hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-12 22:14:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,777 Commits 1,681 Branches 158 Tags
codeql-cli/v2.4.4
Commit Graph

19777 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Krogh Kristensen
30ba7d29a1 renamed "enclosingStmt" to "enclosing_stmt" 2020-09-04 11:51:48 +02:00
Erik Krogh Kristensen
99f8887844 renamed "isForAwaitOf" to "is_for_await_of" 2020-09-04 11:51:47 +02:00
Erik Krogh Kristensen
621e702e99 renamed "hasDeclareKeyword" to "has_declare_keyword" 2020-09-04 11:51:46 +02:00
Erik Krogh Kristensen
49b71d515c renamed "isInstantiated" to "is_instantiated" 2020-09-04 11:51:45 +02:00
Erik Krogh Kristensen
76f728aacd renamed "jumpTargets" to "jump_targets" 2020-09-04 11:51:45 +02:00
Erik Krogh Kristensen
059d72858a renamed "stmtContainers" to "stmt_containers" 2020-09-04 11:51:44 +02:00
Erik Krogh Kristensen
07fd747069 renamed "isClosureModule" to "is_closure_module" 2020-09-04 11:51:43 +02:00
Erik Krogh Kristensen
2a2901f6ae renamed "isES2015Module" to "is_es2015_module" 2020-09-04 11:51:42 +02:00
Erik Krogh Kristensen
8782c2b8e0 renamed "isNodejs" to "is_nodejs" 2020-09-04 11:51:41 +02:00
Erik Krogh Kristensen
4fb6d6060c renamed "isModule" to "is_module" 2020-09-04 11:51:40 +02:00
Erik Krogh Kristensen
39ff727ec7 renamed "isExterns" to "is_externs" 2020-09-04 11:51:39 +02:00
Erik Krogh Kristensen
05c38da2cb add section to Aliases.qll for deprecated dbscheme relations 2020-09-04 11:51:38 +02:00
Erik Krogh Kristensen
41eed43aa4 create upgrade folder for renamings 2020-09-04 11:51:38 +02:00
Asger Feldthaus
961554eb6f JS: Autoformat 2020-09-04 10:42:26 +01:00
yoff
7a00fbc654 Merge pull request #4154 from RasmusWL/python-more-complete-dataflow-tests 
Python more complete dataflow tests
 2020-09-04 11:35:24 +02:00
Rasmus Wriedt Larsen
2f480597ef Merge pull request #4157 from RasmusWL/add-labeler-action 
Enable labeler action again
 2020-09-04 11:15:15 +02:00
Rasmus Wriedt Larsen
f12fa52e22 Python: Update inline example for TypeTracker usage 2020-09-04 11:11:30 +02:00
Rasmus Wriedt Larsen
189c94f9e3 Python: Add TypeTracker::end() 
Copied from JS
 2020-09-04 11:10:10 +02:00
Rasmus Wriedt Larsen
7855576a69 Python: TypeTracker only exposes its own interface 
This is especially important if the TypeTracker needs to be publicly imported by
DataFlowPublic.
 2020-09-04 10:58:20 +02:00
Geoffrey White
6c40e22f45 C++: Support further reverse taint flows on things that return *this. 2020-09-04 09:45:10 +01:00
Geoffrey White
018b0a5abf C++: Model std::string front, back and push_back. 2020-09-04 09:45:07 +01:00
Geoffrey White
6e734a894f C++: Additional test cases for std::string. 2020-09-04 09:44:58 +01:00
Tamas Vajk
e2c205deb4 C#: Add stable order for generated accessors in printed AST 2020-09-04 10:39:01 +02:00
Erik Krogh Kristensen
fd05156298 clarifying comment on the last jQuery inconsistency 2020-09-04 10:30:42 +02:00
Erik Krogh Kristensen
b18f51806c regain the lost property presence result 2020-09-04 10:30:38 +02:00
Asger F
0704be4d41 Update javascript/ql/src/semmle/javascript/TypeScript.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-04 08:55:31 +01:00
Max Schaefer
252902d245 JavaScript: Restructure API-graph tests. 
With the old test runner we cannot have `VerifyAssertions.qlref`s for each individual test that reference a shared `VerifyAssertions.ql` in the parent directory, since it doesn't like nested tests.

