codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00

Author	SHA1	Message	Date
Alvaro Muñoz	a71fc930a6	add tests	2022-12-14 13:11:02 +01:00
Asger F	b63c658e3b	JS: recognize tiny-csrf	2022-12-14 12:30:15 +01:00
Asger F	162419138d	JS: Replace csurf -> lusca.csrf from example and qhelp	2022-12-14 12:30:15 +01:00
Henry Mercer	6023a1225c	Merge pull request #11673 from github/codeql-ci/atm/release-0.4.4 JS: Bump version numbers of ML-powered packs after 0.4.4 release	2022-12-14 10:27:00 +00:00
Alvaro Muñoz	701676eea1	Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2022-12-14 10:18:47 +01:00
Erik Krogh Kristensen	8a89849476	Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf Py/JS/RB: Use instanceof in more places	2022-12-13 21:50:13 +01:00
Henry Mercer	a3933fbf4f	Bump minor versions of packs we regularly release	2022-12-13 18:59:24 +00:00
Henry Mercer	7167f078be	Merge branch 'main' into henrymercer/mergeback-3.8	2022-12-13 18:40:53 +00:00
Asger F	bbce52535a	JS: Add clarification in another customization doc	2022-12-13 15:34:54 +01:00
Henry Mercer	423374a7b8	Merge branch 'main' into codeql-ci/atm/release-0.4.4	2022-12-13 14:26:21 +00:00
github-actions[bot]	745823ca60	JS: Bump version of ML-powered library and query packs to 0.4.5	2022-12-13 13:32:52 +00:00
github-actions[bot]	ea13925a92	JS: Bump patch version of ML-powered library and query packs	2022-12-13 13:28:09 +00:00
Asger F	6b15839221	JS: Add tests for the examples used in the docs	2022-12-13 11:33:12 +01:00
Asger F	ba1364a4cb	JS: Add sinks mentioned in doc Note that 'sql-injection' was already added	2022-12-13 11:33:12 +01:00
Alvaro Muñoz	270a4355df	format Restify.qll	2022-12-13 11:22:24 +01:00
Alvaro Muñoz	4ba3190d29	Replace API::Node with DataFlow::Node for Spife's RouteSetup	2022-12-13 11:10:04 +01:00
erik-krogh	b3a9c1ca06	Py/JS/RB: Use instanceof in more places	2022-12-12 16:06:57 +01:00
Alvaro Muñoz	469d7f52dc	Use fluent API instead of hasPropertyWrite	2022-12-12 10:46:50 +01:00
Alvaro Muñoz	1410d2838e	Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2022-12-12 09:54:02 +01:00
github-actions[bot]	343b7b1c8b	Post-release preparation for codeql-cli-2.11.6	2022-12-11 18:15:04 +00:00
github-actions[bot]	0b2fb4f70a	Release preparation for version 2.11.6	2022-12-10 15:49:35 +00:00
Asger F	387a673c10	Merge pull request #11567 from asgerf/js/data-extensions2 JS: Move MaD models to data extensions	2022-12-09 10:09:24 +01:00
Henry Mercer	280bb6864f	Merge pull request #11604 from github/codeql-ci/atm/release-0.4.3 JS: Bump version numbers of ML-powered packs after 0.4.3 release	2022-12-08 13:04:16 +00:00
Chris Smowton	49bc524fd0	Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main	2022-12-08 11:12:30 +00:00
Henry Mercer	78f15755d7	Merge branch 'main' into codeql-ci/atm/release-0.4.3	2022-12-07 20:49:26 +00:00
github-actions[bot]	d577eeeea8	JS: Bump version of ML-powered library and query packs to 0.4.4	2022-12-07 20:05:30 +00:00
github-actions[bot]	9702ea02fb	JS: Bump patch version of ML-powered library and query packs	2022-12-07 20:01:33 +00:00
Alvaro Muñoz	38b2f537d4	Use ReplyCall.super syntax instead of this.(ReplyCall)	2022-12-07 16:39:07 +01:00
Asger F	fcdb2fa03f	JS: Remove MaD models from .qll files	2022-12-07 11:35:13 +01:00
Asger F	d8e566a50e	Add data-extension files	2022-12-07 11:35:13 +01:00
Asger F	5af1b367c7	Support data extensions	2022-12-07 11:35:05 +01:00
Alvaro Muñoz	af015d3d30	restoring previous casts to avoid super type ambiguity	2022-12-07 10:39:58 +01:00
Alvaro Muñoz	407df37a74	Add feedback from Code review	2022-12-07 10:36:44 +01:00
Alvaro Muñoz	3e92b4c596	Apply suggestions from code review Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2022-12-07 10:29:29 +01:00
Asger F	afe7872838	Merge pull request #11565 from asgerf/js/rephined-variable-in-access-path JS: handle rephined variable in access path	2022-12-07 09:26:38 +01:00
Tiferet Gazit	1a9dd48a88	Merge pull request #11551 from github/tiferet/endpoint-characteristics-test ATM: Test for contradictory endpoint characteristics	2022-12-06 18:36:41 -08:00
tiferet	cf29cde2e8	Apply suggestions from code review	2022-12-06 18:05:04 -08:00
Asger F	80777b8c50	JS: handle rephined variables in local access paths	2022-12-05 15:11:50 +01:00
Asger F	025cfe4064	JS: Add reproduction test case	2022-12-05 15:11:43 +01:00
Erik Krogh Kristensen	6b9cab23d4	Merge pull request #11248 from erik-krogh/js-redosMod JS: use the shared regex pack	2022-12-05 14:48:37 +01:00
Asger F	6bffb11749	Merge pull request #11253 from asgerf/merge-package-type-columns Dynamic: Merge package and type columns	2022-12-05 10:57:21 +01:00
Tiferet Gazit	79d8444b94	Merge pull request #11532 from github/tiferet/endpoint-filter-test ATM: Test for endpoints scored at inference time	2022-12-02 13:13:52 -08:00
tiferet	93e3c72c6a	Test for contradictory endpoint characteristics	2022-12-02 10:29:39 -08:00
tiferet	d211decfb4	Fix error in last commit	2022-12-02 09:03:44 -08:00
Tiferet Gazit	c0aae3d68e	Apply suggestions from code review Co-authored-by: Stephan Brandauer <kaeluka@github.com>	2022-12-02 09:00:45 -08:00
Erik Krogh Kristensen	c4cb410970	Merge pull request #11472 from erik-krogh/exit-code JS: make the JS autobuilder consistent with Ruby when no JS code was detected	2022-12-02 16:01:02 +01:00
tiferet	d17383d98c	Add XssThroughDom	2022-12-02 06:59:32 -08:00
tiferet	2e20abca90	Undo error from previous commit Oops, now I see why that wasn't private	2022-12-02 06:59:31 -08:00
tiferet	294f34bf07	Small improvement Not strictly needed, but better to keep things private when possible	2022-12-02 06:59:31 -08:00
tiferet	a317f2bfe2	Test for endpoints scored at inference time Adds a test to detect changes in the endpoints that get scored at inference time.	2022-12-02 06:59:31 -08:00

... 45 46 47 48 49 ...

10776 Commits