hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,531 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.7
Commit Graph

11940 Commits

Author SHA1 Message Date
Napalys Klicius
92daa7d42c Updated suite expectations 2025-07-30 10:32:11 +00:00
Napalys Klicius
358617f533 Move CORS misconfiguration query from experimental to Security 2025-07-30 10:22:59 +00:00
Anders Schack-Mulligen
3b8234ecec SSA: Update data flow integration and BarrierGuard interface to use GuardValue. 2025-07-28 11:29:12 +02:00
Geoffrey White
4f6b698ca3 Merge branch 'main' into moresensitive2 2025-07-23 08:50:25 +01:00
github-actions[bot]
37cc78255a Post-release preparation for codeql-cli-2.22.2 2025-07-22 14:22:20 +00:00
github-actions[bot]
997547b8ef Release preparation for version 2.22.2 2025-07-22 14:04:14 +00:00
Nick Rolfe
825c813095 Revert "Release preparation for version 2.22.2" 2025-07-22 14:33:45 +01:00
github-actions[bot]
c8632b70b7 Release preparation for version 2.22.2 2025-07-21 16:45:45 +00:00
Nick Rolfe
ad9b637bec Revert "Merge pull request #19994 from github/post-release-prep/codeql-cli-2.22.2" 
This reverts commit e5b4a15e35, reversing
changes made to 33e63109bb.
 2025-07-21 15:18:59 +01:00
Michael Nebel
2f29459cda Merge pull request #19931 from michaelnebel/ql4ql/qualitytagcheck 
Ql4ql: Quality query tagging.
 2025-07-17 14:53:14 +02:00
Jeroen Ketema
acc66c7b58 Merge pull request #19984 from jketema/jketema/sec-shared 
Make a proper shared library out of the concept related libraries
 2025-07-17 13:25:33 +02:00
Jeroen Ketema
1990438376 JS: Fix import 
The import should not have been private, because we want users to still be
able to import this file and have access to the crypto algorithms.
 2025-07-16 14:41:50 +02:00
Napalys Klicius
887d80f49f Added change note 2025-07-15 09:37:34 +02:00
Napalys Klicius
1851deb929 Removed libxmljs from being marked as sink for xml-bomb. 2025-07-15 09:33:11 +02:00
Jeroen Ketema
cbde11ddc9 Properly share ConceptsShared.qll 2025-07-14 16:30:45 +02:00
Geoffrey White
30c6082b5d Sync identical files. 2025-07-14 11:45:34 +01:00
Jeroen Ketema
f07d8ee493 Remove duplicate copies of CryptoAlgorithms and CryptoAlgorithmNames 2025-07-14 11:39:06 +02:00
Jeroen Ketema
f4ba2e1fd0 Properly share CryptoAlgorithms and CryptoAlgorithmNames 2025-07-14 11:39:00 +02:00
Jeroen Ketema
c582a9ccd6 Remove duplicate copies of SensitiveDataHeuristics 2025-07-14 11:38:52 +02:00
Jeroen Ketema
8b828cecf1 Use shared SensitiveDataHeuristics 2025-07-14 11:38:47 +02:00
Taus
30f705822d JavaScript: Add test where outDir resolves to an unwanted path 2025-07-11 14:58:03 +00:00
Taus
2f822cb0cd JavaScript: Add change note 2025-07-11 13:32:35 +00:00
Taus
43accc50cd JavaScript: Ignore outDirs that would exclude everything 
In #19680 we added support for automatically ignoring files in the
`outDir` directory as specified in the TSconfig compiler options (as
these files were likely duplicates of `.ts` file we were already
scanning).

However, in some cases people put `outDir: "."` or even `outDir: ".."`
in their configuration, which had the side effect of excluding _all_
files, leading to a failed extraction.

