Napalys
af567b49fb
Simplified SuperAgentUrlRequest.
2025-03-20 12:10:37 +01:00
Napalys
539e2ef558
Added support for superagent.agent().
2025-03-20 12:09:31 +01:00
Napalys
cdf4f5395f
Enhance SuperAgent URL request handling for both method calls and direct calls
2025-03-20 12:09:26 +01:00
Napalys
2e1734eeba
Added support for del function in superagent
2025-03-20 12:01:18 +01:00
Chris Smowton
9a2a13ed55
Merge remote-tracking branch 'origin/main' into smowton/admin/merge-rc317-into-main
2025-03-19 16:01:29 +00:00
Napalys
cb18408502
Added data as model for ApolloServer.
2025-03-19 13:36:06 +01:00
Asger F
1324c11044
Merge pull request #19012 from asgerf/js/api-graph-array-element
...
JS: Make API graphs use steps from summaries
2025-03-18 18:03:43 +01:00
Napalys
922a07d01e
Added underscore.string clearsContent.
...
Co-authored-by: Asgerf <asgerf@github.com >
2025-03-18 12:58:19 +01:00
Asger F
53ba588993
JS: Use ArrayElement instead of AnyMember
...
The use of AnyMember was a workaround until the bugfix in this PR landed.
2025-03-18 09:26:02 +01:00
Napalys
8b431dc0e7
Added change note.
2025-03-17 19:10:12 +01:00
Napalys
2c7562d875
Removed value from modeling its return value as Wrapper class, since it return simple string.
2025-03-17 19:08:43 +01:00
Napalys
d8e6d76b0e
Added modeling for tap function.
2025-03-17 19:07:02 +01:00
Napalys
fc6b779a4b
Added modeling for aliases.
2025-03-17 18:33:14 +01:00
Napalys
3a83c8d1fd
Added modeling for extra chaining function from underscore.string.
2025-03-17 18:06:26 +01:00
Napalys
ca9ae8a58d
Added chaining modeling for underscore.string package.
2025-03-17 14:46:07 +01:00
Napalys
b59b9c86e4
Added modeling underscore.string of function which contain multiple sources points.
2025-03-17 14:46:01 +01:00
github-actions[bot]
51cdeefafb
Post-release preparation for codeql-cli-2.20.7
2025-03-17 13:00:41 +00:00
Asger F
1516029cf5
JS: Avoid generating ArrayElement edges for extend-like patterns
2025-03-17 13:48:27 +01:00
Asger F
125e732c4c
JS: Fix bad join order
2025-03-17 13:44:33 +01:00
github-actions[bot]
2d64a618e6
Release preparation for version 2.20.7
2025-03-17 12:15:54 +00:00
Napalys
6b105b2f49
Added modeling underscore.string array to string functions.
2025-03-17 12:55:53 +01:00
Napalys
30623cd953
Added modeling of underscore.string for str to array.
2025-03-17 12:52:56 +01:00
Napalys
9bca863e38
Added modeling of underscore.string string to string functions.
2025-03-17 12:50:41 +01:00
Napalys Klicius
749a0560b4
Merge pull request #19027 from Napalys/js/escape
...
JS: Add support for `escape`
2025-03-17 10:48:44 +01:00
Napalys Klicius
478e32cbe5
Update javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
...
Co-authored-by: Asger F <asgerf@github.com >
2025-03-17 10:17:39 +01:00
Asger F
cd3909245d
JS: Bugfix in Array constructor summary
2025-03-14 23:08:22 +01:00
Asger F
ab74898bbb
JS: Deprecate getUnknownMember() and replace its uses with getArrayElement()
...
Although they mean slightly different things, every single call site
of getUnknownMember() just used it as a way to get array elements.
Since there is no known use-case for the original meaning of
getUnknownMember() I am deprecating it for now.
2025-03-14 23:08:19 +01:00
Asger F
4c1c0b79a6
JS: Make API-graphs use Content internally, and use steps from flow summaries
2025-03-14 23:08:16 +01:00
Napalys
4a691b778b
Added escape as UriEncodingSanitizer
2025-03-14 14:53:21 +01:00
Napalys
37e02e4261
Added escape as StringManipulationTaintStep.
2025-03-14 14:49:45 +01:00
Napalys
4c77ee2f4f
Added change note.
2025-03-14 14:27:14 +01:00
Napalys
933f3c6f77
Refactor Tanstack integration: remove Tanstack framework and added model as data for it instead.
2025-03-14 13:52:05 +01:00
Napalys
d40ef0ddae
Changed from taint to value steps.
...
Co-authored-by: Asgerf <asgerf@github.com >
2025-03-14 13:48:15 +01:00
Napalys
dc262236f4
Enhance taint tracking by including escape and unescape in TaintedPath customizations.
2025-03-14 11:43:22 +01:00
Napalys Klicius
908f48a22f
Merge branch 'main' into js/vue_tanstack_model
2025-03-14 10:45:42 +01:00
Asger F
9a8cb1a55b
Merge pull request #19007 from asgerf/js/api-graph-awaited-return
...
JS: Fix bug in API graphs getPromised() missing async function returns
2025-03-14 10:36:16 +01:00
Napalys
0df2069575
Added change note.
2025-03-13 13:47:46 +01:00
Napalys
de5c7efd63
Added test case for unescape.
2025-03-13 13:47:42 +01:00
Asger F
08ee51cbc4
JS: Move some promise-related store steps into PromiseFlow::storeStep
...
API graphs calls PromiseFlow::storeStep to propagate promises, which means it missed a store steps added elsewhere in the old promise library model.
We want API graphs to rely on type-tracking steps in general, like in Ruby, but for now just fixing the bug.
2025-03-13 12:53:04 +01:00
Napalys
5dff23de6b
Added change note.
2025-03-13 12:45:27 +01:00
Napalys
3640e5e425
Added model for tanstack-react useQueries
2025-03-13 12:45:26 +01:00
Napalys
6c9aa0e872
Added modeling of tanstack-vue useQueries.
2025-03-13 12:45:23 +01:00
Napalys
0c0158899e
Added tanstack-vue useQuery modeling
2025-03-13 12:25:07 +01:00
Napalys Klicius
40903a9643
Merge pull request #18975 from Napalys/js/tanstack_angular
...
JS: Update Angular Client Request's with API graph and `Tanstack` Angular modeling
2025-03-12 15:30:26 +01:00
Napalys
f867e0fae8
Added angular-query so when it is released it would be still modeled.
2025-03-12 14:00:44 +01:00
Napalys Klicius
bf24f7794f
Update javascript/ql/lib/change-notes/2025-03-11-tanstack-angular.md
...
Co-authored-by: Asger F <asgerf@github.com >
2025-03-12 13:58:09 +01:00
Napalys Klicius
86bd3b8d26
Merge pull request #18986 from Napalys/js/remove_dedundant_stats
...
JS: Removed auto generated stats file
2025-03-12 12:51:26 +01:00
Napalys
8a8defd48f
Removed redundant stats file genarated from check-db-upgrades-javascript
2025-03-12 11:57:27 +01:00
Napalys
09986bc26c
Added change note.
2025-03-12 11:54:57 +01:00
Napalys
770920e738
Add new model configuration for @tanstack/angular-query-experimental.
2025-03-12 11:54:55 +01:00
