hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,000 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.3
Commit Graph

2686 Commits

Author SHA1 Message Date
erik-krogh
26c5480ee6 share {js,rb}/regex/missing-regexp-anchor 2022-12-18 17:23:41 +01:00
erik-krogh
355499ea52 move getACommonTld to the shared pack 2022-12-17 17:26:18 +01:00
erik-krogh
f67d0bc8c0 put the shared HostnameRegexp code in the shared regex pack 2022-12-17 17:26:18 +01:00
Henry Mercer
30451ee950 Merge pull request #11681 from github/henrymercer/mergeback-3.8 
Merge `rc/3.8` back to `main`
 2022-12-16 17:43:12 +00:00
Erik Krogh Kristensen
1500fa5f67 Merge pull request #10663 from pwntester/restify_improvements 
Javascript: Improve Restify support and add new Spife support
 2022-12-15 11:08:22 +01:00
Erik Krogh Kristensen
55558120d9 add explicit this 2022-12-14 20:59:28 +01:00
Alvaro Muñoz
f46a8faf00 port RouteSetup API-based implementation to DataFlow one 2022-12-14 17:37:32 +01:00
Alvaro Muñoz
4cf7299d79 restore Spife.qll to working status 2022-12-14 15:41:53 +01:00
Alvaro Muñoz
701676eea1 Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-14 10:18:47 +01:00
Erik Krogh Kristensen
8a89849476 Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00
Henry Mercer
a3933fbf4f Bump minor versions of packs we regularly release 2022-12-13 18:59:24 +00:00
Henry Mercer
7167f078be Merge branch 'main' into henrymercer/mergeback-3.8 2022-12-13 18:40:53 +00:00
Asger F
ba1364a4cb JS: Add sinks mentioned in doc 
Note that 'sql-injection' was already added
 2022-12-13 11:33:12 +01:00
Alvaro Muñoz
270a4355df format Restify.qll 2022-12-13 11:22:24 +01:00
Alvaro Muñoz
4ba3190d29 Replace API::Node with DataFlow::Node for Spife's RouteSetup 2022-12-13 11:10:04 +01:00
erik-krogh
b3a9c1ca06 Py/JS/RB: Use instanceof in more places 2022-12-12 16:06:57 +01:00
Alvaro Muñoz
469d7f52dc Use fluent API instead of hasPropertyWrite 2022-12-12 10:46:50 +01:00
Alvaro Muñoz
1410d2838e Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-12 09:54:02 +01:00
github-actions[bot]
343b7b1c8b Post-release preparation for codeql-cli-2.11.6 2022-12-11 18:15:04 +00:00
github-actions[bot]
0b2fb4f70a Release preparation for version 2.11.6 2022-12-10 15:49:35 +00:00
Asger F
387a673c10 Merge pull request #11567 from asgerf/js/data-extensions2 
JS: Move MaD models to data extensions
 2022-12-09 10:09:24 +01:00
Chris Smowton
49bc524fd0 Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main 2022-12-08 11:12:30 +00:00
Alvaro Muñoz
38b2f537d4 Use ReplyCall.super syntax instead of this.(ReplyCall) 2022-12-07 16:39:07 +01:00
Asger F
fcdb2fa03f JS: Remove MaD models from .qll files 2022-12-07 11:35:13 +01:00
Asger F
d8e566a50e Add data-extension files 2022-12-07 11:35:13 +01:00
Asger F
5af1b367c7 Support data extensions 2022-12-07 11:35:05 +01:00
Alvaro Muñoz
af015d3d30 restoring previous casts to avoid super type ambiguity 2022-12-07 10:39:58 +01:00
Alvaro Muñoz
407df37a74 Add feedback from Code review 2022-12-07 10:36:44 +01:00
Alvaro Muñoz
3e92b4c596 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-07 10:29:29 +01:00
Asger F
afe7872838 Merge pull request #11565 from asgerf/js/rephined-variable-in-access-path 
JS: handle rephined variable in access path
 2022-12-07 09:26:38 +01:00
Asger F
80777b8c50 JS: handle rephined variables in local access paths 2022-12-05 15:11:50 +01:00
Erik Krogh Kristensen
6b9cab23d4 Merge pull request #11248 from erik-krogh/js-redosMod 
JS: use the shared regex pack
 2022-12-05 14:48:37 +01:00
Asger F
6bffb11749 Merge pull request #11253 from asgerf/merge-package-type-columns 
Dynamic: Merge package and type columns
 2022-12-05 10:57:21 +01:00
github-actions[bot]
5e35785fd0 Post-release preparation for codeql-cli-2.11.5 2022-12-02 11:37:44 +00:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
github-actions[bot]
31ab22e3a0 Release preparation for version 2.11.5 2022-12-01 20:05:14 +00:00
Asger F
eb9bee23a0 JS: Remove MkAsyncFunctionResult 2022-12-01 15:15:27 +01:00
Asger F
76afc2dcc3 JS: Fix formatting and rephrase comment 2022-11-28 14:00:43 +01:00
Asger F
e99571baae Update javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-28 11:45:08 +01:00
Asger F
5a51d718c6 Update some comments referring to the package column 2022-11-23 14:44:03 +01:00
erik-krogh
2eb6b1adb3 JS: fix two typos 2022-11-23 14:38:12 +01:00
Asger F
2e3413c9b8 JS: Merge package/type columns 2022-11-23 11:17:42 +01:00
Erik Krogh Kristensen
f67219965e Merge pull request #11082 from erik-krogh/shellArr 
JS: treat arrays that gets executed with shell:true as a sink for `js/shell-command-constructed-from-input`
 2022-11-22 13:03:50 +01:00
Erik Krogh Kristensen
b2267c0e49 Merge pull request #11343 from erik-krogh/redundantAssignment 
QL: add redundant-assignment query
 2022-11-22 13:03:14 +01:00
Erik Krogh Kristensen
06386b2cdd Merge pull request #11072 from erik-krogh/slicing 
JS: poly-redos: don't sanitize calls through substring calls that just remove the start
 2022-11-22 13:02:09 +01:00
erik-krogh
6b5cd9abc3 use RegExpTreeView insteaed of RegexTreeView in JS 2022-11-22 12:55:48 +01:00
erik-krogh
f9b775e4b8 do private imports of the deprecated Dep modules 2022-11-22 12:39:56 +01:00
Edoardo Pirovano
6c33ddcd47 Merge pull request #11349 from github/edoardo/2.11.4-mergeback 
Merge `rc/3.8` into `main`
 2022-11-21 18:08:27 +00:00
erik-krogh
64707f4f7b remove redundant assignments 2022-11-21 17:45:05 +01:00
github-actions[bot]
5b14ebf22a Post-release preparation for codeql-cli-2.11.4 2022-11-18 11:26:00 +00:00