6335 Commits

Author	SHA1	Message	Date
Asger F	edf79a3730	JS: Change note	2025-09-16 13:53:31 +02:00
Chris Smowton	c375f24598	Merge pull request #20423 from smowton/smowton/fix/length-comparison-off-by-one-fp ... JS: Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access	2025-09-15 18:24:45 +01:00
Ian Lynagh	d0091e1b3c	javascript: Fix spelling error in documentation ... Corrects the spelling of "occurrences" in the Incomplete Multi-Character Sanitization documentation to improve clarity.	2025-09-15 14:53:22 +01:00
Chris Smowton	db5c58180e	Change note	2025-09-12 14:32:12 +01:00
Chris Smowton	f5780ae369	Amend docstring	2025-09-12 14:32:10 +01:00
Chris Smowton	4fb133a43d	Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access	2025-09-12 14:32:07 +01:00
Asger F	d575d3c9e4	Merge pull request #20374 from asgerf/js/typescript-5.9 ... JS: Support TypeScript 5.9 and support 'import defer' syntax	2025-09-09 20:50:04 +02:00
Napalys Klicius	8c34b7eaea	Merge pull request #20146 from Napalys/js/move-cors-query-from-experimental ... JS: Move cors-misconfiguration query from experimental to Security	2025-09-08 09:32:38 +02:00
Napalys Klicius	b2feaaceea	Merge branch 'main' into js/move-cors-query-from-experimental	2025-09-05 12:11:09 +02:00
Asger F	ef114c4a07	JS: Add change note	2025-09-05 12:04:53 +02:00
Napalys Klicius	e6eacca50b	Update change note to reflect changes	2025-09-05 11:27:29 +02:00
Arthur Baars	5d3ec35e29	Remove non-breaking spaces from code	2025-09-05 09:41:15 +02:00
Napalys Klicius	c4c8dbcf7d	Merge remote-tracking branch 'origin/main' into js/move-cors-query-from-experimental	2025-09-04 15:24:44 +02:00
Napalys Klicius	d3d608fa33	Updated query description and added a sanitizer	2025-09-04 13:16:37 +00:00
Michael Nebel	8009ddebce	Merge pull request #20329 from michaelnebel/javascript/ql4ql ... JS: Fix some Ql4Ql violations.	2025-09-04 13:01:37 +02:00
Napalys Klicius	8fc81f4263	Merge branch 'main' into js/remote-property-injection-update	2025-09-03 14:02:19 +02:00
github-actions[bot]	e8a2600a0c	Post-release preparation for codeql-cli-2.23.0	2025-09-02 11:46:23 +00:00
github-actions[bot]	0bfa93828b	Release preparation for version 2.23.0	2025-09-02 11:09:32 +00:00
Michael Nebel	8b10ad49d7	JS: Fix some Ql4Ql violations.	2025-09-01 15:17:53 +02:00
Napalys Klicius	e0916c8750	JS: add change note	2025-08-27 10:32:45 +00:00
github-actions[bot]	42e3d31c49	Post-release preparation for codeql-cli-2.22.4	2025-08-18 14:42:42 +00:00
github-actions[bot]	90d29994c8	Release preparation for version 2.22.4	2025-08-18 14:06:09 +00:00
Napalys Klicius	b2346183d6	Merge pull request #20148 from Napalys/js/reg-exp-env-variable-threat-model ... JS: Exclude environment variables from `js/regex-injection` query by default	2025-08-18 09:32:15 +02:00
github-actions[bot]	fb4b0aac53	Post-release preparation for codeql-cli-2.22.3	2025-08-04 17:18:08 +00:00
github-actions[bot]	fd82aeb1f8	Release preparation for version 2.22.3	2025-08-04 15:47:57 +00:00
Napalys Klicius	3f9061abdb	Added change note	2025-07-31 13:20:38 +02:00
Napalys Klicius	021aa13ee2	Added change note	2025-07-31 12:45:34 +02:00
Napalys Klicius	791a7e242e	Updated qhelp for cors permissive configuration	2025-07-31 11:31:10 +02:00
Napalys Klicius	358617f533	Move CORS misconfiguration query from experimental to Security	2025-07-30 10:22:59 +00:00
github-actions[bot]	37cc78255a	Post-release preparation for codeql-cli-2.22.2	2025-07-22 14:22:20 +00:00
github-actions[bot]	997547b8ef	Release preparation for version 2.22.2	2025-07-22 14:04:14 +00:00
Nick Rolfe	825c813095	Revert "Release preparation for version 2.22.2"	2025-07-22 14:33:45 +01:00
github-actions[bot]	c8632b70b7	Release preparation for version 2.22.2	2025-07-21 16:45:45 +00:00
Nick Rolfe	ad9b637bec	Revert "Merge pull request #19994 from github/post-release-prep/codeql-cli-2.22.2" ... This reverts commit e5b4a15e35, reversing changes made to 33e63109bb.	2025-07-21 15:18:59 +01:00
Michael Nebel	2f29459cda	Merge pull request #19931 from michaelnebel/ql4ql/qualitytagcheck ... Ql4ql: Quality query tagging.	2025-07-17 14:53:14 +02:00
github-actions[bot]	24a0ac1223	Post-release preparation for codeql-cli-2.22.2	2025-07-07 18:15:04 +00:00
github-actions[bot]	f12daefabe	Release preparation for version 2.22.2	2025-07-07 14:00:26 +00:00
Michael Nebel	aefd941135	Java/Javascript: Fix violations.	2025-07-03 11:56:33 +02:00
Asger F	98319ce2ad	Apply suggestions from code review ... Co-authored-by: Taus <tausbn@github.com>	2025-07-03 08:44:33 +02:00
Asger F	47a90c8b32	Merge branch 'main' into js/no-type-extraction	2025-07-02 13:18:05 +02:00
Michael Nebel	233b54c7fa	Merge pull request #19891 from michaelnebel/michaelnebel/freezemoresuites ... Go/Ruby/Python: Freeze quality queries in `security-and-quality`.	2025-07-01 09:04:19 +02:00
Asger F	3247babfa5	Merge pull request #19762 from trailofbits/VF/type-orm-model-improvements ... Improve TypeORM model	2025-06-30 10:40:38 +02:00
Michael Nebel	145ada53f2	C#/Java/JavaScript: Re-factor query suites to use the new selector.	2025-06-26 14:19:27 +02:00
Vasco-jofra	8a7516528d	Update formatting	2025-06-26 09:29:07 +02:00
Asger F	aef362152e	JS: Change notes	2025-06-25 14:31:25 +02:00
Napalys Klicius	3d9e2f5438	Merge pull request #19858 from Napalys/js/execa ... JS: moved `execa` out of experimental	2025-06-25 10:34:52 +02:00
Asger F	d39b68cd41	Merge pull request #19849 from asgerf/js/remove-legacy-actions-queries ... JS: Remove legacy actions queries	2025-06-25 09:18:33 +02:00
Asger F	853fc1a7cf	Merge pull request #19852 from asgerf/js/react-use-server ... JS: Model React 'use' and 'use server'	2025-06-25 09:13:56 +02:00
github-actions[bot]	6972c7a872	Post-release preparation for codeql-cli-2.22.1	2025-06-24 12:55:14 +00:00
Asger F	54bfde9b7a	Update javascript/ql/src/change-notes/2025-06-23-remove-legacy-actions-queries.md ... Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-06-24 11:22:37 +02:00