hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

2928 Commits

Author SHA1 Message Date
Asger F
f64bdccd6d Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-03-31 15:30:59 +02:00
Napalys Klicius
4572376e9a Merge pull request #19143 from Napalys/js/fs-extra-missing 
JS: Modeling of `fs-extra` functions
 2025-03-31 10:35:45 +02:00
Napalys Klicius
de8a3289e2 Merge pull request #19118 from Napalys/js/hana_db_client 
JS: support `hana` db client
 2025-03-31 10:35:11 +02:00
Napalys
d0e2aa8192 Added sources from hana db as MaD. 2025-03-28 14:55:17 +01:00
Napalys
f3af23e855 Refactored hana's DB client to use GuardedRouteHandler, improving precision. 2025-03-28 13:58:37 +01:00
Napalys Klicius
f7264d82d4 Merge branch 'main' into js/hana_db_client 2025-03-28 13:21:15 +01:00
Napalys
769fe75d82 Added change note. 2025-03-28 13:07:24 +01:00
Napalys
495af56ab5 Added NodeJSFileSystemVectorWrite class for vectored write. 2025-03-28 13:07:23 +01:00
Napalys
e63e170ac2 Added support for readv and readvSync functions in NodeJSFileSystemAccessRead class . 2025-03-28 13:07:20 +01:00
Anders Schack-Mulligen
5a986f5327 SSA: Remove empty predicates and dead code. 2025-03-28 12:00:38 +01:00
Anders Schack-Mulligen
d8e14a6b55 JS: Add ssaDefHasSource. 2025-03-28 11:57:29 +01:00
Anders Schack-Mulligen
0c74f21107 Merge pull request #19044 from aschackmull/ssa/useuse-trim 
Ssa: Trim the use-use relation to skip irrelevant nodes
 2025-03-28 11:55:34 +01:00
Asger F
7904db0f9a Merge pull request #19132 from asgerf/js/guarded-route-handler-token 
JS: Add GuardedRouteHandler access path component
 2025-03-28 10:47:10 +01:00
Asger F
951b48adfe Revert "JS: Add bogus model for testing" 
This reverts commit 2460874f47.
 2025-03-28 09:24:49 +01:00
Asger F
b834ffe246 JS: Fix a bad join order 2025-03-28 09:14:40 +01:00
Asger F
1ad471cb32 JS: Track through spread/rest params in API graphs 2025-03-28 09:14:36 +01:00
Napalys
e1bf054056 Added support for lutimes, opendir, and statfs functions from fs-extra. 2025-03-28 08:37:30 +01:00
Napalys
55c74b2bac Added support for emptydir functions from fs-extra. 2025-03-28 08:37:28 +01:00
Napalys
e386448f60 Added support for missing rm functions from fs-extra 2025-03-28 08:37:22 +01:00
Napalys
7a08f32e16 Added support for cp functions from fs-extra. 2025-03-28 08:36:26 +01:00
Asger F
2460874f47 JS: Add bogus model for testing 2025-03-27 20:13:27 +01:00
Napalys Klicius
32369dab7d Merge pull request #19124 from Napalys/js/hapi_upgrade 
JS: Support for newer version of `Hapi` - `@hapi/hapi`
 2025-03-27 16:42:51 +01:00
Asger F
ed50343cc2 Merge pull request #19077 from asgerf/js/jsdoc-name-tokens 
JS: Separate JSDoc qualified names into individual identifiers
 2025-03-27 14:22:11 +01:00
Asger F
13d2453a45 JS: Add GuardedRouteHandler access path component 2025-03-27 13:59:41 +01:00
Napalys Klicius
e69929ebc6 Update javascript/ql/lib/change-notes/2025-03-26-hana-db-client.md 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-03-27 13:01:09 +01:00
Napalys Klicius
fdea22fbc3 Merge pull request #19129 from Napalys/js/readfile_async 
JS: Add support for `async` `readFile`
 2025-03-27 12:34:39 +01:00
Asger F
441ca1c862 JS: Change compatibility of upgrade script to partial 2025-03-27 11:54:01 +01:00
Asger F
cccea919b4 JS: Update stats file 2025-03-27 11:52:10 +01:00
Asger F
02ee8cfe2d JS: Add upgrade script 2025-03-27 11:51:27 +01:00
Asger F
50202d574f JS: Update some deprecated calls to getName() 2025-03-27 11:51:24 +01:00
Asger F
6868f66108 JS: Restrict size of hasNameParts 
Test updates look OK. Some intermediate results are omitted but the
qualified name of the final type names are still present.
 2025-03-27 11:51:20 +01:00
Asger F
3a6089740e JS: Separate JSDoc qualified names into individual identifiers 2025-03-27 11:51:14 +01:00
Napalys Klicius
d771a91c9c Update javascript/ql/lib/change-notes/2025-03-26-async-fileRead.md 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-03-27 10:21:23 +01:00
Napalys
bf9a21fce2 Added change note 2025-03-26 14:27:13 +01:00
Napalys
200bf391ce Enhance NodeJSLib data flow handling through await. 2025-03-26 14:24:52 +01:00
Napalys
a78e0e914f Added change note. 2025-03-26 11:45:25 +01:00
Napalys
ae645e49ba Added support for @hapi/hapi server. 2025-03-26 11:41:11 +01:00
Napalys
62ab7f50d6 Added change note. 2025-03-26 09:33:59 +01:00
Napalys
4cdc40d115 Added SQL injection detection for exec method embeded Express client from hdbext. 2025-03-25 18:39:54 +01:00
Napalys
7cc0634f57 Added createProcStatement as potential sql sink. 2025-03-25 14:50:38 +01:00
Napalys
0285cb6c7a Added @sap/hdbext.loadProccedure as sql sink. 2025-03-25 14:48:40 +01:00
Napalys
e595def8b0 Modeled execute as potential hana's sink. 2025-03-25 14:44:37 +01:00
Napalys
d28af9508a Added sink models for hana's client prepare function. 2025-03-25 14:42:27 +01:00
Napalys
9229962096 Add sink model for SQL injection detection in exec clients. 2025-03-25 14:36:13 +01:00
Anders Schack-Mulligen
d5d0274ce7 Java/SSA: Keep proper distinction between cached stages. 2025-03-25 13:43:55 +01:00
Napalys Klicius
0689cf7f5e Update javascript/ql/lib/ext/axios.model.yml 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-25 10:56:01 +01:00
Napalys
9dcfe0e709 Added change note. 2025-03-25 10:55:44 +01:00
Napalys
1ee3fde214 Added support for axios.interceptors.response. 2025-03-25 10:55:34 +01:00
Napalys
10498bbaa4 Added support for axios.interceptors.request. 2025-03-25 10:54:56 +01:00
Napalys
a3c84d9feb Added support for axios.create. 2025-03-25 10:45:09 +01:00