hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.22.1

Browse Source
This commit is contained in:
github-actions[bot]
2025-06-24 08:55:31 +00:00
parent 601e317bfe
commit 3e074b2425
184 changed files with 517 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
javascript/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,15 @@
## 2.6.6
### Minor Analysis Improvements
* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations.
* Improved data flow tracking through middleware to handle default value and similar patterns.
* Added `req._parsedUrl` as a remote input source.
* Improved taint tracking through calls to `serialize-javascript`.
* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery.
* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file.
* Added support for Axios instances in the `axios` module.
## 2.6.5
### Minor Analysis Improvements

4
javascript/ql/lib/change-notes/2025-06-03-axios-instance-support.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added support for Axios instances in the `axios` module.

4
javascript/ql/lib/change-notes/2025-06-05-skip-obviously-generated-files.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file.

4
javascript/ql/lib/change-notes/2025-06-13-remove-encodeuri.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery.

5
javascript/ql/lib/change-notes/2025-06-16-middleware-express.md
View File

@@ -1,5 +0,0 @@
---
category: minorAnalysis
---
* Improved data flow tracking through middleware to handle default value and similar patterns.
* Added `req._parsedUrl` as a remote input source.

4
javascript/ql/lib/change-notes/2025-06-16-serialize-js.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Improved taint tracking through calls to `serialize-javascript`.

4
javascript/ql/lib/change-notes/2025-06-20-sinon.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations.

11
javascript/ql/lib/change-notes/released/2.6.6.md Normal file
View File

@@ -0,0 +1,11 @@
## 2.6.6
### Minor Analysis Improvements
* Calls to `sinon.match()` are no longer incorrectly identified as regular expression operations.
* Improved data flow tracking through middleware to handle default value and similar patterns.
* Added `req._parsedUrl` as a remote input source.
* Improved taint tracking through calls to `serialize-javascript`.
* Removed `encodeURI` and `escape` functions from the sanitizer list for request forgery.
* The JavaScript extractor now skips generated JavaScript files if the original TypeScript files are already present. It also skips any files in the output directory specified in the `compilerOptions` part of the `tsconfig.json` file.
* Added support for Axios instances in the `axios` module.

2
javascript/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 2.6.5
lastReleaseVersion: 2.6.6

2
javascript/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/javascript-all
version: 2.6.6-dev
version: 2.6.6
groups: javascript
dbscheme: semmlecode.javascript.dbscheme
extractor: javascript