codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Author	SHA1	Message	Date
Stephan Brandauer	9825136e58	add support for the 'node:' prefix for importing internal modules	2022-01-25 10:55:34 +01:00
Stephan Brandauer	35cc5ff0e2	Merge pull request #7715 from kaeluka/recognize-fs-extra-path-args JS: add a predicate to recognize path arguments in calls to the fs-extra lib	2022-01-25 09:36:59 +01:00
CodeQL CI	8d1e22bc38	Merge pull request #7632 from erik-krogh/CWE-862 Approved by esbena, felicitymay	2022-01-24 12:47:16 -08:00
Erik Krogh Kristensen	d4bac887cf	add a js/samesite-none-cookie cookie	2022-01-24 21:39:41 +01:00
Stephan Brandauer	02db472209	consistent notation	2022-01-24 10:58:06 +01:00
Stephan Brandauer	8be58fe01e	Fix comment to avoid summarizing implementation Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2022-01-24 10:47:28 +01:00
Stephan Brandauer	b277731312	add a predicate to recognize path arguments in calls to the fs-extra lib	2022-01-24 09:40:22 +01:00
Erik Krogh Kristensen	a235f8f023	remove redundant inline type casts	2022-01-21 11:46:33 +01:00
Erik Krogh Kristensen	f500bccbe4	add explicit this to member call	2022-01-21 11:46:33 +01:00
CodeQL CI	b02f1c87a1	Merge pull request #7679 from erik-krogh/ql-doc-style Approved by esbena	2022-01-20 23:43:44 -08:00
CodeQL CI	2287b6e549	Merge pull request #7675 from erik-krogh/move-url-sink-to-customizations Approved by esbena	2022-01-20 23:43:15 -08:00
Erik Krogh Kristensen	15c1ce722a	Merge pull request #7678 from erik-krogh/use-set JS: use more set literals	2022-01-20 21:03:48 +01:00
Erik Krogh Kristensen	3155114e36	use more set literals	2022-01-20 16:06:34 +01:00
Erik Krogh Kristensen	5780161b2c	fix most issues found by ql/class-doc-style in JS	2022-01-20 15:10:16 +01:00
Erik Krogh Kristensen	7167e856fe	move electron sink to the customizations file	2022-01-20 14:07:23 +01:00
Erik Krogh Kristensen	548fb47603	JS: move ExternalArtifact.qll into lib/ folder to fix ql/db-type-outside-core	2022-01-20 14:00:57 +01:00
github-actions[bot]	ab218421da	Post-release preparation for codeql-cli-2.7.6	2022-01-20 12:59:20 +00:00
Erik Krogh Kristensen	4e8e3a7420	simplify expressions that could be type-casts	2022-01-20 10:41:35 +01:00
Erik Krogh Kristensen	b8f1fb3954	JS: fix ql/field-only-used-in-charpred within JavaScript	2022-01-20 09:41:13 +01:00
github-actions[bot]	4ce8ccc52b	Release preparation for version 2.7.6	2022-01-20 08:21:18 +00:00
Erik Krogh Kristensen	ef2eacebce	add a js/empty-password-in-configuration-file query	2022-01-19 10:48:45 +01:00
Erik Krogh Kristensen	b7a0b8765e	add js/http-dependency query	2022-01-19 10:05:39 +01:00
Erik Krogh Kristensen	2433eafef2	add query for detecting insecure temprary files	2022-01-18 14:54:56 +01:00
Andrew Eisenberg	fbb5d7196f	Merge branch 'main' into post-release-prep/codeql-cli-2.7.5	2022-01-14 08:23:43 -08:00
Ian Lynagh	22dc24629f	Fix a couple of typos: clases / clasess	2022-01-14 14:28:29 +00:00
Andrew Eisenberg	4ffd8c62ac	Merge pull request #7579 from github/aeisenberg/changenote-upgrades-removal Changenotes: Add changenotes for upgrades refactoring	2022-01-13 09:09:06 -08:00
Asger Feldthaus	708408a458	JS: Recognize "sql" option as a query string	2022-01-13 13:04:41 +01:00
Stephan Brandauer	40ad88ba53	Merge pull request #7474 from kaeluka/db-reads-as-taint-sources JS: DB reads as taint sources	2022-01-13 12:06:48 +01:00
Erik Krogh Kristensen	89bab6ae12	Merge pull request #7097 from erik-krogh/railsReDoS JS/PY/RB: support a limited number of ranges for ReDoS analysis	2022-01-13 11:04:36 +01:00
Stephan Brandauer	93507a2d71	combine two implementations for database-accesses as remote flow sources	2022-01-13 10:53:58 +01:00
Stephan Brandauer	63aaf24063	base implementation of Sequelize model on models-as-data	2022-01-13 09:41:25 +01:00
Andrew Eisenberg	e435a3e9c3	Changenotes: Add changenotes for upgrades refactoring	2022-01-12 11:36:31 -08:00
Stephan Brandauer	09a28c428c	base implementation of Spanner model on models-as-data	2022-01-12 17:07:16 +01:00
github-actions[bot]	8a2d92badc	Post-release preparation for codeql-cli-2.7.5	2022-01-12 13:28:43 +00:00
Andrew Eisenberg	07228672df	Merge branch 'main' into aeisenberg/remove-upgrades	2022-01-11 11:25:27 -08:00
Stephan Brandauer	132e0bf4b7	add database accesses as additional (heuristic) remote flow sources	2022-01-11 11:38:41 +01:00
Erik Krogh Kristensen	f7a63d5ea0	remove duplicated line	2022-01-07 18:38:02 +01:00
Erik Krogh Kristensen	1a8b6d7414	recognize ranges without upper bounds	2022-01-07 18:38:01 +01:00
Erik Krogh Kristensen	acaf294bee	support a limited number of regexp ranges	2022-01-07 18:36:30 +01:00
Asger F	c9fcdb8261	Apply suggestions from code review Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2022-01-06 11:51:27 +01:00
Asger Feldthaus	a7698b8727	JS: Fix double space	2022-01-05 14:35:02 +01:00
Asger Feldthaus	486beda2fa	JS: Factor out common regexp in AccessPathToken	2022-01-05 14:35:02 +01:00
Asger Feldthaus	21928bee6c	JS: Rename padded -> inversePad	2022-01-05 14:35:01 +01:00
Asger Feldthaus	1989d51942	JS: Update documentation in Impl.qll	2022-01-05 14:35:01 +01:00
Asger Feldthaus	3ced5c9269	JS: Resolve first N tokens instead of constructing each prefix	2022-01-05 14:35:01 +01:00
Asger Feldthaus	772681d249	JS: Initial support for models as data	2022-01-05 14:34:52 +01:00
Dave Bartolomeo	83ceb822aa	Move upgrades into standard library packs Move upgrade to new location Remove incorrectly merged files Fix upgrades section	2022-01-04 11:30:25 -08:00
github-actions[bot]	1dfcf427aa	Release preparation for version 2.7.5	2022-01-04 14:44:56 +00:00
Erik Krogh Kristensen	b9964799f3	Merge pull request #7458 from erik-krogh/modelling QL: add "modelling/modeling" to `ql/non-us-spelling`	2022-01-04 13:33:54 +01:00
Dave Bartolomeo	ded3c52a34	Merge pull request #7407 from github/post-release-prep/codeql-cli-2.7.4 Post-release preparation for codeql-cli-2.7.4	2022-01-03 17:09:58 -05:00

... 51 52 53 54 55 ...

2928 Commits