codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00

Author	SHA1	Message	Date
amammad	97c27ac11b	revert SqlInjection.ql changes	2023-09-29 01:36:00 +10:00
amammad	921198ed30	add separate query for sinks that accepts data: URL	2023-09-28 20:33:38 +10:00
amammad	0eb0c238f3	stash	2023-09-23 20:28:34 +10:00
github-actions[bot]	3acf5244b0	Post-release preparation for codeql-cli-2.14.6	2023-09-20 10:25:10 +00:00
github-actions[bot]	0a3670727f	Release preparation for version 2.14.6	2023-09-19 11:40:30 +00:00
Erik Krogh Kristensen	7e7852eff6	Merge pull request #13641 from erik-krogh/multi-char JS/RB: write qhelp for `incomplete-multi-character-sanitization`	2023-09-14 14:48:30 +02:00
Max Schaefer	e722e3288f	Merge pull request #13771 from github/max-schaefer/server-side-url-redirect-help JavaScript: Improve query help for `js/server-side-unvalidated-url-redirection`.	2023-09-13 13:20:48 +01:00
Max Schaefer	a9e81672f0	Make suggestion to replace example.com more explicit.	2023-09-12 16:54:05 +01:00
Max Schaefer	7ddb7da65e	Apply suggestions from code review Co-authored-by: Felicity Chapman <felicitymay@github.com>	2023-09-12 16:47:23 +01:00
github-actions[bot]	d699880c86	Post-release preparation for codeql-cli-2.14.4	2023-09-08 21:17:52 +00:00
Chuan-kai Lin	1a575ef297	Merge pull request #14167 from asgerf/ts/tolerate-out-of-order-requests JS: tolerate out of order requests in TypeScript extractor	2023-09-08 12:33:44 -07:00
Asger F	ea384b340a	JS: Change note	2023-09-08 10:31:04 +02:00
Max Schaefer	46d7165885	Explain about redirects to example.com.	2023-09-07 09:12:07 +01:00
Max Schaefer	a02f373e79	Use better sanitiser.	2023-09-06 14:06:16 +01:00
github-actions[bot]	abf2b12b1c	Release preparation for version 2.14.4	2023-09-05 16:56:14 +00:00
amammad	77dcd68a86	v2	2023-08-31 21:26:25 +10:00
amammad	7a577ddd98	change Source to ConstantString, it seems that we have some duplicate results now, ConstantString is suggested as a better alternative for finding constant sources	2023-08-30 20:47:43 +10:00
erik-krogh	5e11fe74f7	Merge branch 'main' into ts52	2023-08-30 07:57:55 +02:00
amammad	d06444e639	upgrade additional steps	2023-08-30 05:03:19 +10:00
amammad	369bc50709	fix comments	2023-08-30 04:53:58 +10:00
amammad	3f64cc82eb	fix qhelps	2023-08-29 22:42:21 +10:00
amammad	4f04dc8f6e	add test cases	2023-08-29 21:34:02 +10:00
amammad	65b97745c2	V1	2023-08-29 21:23:02 +10:00
Dave Bartolomeo	3343b78015	Merge pull request #14074 from github/post-release-prep/codeql-cli-2.14.3 Post-release preparation for codeql-cli-2.14.3	2023-08-28 13:34:10 -04:00
github-actions[bot]	3eba77421a	Post-release preparation for codeql-cli-2.14.3	2023-08-28 15:53:49 +00:00
erik-krogh	a7d92b3473	add JS support the `using` keyword	2023-08-24 20:30:26 +02:00
Asger F	2b540e251a	Merge pull request #14007 from asgerf/js/import-path-string JS: Follow immediate predecessors in path resolution	2023-08-23 15:28:22 +02:00
Asger F	d146514275	Merge pull request #13928 from asgerf/js/ignore-huge-files JS: Ignore files larger than 10 MB during extraction	2023-08-23 15:09:58 +02:00
Asger F	b8fc84e8e4	JS: Change note	2023-08-23 14:11:07 +02:00
Asger F	b93e404441	JS: Change log	2023-08-23 14:05:21 +02:00
Asger F	ae2a1c7399	JS: Change note	2023-08-23 13:39:56 +02:00
Max Schaefer	87364137df	Use more sensible validator in example.	2023-08-21 15:14:01 +01:00
github-actions[bot]	098dfb4242	Release preparation for version 2.14.3	2023-08-18 14:48:15 +00:00
Henry Mercer	1213eba630	Merge branch 'main' into post-release-prep/codeql-cli-2.14.2	2023-08-11 13:54:55 +01:00
erik-krogh	5ffce86768	change the defaults in the qhelp for missing-rate-limit to something more reasonable	2023-08-10 13:40:17 +02:00
github-actions[bot]	432c21d4fb	Post-release preparation for codeql-cli-2.14.2	2023-08-09 18:45:18 +00:00
github-actions[bot]	79c90fa36a	Release preparation for version 2.14.2	2023-08-07 18:08:52 +00:00
Erik Krogh Kristensen	6631e838cf	re-appearing -> reappearing Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>	2023-08-07 09:57:52 +02:00
Asger F	5950865b55	Merge pull request #13755 from github/max-schaefer/js-server-crash-help JavaScript: Improve qhelp for js/server-crash.	2023-08-03 10:04:08 +02:00
Max Schaefer	5124310f14	Update javascript/ql/src/Security/CWE-730/ServerCrash.qhelp Co-authored-by: Asger F <asgerf@github.com>	2023-08-01 17:03:05 +01:00
github-actions[bot]	f91b7a9342	Post-release preparation for codeql-cli-2.14.1	2023-07-21 16:16:25 +00:00
github-actions[bot]	c936a920b0	Release preparation for version 2.14.1	2023-07-20 16:32:27 +00:00
Max Schaefer	7823ff968c	JavaScript: Improve query help for `js/server-side-unvalidated-url-redirection`.	2023-07-19 13:23:25 +01:00
Max Schaefer	9432fec612	JavaScript: Improve qhelp for js/server-crash. The examples now use `fs.access` instead of the deprecated `fs.exists`. I have also rewritten the async/await example, since as of Node.js v15 the default behaviour for uncaught exceptions has changed to terminating the process instead of logging a warning, making the previous advice incorrect.	2023-07-17 14:44:23 +01:00
Asger F	d57276ca35	Merge pull request #13719 from asgerf/js/barrier-inout JS: Replace barrier edges with barrier nodes	2023-07-13 16:36:52 +02:00
erik-krogh	1fe66232c6	suggestions based on review: add a popular library example for HTML-sanitization, and use the old text about ../ replacements	2023-07-13 14:28:11 +02:00
Erik Krogh Kristensen	9db970f055	apply suggestion from review Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>	2023-07-13 14:17:33 +02:00
Max Schaefer	b8eb2ef8d8	Merge branch 'main' into max-schaefer/improve-command-injection-qhelp	2023-07-13 12:11:15 +01:00
Max Schaefer	ae237247f2	Apply suggestions from code review Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2023-07-13 12:10:57 +01:00
Asger F	c8af28c2ca	Merge pull request #13700 from asgerf/js/path-join-spread JS: Recognize 'fs/promises' alias and handle spread arguments in path.join()	2023-07-11 15:31:13 +02:00

... 10 11 12 13 14 ...

6276 Commits