Instead, we have to turn `VerifyAssertions.ql` into `VerifyAssertions.qll`, and each `VerifyAsssertions.qlref` into a `VerifyAssertions.ql` that imports it.

But then that doesn't work with our old directory structure, since the import path would have to contain the invalid identifier `library-tests`. As a workaround, I have moved the API graph tests into a directory without dashes in its path.
 2020-09-04 08:43:15 +01:00
Erik Krogh Kristensen
6fccf5aa70 use isLikelyIntentionalHtmlSink in the sink instead of in the where clause 2020-09-04 09:26:03 +02:00
CodeQL CI
58f51899c9 Merge pull request #4173 from erik-krogh/targetBlankFP 
Approved by esbena
 2020-09-04 08:21:22 +01:00
Tom Hvitved
7f18c3377e Merge pull request #4017 from hvitved/csharp/unqualify-trap-ids3 
C#: Remove assembly prefixes from TRAP labels
 2020-09-04 09:20:39 +02:00
Jonas Jensen
fbe42fb64c C++: Support != constant in range analysis 2020-09-04 09:20:23 +02:00
Jonas Jensen
d061b09fe0 C++: Test showing no support for != and ! 2020-09-04 09:02:42 +02:00
Max Schaefer
cb433a0c0f JavaScript: Add test for custom API-graph entry points. 2020-09-03 22:28:09 +01:00
Max Schaefer
58702e4c52 JavaScript: Rename EntryPoint.getADef to getARhs. 2020-09-03 22:28:09 +01:00
Max Schaefer
f3173ca968 JavaScript: Add a few unit tests for API graphs. 2020-09-03 22:28:09 +01:00
Max Schaefer
985399f4cf JavaScript: Move ApiGraphs library to semmle.javascript and import it from javascript.qll. 2020-09-03 22:28:09 +01:00
Max Schaefer
aaa70e4ad3 JavaScript: Make API-graph edge labels accessible outside ApiGraphs.qll. 2020-09-03 22:28:09 +01:00
Max Schaefer
7239f1fb6f JavaScript: Distinguish more carefully between def and use nodes in API graphs. 
In particular, we now have two different kinds of module features: module definitions and module uses.

For the most part, `API::Definition`s correspond to right-hand sides in the data-flow graph, and `API::Use`s correspond to references. However, module definitions can have references (via the CommonJS `module` variable), and so can their exports (via `module.exports` or `exports`). Note that this is different from references to uses of the module, which are simply imports.
 2020-09-03 22:28:09 +01:00
Mathias Vorreiter Pedersen
b7774b2a82 Merge pull request #4201 from geoffw0/insert 
C++: Model iterator versions of string and vector methods
 2020-09-03 21:45:36 +02:00
Geoffrey White
1d04c89927 C++: Autoformat. 2020-09-03 18:54:36 +01:00
Geoffrey White
5124660831 C++: Change note. 2020-09-03 18:54:27 +01:00
Geoffrey White
2d7552358b C++: Put in a better fix. 2020-09-03 18:51:57 +01:00
Geoffrey White
a1c7fd8fec C++: Remove the workaround for CPP-331. 2020-09-03 18:51:21 +01:00
Geoffrey White
5150bf30e7 C++: Add another test case inspired by CPP-331. 2020-09-03 18:50:11 +01:00
Geoffrey White
1483306c4c C++: Add more tests. 2020-09-03 18:39:50 +01:00
CodeQL CI
f180497554 Merge pull request #4192 from max-schaefer/js/ssa__implicitinit 
Approved by asgerf
 2020-09-03 16:46:56 +01:00
Max Schaefer
d8fbf60cbf JavaScript: Weaken a few types to stay under BDD node limit. 
`SourceNode` in cached layers seems particularly problematic.
 2020-09-03 14:29:04 +01:00
Max Schaefer
e77948103f JavaScript: Remove AdditionalFeature from ApiGraphs. 
I ended up not using it for flow summaries, so at this point it is purely speculative generality. We can reintroduce it later if we need to.
 2020-09-03 14:29:04 +01:00
Max Schaefer
924ef6ae5d Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2020-09-03 14:04:23 +01:00
Rasmus Wriedt Larsen
29bf98ad26 Python: Fix CUSTOM_SOURCE dataflow regression test 2020-09-03 15:03:53 +02:00