hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,207 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.5
Commit Graph

10776 Commits

Author SHA1 Message Date
erik-krogh
4b06bca770 fixup getAPrimaryQlClass 2022-08-25 20:52:30 +02:00
erik-krogh
cc7a9ef97a rename more acronyms 2022-08-25 20:52:27 +02:00
Ian Lynagh
ef98ce16f8 Update javascript/ql/lib/CHANGELOG.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:25:38 +01:00
Ian Lynagh
40b1825ef1 Update javascript/ql/lib/change-notes/released/0.2.4.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:24:20 +01:00
Erik Krogh Kristensen
06afe9c0f4 Merge pull request #9816 from erik-krogh/msgConsis 
Make alert messages consistent across languages
 2022-08-25 15:20:01 +02:00
github-actions[bot]
0f63bc077f Release preparation for version 2.10.4 2022-08-25 12:52:26 +00:00
Erik Krogh Kristensen
ba1ad00d2a Merge pull request #10062 from erik-krogh/redosPrefix 
JS: use the shared regular expression libraries in `js/case-sensitive-middleware-path`
 2022-08-25 12:57:16 +02:00
Ian Lynagh
bf6d9f8c23 Merge pull request #10161 from igfoo/igfoo/exec 
Make a load of files non-executable
 2022-08-25 10:05:39 +01:00
Ian Lynagh
501a9b3c6b Make *.qll non-executable 2022-08-24 16:36:15 +01:00
Henry Mercer
eb7091a6d3 Merge branch 'main' into codeql-ci/js-atm-new-release 2022-08-24 14:37:44 +01:00
github-actions[bot]
3af330dce9 JS: Bump version of ML-powered library and query packs to 0.3.2 2022-08-24 13:12:12 +00:00
github-actions[bot]
613c13c2bf JS: Bump patch version of ML-powered library and query packs 2022-08-24 13:03:14 +00:00
erik-krogh
1c0f2251e2 Merge branch 'main' into msgConsis 2022-08-24 14:38:57 +02:00
erik-krogh
f1799ae3d2 print the endpointExample in the alert-messsage, and only report one working example 2022-08-24 13:09:48 +02:00
Erik Krogh Kristensen
28d58be1b6 Merge pull request #10126 from erik-krogh/myApply 
JS: precise flow through calls to `.apply()`
 2022-08-24 12:55:36 +02:00
Erik Krogh Kristensen
4df2e5d937 Merge pull request #10096 from erik-krogh/acronyms-part1 
make acronyms camelcase
 2022-08-24 09:33:53 +02:00
erik-krogh
27fcc90a97 Merge branch 'main' into msgConsis 2022-08-24 09:21:43 +02:00
erik-krogh
a50234adb0 apply suggestion from review 2022-08-23 15:41:37 +02:00
erik-krogh
5e3cb08ed2 rename stateInPumpableRegexp to stateInRelevantRegexp 2022-08-23 12:40:45 +02:00
erik-krogh
1a7d3ee831 update expected output after changing queries 2022-08-23 12:35:32 +02:00
erik-krogh
afadcd9b45 use a more detailed alert message in bitwise-sign-check 2022-08-23 11:18:45 +02:00
erik-krogh
82d9180892 only have one deprecated alias for XmlDtd 2022-08-23 10:38:23 +02:00
erik-krogh
a57981ea69 apply suggestions from review 2022-08-23 10:18:14 +02:00
erik-krogh
45e78a355f ensure call-apply.js is seen as a module 2022-08-23 10:11:46 +02:00
erik-krogh
b5f9012033 fix deprecation warnings in ATM tests 2022-08-23 08:08:39 +02:00
erik-krogh
f7846a598e add change-notes 2022-08-23 07:54:01 +02:00
erik-krogh
78ba7650b3 change the change-notes 2022-08-23 07:28:46 +02:00
erik-krogh
7e0bd5bde4 update expected output of tests 2022-08-22 21:41:47 +02:00
erik-krogh
60908de089 update js/nested-loops-with-same-variable to match cpp 2022-08-22 21:41:46 +02:00
erik-krogh
20625ae60d update {js/go/py}/xpath-injection to match csharp/java 2022-08-22 21:41:46 +02:00
erik-krogh
b5458b2125 update js/insecure-randomness to match csharp 2022-08-22 21:41:46 +02:00
erik-krogh
9cdd8cc8f5 update js/tainted-format-string to match ruby/java 2022-08-22 21:41:46 +02:00
erik-krogh
9395f156de update {js/py}/command-line-injection to match csharp/java 2022-08-22 21:41:46 +02:00
erik-krogh
3553f3d9b8 update {rb/py/js/go}/path-injection to match java/csharp 2022-08-22 21:41:45 +02:00
erik-krogh
39c1832995 update {cpp/js}/bitwise-sign-check to match java 2022-08-22 21:41:45 +02:00
erik-krogh
b471a401cc update {rb/js/java}/unused-parameter to match python 2022-08-22 21:41:45 +02:00
erik-krogh
594fbc678e update js/zip-slip to match java/go/csharp 2022-08-22 21:41:45 +02:00
erik-krogh
28083ebe09 run the implicit-this patch 2022-08-22 21:23:31 +02:00
erik-krogh
a593a52b5e add missing qldoc (that was already missing?) 2022-08-22 21:22:39 +02:00
erik-krogh
e89e0eb7fb make some acronyms camelCase 2022-08-22 21:22:35 +02:00
erik-krogh
9c95dcc126 add change-note 2022-08-22 14:09:19 +02:00
erik-krogh
2ac5441aec rename the XMLDTD class to XmlDTD 2022-08-22 14:09:19 +02:00
erik-krogh
1a89ddae5d update some comments from XML to Xml 2022-08-22 14:09:19 +02:00
erik-krogh
ce9f69a639 rename all occurrences of XML to Xml 2022-08-22 14:08:31 +02:00
Rasmus Wriedt Larsen
61bf2154cd Merge branch 'main' into shared-http-client-request 2022-08-22 12:05:37 +02:00
erik-krogh
2fd09d34de improve performance of global dataflow by inlining a step predicate 2022-08-22 08:35:19 +02:00
erik-krogh
2f11f3760e simplify getALibraryInputParameter by adding more general dataflow for the arguments object 2022-08-22 08:32:43 +02:00
Erik Krogh Kristensen
11b039c1f1 add tests 2022-08-22 08:29:28 +02:00
Erik Krogh Kristensen
31c09ba678 implement flow for .apply() by adding a ReflectiveParametersNode data-flow node 2022-08-22 08:29:28 +02:00
Erik Krogh Kristensen
d86b7f6c54 recognize an access to the arguments object as library-input 2022-08-22 08:29:24 +02:00