hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

2976 Commits

Author SHA1 Message Date
Asger F
43174cfe3a Merge pull request #12668 from asgerf/js/jquery-callback-sinks 
JS: fix handling of jQuery sinks involving callback
 2023-03-30 12:42:53 +02:00
Jeroen Ketema
0acca2ba76 Merge pull request #12687 from jketema/unit-2 
Make imports of `codeql.util.Unit` private
 2023-03-29 13:07:12 +02:00
smiddy007
0eb61d39d3 formatting 2023-03-28 11:28:32 -04:00
smiddy007
fe3b0a56ca Removed unnecessary field 2023-03-28 11:27:23 -04:00
smiddy007
8e9f2185c8 Merge branch 'main' into improve-insufficient-pw-hash-query 2023-03-28 11:15:10 -04:00
smiddy007
123eb1e57b Update javascript/ql/lib/semmle/javascript/frameworks/CryptoLibraries.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-03-28 11:14:28 -04:00
Erik Krogh Kristensen
451f6f01bb Merge pull request #12633 from erik-krogh/more-global-flow 
JS: better callgraph support for global variables
 2023-03-28 15:19:50 +02:00
Jeroen Ketema
3b8ad087eb Make imports of codeql.util.Unit private 2023-03-28 14:14:13 +02:00
Asger F
61a7ee9387 JS: Use getABoundFunctionValue instead of type-tracking 2023-03-28 12:56:03 +02:00
smiddy007
2caab8748e Merge branch 'improve-insufficient-pw-hash-query' of https://github.com/smiddy007/codeql into improve-insufficient-pw-hash-query 2023-03-27 15:20:24 -04:00
smiddy007
57ab5a06ae autoformatted 2023-03-27 15:20:08 -04:00
smiddy007
64b56ef107 Merge branch 'main' into improve-insufficient-pw-hash-query 2023-03-27 12:07:21 -04:00
smiddy007
3ef5f3070f small change 2023-03-27 12:02:35 -04:00
Asger F
92a681213d JS: Step through jQuery callback return values 2023-03-27 11:17:27 +02:00
smiddy007
4980948613 changenote 2023-03-26 23:07:32 -04:00
smiddy007
cef6b95b15 Fixed Conflicts due to recent changes to file 2023-03-26 22:32:34 -04:00
smiddy007
ccf152df00 Added support for progressive hashing in crypto-js module 2023-03-26 21:29:55 -04:00
Jeroen Ketema
a87a9438c7 Replace all definitions of Unit by import codeql.util.Unit 2023-03-24 10:39:34 +01:00
erik-krogh
2bba9057a0 better callgraph support for global variables 2023-03-22 13:49:33 +01:00
Erik Krogh Kristensen
663d4e8e3b Merge pull request #12592 from erik-krogh/rhsRegress 
JS: Fix performance regression in the `GetLaterAccess` module.
 2023-03-22 12:55:56 +01:00
Erik Krogh Kristensen
bdab57b9d3 Update javascript/ql/lib/semmle/javascript/GlobalAccessPaths.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-03-22 10:19:48 +01:00
erik-krogh
c023af7308 manual recursion, and other join-order 2023-03-21 15:22:10 +01:00
erik-krogh
070468ab68 fix performance 2023-03-21 15:19:38 +01:00
erik-krogh
34fe1a8f5e use SSA in the GetLaterAccess module 2023-03-21 15:19:15 +01:00
Asger F
6d665da4dc Merge pull request #12570 from github/post-release-prep/codeql-cli-2.12.5 
Post-release preparation for codeql-cli-2.12.5
 2023-03-21 13:06:25 +01:00
Erik Krogh Kristensen
540542ceb5 Merge pull request #12518 from erik-krogh/more-express-sources 
JS: recognize more express URL related sources
 2023-03-20 08:49:11 +01:00
github-actions[bot]
981e171525 Post-release preparation for codeql-cli-2.12.5 2023-03-17 13:27:00 +00:00
Asger F
d537f86324 Merge pull request #12555 from asgerf/js/block-modes 
JS: Include weak block modes as sink in weak crypto algorithm
 2023-03-17 13:23:23 +01:00
erik-krogh
e00c41c6e2 add change-note and bump version 2023-03-16 22:37:56 +01:00
Asger F
86a06bde72 JS: Flag crypto operations with weak block mode 2023-03-16 14:52:52 +01:00
github-actions[bot]
fe4d27e8cc Release preparation for version 2.12.5 2023-03-16 12:58:50 +00:00
erik-krogh
f718d78a9a avoid redundant sources 2023-03-16 13:34:01 +01:00
erik-krogh
a72436f6f1 recognize more express URL related sources 2023-03-15 10:14:31 +01:00
Asger F
feb7c49006 Merge pull request #12382 from asgerf/js/import-assertion 
JS: Support import assertions
 2023-03-14 14:56:32 +01:00
Asger F
d953ad63fe Merge pull request #12445 from asgerf/js/react-forward-ref 
JS: Handle forwardRef in React
 2023-03-14 13:21:16 +01:00
Asger F
8ab3f39b5e Merge pull request #12423 from asgerf/js/trusted-types-global-flow 
JS: Track trusted types policy callbacks
 2023-03-14 13:09:50 +01:00
Erik Krogh Kristensen
060c37b6a2 Merge pull request #12345 from erik-krogh/delOldDeps 
delete old deprecations
 2023-03-13 12:48:24 +01:00
Asger F
5461f94c6c Merge pull request #12424 from asgerf/js/html-sanitizer-for-sql 
JS: Add html sanitizers as a taint step in a few queries
 2023-03-13 11:36:19 +01:00
Asger F
41dd63adc7 Handle forwardRef in React 2023-03-13 11:30:18 +01:00
erik-krogh
6c1ebd999e Merge branch 'main' into delOldDeps 2023-03-13 11:00:29 +01:00
Anders Schack-Mulligen
8d97fe9ed3 JavaScript: Autoformat 2023-03-10 09:41:20 +01:00
Asger F
0affd898de JS: Track trusted type policy callbacks 2023-03-07 10:22:26 +01:00
Asger F
4f0e17bf97 JS: Add step to a few other queries 2023-03-07 09:39:40 +01:00
Asger F
d4b4d22378 JS: Step through HTML sanitizers in SQL injection query 2023-03-06 15:10:26 +01:00
github-actions[bot]
af61b45785 Post-release preparation for codeql-cli-2.12.4 2023-03-04 14:16:55 +00:00
Dave Bartolomeo
b342e93989 Move change note to appropriate pack 2023-03-03 14:43:00 -05:00
github-actions[bot]
462da63970 Release preparation for version 2.12.4 2023-03-03 14:11:51 +00:00
Asger F
37999eaea0 JS: Fix implicit this 2023-03-03 13:43:17 +01:00
Asger F
7f96fe725b JS: Change note 2023-03-03 12:21:20 +01:00
Asger F
38194c6ae7 JS: Extract import assertions to DB 2023-03-03 12:21:20 +01:00