51797 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Rasmus Lerchedahl Petersen	d31d763328	Python: adjust test expectations ... We now locate a `DataFlow::Node` rather than an 'AstNode`.	2022-09-05 16:45:43 +02:00
Tamás Vajk	1178dcb507	Merge pull request #10293 from tamasvajk/fix/ql4ql-pr-trigger ... Workflow: Add paths filter to QL for QL workflow	2022-09-05 16:22:05 +02:00
Erik Krogh Kristensen	4e14177614	fix typo in change-note	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	54eb0414cb	rename an upper-cased acronym	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	90bc8a5038	run the explicit-this patch on javascript/	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	b398f968e2	expand change-note to mention classes that have a changed basetype	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	e64f96c1ce	rewrite the change-note to emphasise that the change is potentially breaking	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	26f5643f3e	update the deprecation notice of RouteExpr such that it points to public APIs	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	e387ebaedd	add domNode.innerHTML += sink as a DOM sink	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	74a79f8622	simplify int check ... Co-authored-by: Asger F <asgerf@github.com>	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	73a936104a	fix typo in qldoc ... Co-authored-by: Asger F <asgerf@github.com>	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	833480d5c5	add change note	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	5b61db9fd3	refactor miscellaneous expression uses to dataflow nodes	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	6697dd1396	rewrite some expression based predicates in TaintTracking.qll	2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen	b4968eb645	refactor the SensitiveExpr to be a dataflow node	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	0c4f08c841	refactor the CredentialsExpr to be a dataflow node	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	c5b1588096	update the SQL/NoSQL models to use dataflow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	4d0534352e	refactor a use of MethodCallExpr in ClientSideUrlRedirectCustomizations.qll	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	e0e8085b95	update the cryptoLibraries to use dataflow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	5ebea8c75a	fix express in the POI test	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	aa9261f1b1	convert the AngularJS model to use DataFlow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	9bea110d24	convert the DOM model to use DataFlow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	2f429e7d29	convert some leftovers to use dataflow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	136124fbaa	convert the remaining Koa models to DataFlow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	fc54ba823b	update the existing expression based Express models	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	8266b083d7	update the predicates on Express::RouteHandler to use dataflow nodes	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	4cfbf15d18	deprecate RouteHandlerExpr and make RouteHandlerNode instead	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	3da34ca7a0	update Express::RouteExpr to a DataFlow::Node	2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen	3eb486610b	update Express::RouterDefinition to a DataFlow::InvokeNode	2022-09-05 16:11:51 +02:00
Erik Krogh Kristensen	b77d77d8eb	Merge pull request #10209 from erik-krogh/caseConsistency ... QL: add query detecting consistent casing of names	2022-09-05 16:07:59 +02:00
Tamas Vajk	1c21ce0ec4	Kotlin: Lookup getter methods based on special JVM method mapping	2022-09-05 16:02:25 +02:00
Tamas Vajk	6a90db9b30	Kotlin: List diagnostics for special getter method extraction	2022-09-05 16:00:40 +02:00
Erik Krogh Kristensen	92240384a9	update the tests to reflect the extra DataFlow::Nodes	2022-09-05 15:47:38 +02:00
Erik Krogh Kristensen	dfb7782be0	replace getA?RouteHandlerExpr with getA?RouteHandlerNode	2022-09-05 15:46:27 +02:00
Erik Krogh Kristensen	288230d7cf	update tests to reflect the extra DataFlow::Nodes from ResponseNode and RequestNode	2022-09-05 15:46:27 +02:00
Erik Krogh Kristensen	30d929909c	deprecate RequestExpr and ResponseExpr and use ResponseNode and RequestNode instead	2022-09-05 15:46:25 +02:00
Erik Krogh Kristensen	9cb7522bc1	change RouteSetup to a DataFlow::Node	2022-09-05 15:45:31 +02:00
Erik Krogh Kristensen	d98028be1a	change ServerDefinition to a DataFlow::Node	2022-09-05 15:44:56 +02:00
Geoffrey White	946456acc2	C++: Apply the sanitizer improvement from cpp/cleartext-storage-buffer in cpp/cleartext-storage-file and cpp/cleartext-transmission.	2022-09-05 14:44:33 +01:00
Erik Krogh Kristensen	ced4843dd7	change CookieDefinition to a DataFlow::Node	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	24b845589d	change ResponseBody to a DataFlow::Node	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	19e808186d	refactor definesExplicitly to use DataFlow::Node	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	ce0175a046	don't use astNode in StandardHeaderDefinition	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	d4ccc75ce1	refactor RedirectInvocation to a DataFlow::Node	2022-09-05 15:44:13 +02:00
Erik Krogh Kristensen	a03e6a800d	deprecate the HTTP flowsTo predicates to avoid confusion with SourceNode::flowsTo	2022-09-05 15:44:12 +02:00
James Fletcher	d787d94fbd	Merge branch 'main' into download-db-vs-code	2022-09-05 13:55:17 +01:00
Ian Lynagh	b38ad13f82	Merge pull request #10268 from tamasvajk/kotlin-local-function-comments ... Kotlin: fix doc comment extraction for local functions	2022-09-05 13:35:01 +01:00
Taus	c19574b9a4	Merge pull request #10267 from yoff/python/port-EmptyExcept ... python: Rewrite EmptyExcept from `points-to` to API graph	2022-09-05 14:11:34 +02:00
Tom Hvitved	b197eff23e	Ruby: Add missing edges to the call graph for singleton methods	2022-09-05 14:11:04 +02:00
Tom Hvitved	ab22f932a5	Ruby: Add more tests for singleton methods	2022-09-05 14:09:59 +02:00