hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

10105 Commits

Author SHA1 Message Date
erik-krogh
4b3a419509 just use quoteWithBackticks 2023-03-28 15:23:15 +02:00
Erik Krogh Kristensen
451f6f01bb Merge pull request #12633 from erik-krogh/more-global-flow 
JS: better callgraph support for global variables
 2023-03-28 15:19:50 +02:00
Jeroen Ketema
3b8ad087eb Make imports of codeql.util.Unit private 2023-03-28 14:14:13 +02:00
Asger F
61a7ee9387 JS: Use getABoundFunctionValue instead of type-tracking 2023-03-28 12:56:03 +02:00
erik-krogh
70dfa6e15c use StringUtil.quoteWithBackticks instead of manually quoting with a single backtick 2023-03-28 12:34:44 +02:00
erik-krogh
e5e20ab42c add backticks around the concrete parse error 2023-03-28 10:57:13 +02:00
Asger F
04b28c5118 Merge branch 'main' into js/extension-docs 2023-03-28 10:12:22 +02:00
smiddy007
2caab8748e Merge branch 'improve-insufficient-pw-hash-query' of https://github.com/smiddy007/codeql into improve-insufficient-pw-hash-query 2023-03-27 15:20:24 -04:00
smiddy007
57ab5a06ae autoformatted 2023-03-27 15:20:08 -04:00
Chris Bellanti
6bf94e800b Added check to disabling certificate validation query 2023-03-27 12:16:20 -04:00
smiddy007
64b56ef107 Merge branch 'main' into improve-insufficient-pw-hash-query 2023-03-27 12:07:21 -04:00
smiddy007
3ef5f3070f small change 2023-03-27 12:02:35 -04:00
Erik Krogh Kristensen
d3c3f2dc90 Merge pull request #12628 from erik-krogh/betterReDoS 
ReDoS: better super-linear algorithm
 2023-03-27 15:26:49 +02:00
Asger F
32d7a80221 JS: Change note 2023-03-27 14:56:57 +02:00
Asger F
92a681213d JS: Step through jQuery callback return values 2023-03-27 11:17:27 +02:00
Asger F
bc2a772f3b JS: Add test case showing false negative 2023-03-27 11:08:39 +02:00
Jeroen Ketema
977f15f8a4 Merge pull request #12649 from jketema/unit 
Replace all definitions of `Unit` by `import codeql.util.Unit`
 2023-03-27 08:49:50 +02:00
smiddy007
4980948613 changenote 2023-03-26 23:07:32 -04:00
smiddy007
cef6b95b15 Fixed Conflicts due to recent changes to file 2023-03-26 22:32:34 -04:00
smiddy007
ad527b8f69 Added new example files and renamed existing ones 2023-03-26 21:53:22 -04:00
smiddy007
ccf152df00 Added support for progressive hashing in crypto-js module 2023-03-26 21:29:55 -04:00
Jeroen Ketema
a87a9438c7 Replace all definitions of Unit by import codeql.util.Unit 2023-03-24 10:39:34 +01:00
erik-krogh
27c29303da add test diagnostics test for internal error 2023-03-23 13:12:51 +01:00
erik-krogh
e189b36e3f materialize less strings when ranking states 2023-03-23 10:35:58 +01:00
erik-krogh
0462e2a6ea update some expected output 2023-03-22 20:47:53 +01:00
Alex Ford
0f267e012a Merge pull request #12631 from alexrford/js/weak-cryptographic-algorithm_space 
JS: add a missing space in alert message for `js/weak-cryptographic-algorithm`
 2023-03-22 14:12:35 +00:00
erik-krogh
2bba9057a0 better callgraph support for global variables 2023-03-22 13:49:33 +01:00
Erik Krogh Kristensen
663d4e8e3b Merge pull request #12592 from erik-krogh/rhsRegress 
JS: Fix performance regression in the `GetLaterAccess` module.
 2023-03-22 12:55:56 +01:00
Alex Ford
b000b9b5c0 JS: add a missing space in alert message for js/weak-cryptographic-algorithm 2023-03-22 11:12:13 +00:00
Erik Krogh Kristensen
bdab57b9d3 Update javascript/ql/lib/semmle/javascript/GlobalAccessPaths.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-03-22 10:19:48 +01:00
erik-krogh
b071d3557e JS/PY/RB: add a worst-case test, that now performs OK 2023-03-22 10:13:18 +01:00
erik-krogh
801e0ff050 ReDoS: implement a better super-linear algorithm, with better worst-case performance 2023-03-22 10:13:16 +01:00
erik-krogh
c023af7308 manual recursion, and other join-order 2023-03-21 15:22:10 +01:00
erik-krogh
070468ab68 fix performance 2023-03-21 15:19:38 +01:00
erik-krogh
34fe1a8f5e use SSA in the GetLaterAccess module 2023-03-21 15:19:15 +01:00
Asger F
6d665da4dc Merge pull request #12570 from github/post-release-prep/codeql-cli-2.12.5 
Post-release preparation for codeql-cli-2.12.5
 2023-03-21 13:06:25 +01:00
Erik Krogh Kristensen
0f813ce2e8 Merge pull request #12543 from erik-krogh/reg-perf 
ReDoS: restrict the edges considered in polynomial-redos for complex regular expressions
 2023-03-20 15:48:35 +01:00
Erik Krogh Kristensen
540542ceb5 Merge pull request #12518 from erik-krogh/more-express-sources 
JS: recognize more express URL related sources
 2023-03-20 08:49:11 +01:00
github-actions[bot]
981e171525 Post-release preparation for codeql-cli-2.12.5 2023-03-17 13:27:00 +00:00
Asger F
d537f86324 Merge pull request #12555 from asgerf/js/block-modes 
JS: Include weak block modes as sink in weak crypto algorithm
 2023-03-17 13:23:23 +01:00
Henry Mercer
9d05d94f49 Merge pull request #12568 from github/rc/3.9 
Merge `rc/3.9` back to `main`
 2023-03-17 12:14:31 +00:00
erik-krogh
f1094cd3d6 bump to stable release 2023-03-16 22:38:54 +01:00
erik-krogh
f3c7aed1f9 bump to RC 2023-03-16 22:37:58 +01:00
erik-krogh
e00c41c6e2 add change-note and bump version 2023-03-16 22:37:56 +01:00
erik-krogh
a63739915d add test confirming support for const type parameters 2023-03-16 22:37:35 +01:00
erik-krogh
2c1c41d8a3 add test confirming end-to-end support for well-typed decorators with the new TS 5.0 type ClassMethodDecoratorContext 2023-03-16 22:37:35 +01:00
erik-krogh
d47659b48e upgrade to TypeScript 5.0 beta, and unbreak things that broke 2023-03-16 22:37:35 +01:00
Henry Mercer
74cc1a42d0 JS: Update for renamed com.semmle.util.diagnostics package 2023-03-16 18:19:10 +00:00
Asger F
bce1f29a7e JS: Add change note 2023-03-16 14:55:00 +01:00
Asger F
86a06bde72 JS: Flag crypto operations with weak block mode 2023-03-16 14:52:52 +01:00