Erik Krogh Kristensen
|
fef4455ccc
|
apply suggestion from doc review
Co-authored-by: Steve Guntrip <12534592+stevecat@users.noreply.github.com>
|
2022-05-12 13:28:45 +02:00 |
|
github-actions[bot]
|
ee9980b31c
|
Release preparation for version 2.9.2
|
2022-05-12 10:17:28 +00:00 |
|
Erik Krogh Kristensen
|
53b26eba17
|
Merge pull request #8724 from erik-krogh/postMessage
JS: promote the `js/missing-origin-verification` query
|
2022-05-09 12:28:58 +02:00 |
|
Mathias Vorreiter Pedersen
|
176e40f139
|
Merge pull request #9052 from github/post-release-prep/codeql-cli-2.9.1
Post-release preparation for codeql-cli-2.9.1
|
2022-05-06 13:15:17 +01:00 |
|
github-actions[bot]
|
1a25457178
|
Post-release preparation for codeql-cli-2.9.1
|
2022-05-05 19:05:50 +00:00 |
|
Erik Krogh Kristensen
|
58db9226dc
|
add missing word in qhelp
|
2022-05-05 14:24:45 +02:00 |
|
Erik Krogh Kristensen
|
2d7c7ff372
|
apply suggestions from doc review
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2022-05-05 13:03:35 +02:00 |
|
Erik Krogh Kristensen
|
0c0e280637
|
update the qhelp to mention that the GITHUB_TOKEN only sometimes has write-access
|
2022-05-05 12:12:29 +02:00 |
|
Erik Krogh Kristensen
|
c0152a46bc
|
rename getAReferencedExpression to getASimpleReferenceExpression and add examples of what it can parse
|
2022-05-05 11:02:47 +02:00 |
|
Erik Krogh Kristensen
|
1f00ba812a
|
move YAMLMappingLikeNode to the standard library
|
2022-05-05 10:22:52 +02:00 |
|
Erik Krogh Kristensen
|
8425eaf919
|
Merge pull request #8549 from erik-krogh/unreachableJoin
JS: fix bad join in js/unreachable-method-overloads
|
2022-05-04 16:28:06 +02:00 |
|
Erik Krogh Kristensen
|
8e2b00d209
|
make the big disjunctions more readable by using a set literal
|
2022-05-04 16:15:17 +02:00 |
|
Erik Krogh Kristensen
|
31a4de902e
|
add missing security severity
|
2022-05-04 16:15:17 +02:00 |
|
Erik Krogh Kristensen
|
d8cc82bdb1
|
add change-note
|
2022-05-04 16:14:59 +02:00 |
|
Erik Krogh Kristensen
|
df4bfef8c7
|
expand the qhelp for js/actions/injection
|
2022-05-04 16:14:59 +02:00 |
|
Erik Krogh Kristensen
|
48fb01f9f7
|
set js/actions/injection as a high precision warning query
|
2022-05-04 16:14:54 +02:00 |
|
Erik Krogh Kristensen
|
2a65d1d3ec
|
move js/actions/injection out of experimental
|
2022-05-04 16:14:19 +02:00 |
|
Erik Krogh Kristensen
|
bc470b89f1
|
leave a deprecated alias for Actions.qll
|
2022-05-04 16:14:19 +02:00 |
|
Erik Krogh Kristensen
|
9db67d4988
|
move the Actions API out of experimental
|
2022-05-04 16:14:19 +02:00 |
|
Stephan Brandauer
|
3f13a5e082
|
fix a FN for prototype polluting function query
|
2022-04-28 22:00:09 +02:00 |
|
github-actions[bot]
|
8e4cf190e9
|
Release preparation for version 2.9.1
|
2022-04-28 11:59:05 +00:00 |
|
Erik Krogh Kristensen
|
d389012b75
|
Merge branch 'main' into redundantImport
|
2022-04-26 14:24:51 +02:00 |
|
Mathias Vorreiter Pedersen
|
aca4c8727f
|
Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0
