codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00

Author	SHA1	Message	Date
Andrew Eisenberg	07228672df	Merge branch 'main' into aeisenberg/remove-upgrades	2022-01-11 11:25:27 -08:00
Stephan Brandauer	132e0bf4b7	add database accesses as additional (heuristic) remote flow sources	2022-01-11 11:38:41 +01:00
Erik Krogh Kristensen	f7a63d5ea0	remove duplicated line	2022-01-07 18:38:02 +01:00
Erik Krogh Kristensen	1a8b6d7414	recognize ranges without upper bounds	2022-01-07 18:38:01 +01:00
Erik Krogh Kristensen	acaf294bee	support a limited number of regexp ranges	2022-01-07 18:36:30 +01:00
Asger F	c9fcdb8261	Apply suggestions from code review Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2022-01-06 11:51:27 +01:00
Asger Feldthaus	a7698b8727	JS: Fix double space	2022-01-05 14:35:02 +01:00
Asger Feldthaus	486beda2fa	JS: Factor out common regexp in AccessPathToken	2022-01-05 14:35:02 +01:00
Asger Feldthaus	21928bee6c	JS: Rename padded -> inversePad	2022-01-05 14:35:01 +01:00
Asger Feldthaus	1989d51942	JS: Update documentation in Impl.qll	2022-01-05 14:35:01 +01:00
Asger Feldthaus	3ced5c9269	JS: Resolve first N tokens instead of constructing each prefix	2022-01-05 14:35:01 +01:00
Asger Feldthaus	772681d249	JS: Initial support for models as data	2022-01-05 14:34:52 +01:00
Dave Bartolomeo	83ceb822aa	Move upgrades into standard library packs Move upgrade to new location Remove incorrectly merged files Fix upgrades section	2022-01-04 11:30:25 -08:00
github-actions[bot]	1dfcf427aa	Release preparation for version 2.7.5	2022-01-04 14:44:56 +00:00
Erik Krogh Kristensen	b9964799f3	Merge pull request #7458 from erik-krogh/modelling QL: add "modelling/modeling" to `ql/non-us-spelling`	2022-01-04 13:33:54 +01:00
Dave Bartolomeo	ded3c52a34	Merge pull request #7407 from github/post-release-prep/codeql-cli-2.7.4 Post-release preparation for codeql-cli-2.7.4	2022-01-03 17:09:58 -05:00
github-actions[bot]	1334d207fa	Post-release version bumps	2022-01-03 20:11:15 +00:00
Alex Ford	3da98ecb73	Bump a date	2021-12-22 16:38:16 +00:00
Alex Ford	a2104de8a0	Move CryptoAlgorithms::AlgorithmsName into a separate internal/CryptoAlgorithmNames.qll	2021-12-22 16:38:15 +00:00
Alex Ford	f16d77615d	Remove unused isStrongBlockMode predicate from CryptoAlgorithms.qll	2021-12-22 16:38:15 +00:00
Alex Ford	d3af687767	Add more encryption algorithms and modes to CryptoAlgorithms::AlgorithmNames Strong encryption algorithms: ARIA, IDEA, SEED, SM4 Strong block modes: CBC, CFB, CTR, OFB	2021-12-22 16:38:15 +00:00
Alex Ford	bdb2d8ba16	Ruby: split OpenSSL parts from CryptoALgorithms.qll and sync with JS/Python version	2021-12-22 16:38:15 +00:00
Erik Krogh Kristensen	8019b52838	run the non-us patch with "modelled/modeled"	2021-12-20 17:47:15 +01:00
Erik Krogh Kristensen	d17879e1f9	run the non-us patch	2021-12-20 16:24:41 +01:00
Nick Rolfe	28912c508f	Fix non-US spelling of 'behavior'	2021-12-17 15:29:31 +00:00
CodeQL CI	de4b655ddb	Merge pull request #7327 from asgerf/js/handlebars-more-raw-interpolation Approved by erik-krogh	2021-12-17 14:07:57 +00:00
CodeQL CI	39ec7132af	Merge pull request #7049 from asgerf/js/routing-trees Approved by erik-krogh	2021-12-17 12:26:38 +00:00
Asger Feldthaus	89775428b4	JS: Autoformat	2021-12-17 10:32:02 +01:00
Asger Feldthaus	e2c6dd7d56	JS: Recognize {{& ... }} as an XSS sink	2021-12-17 10:31:50 +01:00
Asger Feldthaus	0e9c2377e3	JS: Use a field in RouterHandlerParameter	2021-12-16 10:26:35 +01:00
CodeQL CI	f274f06d9b	Merge pull request #7409 from asgerf/js/track-functions-with-methods Approved by erik-krogh	2021-12-16 09:01:42 +00:00
CodeQL CI	acbf7913b2	Merge pull request #7408 from asgerf/js/trusted-types-sinks Approved by esbena	2021-12-16 08:59:51 +00:00
Asger F	784991cce5	Update javascript/ql/lib/semmle/javascript/Routing.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2021-12-15 16:38:38 +01:00
Asger Feldthaus	79e6dcaf68	JS: Rename getValueAtAccessPath->getValueImplicitlyStoredInAccessPath	2021-12-15 16:37:28 +01:00
Asger Feldthaus	8aa4d8227e	JS: Rename RouteHandlerInput->RouteHandlerParameter	2021-12-15 16:32:18 +01:00
Asger Feldthaus	218b746f6f	JS: Rename getAUseSite -> getRouteInstallation	2021-12-15 16:21:41 +01:00
Asger Feldthaus	615b2ec539	JS: Fix handling of fastify-plugin	2021-12-15 16:04:46 +01:00
Asger Feldthaus	b226f767ad	JS: Fix tracking of fastify server instance	2021-12-15 16:04:45 +01:00
Asger Feldthaus	0ca9feb854	JS: Always treat routers as resuming dispatch	2021-12-15 16:01:59 +01:00
Asger F	1b20506947	Update javascript/ql/lib/semmle/javascript/frameworks/Fastify.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2021-12-15 16:00:19 +01:00
Asger F	c1bb40f439	Update javascript/ql/lib/semmle/javascript/frameworks/Express.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2021-12-15 16:00:19 +01:00
Asger Feldthaus	b2016bddac	JS: Merge concepts of client/database in MongoDB model	2021-12-15 16:00:19 +01:00
Asger Feldthaus	e64a6dc12a	JS: Add qldoc	2021-12-15 12:47:23 +01:00
Asger Feldthaus	43ec721a87	JS: Add link to MDN docs for trusted types	2021-12-15 11:52:58 +01:00
github-actions[bot]	59da2cdf69	Release preparation for version 2.7.4	2021-12-14 21:35:09 +00:00
Dave Bartolomeo	a62f181d42	Move new change notes to appropriate packs	2021-12-14 12:05:15 -05:00
Asger Feldthaus	7e947b2a65	JS: Use return value of trusted type policy callback as a sink	2021-12-14 13:28:46 +01:00
Ian Wright	1c79d1f985	Merge pull request #7352 from github/esbena/atm-endpoint-polish ATM Endpoint filtering improvements	2021-12-14 08:19:23 +00:00
Erik Krogh Kristensen	de4458346f	Merge pull request #7344 from SZFsir/main JS: Improve inter-procedural type inference for FunctionExpr	2021-12-13 21:58:53 +01:00
Andrew Eisenberg	0669ef505e	Fix semver for upgrades references Ensure the version range is flexible enough to handle future version changes.	2021-12-13 09:03:33 -08:00

... 50 51 52 53 54 ...

2844 Commits