hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

1958 Commits

Author SHA1 Message Date
Alex Ford
808cc9cf35 Merge pull request #8396 from alexrford/ruby/charpred-only-field 
Ruby: resolve `ql/field-only-used-in-charpred` alerts
 2022-03-11 15:48:05 +00:00
Arthur Baars
cf4b834536 Address comments 2022-03-11 14:25:34 +01:00
Erik Krogh Kristensen
1e365611fc fix all other implicit-this warnings introduced by the acronym patch 2022-03-11 13:22:07 +01:00
Erik Krogh Kristensen
2e2970128e fix typo in change-note 2022-03-11 13:16:34 +01:00
Erik Krogh Kristensen
a5a82a0b58 JS: remove accidential copy-pasted change-note 2022-03-11 13:16:34 +01:00
Erik Krogh Kristensen
1a275a32f7 add change-notes 2022-03-11 11:18:14 +01:00
Erik Krogh Kristensen
8f08b4ccc8 JS: add missing QLDoc 2022-03-11 11:18:01 +01:00
Erik Krogh Kristensen
b568bb91ef JS: remove duplicated predicate 2022-03-11 11:10:38 +01:00
Erik Krogh Kristensen
ed54d7b74b fixup getAPrimaryQlClass 2022-03-11 11:10:38 +01:00
Erik Krogh Kristensen
69353bb014 patch upper-case acronyms to be PascalCase 2022-03-11 11:10:33 +01:00
github-actions[bot]
3a5ebbb861 Post-release preparation for codeql-cli-2.8.3 2022-03-11 09:23:34 +00:00
Erik Krogh Kristensen
df9533f46e Merge pull request #8347 from erik-krogh/depBeGone 
remove all deprecations that are over a year old
 2022-03-11 10:01:07 +01:00
github-actions[bot]
6b194bc55f Release preparation for version 2.8.3 2022-03-10 19:43:58 +00:00
Alex Ford
305a51754c Run python config/sync-files.py 2022-03-10 18:34:16 +00:00
Alex Ford
2b25765156 Format QL 2022-03-10 17:55:42 +00:00
Alex Ford
0f3cf47ca9 Ruby/JS/Py: Add "random" to the notSensitiveRegexp() heuristic 2022-03-10 17:38:52 +00:00
Erik Krogh Kristensen
41778328c2 Update javascript/ql/lib/semmle/javascript/dataflow/Sources.qll 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2022-03-10 14:16:28 +01:00
Erik Krogh Kristensen
c2743177af JS: delete the TrackedNodes.qll, it had no public interface left 2022-03-10 11:34:17 +01:00
Erik Krogh Kristensen
e6b0552114 JS: delete leftover comment 2022-03-10 10:25:02 +01:00
Erik Krogh Kristensen
9c4fcf4c6d fix typo in change-note 
Co-authored-by: Stephan Brandauer <kaeluka@github.com>
 2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
6a28ddd9ec JS: un-deprecate deleted deprecated class that defined taint-steps 2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
59db0e7a0f JS: delete unused predicate 2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
5312e4a8b5 add change note that all old deprecations were deleted 2022-03-09 18:28:11 +01:00
Erik Krogh Kristensen
a86f0afb3c delete all deprecations that are over 14 months old 2022-03-09 18:28:07 +01:00
Erik Krogh Kristensen
cebd24156c support that the base is not a method-call in getAChainedMethodCall 2022-03-09 11:12:04 +01:00
Erik Krogh Kristensen
4734f1916e Merge pull request #7598 from erik-krogh/fieldOnlyUsedInCharPred 
QL: field only used in charPred
 2022-03-08 11:25:57 +01:00
Arthur Baars
eeb9a1d270 JavaScript: fix typos in documentation 2022-03-07 16:09:13 +01:00
Tiferet Gazit
bbc712fdb3 Merge pull request #8297 from erik-krogh/atmPerf 
JS: Fix ATM timeout on NodeJS
 2022-03-04 10:41:35 -08:00
Erik Krogh Kristensen
62f2614f72 move hasDominatingWrite to the TypeTracking stage 2022-03-02 11:30:05 +01:00
Erik Krogh Kristensen
1db6a644a5 only block flow for dominated reads when the property name is known 2022-03-02 11:30:05 +01:00
Erik Krogh Kristensen
a9062cc047 merge hasDominatingWrite and hasDominatingAssignment 2022-03-02 11:30:05 +01:00
Asger Feldthaus
d808bdc028 JS: Sync ApiGraphModels.qll 2022-03-01 14:08:20 +01:00
Tamás Vajk
94cb5c2be4 Merge pull request #8296 from github/post-release-prep/codeql-cli-2.8.2 
Post-release preparation for codeql-cli-2.8.2
 2022-03-01 11:57:36 +01:00
Erik Krogh Kristensen
dfc74d728b fix duplicate words in qldoc 2022-03-01 11:22:58 +01:00
Erik Krogh Kristensen
bdd07de7ed improve performance of getTestFile by finding possible test files first 2022-03-01 11:18:22 +01:00
github-actions[bot]
980f822983 Post-release preparation for codeql-cli-2.8.2 2022-03-01 09:24:30 +00:00
Erik Krogh Kristensen
4c58f9781b add support for TypeScript 4.6 2022-03-01 09:56:21 +01:00
Erik Krogh Kristensen
2b7c819135 fix extension of change-note 2022-03-01 09:54:19 +01:00
Erik Krogh Kristensen
4fba5e4dfb step through parentheses in barrier functions 2022-02-25 17:47:12 +01:00
Asger F
a8bfebaeb6 Merge pull request #8149 from asgerf/shared/use-shared-access-path-syntax 
Shared: use shared access path syntax to parse arguments in CSV rows
 2022-02-25 14:04:18 +01:00
github-actions[bot]
20fe22c8c8 Release preparation for version 2.8.2 2022-02-24 14:57:08 +00:00
Erik Krogh Kristensen
ad3399733b recognize more module exports from the factory pattern 2022-02-23 21:29:45 +01:00
Erik Krogh Kristensen
e13b2df86f Merge pull request #8185 from erik-krogh/amdImp 
JS: recognize modules imported by AMD imports as library inputs
 2022-02-23 20:21:45 +01:00
Asger Feldthaus
f1bfb31403 Shared: fix typo in a comment 2022-02-23 14:13:41 +01:00
Asger Feldthaus
abd4933d6c Shared: move numeric parsing into AccessPathSyntax.qll 2022-02-23 14:13:37 +01:00
CodeQL CI
7d55771092 Merge pull request #8150 from asgerf/js/prep-sharing-api-graph-mad 
Approved by erik-krogh
 2022-02-23 11:59:31 +00:00
Stephan Brandauer
a664e02d04 Merge pull request #8014 from kaeluka/js/functionality-from-untrusted-source 
JS: Functionality from untrusted sources query (CWE-830)
 2022-02-23 12:45:31 +01:00
Erik Krogh Kristensen
203212657e recognize modules imported by AMD imports as library inputs 2022-02-23 10:39:45 +01:00
Stephan Brandauer
c17d8b145a Merge pull request #8054 from asgerf/js/split-request-forgery 
JS: split request forgery query into server-side and client-side variants
 2022-02-23 10:27:16 +01:00
Esben Sparre Andreasen
58e0d54744 Merge pull request #8168 from github/esbena/hapi-reflected-xss 
JS: model hapi handler returns as reflected-xss sinks
 2022-02-23 08:53:15 +01:00