hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

11808 Commits

Author SHA1 Message Date
Asger F
2c40359143 JS: Change note 2025-04-02 14:12:07 +02:00
Asger F
30a9cd7c8a JS: Include document as a DOM value 2025-04-02 14:09:52 +02:00
Asger F
9ebaac82cf JS: Add tests for Response object sink 2025-04-02 13:47:18 +02:00
Napalys
390d9ffe66 Added change note 2025-04-02 12:50:53 +02:00
Napalys
b16b407f89 Add rimraf model and update tests for path injection vulnerabilities 2025-04-02 12:49:48 +02:00
Napalys
14999c19da Added test cases for rimraf library. 2025-04-02 12:46:48 +02:00
Asger F
78b25388ca JS: Protect against bad join in BadRandomness 
This code resulted in bad join orders in response to certain library
changes. The actual library changes have to be split into smaller pieces
but I'd like to ensure I don't run into the bad join again.
 2025-04-02 10:14:07 +02:00
Asger F
46f88e7ce7 JS: Updates to DOM model 2025-04-02 10:14:03 +02:00
Asger F
48db2b9315 JS: Add test 2025-04-02 10:12:36 +02:00
Jon Janego
74587f0d64 Update ExprHasNoEffect.ql 
adding quality tags per metadata styleguide
 2025-04-01 18:47:52 -05:00
Asger F
887942e3e9 Merge pull request #19108 from asgerf/js/api-graph-spread-rest 
JS: Handle spread/rest in API graphs
 2025-04-01 17:48:36 +02:00
Asger F
4746cfddf2 JS: Add clarifying comment 2025-04-01 16:26:07 +02:00
Asger F
e1784bb10c JS: Fix handling of spread args on a bound function 2025-04-01 16:20:57 +02:00
github-actions[bot]
10205cb990 Post-release preparation for codeql-cli-2.21.0 2025-04-01 11:30:43 +00:00
github-actions[bot]
84f6564cc0 Release preparation for version 2.21.0 2025-03-31 17:35:15 +00:00
Arthur Baars
cd9ccef8b2 Javascript, add missing * to changenote 2025-03-31 18:45:01 +02:00
Asger F
149ec20758 JS: Add comment about internal edge 2025-03-31 15:39:09 +02:00
Asger F
f64bdccd6d Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-03-31 15:30:59 +02:00
Napalys Klicius
4572376e9a Merge pull request #19143 from Napalys/js/fs-extra-missing 
JS: Modeling of `fs-extra` functions
 2025-03-31 10:35:45 +02:00
Napalys Klicius
de8a3289e2 Merge pull request #19118 from Napalys/js/hana_db_client 
JS: support `hana` db client
 2025-03-31 10:35:11 +02:00
Asger F
ee867e99c7 Merge pull request #19117 from lcartey/lcartey/support-sap-json-formats 
JavaScript: Add support for indexing additional SAP related JSON files
 2025-03-31 10:30:11 +02:00
Napalys
32d6ac8da7 Add test case to ensure exec calls without middleware injection into Express are not flagged. 2025-03-30 14:09:15 +02:00
Napalys
45c8ec96df Added test cases for hana db additional sources. 2025-03-28 15:02:03 +01:00
Napalys
d0e2aa8192 Added sources from hana db as MaD. 2025-03-28 14:55:17 +01:00
Napalys
f3af23e855 Refactored hana's DB client to use GuardedRouteHandler, improving precision. 2025-03-28 13:58:37 +01:00
Napalys Klicius
f7264d82d4 Merge branch 'main' into js/hana_db_client 2025-03-28 13:21:15 +01:00
Napalys
75b4d1b771 Applied copilot suggestions. 2025-03-28 13:19:11 +01:00
Napalys
769fe75d82 Added change note. 2025-03-28 13:07:24 +01:00
Napalys
495af56ab5 Added NodeJSFileSystemVectorWrite class for vectored write. 2025-03-28 13:07:23 +01:00
Napalys
e0c6cbb1b7 Added test cases for writev and writevSync. 2025-03-28 13:07:21 +01:00
Napalys
e63e170ac2 Added support for readv and readvSync functions in NodeJSFileSystemAccessRead class . 2025-03-28 13:07:20 +01:00
Napalys
6e7214747c Added test cases for readv and readvSync 2025-03-28 13:07:14 +01:00
Anders Schack-Mulligen
5a986f5327 SSA: Remove empty predicates and dead code. 2025-03-28 12:00:38 +01:00
Anders Schack-Mulligen
d8e14a6b55 JS: Add ssaDefHasSource. 2025-03-28 11:57:29 +01:00
Anders Schack-Mulligen
0c74f21107 Merge pull request #19044 from aschackmull/ssa/useuse-trim 
Ssa: Trim the use-use relation to skip irrelevant nodes
 2025-03-28 11:55:34 +01:00
Asger F
7904db0f9a Merge pull request #19132 from asgerf/js/guarded-route-handler-token 
JS: Add GuardedRouteHandler access path component
 2025-03-28 10:47:10 +01:00
Asger F
951b48adfe Revert "JS: Add bogus model for testing" 
This reverts commit 2460874f47.
 2025-03-28 09:24:49 +01:00
Asger F
b834ffe246 JS: Fix a bad join order 2025-03-28 09:14:40 +01:00
Asger F
1ad471cb32 JS: Track through spread/rest params in API graphs 2025-03-28 09:14:36 +01:00
Asger F
ff99d5c688 JS: Add test for API graph through spread args 2025-03-28 09:13:06 +01:00
Napalys
e1bf054056 Added support for lutimes, opendir, and statfs functions from fs-extra. 2025-03-28 08:37:30 +01:00
Napalys
55c74b2bac Added support for emptydir functions from fs-extra. 2025-03-28 08:37:28 +01:00
Napalys
e386448f60 Added support for missing rm functions from fs-extra 2025-03-28 08:37:22 +01:00
Napalys
7a08f32e16 Added support for cp functions from fs-extra. 2025-03-28 08:36:26 +01:00
Napalys
96a550582b Added test cases for fs-extra missing features. 2025-03-28 08:26:31 +01:00
Asger F
2460874f47 JS: Add bogus model for testing 2025-03-27 20:13:27 +01:00
Napalys Klicius
32369dab7d Merge pull request #19124 from Napalys/js/hapi_upgrade 
JS: Support for newer version of `Hapi` - `@hapi/hapi`
 2025-03-27 16:42:51 +01:00
Asger F
ed50343cc2 Merge pull request #19077 from asgerf/js/jsdoc-name-tokens 
JS: Separate JSDoc qualified names into individual identifiers
 2025-03-27 14:22:11 +01:00
Asger F
13d2453a45 JS: Add GuardedRouteHandler access path component 2025-03-27 13:59:41 +01:00
Napalys Klicius
e69929ebc6 Update javascript/ql/lib/change-notes/2025-03-26-hana-db-client.md 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-03-27 13:01:09 +01:00