hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,688 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.0
Commit Graph

4844 Commits

Author SHA1 Message Date
erik-krogh
cb66d62959 add test for the new type-stuff in TS 5.2 we get for free 2023-08-24 20:30:26 +02:00
erik-krogh
dc454d3a72 add support for the new using keyword in TypeScript 2023-08-24 20:30:26 +02:00
erik-krogh
a7d92b3473 add JS support the using keyword 2023-08-24 20:30:26 +02:00
Asger F
2b540e251a Merge pull request #14007 from asgerf/js/import-path-string 
JS: Follow immediate predecessors in path resolution
 2023-08-23 15:28:22 +02:00
Asger F
c6a757e085 JS: More robust handling of cyclic aliases 2023-08-23 14:11:07 +02:00
Asger F
794a459c1b JS: Add reproduction test 2023-08-23 14:11:07 +02:00
Asger F
dec6039469 JS: Follow immediate predecessors in path resolution 2023-08-23 09:53:51 +02:00
Max Schaefer
87364137df Use more sensible validator in example. 2023-08-21 15:14:01 +01:00
erik-krogh
0bce42410a support arbitrary codepoints in NfaUtils.qll 2023-08-08 22:14:51 +02:00
erik-krogh
92db7b047c escape unicode chars in the output for the ReDoS queries 2023-08-08 00:15:54 +02:00
Asger F
213cabccc0 JS: Test with file more extensions 2023-08-04 14:24:51 +02:00
Kevin Stubbings
9f4389cbb5 Search for html.dot extension instead of dot 2023-08-04 00:55:51 -07:00
Asger F
c38cbe859d Merge pull request #13737 from asgerf/dynamic/fuzzy-models 
Dynamic: add Fuzzy token
 2023-08-03 09:58:24 +02:00
Max Schaefer
7823ff968c JavaScript: Improve query help for js/server-side-unvalidated-url-redirection. 2023-07-19 13:23:25 +01:00
Asger F
d57276ca35 Merge pull request #13719 from asgerf/js/barrier-inout 
JS: Replace barrier edges with barrier nodes
 2023-07-13 16:36:52 +02:00
Asger F
f3fab587a9 JS: Add Fuzzy token in identifying access path 2023-07-13 14:01:06 +02:00
Asger F
03bdebe3b3 JS: Update a test. 
The test had a bug on the line `src = src` so the new code is "more equivalent than usual"
 2023-07-11 15:24:09 +02:00
Asger F
944a2ca825 JS: Replace ClearTextLogging::isSanitizerEdge with a node 2023-07-11 14:20:17 +02:00
Asger F
3691b836cb JS: Add tests 2023-07-11 11:37:30 +02:00
Asger F
27085b1fd0 JS: Fix whitespace 2023-07-10 12:07:13 +02:00
Asger F
fe90146a16 JS: Add test for path.join with spread argument 2023-07-10 12:07:07 +02:00
Asger F
06bc0f6957 JS: Add test for fs/promises 2023-07-10 12:05:03 +02:00
Erik Krogh Kristensen
b2a60bf3d1 Merge pull request #13642 from erik-krogh/san-script 
JS/RB: Fix FP in incomplete-multi-character-sanitization
 2023-07-06 15:38:39 +02:00
erik-krogh
f9eee906cf fix FP by requiring that the regular expression mention on of the chars important in the prefix 2023-07-01 20:30:09 +02:00
erik-krogh
bd400be6ec add FP for incomplete-multi-char-sanitization 2023-07-01 20:28:31 +02:00
jorgectf
f1f3d8e18a Add dot.jssupport 
Co-authored-by: Kevin Stubbings <Kwstubbs@users.noreply.github.com>
 2023-06-29 19:17:37 +02:00
jorgectf
2ac334bf15 Adapt Webix modeling to support HTML use-cases 2023-06-28 15:26:30 +02:00
amammad
c7a7594821 merge all ql files into one 2023-06-27 01:56:23 +10:00
jorgectf
1e663b8889 Update HeuristicSourceCodeInjection.expected 2023-06-26 13:32:20 +02:00
amammad
8a80a734d8 fix an accident :) 2023-06-26 20:20:00 +10:00
Jorge
08b9a5e2b2 Add missing ; 2023-06-23 23:10:06 +02:00
Jorge
3c980db93a Format webix.js 2023-06-23 18:08:01 +02:00
Kevin Stubbings
3605269e13 Add webix copy function 2023-06-22 22:16:28 -07:00
amammad
307187f6c1 V1 2023-06-23 06:06:37 +10:00
jorgectf
6947e99c15 Add models for webix 
Co-authored-by: Kevin Stubbings <Kwstubbs@users.noreply.github.com>
 2023-06-22 01:07:33 +02:00
Asger F
f737054216 Merge pull request #13380 from asgerf/js/fix-sink-kind 
JS: Fix invalid source kind in test
 2023-06-14 12:56:58 +02:00
Asger F
5aea6fc16c JS: Remove dataExtensions clause from test qlpack 2023-06-14 10:42:31 +02:00
Asger F
21831516f4 JS: use test-local data extensions 2023-06-14 10:38:33 +02:00
erik-krogh
3fd9f26b52 use consistent indentation in mongoose.js 2023-06-12 16:40:42 +02:00
erik-krogh
cd6f738f72 add mongoose.Types.ObjectId.isValid as a sanitizer-guard for NoSQL injection 2023-06-12 16:38:11 +02:00
Asger F
76a8e9827e Merge pull request #13283 from asgerf/js/restrict-regex-search-function 
JS: Be more conservative about flagging "search" call arguments as regex
 2023-06-08 10:50:51 +02:00
Erik Krogh Kristensen
6ba7f9a238 Merge pull request #13352 from erik-krogh/once-again-deps-not-py-cpp 
delete old deprecations
 2023-06-07 13:00:57 +02:00
Asger F
17f9239c33 JS: Fix invalid source kind in test 2023-06-06 13:40:06 +02:00
Erik Krogh Kristensen
0e6693bdea Merge pull request #12874 from erik-krogh/ts51 
JS: Add support for TS 5.1
 2023-06-06 11:51:51 +02:00
Erik Krogh Kristensen
b78cd48954 Merge pull request #13329 from erik-krogh/sqlhelp 
JS: improve the sql-injection help page
 2023-06-06 08:44:44 +02:00
Erik Krogh Kristensen
219ec9d05d Merge pull request #13127 from erik-krogh/polReDoS 
ReDoS: revert new superlinear algorithm.
 2023-06-02 16:10:24 +02:00
erik-krogh
3584e85fe8 JS: fix tutorial 2023-06-02 11:58:08 +02:00
erik-krogh
44b6366586 delete old deprecations 2023-06-02 11:58:08 +02:00
erik-krogh
1b44b59842 add stress test 2023-06-01 23:20:23 +02:00
erik-krogh
97afa5733b add support for namespaced JSX attributes 2023-06-01 21:52:14 +02:00