hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into redundantImport

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2022-04-26 14:24:51 +02:00
parent 881e5e16b5 3737248deb
commit d389012b75
889 changed files with 9741 additions and 3014 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
javascript/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,15 @@
## 0.1.0
### New Queries
* The `js/resource-exhaustion` query has been added. It highlights locations where an attacker can cause a large amount of resources to be consumed.
The query previously existed as an experimental query.
### Minor Analysis Improvements
* Improved handling of custom DOM elements, potentially leading to more alerts for the XSS queries.
* Improved taint tracking through calls to the `Array.prototype.reduce` function.
## 0.0.14
## 0.0.13

5
javascript/ql/src/change-notes/2022-04-07-missing-flow-fixes.md
View File

@@ -1,5 +0,0 @@
---
category: minorAnalysis
---
* Improved handling of custom DOM elements, potentially leading to more alerts for the XSS queries.
* Improved taint tracking through calls to the `Array.prototype.reduce` function.

5
javascript/ql/src/change-notes/2022-04-19-resource-exhaustion.md
View File

@@ -1,5 +0,0 @@
---
category: newQuery
---
* The `js/resource-exhaustion` query has been added. It highlights locations where an attacker can cause a large amount of resources to be consumed.
The query previously existed as an experimental query.

6
javascript/ql/src/change-notes/2022-04-21-static-accessors.md Normal file
View File

@@ -0,0 +1,6 @@
---
category: minorAnalysis
---
* The call graph now deals more precisely with calls to accessors (getters and setters).
Previously, calls to static accessors were not resolved, and some method calls were
incorrectly seen as calls to an accessor. Both issues have been fixed.

11
javascript/ql/src/change-notes/released/0.1.0.md Normal file
View File

@@ -0,0 +1,11 @@
## 0.1.0
### New Queries
* The `js/resource-exhaustion` query has been added. It highlights locations where an attacker can cause a large amount of resources to be consumed.
The query previously existed as an experimental query.
### Minor Analysis Improvements
* Improved handling of custom DOM elements, potentially leading to more alerts for the XSS queries.
* Improved taint tracking through calls to the `Array.prototype.reduce` function.

2
javascript/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.0.14
lastReleaseVersion: 0.1.0

2
javascript/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/javascript-queries
version: 0.1.0-dev
version: 0.1.1-dev
groups:
- javascript
- queries