hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

2955 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
6b9cab23d4 Merge pull request #11248 from erik-krogh/js-redosMod 
JS: use the shared regex pack
 2022-12-05 14:48:37 +01:00
Asger F
6bffb11749 Merge pull request #11253 from asgerf/merge-package-type-columns 
Dynamic: Merge package and type columns
 2022-12-05 10:57:21 +01:00
github-actions[bot]
5e35785fd0 Post-release preparation for codeql-cli-2.11.5 2022-12-02 11:37:44 +00:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
github-actions[bot]
31ab22e3a0 Release preparation for version 2.11.5 2022-12-01 20:05:14 +00:00
Asger F
eb9bee23a0 JS: Remove MkAsyncFunctionResult 2022-12-01 15:15:27 +01:00
Asger F
76afc2dcc3 JS: Fix formatting and rephrase comment 2022-11-28 14:00:43 +01:00
Asger F
e99571baae Update javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-28 11:45:08 +01:00
Asger F
5a51d718c6 Update some comments referring to the package column 2022-11-23 14:44:03 +01:00
erik-krogh
2eb6b1adb3 JS: fix two typos 2022-11-23 14:38:12 +01:00
Asger F
2e3413c9b8 JS: Merge package/type columns 2022-11-23 11:17:42 +01:00
Erik Krogh Kristensen
f67219965e Merge pull request #11082 from erik-krogh/shellArr 
JS: treat arrays that gets executed with shell:true as a sink for `js/shell-command-constructed-from-input`
 2022-11-22 13:03:50 +01:00
Erik Krogh Kristensen
b2267c0e49 Merge pull request #11343 from erik-krogh/redundantAssignment 
QL: add redundant-assignment query
 2022-11-22 13:03:14 +01:00
Erik Krogh Kristensen
06386b2cdd Merge pull request #11072 from erik-krogh/slicing 
JS: poly-redos: don't sanitize calls through substring calls that just remove the start
 2022-11-22 13:02:09 +01:00
erik-krogh
6b5cd9abc3 use RegExpTreeView insteaed of RegexTreeView in JS 2022-11-22 12:55:48 +01:00
erik-krogh
f9b775e4b8 do private imports of the deprecated Dep modules 2022-11-22 12:39:56 +01:00
Edoardo Pirovano
6c33ddcd47 Merge pull request #11349 from github/edoardo/2.11.4-mergeback 
Merge `rc/3.8` into `main`
 2022-11-21 18:08:27 +00:00
erik-krogh
64707f4f7b remove redundant assignments 2022-11-21 17:45:05 +01:00
github-actions[bot]
5b14ebf22a Post-release preparation for codeql-cli-2.11.4 2022-11-18 11:26:00 +00:00
erik-krogh
3635db8244 JS: delete the deprecated [queryName].qll files 2022-11-17 22:12:50 +01:00
erik-krogh
635b8772d7 JS: delete old deprecations 2022-11-17 22:12:50 +01:00
github-actions[bot]
e105c13e77 Release preparation for version 2.11.4 2022-11-17 16:40:45 +00:00
Mauro Baluda
a7dc29bad4 Merge branch 'main' into main 2022-11-16 23:53:16 +01:00
Mauro Baluda
49f476d3b4 Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 23:53:07 +01:00
erik-krogh
76c6943159 add stats for @satisfies_expr 2022-11-16 13:48:41 +01:00
Mauro Baluda
8bf0bbb715 code generalization 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 12:06:23 +01:00
Mauro Baluda
798b03f29d code generalization 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 12:06:07 +01:00
Mauro Baluda
784475dd66 Merge branch 'main' into main 2022-11-16 11:06:27 +01:00
erik-krogh
1f90f7dd4d add upgrade script 2022-11-15 22:07:25 +01:00
erik-krogh
e98d1df5f4 add dataflow support 2022-11-15 22:07:25 +01:00
erik-krogh
75ef5b1b0b add support for satisfies-expressions 2022-11-15 22:07:24 +01:00
erik-krogh
30c66303ba initial skeleton for TypeScript 4.9 2022-11-15 22:07:24 +01:00
erik-krogh
e4dbf0acff use instead of a fixed version number 2022-11-15 17:14:38 +01:00
erik-krogh
39938b4dad add change-note 2022-11-15 17:14:38 +01:00
erik-krogh
e18ceba49e port the JS regex/redos queries to use the shared pack 2022-11-15 17:14:38 +01:00
erik-krogh
031a910989 add a JS implementation of RegexTreeViewSig 2022-11-15 17:14:38 +01:00
erik-krogh
4a2472a078 add hasLocationInfo predicate to regexp terms 2022-11-15 17:14:37 +01:00
erik-krogh
e928777cb7 add codeql/regex as a dependency 2022-11-15 17:14:37 +01:00
Mauro Baluda
8109a7b67a Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-15 16:27:21 +01:00
Mauro Baluda
e5e3bb3705 Generalize the server definition in plugin registration 2022-11-15 16:27:14 +01:00
Mauro Baluda
563a56af9d Update Hapi.qll 2022-11-15 15:46:34 +01:00
Mauro Baluda
5ea03b1ded Update Hapi.qll 
Add `server` definitions in plugin registration and plugin dependency declaration
 2022-11-14 22:56:06 +01:00
Mauro Baluda
25ac3499c2 Merge branch 'github:main' into main 2022-11-11 11:20:01 +01:00
Erik Krogh Kristensen
90382c4d1c Merge pull request #11178 from erik-krogh/passcode 
JS/RB/PY: Recognize `passcode` as sensitive
 2022-11-10 17:58:34 +01:00
Mauro Baluda
53f1985e77 Merge branch 'github:main' into main 2022-11-10 13:27:20 +01:00
Michael Nebel
9c6875ec0f Merge pull request #10777 from michaelnebel/csharp/generatedataextensions 
C#: Generate data extension files
 2022-11-10 13:08:31 +01:00
Mauro Baluda
ee02265ac2 Add property params to RequestInputAccess 2022-11-10 12:24:39 +01:00
Erik Krogh Kristensen
c537c80ed6 Merge pull request #11095 from erik-krogh/exportRead 
JS: recognize more re-exported values as exported
 2022-11-09 12:39:41 +01:00
erik-krogh
23add8a72b recognize passcode as sensitive 2022-11-09 11:30:57 +01:00
Erik Krogh Kristensen
138a16f0b3 use getImportedModuleNode() 
Co-authored-by: Asger F <asgerf@github.com>
 2022-11-09 09:53:23 +01:00