hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,255 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.2
Commit Graph

10661 Commits

Author SHA1 Message Date
github-actions[bot]
ec70b80a0a Release preparation for version 2.20.2 2025-01-21 12:47:53 +00:00
Chris Smowton
90c396b46a Revert "Release preparation for version 2.20.2" 2025-01-21 12:02:52 +00:00
github-actions[bot]
ec1ca5dc25 Release preparation for version 2.20.2 2025-01-20 14:44:12 +00:00
Asger F
683ebcaf16 Revert "JS: Add dummy extension with an empty diff" 
This reverts commit 6e9b95d4e85f4829e788400575570bdb65eda6f6.
 2025-01-20 11:20:35 +01:00
Asger F
a948915bb0 JS: Add dummy extension with an empty diff 2025-01-20 11:20:33 +01:00
Asger F
7c29ea9dda JS: Update ExternalAPIUsedwithUntrustedData 2025-01-20 11:20:32 +01:00
Asger F
ecbd7983ba JS: Update DifferentKindsComparisonBypassQuery.qll 2025-01-20 11:20:31 +01:00
Asger F
29da1fb6c8 JS: Update ConditionalBypassQuery.qll 2025-01-20 11:20:30 +01:00
Asger F
8fe622f572 JS: Update PrototypePollutingFunction.ql 2025-01-20 11:20:29 +01:00
Asger F
fd763a0883 JS: Auto-patch diff informed queries 2025-01-20 11:20:27 +01:00
Asger F
aa0b9559bf Merge pull request #18472 from asgerf/js/test-suite 
JS: Port three tests to use the new post processing-based inline test expectations
 2025-01-17 12:06:32 +01:00
Asger F
2c65946684 JS: Add setOtherInput example 2025-01-17 10:29:03 +01:00
Asger F
e983e26f68 JS: Add example with safe field 2025-01-17 10:28:07 +01:00
Asger F
7b3727b874 JS: Add change note 2025-01-17 10:27:02 +01:00
Asger F
37062763ae JS: Bump extractor version string 2025-01-17 10:27:01 +01:00
Asger F
859783c08b JS: Support [(ngModel)] 2025-01-17 10:26:57 +01:00
Asger F
d55c68c1f1 JS: Add test case with [(ngModel)] 2025-01-17 10:24:16 +01:00
Asger F
97f5559e64 JS: Recognise form input from NgForm 2025-01-17 10:22:20 +01:00
Asger F
1ec3a62242 JS: Add test with NgForm.value 2025-01-17 10:20:59 +01:00
Asger F
d4daa21318 JS: Add DOM event sources in Angular2 model 2025-01-17 10:20:22 +01:00
Asger F
b8ba50a9ac JS: Add Angular test case in XssThroughDom 2025-01-17 10:12:42 +01:00
Asger F
6f46a34873 JS: Refactor domEventSource() into a Range class 2025-01-17 10:12:40 +01:00
Asger F
26a11efc5b Merge branch 'main' into js/test-suite 2025-01-17 10:09:06 +01:00
Asger F
bd2febcf00 JS: Implementing new signature members in StepInputSig 2025-01-16 13:38:08 +01:00
Asger F
1964b347c7 Merge branch 'main' into js/test-suite 2025-01-16 13:19:07 +01:00
Asger F
6cd9752289 Merge pull request #18467 from github/js/shared-dataflow-branch 
JS: Migrate to shared data flow library (targeting main!) 🚀
 2025-01-16 11:28:57 +01:00
Geoffrey White
90faab456d Merge pull request #18473 from geoffw0/sensitive2 
Improve shared sensitive data library handling of snake_case variable names
 2025-01-15 18:02:33 +00:00
Asger F
bc34a045d3 JS: Triage discrepancies and update test 2025-01-10 14:18:31 +01:00
Asger F
18ab066e79 JS: Remove OK comments that don't provide further explanation 2025-01-10 14:18:30 +01:00
Asger F
c2b65b1f85 JS: Port IncompleteUrlSubstringSanitization test 2025-01-10 14:18:29 +01:00
Asger F
6b4be13a8e JS: Move annotations to the correct line 2025-01-10 14:18:28 +01:00
Asger F
95e20a045b JS: Port IncompleteUrlSchemeCheck test 2025-01-10 14:18:26 +01:00
Asger F
563471dd52 JS: Triage discrepancies and update test 2025-01-10 14:18:25 +01:00
Asger F
48f7a58d01 JS: Update IncompleteHostnameRegExp test to match reality 2025-01-10 14:18:24 +01:00
Asger F
a83508a828 JS: Port IncompleteHostNameRegExt test 2025-01-10 14:18:23 +01:00
Geoffrey White
5ef5b04aac Add change notes. 2025-01-10 11:16:53 +00:00
Geoffrey White
f8659c0a4e Sync identical files. 2025-01-10 10:26:13 +00:00
Erik Krogh Kristensen
70a1a6454d Merge pull request #18452 from asgerf/js/import-spec-strings 
JS: Fix crash in case of string literal in export specifier
 2025-01-09 15:50:40 +01:00
Asger F
a7fbfb2c2d JS: Change note 2025-01-09 10:48:52 +01:00
Asger F
fd5a3dad90 JS: One more test 2025-01-09 10:46:45 +01:00
Asger F
138b000891 JS: Coerce the local export node to an Identifier 2025-01-09 10:42:25 +01:00
Asger F
db98880163 JS: Add crash reproduction to test case 2025-01-09 10:39:30 +01:00
Asger F
9c4d378a1d JS: Remove TODO comment 
It is not subsumed by the other case, both cases are needed
 2025-01-09 10:17:16 +01:00
Asger F
3f2882e1c6 JS: Remove an obsolete comment 
The RHS of an assignment actually has a post-update node now
 2025-01-09 09:59:23 +01:00
Asger F
b2d62a080b JS: Move a test failure explanation into the test suite 
We have an issue for fixing the underlying problem
 2025-01-09 09:57:44 +01:00
Asger F
d9da9444fa JS: Rephrase TODO 
This is useful info, but not something that can be fixed locally in this query, so a TODO comment isn't helping
 2025-01-09 09:45:39 +01:00
Asger F
3def8ecdee JS: Remove unimportant TODO 2025-01-09 09:43:03 +01:00
Asger F
388dd871e1 JS: Remove TODO tracked by an issue. 
This requires changes to the shared data flow library, not something we should track with a TODO in the JS codebase
 2025-01-09 09:41:40 +01:00
Asger F
8b060c4294 JS: Remove TODO about evaluating legacy steps 
There is an issue for tracking this. It's not a small fix.
 2025-01-09 09:40:29 +01:00
Asger F
a8f93cac05 JS: Remove obsolete comment 
The test case actually has the correct result now
 2025-01-09 09:39:32 +01:00