hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

6335 Commits

Author SHA1 Message Date
smiddy007
a2a82fcde9 Merge branch 'main' into JS-Allow-Truncated-Hash-Forge-NonKeyCipher 2023-04-25 12:23:31 -04:00
jarlob
6e9f54ef55 Use double curly braces 2023-04-21 19:03:38 +02:00
smiddy007
bda0ef3a75 Merge branch 'github:main' into JS-Allow-Truncated-Hash-Forge-NonKeyCipher 2023-04-19 13:40:32 -04:00
smiddy007
4f7275f064 Reformat doc and move change note 2023-04-19 13:39:18 -04:00
Nate Johnson
4ae8377713 Merge branch 'main' into js-insecure-http-parser 2023-04-18 22:00:13 -04:00
Nate Johnson
78229bb264 Moved into experimental 2023-04-18 21:59:14 -04:00
Alex Ford
924ce250dd Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 
Post-release preparation for codeql-cli-2.13.0
 2023-04-18 14:40:40 +01:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
Nate Johnson
bbb1ee9597 Merge branch 'main' into js-insecure-http-parser 2023-04-18 00:45:32 -04:00
Nate Johnson
cb90f9af3c Fix to include specification of flag in NODE_OPTIONS 2023-04-18 00:41:48 -04:00
Nate Johnson
522a285d9e Qhelp file for explanation 2023-04-18 00:41:28 -04:00
Nate Johnson
2e27447c65 Include example 2023-04-18 00:41:11 -04:00
smiddy007
e4ec1ae261 Update InsufficientPasswordHash.qhelp 
change file name to original
 2023-04-17 13:18:47 -04:00
smiddy007
88d2f65c5f Rename InsufficientPasswordHash_NodeJS_fixed.js to InsufficientPasswordHash_fixed.js 2023-04-17 13:17:13 -04:00
smiddy007
cbe45f7e55 Rename InsufficientPasswordHash_NodeJS.js to InsufficientPasswordHash.js 2023-04-17 13:16:57 -04:00
smiddy007
36d7370998 Delete InsufficientPasswordHash_CryptoJS_fixed 
file not used in qhelp
 2023-04-17 13:16:25 -04:00
smiddy007
e65daaae49 Delete InsufficientPasswordHash_CryptoJS.js 
not used in qhelp file
 2023-04-17 13:15:10 -04:00
github-actions[bot]
648f0e19ec Post-release preparation for codeql-cli-2.13.0 2023-04-17 15:39:24 +00:00
Asger F
9db63c3a6a JS: Change note 2023-04-17 08:23:04 +02:00
github-actions[bot]
075d063370 Release preparation for version 2.13.0 2023-04-14 13:31:30 +00:00
jarlob
e9dee3a185 Move actions/github-script out of Actions.qll 2023-04-14 14:26:23 +02:00
jarlob
3724ea1a7b Extract where parts into predicates 2023-04-14 10:49:56 +02:00
jarlob
ac1c20673d Encapsulate github-script 2023-04-14 10:23:49 +02:00
jarlob
d80c541da6 Encapsulate composite actions 2023-04-14 10:06:35 +02:00
jarlob
94065764d5 Make predicate name clearer 2023-04-14 01:05:21 +02:00
jarlob
79218a3946 Use YamlMapping for modeling Env 2023-04-14 00:56:51 +02:00
jarlob
dd52ef85cd Rename Env 2023-04-13 23:41:31 +02:00
jarlob
a8a6913512 Simplify exists according to the warning 2023-04-13 23:10:16 +02:00
Alex Eyers-Taylor
c6a482819a Bump all qlpacks major versions 2023-04-13 19:15:27 +01:00
Alex Ford
8c46bfd051 Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Tom Hvitved
3cc9dec9c8 Remove all queries.xml files 2023-04-13 11:18:58 +02:00
Nate Johnson
a0f4a5100f Insecure HTTP parser query for JavaScript 2023-04-09 20:38:55 -04:00
jarlob
72b66ffe97 Fix comment. 2023-04-07 10:01:14 +02:00
jarlob
7573c615f6 Fix warnings 2023-04-06 23:07:22 +02:00
jarlob
9c7eecf547 Add support for composite actions 2023-04-06 22:53:59 +02:00
jarlob
40635e60d1 Improve documentation 2023-04-05 10:26:02 +02:00
jarlob
9fba7d31f1 Improve documentation 2023-04-05 10:24:07 +02:00
jarlob
eef1973b93 Change UI message 2023-04-05 10:05:24 +02:00
jarlob
5c5b9f99a8 Add simple taint tracking for env variables 2023-04-05 10:03:46 +02:00
github-actions[bot]
ac426b1302 Post-release preparation for codeql-cli-2.12.6 2023-04-04 16:49:26 +00:00
Asger F
5cc7380bcd JS: Change note 2023-04-04 16:49:14 +02:00
jarlob
39ff3c72a2 Remove label sanitizer because it is prone to race conditions 2023-04-03 23:28:31 +02:00
jarlob
8ea418216c Look for script injections in actions/github-script 2023-04-03 23:13:28 +02:00
jarlob
ba5747dff3 fix formatting 2023-04-03 15:10:27 +02:00
jarlob
99d634c8a4 Add more sources, more unit tests, fixes to the GitHub Actions injection query 2023-04-03 15:02:02 +02:00
Jeroen Ketema
17bd9c12d7 JS: Fix qhelp after file rename 2023-04-03 09:25:19 +02:00
Asger F
dec1e4dfd6 Merge pull request #12666 from smiddy007/improve-insufficient-pw-hash-query 
JS: Improve insufficient pw hash query
 2023-03-31 11:58:41 +02:00
github-actions[bot]
0a3218676c Release preparation for version 2.12.6 2023-03-30 19:25:06 +00:00
Erik Krogh Kristensen
b382465078 Merge pull request #12679 from ctbellanti/improved-certificate-validation 
JS: Improved coverage for disabled certificate validation
 2023-03-30 16:24:33 +02:00
github-actions[bot]
e87ce62f95 Post-release preparation for codeql-cli-2.12.5 2023-03-30 13:48:58 +00:00