 +01:00
Erik Krogh Kristensen
f94f82a0dc use getAChainedMethodCall 2021-03-18 14:35:10 +01:00
Erik Krogh Kristensen
38a9c71380 Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2021-03-18 14:33:13 +01:00
Asger Feldthaus
e30fa89405 JS: Update more test expectations 2021-03-18 10:04:39 +00:00
Erik Krogh Kristensen
8b931626ce add edge from root type MkHasUnderlyingType 2021-03-18 11:04:08 +01:00
Jaroslav Lobačevski
a9ed3317bf Fix regex per suggestion 2021-03-18 11:54:55 +02:00
Erik Krogh Kristensen
40ec23cf13 refactor MkHasUnderlyingType to use Label::instance() 2021-03-18 10:47:38 +01:00
Erik Krogh Kristensen
b2d6982318 add change note 2021-03-17 19:17:23 +01:00
Erik Krogh Kristensen
3995ff322d add models for koa-route and koa-router 2021-03-17 19:17:20 +01:00
Jaroslav Lobačevski
7b6773c96a Update javascript/ql/src/experimental/semmle/javascript/Actions.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-03-17 19:49:03 +02:00
Jaroslav Lobačevski
e3bf308952 Removed positive lookbehind 2021-03-17 17:32:10 +02:00
Asger Feldthaus
ae410aabd6 JS: Add change note 2021-03-17 15:24:10 +00:00
Asger Feldthaus
e4d891cab5 JS: Add tests for flow through replace 2021-03-17 15:20:40 +00:00
Asger Feldthaus
9cfbb90591 JS: Add test case for insufficient replace-sanitizer 2021-03-17 15:20:40 +00:00
Asger Feldthaus
198bdcab26 JS: Make XSS MetacharEscapeSanitizer more precise 2021-03-17 15:20:40 +00:00
Asger Feldthaus
effa52f9e1 JS: Step through string replace callbacks 2021-03-17 15:15:49 +00:00
CodeQL CI
7c20c4a664 Merge pull request #5396 from asgerf/js/shared-taint-step 
Approved by erik-krogh, esbena
 2021-03-17 08:07:20 -07:00
CodeQL CI
d95b295e52 Merge pull request #5400 from erik-krogh/replaceCallbacks 
Approved by asgerf
 2021-03-17 06:42:34 -07:00
Asger Feldthaus
ccc879dc5c JS: Autoformat 2021-03-17 13:29:17 +00:00
Asger Feldthaus
e1bfc6cd38 JS: Add qldoc to deprecated class member 2021-03-17 13:29:17 +00:00
Asger Feldthaus
ab1947a028 JS: Add comment explaining how to add new steps 2021-03-17 13:29:17 +00:00
Asger Feldthaus
c2764069b5 JS: Mention why we cache predicates outside the class 2021-03-17 13:29:17 +00:00
Asger Feldthaus
a97d3452a7 JS: Add DataFlow::SharedFlowStep to future-proof the tutorial 2021-03-17 13:29:17 +00:00
Asger Feldthaus
d74e84abd8 JS: Remove or update some mentions of AdditionalTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
c0b5a9ad0c JS: Deprecate AdditionalTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
332ee40984 JS: Autoformat 2021-03-17 13:29:17 +00:00
Asger Feldthaus
0675066ab9 JS: Fixup UriLibraries test 2021-03-17 13:29:17 +00:00
Asger Feldthaus
443b59e676 JS: Fixup bad merge in HeapTaintStep 2021-03-17 13:29:17 +00:00
Asger Feldthaus
80bc5d921b JS: Update Vue test 2021-03-17 13:29:16 +00:00
Asger Feldthaus
d52ff3e4f6 JS: Autoformat and add qldoc 2021-03-17 13:29:16 +00:00
Asger Feldthaus
96c6e4d8d8 JS: Update with new AdditionalTaintStep subclasses 2021-03-17 13:29:16 +00:00
Asger Feldthaus
561b9d09b3 JS: Put in same stage as RemoteFlowSource 2021-03-17 13:29:16 +00:00
Asger Feldthaus
e4a75b42e9 JS: Autoformat 2021-03-17 13:29:16 +00:00
Asger Feldthaus
8542c7172e JS: Fix promiseStep documentation 2021-03-17 13:29:16 +00:00