Post-release preparation for codeql-cli-2.9.0
|
2022-04-25 22:52:55 +01:00 |
|
Erik Krogh Kristensen
|
0a26e891a2
|
include startsWith/endsWith checks in js/missing-origin-check
|
2022-04-25 15:28:50 +02:00 |
|
Erik Krogh Kristensen
|
fe3d71ebc2
|
fix qhelp: the window, not the origin, is sending the message
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
|
2022-04-25 14:07:01 +02:00 |
|
CodeQL CI
|
06e5962da7
|
Merge pull request #8791 from asgerf/js/static-accessors
Approved by erik-krogh
|
2022-04-22 13:39:32 +01:00 |
|
Erik Krogh Kristensen
|
ff73dbc35c
|
delete redundant imports
|
2022-04-22 12:55:28 +02:00 |
|
Khang. Võ Vĩ
|
f4581ae866
|
fix PrototypePollutingAssignment examples
|
2022-04-22 11:55:45 +07:00 |
|
github-actions[bot]
|
1aecfc67c2
|
Post-release preparation for codeql-cli-2.9.0
|
2022-04-21 19:22:19 +00:00 |
|
github-actions[bot]
|
eeaf233c29
|
Release preparation for version 2.9.0
|
2022-04-21 14:49:00 +00:00 |
|
Asger Feldthaus
|
c6e66edb97
|
JS: Change note
|
2022-04-21 08:32:01 +02:00 |
|
Erik Krogh Kristensen
|
6799232009
|
fix typo in qldoc
|
2022-04-19 11:09:27 +02:00 |
|
Erik Krogh Kristensen
|
8e5a7bcd76
|
add change-note
|
2022-04-19 10:53:48 +02:00 |
|
Erik Krogh Kristensen
|
2e5d435bea
|
add CWE-400, and add a reference to DoS attacks
|
2022-04-14 18:37:50 +02:00 |
|
Erik Krogh Kristensen
|
41bdd8f4da
|
minor fixes
|
2022-04-13 10:11:07 +02:00 |
|
Erik Krogh Kristensen
|
a2d2626c9c
|
add security severity
|
2022-04-12 16:34:00 +02:00 |
|
Erik Krogh Kristensen
|
d64df30724
|
reintroduce the reverted qhelp
|
2022-04-12 16:33:06 +02:00 |
|
Erik Krogh Kristensen
|
e2b7f7d05d
|
reintroduce the number sinks
|
2022-04-12 16:26:10 +02:00 |
|
Erik Krogh Kristensen
|
688b2b6898
|
use the Query.qll pattern
|
2022-04-12 15:52:52 +02:00 |
|
Erik Krogh Kristensen
|
8fb54c3f32
|
move js/resource-exhaustion out of experimental
|
2022-04-12 15:51:36 +02:00 |
|
Erik Krogh Kristensen
|
df295e69d6
|
add change-note
|
2022-04-12 14:37:51 +02:00 |
|
Erik Krogh Kristensen
|
bca4d14129
|
rename files
|
2022-04-12 14:37:43 +02:00 |
|
Erik Krogh Kristensen
|
591fcda862
|
various improvements to the js/missing-origin-verification query
|
2022-04-12 14:20:41 +02:00 |
|
Erik Krogh Kristensen
|
18532bae54
|
move js/missing-postmessageorigin-verification out of experimental
|
2022-04-12 10:39:27 +02:00 |
|
CodeQL CI
|
9c8dee2a4d
|
Merge pull request #8687 from asgerf/js/missing-flow-fixes
Approved by erik-krogh
|
2022-04-11 14:08:15 +01:00 |
|
Edoardo Pirovano
|
f25618eed6
|
Bump minor version of all packs
|
2022-04-08 15:38:58 +01:00 |
|
Edoardo Pirovano
|
ce82c54b94
|
Merge branch 'main' into edoardo/3.5-mergeback
|
2022-04-08 15:30:58 +01:00 |
|
Asger Feldthaus
|
2a67085d9d
|
JS: Change note
|
2022-04-07 10:02:21 +02:00 |
|
github-actions[bot]
|
6af568b16d
|
Post-release preparation for codeql-cli-2.8.5
|
2022-04-01 16:22:14 +00:00 |
|
github-actions[bot]
|
ee746d20df
|
Release preparation for version 2.8.5
|
2022-04-01 10:39:31 +00:00 |
|