codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00

Author	SHA1	Message	Date
Napalys Klicius	57f6225140	Update javascript/ql/lib/change-notes/2025-03-20-apollo-server.md Co-authored-by: Asger F <asgerf@github.com>	2025-03-21 09:11:25 +01:00
Napalys Klicius	730580a59b	Merge pull request #19049 from Napalys/js/underscore-string JS: Modeling of `underscore.string` package	2025-03-20 19:11:24 +01:00
Napalys	7d40e449db	Added change note.	2025-03-20 19:08:24 +01:00
Napalys	d61d038b9b	Refactored `SuperAgentUrlRequest` to use API graph.	2025-03-20 18:17:28 +01:00
Napalys	401c6ea0f6	Added test case which is not detected by dataflow.	2025-03-20 18:17:27 +01:00
Napalys Klicius	13e90c1606	Update javascript/ql/lib/change-notes/2025-03-20-superagent.md Co-authored-by: Asger F <asgerf@github.com>	2025-03-20 13:48:40 +01:00
Napalys	9e787555df	Fixed typo in the test cases.	2025-03-20 13:25:36 +01:00
Napalys	3a243d221d	Added aliases for `@apollo/server`.	2025-03-20 13:09:42 +01:00
Napalys	056bf4fde7	Added test case with inheretence.	2025-03-20 13:08:56 +01:00
Napalys	ca53e97de4	Adressed comments.	2025-03-20 12:37:06 +01:00
Napalys Klicius	221cc1977d	Merge branch 'main' into js/underscore-string	2025-03-20 12:26:00 +01:00
Napalys	f4ca2dc1f3	Restricted taint to array elements.	2025-03-20 12:24:49 +01:00
Napalys	752f02f04d	Fixed `map` modeling and added test cases.	2025-03-20 12:18:28 +01:00
Napalys	38624a0d78	Added change note	2025-03-20 12:13:32 +01:00
Napalys	af567b49fb	Simplified `SuperAgentUrlRequest`.	2025-03-20 12:10:37 +01:00
Napalys	539e2ef558	Added support for `superagent.agent()`.	2025-03-20 12:09:31 +01:00
Napalys	cdf4f5395f	Enhance SuperAgent URL request handling for both method calls and direct calls	2025-03-20 12:09:26 +01:00
Napalys	2e1734eeba	Added support for `del` function in superagent	2025-03-20 12:01:18 +01:00
Napalys	e5c179d5a4	Added test cases for superagent	2025-03-19 17:44:22 +01:00
Chris Smowton	9a2a13ed55	Merge remote-tracking branch 'origin/main' into smowton/admin/merge-rc317-into-main	2025-03-19 16:01:29 +00:00
Napalys	cb18408502	Added data as model for `ApolloServer`.	2025-03-19 13:36:06 +01:00
Napalys	23fdc3534f	Added test case `@apollo/server` with `SSRF`.	2025-03-19 13:34:27 +01:00
Asger F	1324c11044	Merge pull request #19012 from asgerf/js/api-graph-array-element JS: Make API graphs use steps from summaries	2025-03-18 18:03:43 +01:00
Napalys	922a07d01e	Added `underscore.string` `clearsContent`. Co-authored-by: Asgerf <asgerf@github.com>	2025-03-18 12:58:19 +01:00
Asger F	53ba588993	JS: Use ArrayElement instead of AnyMember The use of AnyMember was a workaround until the bugfix in this PR landed.	2025-03-18 09:26:02 +01:00
Napalys	8b431dc0e7	Added change note.	2025-03-17 19:10:12 +01:00
Napalys	2c7562d875	Removed `value` from modeling its return value as Wrapper class, since it return simple string.	2025-03-17 19:08:43 +01:00
Napalys	d8e6d76b0e	Added modeling for `tap` function.	2025-03-17 19:07:02 +01:00
Napalys	eb18c3ce24	Added test case for `tap`.	2025-03-17 18:36:23 +01:00
Napalys	fc6b779a4b	Added modeling for aliases.	2025-03-17 18:33:14 +01:00
Napalys	dcc1e88d08	Added test cases for aliases.	2025-03-17 18:23:46 +01:00
Napalys	3a83c8d1fd	Added modeling for extra chaining function from `underscore.string`.	2025-03-17 18:06:26 +01:00
Napalys	cccd863a96	Added test for extra chaining function for `underscore.string`.	2025-03-17 18:05:49 +01:00
Napalys	ca9ae8a58d	Added chaining modeling for `underscore.string` package.	2025-03-17 14:46:07 +01:00
Napalys	25c6fb59df	Added chaining tests for `underscore.string` package.	2025-03-17 14:46:06 +01:00
Napalys	b59b9c86e4	Added modeling `underscore.string` of function which contain multiple sources points.	2025-03-17 14:46:01 +01:00
github-actions[bot]	51cdeefafb	Post-release preparation for codeql-cli-2.20.7	2025-03-17 13:00:41 +00:00
Asger F	1516029cf5	JS: Avoid generating ArrayElement edges for extend-like patterns	2025-03-17 13:48:27 +01:00
Asger F	125e732c4c	JS: Fix bad join order	2025-03-17 13:44:33 +01:00
github-actions[bot]	2d64a618e6	Release preparation for version 2.20.7	2025-03-17 12:15:54 +00:00
Napalys	77e1e171e1	Added test cases `underscore.string` with multiple sources.	2025-03-17 12:58:53 +01:00
Napalys	6b105b2f49	Added modeling `underscore.string` array to string functions.	2025-03-17 12:55:53 +01:00
Napalys	cd40b6f125	Added test cases `underscore.string` array to string.	2025-03-17 12:53:53 +01:00
Napalys	30623cd953	Added modeling of `underscore.string` for str to array.	2025-03-17 12:52:56 +01:00
Napalys	c256b9c336	Added `underscore.string` test cases for str to array.	2025-03-17 12:51:48 +01:00
Napalys	9bca863e38	Added modeling of `underscore.string` string to string functions.	2025-03-17 12:50:41 +01:00
Napalys	e8b233f086	Added test cases `underscore.string` string to string.	2025-03-17 12:48:41 +01:00
Napalys Klicius	749a0560b4	Merge pull request #19027 from Napalys/js/escape JS: Add support for `escape`	2025-03-17 10:48:44 +01:00
Napalys Klicius	478e32cbe5	Update javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll Co-authored-by: Asger F <asgerf@github.com>	2025-03-17 10:17:39 +01:00
Napalys Klicius	9134f79fd2	Merge pull request #18984 from Napalys/js/extractor_error_handler JS: Extractor handle error instead of exiting.	2025-03-17 10:11:26 +01:00

... 15 16 17 18 19 ...

11003 Commits