hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,482 Commits 1,671 Branches 157 Tags
move-cors-query-from-experimental2
Commit Graph

2844 Commits

Author SHA1 Message Date
Asger F
e323833bc3 JS: Fix qldoc coverage 2025-06-23 12:55:19 +02:00
Asger F
07f84a5add JS: Remove an unnecessary import 2025-06-23 12:55:18 +02:00
Asger F
ee9c4fa763 JS: Deprecate everything that depends on type extraction 2025-06-23 12:55:14 +02:00
Asger F
6d389c31c7 JS: Update an outdated QLDoc comment 2025-06-23 12:55:11 +02:00
Asger F
fcb6882f16 JS: Update API usage in MissingAwait 2025-06-23 12:55:09 +02:00
Asger F
e459884b69 JS: Update API usage in ViewComponentInput 2025-06-23 12:55:08 +02:00
Asger F
8b2a424fb0 JS: Update type usage use in Express model 2025-06-23 12:55:05 +02:00
Asger F
b71d09630a JS: Update type usage in Electron model 2025-06-23 12:55:03 +02:00
Asger F
ace8b09a36 JS: Update type usage in ClassValidator.qll 2025-06-23 12:55:01 +02:00
Asger F
9d4c38b5f1 JS: Update type usage in definitions.qll 2025-06-23 12:54:59 +02:00
Asger F
17a687b38f JS: Update type usage in Nest library model 2025-06-23 12:54:57 +02:00
Asger F
b82e84930c JS: Add public API 2025-06-23 12:54:56 +02:00
Asger F
2a0c7c8801 JS: Add classHasGlobalName into NameResolution 2025-06-23 12:54:55 +02:00
Asger F
de9dab9ba3 JS: Move some predicates into NameResolution 2025-06-23 12:54:53 +02:00
Asger F
93c891a987 Merge pull request #19822 from Fdawgs/patch-1 
JS: Update Fastify tld
 2025-06-23 12:49:42 +02:00
Taus
ac8b41a5da Merge pull request #19680 from github/tausbn/javascript-exclude-obviously-generated-files 
JavaScript: Don't extract obviously generated files
 2025-06-20 15:52:39 +02:00
Napalys Klicius
3fbe348f99 Merge pull request #19784 from Napalys/js/express_middleware 
JS: Improve Express middleware taint tracking
 2025-06-20 15:36:26 +02:00
Napalys Klicius
c1b2fd86b2 Update javascript/ql/lib/semmle/javascript/frameworks/Express.qll 
Co-authored-by: Taus <tausbn@github.com>
 2025-06-20 14:29:51 +02:00
Frazer Smith
094b67f88c JS: Update Fastify tld 2025-06-19 16:22:46 +01:00
Napalys Klicius
f80651e78a Merge pull request #19750 from Napalys/js/remove_encodeURI 
JS: remove `encodeURI` from sanitizer list of request forgery
 2025-06-19 14:12:52 +02:00
Napalys Klicius
72528749f2 JS: add change note 2025-06-17 08:34:34 +02:00
Napalys Klicius
060b98d36c JS: enchance middleware taint tracking via local source 2025-06-17 08:30:19 +02:00
Napalys Klicius
fc0c8a8f5a JS: update change note 2025-06-17 08:20:35 +02:00
Napalys Klicius
da21a064ac JS: add _parsedUrl as remote input source 2025-06-16 16:28:30 +02:00
Napalys Klicius
0d5f5104d1 Updated UriEncodingSanitizer comment 2025-06-16 13:08:16 +02:00
Napalys Klicius
798721bd71 JS: add change note 2025-06-16 13:08:14 +02:00
Napalys Klicius
bdbc49c63f JS: Removed encodeURI from request forgery sanitizer list 2025-06-16 13:08:11 +02:00
Napalys Klicius
eca69e1654 JS: remove serialize-javascript from JsonParsers.qll as it is not a parser 2025-06-16 12:59:36 +02:00
Napalys Klicius
fffbc0c0bc JS: add change note 2025-06-16 10:38:27 +02:00
Napalys Klicius
5a107ec33b JS: track taint through serialize-javascript calls with object arguments 2025-06-16 10:38:20 +02:00
Vasco-jofra
6920430073 Improve dependency injection through import function calls 2025-06-15 00:47:34 +02:00
Vasco-jofra
9019879d99 Improve useFactory inter file function detection 2025-06-15 00:32:26 +02:00
Vasco-jofra
477f32c7ff NestJS dependency injection support useValue provider 2025-06-15 00:21:38 +02:00
Vasco-jofra
2b143c86ac NestJS dependency Injection support useFactory provider 2025-06-15 00:09:07 +02:00
Vasco-jofra
baf0d3ef22 Model NestJS middlewares as sources 2025-06-14 23:27:49 +02:00
Asger F
423ffc78db Merge pull request #19078 from asgerf/js/name-resolution 
JS: QL-side type/name resolution for TypeScript and JSDoc
 2025-06-11 14:17:11 +02:00
Asger F
e848aa747b JS: Clarifying comment on commonStep 2025-06-11 10:24:21 +02:00
Asger F
2aa5fa17f7 JS: Add comment and examples in FlowImpl doc 2025-06-11 10:21:24 +02:00
Asger F
72cc439125 JS: Normalize a few more extensions 2025-06-10 17:36:56 +02:00
Asger F
18f9133715 JS: Rename and clarify comment for trackFunctionType 2025-06-10 16:14:46 +02:00
Asger F
a6488cbad9 Update javascript/ql/lib/semmle/javascript/internal/NameResolution.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-06-10 16:06:42 +02:00
Napalys Klicius
51b83dbce5 Merge pull request #19579 from Napalys/js/dom_property_access 
JS: Improve `useless-expression` query to avoid duplicate alerts on compound expressions
 2025-06-10 15:17:13 +02:00
Napalys Klicius
e46581163a Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
 2025-06-10 13:23:31 +02:00
Napalys Klicius
496d8d44eb Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-10 13:19:48 +02:00
Napalys Klicius
e6f071ce46 Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-10 13:18:48 +02:00
Napalys Klicius
c97da2eda5 Exclude expressions that are part of a conditional expression 2025-06-10 10:56:11 +02:00
github-actions[bot]
21463a9653 Post-release preparation for codeql-cli-2.22.0 2025-06-09 18:50:20 +00:00
github-actions[bot]
88ba02edf8 Release preparation for version 2.22.0 2025-06-09 18:14:51 +00:00
Chuan-kai Lin
631502e129 Merge branch 'main' into cklin/rc-3.18-mergeback 2025-06-09 07:19:40 -07:00
Taus
b8772bc736 JavaScript: Add change note 2025-06-05 15:06:40 +00:00