codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00

Author	SHA1	Message	Date
Asger F	1e5885ea1e	JS: Remove hoisting code from functions 'buildFunctionBody' no longer needs to handle hoisting, because hoisting now happens when visiting the block statement that is the body of the function. Note that curly-brace functions contain a block statement as their body, not a list of statements.	2025-02-04 10:41:47 +01:00
github-actions[bot]	f1b05a79a4	Post-release preparation for codeql-cli-2.20.4	2025-02-04 09:25:09 +00:00
Asger F	09270f4e20	JS: Change note	2025-02-04 09:36:46 +01:00
github-actions[bot]	573e53e454	Release preparation for version 2.20.4	2025-02-03 15:19:35 +00:00
Asger F	427e329363	JS: Bump extractor version string	2025-02-03 15:21:41 +01:00
Asger F	7eebe468ee	JS: Update TRAP output This seems to have reordered the TRAP lines but without semantic change.	2025-02-03 15:21:09 +01:00
Asger F	be082578d4	JS: Hoist function decls in a block to the top of the block	2025-02-03 15:21:08 +01:00
Asger F	29879297ee	JS: Add test showing missed call to later-defined function in block	2025-02-03 14:56:11 +01:00
Asger F	2d36a5d478	JS: Use JSX syntax in first attempt when extension is .jsx	2025-02-03 13:17:15 +01:00
Asger F	78a7f2670a	JS: Update a JS test case	2025-02-03 11:31:03 +01:00
Asger F	a0af4c9a84	Merge pull request #18622 from asgerf/js/typescript-tsconfig-names JS: Treat more file patterns as tsconfig-like files	2025-01-31 09:42:50 +01:00
Asger F	2e65fe9597	JS: Change note	2025-01-30 20:46:30 +01:00
Asger F	d23c198072	JS: Change note	2025-01-30 20:41:20 +01:00
Asger F	16f7373712	JS: Model dependency injection in Nest	2025-01-29 13:49:46 +01:00
Asger F	89ad737b2a	JS: Add internal extension points sources of class objects/instances	2025-01-29 13:49:44 +01:00
Asger F	b07c5c6ee0	JS: Add test	2025-01-29 13:49:43 +01:00
Asger F	6d04425790	JS: Add test	2025-01-29 11:14:21 +01:00
Asger F	d66d1a79d6	JS: Also update legacy entry point used by qltest	2025-01-29 11:14:10 +01:00
Asger F	8182190120	JS: Remove trailing whitespace	2025-01-29 10:53:26 +01:00
Asger F	bf80f0798b	JS: Treat more file patterns as as tsconfig.json-like	2025-01-29 10:53:18 +01:00
Asger F	f8694a34e5	Merge pull request #18397 from aegilops/angular-sources-sinks JavaScript CodeQL library updates: new Angular sink(s)	2025-01-29 09:09:23 +01:00
Erik Krogh Kristensen	87ad09bcdf	Merge pull request #18595 from erik-krogh/erik-krogh/clear-text-example JS: fix example in clear-text-logging qhelp to actually be bad	2025-01-27 11:45:50 +01:00
erik-krogh	37a1727043	fix example in clear-text-logging qhelp to actually be bad	2025-01-27 11:31:28 +01:00
aegilops	5a191d42bd	Merge branch 'angular-sources-sinks' of https://github.com/aegilops/codeql into angular-sources-sinks	2025-01-24 16:52:19 +00:00
aegilops	76da479550	Updated tests	2025-01-24 16:52:11 +00:00
Paul Hodgkinson	f033f179f7	Merge branch 'main' into angular-sources-sinks	2025-01-24 15:46:48 +00:00
aegilops	d248551e88	Updated expected test result files using HEAD version of codeql	2025-01-24 15:46:09 +00:00
Asger F	1b7977bf90	Merge pull request #18466 from asgerf/js/view-component-inputs JS: Add view-component-input threat model	2025-01-24 10:59:25 +01:00
Asger F	60f9160822	Merge pull request #18574 from asgerf/js/diff-informed2 JS: fix and improve diff-informed queries	2025-01-24 10:58:22 +01:00
aegilops	c9a775d737	Merge branch 'angular-sources-sinks' of https://github.com/aegilops/codeql into angular-sources-sinks	2025-01-23 17:07:02 +00:00
aegilops	522f3d1337	Merge	2025-01-23 17:00:56 +00:00
Paul Hodgkinson	eacc322d4f	Update Angular Renderer2 XSS sink details in change note	2025-01-23 16:39:18 +00:00
Asger F	6423033db6	JS: Resolve inserted TODOs	2025-01-23 13:02:52 +01:00
Asger F	102b187c35	JS: Ignore experimental queries for now	2025-01-23 12:53:18 +01:00
Asger F	dba76a0e4d	JS: Rerun patch query after bugfix	2025-01-23 10:31:32 +01:00
Erik Krogh Kristensen	4bd4937e65	Merge pull request #18547 from erik-krogh/suffixCheck JS: Fix FPs with js/incorrect-suffix-check	2025-01-22 21:13:27 +01:00
Asger F	051fa66af1	JS: Add change note	2025-01-22 11:49:48 +01:00
Asger F	4161f455b8	Revert "Add view-component-input for testing" This reverts commit 6954039a6d106e3611a0892972a979fd45310d1a.	2025-01-22 10:45:52 +01:00
Asger F	e5c0390972	Add view-component-input for testing	2025-01-22 10:45:50 +01:00
Asger F	d647c7b14d	JS: Replace 'instanceof ClientSideRemoteFlowSource'	2025-01-22 10:45:49 +01:00
Asger F	3061d51b20	JS: Add ThreatModelSource#isCilentSideSource()	2025-01-22 10:45:48 +01:00
Asger F	327bdc0b02	JS: Use TypeScript types to restrict ViewComponentInputs in general	2025-01-22 10:45:47 +01:00
Asger F	b015c88c79	JS: Add view-component-input threat model	2025-01-22 10:45:46 +01:00
erik-krogh	04bbd5919a	add change-note	2025-01-22 10:16:11 +01:00
Asger F	01f7d45e2d	JS: Add meta query for reporting threat model sources	2025-01-22 09:51:32 +01:00
Asger F	30d192a1db	JS: Move getName() to a shared location	2025-01-22 09:51:32 +01:00
Asger F	0b9187d76c	JS: Add change note	2025-01-21 14:17:35 +01:00
Asger F	a9d21e70c2	JS: Bump extractor version string	2025-01-21 14:04:12 +01:00
Asger F	dd55460d7f	JS: Update test output	2025-01-21 14:03:30 +01:00
Asger F	784d07c95b	JS: Ensure embedded TypeScript is extracted even when not associated with a tsconfig	2025-01-21 14:02:32 +01:00

... 8 9 10 11 12 ...

11189 Commits