With the changes in this PR, we now ignore any `outDir`s that are not
properly contained within the source root of the code being scanned.
This should prevent the files from being extracted, while still allowing
us to not double-scan files in, say, a `.github` directory, as seen in
some Actions workflows.
 2025-07-11 13:28:59 +00:00
Geoffrey White
8f6f9f4359 Add change notes. 2025-07-11 11:54:59 +01:00
Geoffrey White
123458fd21 Sync identical files. 2025-07-10 18:10:24 +01:00
github-actions[bot]
24a0ac1223 Post-release preparation for codeql-cli-2.22.2 2025-07-07 18:15:04 +00:00
github-actions[bot]
f12daefabe Release preparation for version 2.22.2 2025-07-07 14:00:26 +00:00
Michael Nebel
aefd941135 Java/Javascript: Fix violations. 2025-07-03 11:56:33 +02:00
Asger F
98319ce2ad Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2025-07-03 08:44:33 +02:00
Asger F
d85838477e JS: Update Nest model 
An external contribution added more uses of the now-deprecated getType()
predicate while this PR was open.
 2025-07-02 14:11:31 +02:00
Asger F
47a90c8b32 Merge branch 'main' into js/no-type-extraction 2025-07-02 13:18:05 +02:00
Asger F
4b2025d2c4 JS: Remove obsolete unit tests 2025-07-02 09:54:18 +02:00
Asger F
2aad14771c JS: Remove TypeScriptMode 2025-07-02 08:39:17 +02:00
Michael Nebel
233b54c7fa Merge pull request #19891 from michaelnebel/michaelnebel/freezemoresuites 
Go/Ruby/Python: Freeze quality queries in `security-and-quality`.
 2025-07-01 09:04:19 +02:00
Asger F
7c38c48fd7 Merge pull request #19769 from trailofbits/VF/Nest-improvements 
Improve NestJS sources and dependency injection
 2025-06-30 10:42:18 +02:00
Asger F
3247babfa5 Merge pull request #19762 from trailofbits/VF/type-orm-model-improvements 
Improve TypeORM model
 2025-06-30 10:40:38 +02:00
Michael Nebel
145ada53f2 C#/Java/JavaScript: Re-factor query suites to use the new selector. 2025-06-26 14:19:27 +02:00
Vasco-jofra
575da5c31c Merge SummarizedCallable into single class 2025-06-26 10:10:52 +02:00
Vasco-jofra
8a7516528d Update formatting 2025-06-26 09:29:07 +02:00
Asger F
5289e4f424 JS: Fix a bug in a unit test 
The 'extractTypeScriptFiles' override did not incorporate the file type and one of our unit tests was expecting this. The test was previously passing for the wrong reasons.
 2025-06-25 14:31:31 +02:00
Asger F
02cdde1447 JS: Fix imprecise condition 2025-06-25 14:31:28 +02:00
Asger F
aef362152e JS: Change notes 2025-06-25 14:31:25 +02:00
Asger F
c8b2674206 JS: Add support for index expressions 2025-06-25 14:31:22 +02:00
Asger F
b1d4776b17 JS: Handle name resolution through dynamic imports 2025-06-25 14:31:20 +02:00
Asger F
7cc248703a JS: Add test for dynamic imports 2025-06-25 14:31:17 +02:00
Asger F
92dd5bd1f4 JS: Add deprecation comment to qldoc 2025-06-25 14:31:14 +02:00
Asger F
488da145e8 JS: Don't try to augment invalid files 
This check existed on the code path for full type extraction, but not for plain single-file extraction.
 2025-06-25 14:31:11 +02:00
Asger F
74b817b642 JS: Remove code path for TypeScript full extraction 2025-06-25 14:31:05 +02:00
Napalys Klicius
3d9e2f5438 Merge pull request #19858 from Napalys/js/execa 
JS: moved `execa` out of experimental
 2025-06-25 10:34:52 +02:00
Napalys Klicius
73126fef9e JS: update change note. 2025-06-25 09:26:26 +02:00