6371 Commits

Author	SHA1	Message	Date
Óscar San José	d972af9ef8	Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main	2025-12-12 13:22:08 +01:00
github-actions[bot]	2854330759	Post-release preparation for codeql-cli-2.23.8	2025-12-08 15:49:10 +00:00
github-actions[bot]	66c51e979e	Release preparation for version 2.23.8	2025-12-08 14:38:23 +00:00
Óscar San José	bc6133de5c	Merge branch 'main' of https://github.com/github/codeql into oscarsj/merge-back-rc-3.20	2025-12-05 19:31:47 +01:00
Anders Schack-Mulligen	dc6d3fe7ba	Use flowFrom.	2025-12-03 14:04:18 +01:00
github-actions[bot]	085faa2bdb	Post-release preparation for codeql-cli-2.23.7	2025-12-02 16:39:43 +00:00
github-actions[bot]	a045b317ac	Release preparation for version 2.23.7	2025-12-02 15:31:27 +00:00
github-actions[bot]	19a13467e0	Release preparation for version 2.23.7	2025-12-01 16:07:37 +00:00
Asger F	a91969b7e1	JS: Change note	2025-11-25 15:58:11 +01:00
Asger F	613895e0c0	Merge pull request #20424 from asgerf/js/overlay-manual-v4 ... JS: Add overlay annotations	2025-11-20 11:10:46 +01:00
github-actions[bot]	5ee45af3aa	Post-release preparation for codeql-cli-2.23.6	2025-11-18 09:53:12 +00:00
github-actions[bot]	18fa6799ce	Release preparation for version 2.23.6	2025-11-17 16:38:07 +00:00
Asger F	ac3913e7db	JS: Fix bad join in DuplicateProperty.ql	2025-11-13 09:46:08 +01:00
Napalys Klicius	d122534398	Merge pull request #20671 from github/napalys/adjust_query_severity ... Adjust query severity ratings	2025-11-11 12:37:31 +01:00
github-actions[bot]	4014df9a6e	Post-release preparation for codeql-cli-2.23.4	2025-11-04 17:57:52 +00:00
github-actions[bot]	64fcdd1f2f	Release preparation for version 2.23.4	2025-11-03 14:52:23 +00:00
Nora Dimitrijević	bb80d83276	JS/SSRF ... javascript/ql/src/experimental/Security/CWE-918/SSRF.ql	2025-10-28 09:40:19 +01:00
Tom Hvitved	eb9df008b0	JS: Remove two invalid QHelp links	2025-10-24 08:45:12 +02:00
Napalys Klicius	9c70ae04fb	Add change note	2025-10-22 11:48:16 +00:00
Napalys Klicius	fa47174013	CWE-020: Lower security-severity for OverlyLargeRange queries to 4.0	2025-10-22 11:32:33 +00:00
Napalys Klicius	7b6720ce2c	JS: Align DOM XSS query severity with other XSS queries	2025-10-22 11:30:34 +00:00
Owen Mansel-Chan	66f95bcbcd	Merge pull request #20603 from owen-mc/update-broken-algo-qhelp ... Many languages: Update broken algo qhelp	2025-10-17 12:30:43 +01:00
Napalys Klicius	45e8164f14	JS: remove quality tag from SyntaxError query	2025-10-15 09:07:11 +02:00
github-actions[bot]	6dd07790ac	Post-release preparation for codeql-cli-2.23.3	2025-10-14 11:16:33 +00:00
github-actions[bot]	33542f7d40	Release preparation for version 2.23.3	2025-10-14 09:30:24 +00:00
Owen Mansel-Chan	0bcdb91639	Improve qhelp for broken crypto algo queries ... Previously it focussed too much on the risk of data being decrypted, and didn't explain why using weak algorithms is a problem in other contexts.	2025-10-08 14:10:54 +01:00
github-actions[bot]	a7a4e43991	Post-release preparation for codeql-cli-2.23.2	2025-09-29 15:10:19 +00:00
github-actions[bot]	d2130a589b	Release preparation for version 2.23.2	2025-09-29 10:28:45 +00:00
Florin Coada	ba520c60d2	Update 2.1.0.md	2025-09-26 10:11:03 +01:00
Florin Coada	09833e2541	Update CHANGELOG for query promotion and acknowledgment ... Promote 'Permissive CORS configuration' query to default suite and acknowledge contributor.	2025-09-26 10:09:30 +01:00
Florin Coada	2f96e32ec9	Update 2.1.0.md	2025-09-26 10:08:31 +01:00
Ian Lynagh	c653d939d9	Merge pull request #20451 from github/post-release-prep/codeql-cli-2.23.1 ... Post-release preparation for codeql-cli-2.23.1	2025-09-17 13:00:14 +01:00
Michael Nebel	6d330891db	Merge pull request #20395 from michaelnebel/javascript/code-quality-extended ... JS: Add most `medium` precision queries to the `code-quality-extended` suite.	2025-09-17 13:47:02 +02:00
github-actions[bot]	4e8343664f	Post-release preparation for codeql-cli-2.23.1	2025-09-17 10:13:40 +00:00
github-actions[bot]	02a1b1efcb	Release preparation for version 2.23.1	2025-09-16 14:14:42 +00:00
Asger F	edf79a3730	JS: Change note	2025-09-16 13:53:31 +02:00
Chris Smowton	c375f24598	Merge pull request #20423 from smowton/smowton/fix/length-comparison-off-by-one-fp ... JS: Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access	2025-09-15 18:24:45 +01:00
Ian Lynagh	d0091e1b3c	javascript: Fix spelling error in documentation ... Corrects the spelling of "occurrences" in the Incomplete Multi-Character Sanitization documentation to improve clarity.	2025-09-15 14:53:22 +01:00
Chris Smowton	db5c58180e	Change note	2025-09-12 14:32:12 +01:00
Chris Smowton	f5780ae369	Amend docstring	2025-09-12 14:32:10 +01:00
Chris Smowton	4fb133a43d	Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access	2025-09-12 14:32:07 +01:00
Asger F	d575d3c9e4	Merge pull request #20374 from asgerf/js/typescript-5.9 ... JS: Support TypeScript 5.9 and support 'import defer' syntax	2025-09-09 20:50:04 +02:00
Michael Nebel	58862f4ace	JavaScript: Add some medium precision queries to the code-quality-extended suite.	2025-09-09 15:47:03 +02:00
Napalys Klicius	8c34b7eaea	Merge pull request #20146 from Napalys/js/move-cors-query-from-experimental ... JS: Move cors-misconfiguration query from experimental to Security	2025-09-08 09:32:38 +02:00
Napalys Klicius	b2feaaceea	Merge branch 'main' into js/move-cors-query-from-experimental	2025-09-05 12:11:09 +02:00
Asger F	ef114c4a07	JS: Add change note	2025-09-05 12:04:53 +02:00
Napalys Klicius	e6eacca50b	Update change note to reflect changes	2025-09-05 11:27:29 +02:00
Arthur Baars	5d3ec35e29	Remove non-breaking spaces from code	2025-09-05 09:41:15 +02:00
Napalys Klicius	c4c8dbcf7d	Merge remote-tracking branch 'origin/main' into js/move-cors-query-from-experimental	2025-09-04 15:24:44 +02:00
Napalys Klicius	d3d608fa33	Updated query description and added a sanitizer	2025-09-04 13:16:37 +00:00