codeql

mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00

Author	SHA1	Message	Date
Napalys Klicius	c1b2fd86b2	Update javascript/ql/lib/semmle/javascript/frameworks/Express.qll Co-authored-by: Taus <tausbn@github.com>	2025-06-20 14:29:51 +02:00
Napalys Klicius	bca536c5b6	Merge remote-tracking branch 'origin/main' into js/quality/loop_shift	2025-06-20 11:30:20 +02:00
Napalys Klicius	8c2bda32df	Merge pull request #19776 from Napalys/js/mass_quality_promotion JS: Mass promotion of queries to `quality` status	2025-06-20 10:53:32 +02:00
Napalys Klicius	7c25bcdad1	Changed `js/duplicate-condition` to `reliability` and `correctness`	2025-06-20 08:06:03 +02:00
Napalys Klicius	aa3e9c6579	Changed `js/unreachable-statement` to `reliability` and `correctness`	2025-06-19 19:52:03 +02:00
Napalys Klicius	32dd665472	Changed `js/unused-loop-variable` to `reliability` and `correctness`	2025-06-19 19:45:20 +02:00
Napalys Klicius	4fd3ef8f1c	Changed `js/useless-assignment-in-return` to `reliability` and `correctness`	2025-06-19 19:37:13 +02:00
Napalys Klicius	4bc97326d1	Changed `js/label-in-switch` to `reliability` and `correctness`	2025-06-19 19:30:53 +02:00
Napalys Klicius	125add1e19	Changed `js/node/missing-exports-qualifier` to `reliability` and `correctness`	2025-06-19 19:24:00 +02:00
Napalys Klicius	2ab35d6a45	Changed `js/node/assignment-to-exports-variable` to `reliability` and `correctness`	2025-06-19 19:21:06 +02:00
Napalys Klicius	c1d29cc48a	Changed `js/whitespace-contradicts-precedence` to `reliability` and `correctness`	2025-06-19 18:26:12 +02:00
Napalys Klicius	bb9a2289a3	Changed `js/conditional-comment` to `reliability` and `correctness`	2025-06-19 18:25:31 +02:00
Frazer Smith	094b67f88c	JS: Update Fastify tld	2025-06-19 16:22:46 +01:00
Napalys Klicius	ad6c6b2d26	Changed `js/angular/dependency-injection-mismatch` to `reliability` and `correctness`	2025-06-19 17:16:32 +02:00
Napalys Klicius	c18fe303d0	JS: Changed `MissingThisQualifier` to `reliability` and `correctness`	2025-06-19 16:27:00 +02:00
Napalys Klicius	244bf428a1	JS: Fixed typo.	2025-06-19 16:26:07 +02:00
Napalys Klicius	8679151ace	Update javascript/ql/src/change-notes/2025-06-12-loop-iteration.md Co-authored-by: Taus <tausbn@github.com>	2025-06-19 14:21:08 +02:00
Napalys Klicius	5448071e09	Update javascript/ql/src/change-notes/2025-06-12-loop-iteration-fix.md Co-authored-by: Taus <tausbn@github.com>	2025-06-19 14:20:37 +02:00
Napalys Klicius	f80651e78a	Merge pull request #19750 from Napalys/js/remove_encodeURI JS: remove `encodeURI` from sanitizer list of request forgery	2025-06-19 14:12:52 +02:00
Napalys Klicius	8b2bb07140	Updated quality extended expected file after merge	2025-06-19 10:27:57 +02:00
Napalys Klicius	119c1e61ec	Merge remote-tracking branch 'origin/main' into js/mass_quality_promotion	2025-06-19 10:27:15 +02:00
Napalys Klicius	88f668781d	Updated extended expected file after merge	2025-06-19 10:24:39 +02:00
Napalys Klicius	53cae4fa97	Merge remote-tracking branch 'origin/main' into js/quality/loop_shift	2025-06-19 10:21:52 +02:00
Tamas Vajk	e6a9ff08a3	Adjust query-suite integration test expected files	2025-06-18 13:10:34 +02:00
Tamas Vajk	40274dcd69	Add code-quality-extended query suites	2025-06-18 13:10:34 +02:00
Napalys Klicius	72528749f2	JS: add change note	2025-06-17 08:34:34 +02:00
Napalys Klicius	060b98d36c	JS: enchance middleware taint tracking via local source	2025-06-17 08:30:19 +02:00
Napalys Klicius	fc0c8a8f5a	JS: update change note	2025-06-17 08:20:35 +02:00
Napalys Klicius	da21a064ac	JS: add `_parsedUrl` as remote input source	2025-06-16 16:28:30 +02:00
Napalys Klicius	67aac7abfa	JS: add test cases for middleware property assignment tracking	2025-06-16 16:26:08 +02:00
Napalys Klicius	b14b661cd1	JS: add change note	2025-06-16 14:12:39 +02:00
Napalys Klicius	0c31838aa5	JS: mass add missing quality related tags to relevant queries	2025-06-16 14:05:57 +02:00
Napalys Klicius	0d5f5104d1	Updated `UriEncodingSanitizer` comment	2025-06-16 13:08:16 +02:00
Napalys Klicius	798721bd71	JS: add change note	2025-06-16 13:08:14 +02:00
Napalys Klicius	bdbc49c63f	JS: Removed `encodeURI` from request forgery sanitizer list	2025-06-16 13:08:11 +02:00
Napalys Klicius	eca69e1654	JS: remove `serialize-javascript` from `JsonParsers.qll` as it is not a parser	2025-06-16 12:59:36 +02:00
Napalys Klicius	deb715a517	JS: Add test case with `encodeURI` for request forgery	2025-06-16 10:49:29 +02:00
Napalys Klicius	fffbc0c0bc	JS: add change note	2025-06-16 10:38:27 +02:00
Napalys Klicius	5a107ec33b	JS: track taint through `serialize-javascript` calls with object arguments	2025-06-16 10:38:20 +02:00
Napalys Klicius	a96ea182c7	JS: add test cases for `serialize-javascript` with tainted object properties	2025-06-16 09:30:52 +02:00
Vasco-jofra	8c4dbca23c	Improve data flow in the async library	2025-06-15 17:59:49 +02:00
Vasco-jofra	e2eca5bbff	Update test.expected	2025-06-15 12:12:12 +02:00
Vasco-jofra	6920430073	Improve dependency injection through import function calls	2025-06-15 00:47:34 +02:00
Vasco-jofra	9019879d99	Improve useFactory inter file function detection	2025-06-15 00:32:26 +02:00
Vasco-jofra	477f32c7ff	NestJS dependency injection support useValue provider	2025-06-15 00:21:38 +02:00
Vasco-jofra	2b143c86ac	NestJS dependency Injection support useFactory provider	2025-06-15 00:09:07 +02:00
Vasco-jofra	baf0d3ef22	Model NestJS middlewares as sources	2025-06-14 23:27:49 +02:00
Vasco-jofra	26f3b40d35	Add lodash GroupBy as taint step	2025-06-14 00:13:03 +02:00
Vasco-jofra	ddf77a0b72	Remove unnecessary spaces	2025-06-13 15:37:27 +02:00
Vasco-jofra	4ea53773b9	Model the TypeORM Repository API	2025-06-13 15:35:46 +02:00

... 5 6 7 8 9 ...

11884 Commits