hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,000 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.3
Commit Graph

11357 Commits

Author SHA1 Message Date
Asger F
6499e5458b JS: Restore line lost in merge 
'Accept incoming changes' in vscode somehow deleted this line.
 2025-03-11 13:19:29 +01:00
Asger F
e8c5e4d006 Merge branch 'main' into js/test-suite 2025-03-11 13:17:08 +01:00
Napalys Klicius
a4f2264f17 Merge pull request #18899 from Napalys/js/ecma-2024-regex 
JS: Add ECMAScript 2024 `v` Flag Operators for Regex Parsing
 2025-03-11 12:50:44 +01:00
Napalys
c001435258 Refactor Angular2 API to use httpClientApiNode for HttpClient method calls 2025-03-11 12:32:24 +01:00
Napalys Klicius
a900f2cea4 Update javascript/ql/lib/change-notes/2025-03-03-regex-v.md 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-11 11:57:28 +01:00
Napalys Klicius
3191b2c6fc Update javascript/extractor/src/com/semmle/js/parser/RegExpParser.java 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-03-11 09:40:24 +01:00
Napalys Klicius
7c9edff33c Merge pull request #18964 from Napalys/js/mark_down_table 
JS: Refactor `markdown-table` library modeling
 2025-03-11 09:02:56 +01:00
Asger F
b583e52a87 Merge pull request #18962 from asgerf/js/local-type-indirection 
JS: Unfold local type aliases in getAnUnderlyingType
 2025-03-11 08:54:03 +01:00
Napalys
08c07f815f Improved documentation, removed union fram change note. 2025-03-11 08:30:17 +01:00
Napalys Klicius
1ad8b4677d Update javascript/ql/lib/change-notes/2025-03-10-js-refactor-markdown-table.md 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-11 08:07:49 +01:00
Erik Krogh Kristensen
e6884cf705 Merge pull request #18959 from erik-krogh/faster-routing 
JS: ensure the result from getPathFromFork is unique (to avoid a blowup)
 2025-03-10 21:45:14 +01:00
Asger F
73c0a93fc4 Merge pull request #18963 from asgerf/js/disable-tainted-nodes 
JS: Remove TaintedNodes.ql from default meta query suite
 2025-03-10 20:49:46 +01:00
Napalys
4a365857f1 Added change note. 2025-03-10 19:40:41 +01:00
Napalys
13c701948a Refactor Markdown taint steps and update expected results for reflected XSS tests 2025-03-10 19:27:36 +01:00
Erik Krogh Kristensen
b945466b9f Merge pull request #18892 from asgerf/js/membership-regexp-test 
JS: Sharpen up EnumerationRegExp
 2025-03-10 16:21:54 +01:00
Asger F
4d02993efa JS: Remove TaintedNodes.ql from default meta query suite 2025-03-10 16:15:13 +01:00
Asger F
f7d2abf3e3 JS: Unfold local type aliases in getAnUnderlyingType 2025-03-10 16:09:16 +01:00
Asger F
91e9b23cf7 JS: Add test showing FN source 2025-03-10 16:08:55 +01:00
Asger F
08c9f6fa1e Merge pull request #18798 from erik-krogh/ts58 
JS: upgrade TypeScript to 5.8
 2025-03-10 14:48:03 +01:00
Asger F
0f201d2070 JS: Line number changes in redos test case 2025-03-10 14:36:49 +01:00
Asger F
d84368eb54 Merge pull request #18858 from Napalys/js/react-relay 
JS: React-relay support
 2025-03-10 14:33:23 +01:00
Asger F
75ed0d0b46 JS: Remove duplicate '$ Alert' in libxml test 2025-03-10 14:23:44 +01:00
Asger F
6a47678b60 JS: Fix broken alert comment in HeterogenousComparison 2025-03-10 14:23:43 +01:00
Asger F
c88eac486a JS: Remove stray $ Alert comment inside a doc comment 2025-03-10 14:23:42 +01:00
Asger F
0df893e280 JS: Remove blank lines and add trailing newline 2025-03-10 14:23:40 +01:00
Asger F
6fe3a368eb JS: Remove blank line and add trailing newline to file 2025-03-10 14:23:39 +01:00
Asger F
b9dd594d69 JS: Remove blank lines 2025-03-10 14:23:38 +01:00
Asger F
f7532c09e6 JS: Remove blank line 2025-03-10 14:23:37 +01:00
Asger F
122f68e525 Update javascript/ql/test/query-tests/Security/CWE-400/ReDoS/polynomial-redos.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:22:22 +01:00
Asger F
8ee5b237e2 Update javascript/ql/test/query-tests/Security/CWE-730/server-crash.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:21:46 +01:00
Asger F
92dfdc8194 Update javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/UnsafeHtmlExpansion.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:33 +01:00
Asger F
21d42bcd21 Update javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/exception-xss.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:01 +01:00
Asger F
dad4838d3b Update javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/tst.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:42 +01:00
Asger F
017f458534 Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:22 +01:00
Asger F
24c9b2ef9b Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:02 +01:00
Napalys
9c8e0a5537 Applied changes from comments. 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 13:29:05 +01:00
erik-krogh
b70643b1a1 ensure the result from getPathFromFork is unique (to avoid a blowup) 2025-03-10 12:53:51 +01:00
Napalys
d077d6807a Applied changes from comments 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 12:24:45 +01:00
Napalys
f48eab903f Add RegExpSubtraction class to support subtraction terms in regex 2025-03-10 11:18:10 +01:00
Napalys
8cbc0aea05 Add RegExpQuotedString class to support quoted string escapes in regex 2025-03-10 11:18:03 +01:00
Erik Krogh Kristensen
8eb69079b7 fix typo from copy-pasted change-note 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-03-10 09:41:48 +01:00
erik-krogh
752fc64f42 bump to stable 5.8 release 2025-03-10 09:21:25 +01:00
erik-krogh
b641caa508 update TypeScript version to 5.8.1-RC 2025-03-10 09:20:29 +01:00
Napalys
e0f20b2bd1 Add RegExpIntersection class to support intersection terms in regex 2025-03-07 08:58:19 +01:00
Napalys
9cc26208d4 Add test cases for v flag operators in RegExp library-tests. 2025-03-07 08:32:10 +01:00
Napalys
c12c12c416 Added modeling for react-relay functions that retrieve data. 2025-03-06 18:30:21 +01:00
Napalys
5a1991bb69 Added test cases for react-relay functions that retrieve data 2025-03-06 18:10:27 +01:00
Napalys
0166e76cca Add change note 2025-03-06 18:10:24 +01:00
Napalys
1443f314a1 Added react-relay useFragment as threat model source. 2025-03-06 18:10:23 +01:00
Napalys
1e3b8625e6 Added a test case where useFragment from react-relay should be marked as a source but isn't 2025-03-06 18:10:21 +01:00