hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,554 Commits 1,673 Branches 157 Tags
01a043ddbd6ab3f84897c48e62d97b7ba586fc9a
Commit Graph

902 Commits

Author SHA1 Message Date
github-actions[bot]
67ce442674 Post-release preparation for codeql-cli-2.10.5 2022-09-16 14:23:44 +00:00
github-actions[bot]
a9d80a5a48 Release preparation for version 2.10.5 2022-09-08 11:35:54 +00:00
Ian Lynagh
7dc5bdafe3 Merge pull request #10186 from github/post-release-prep/codeql-cli-2.10.4 
Post-release preparation for codeql-cli-2.10.4
 2022-08-31 17:29:57 +01:00
erik-krogh
e2caf3e8c0 put a limit on the length of the equivalent range 2022-08-30 09:29:22 +02:00
github-actions[bot]
3b4ad3c4f1 Post-release preparation for codeql-cli-2.10.4 2022-08-26 09:32:11 +00:00
Ian Lynagh
ef98ce16f8 Update javascript/ql/lib/CHANGELOG.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:25:38 +01:00
Ian Lynagh
40b1825ef1 Update javascript/ql/lib/change-notes/released/0.2.4.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:24:20 +01:00
github-actions[bot]
0f63bc077f Release preparation for version 2.10.4 2022-08-25 12:52:26 +00:00
Ian Lynagh
501a9b3c6b Make *.qll non-executable 2022-08-24 16:36:15 +01:00
Erik Krogh Kristensen
28d58be1b6 Merge pull request #10126 from erik-krogh/myApply 
JS: precise flow through calls to `.apply()`
 2022-08-24 12:55:36 +02:00
erik-krogh
82d9180892 only have one deprecated alias for XmlDtd 2022-08-23 10:38:23 +02:00
erik-krogh
a57981ea69 apply suggestions from review 2022-08-23 10:18:14 +02:00
erik-krogh
78ba7650b3 change the change-notes 2022-08-23 07:28:46 +02:00
erik-krogh
28083ebe09 run the implicit-this patch 2022-08-22 21:23:31 +02:00
erik-krogh
a593a52b5e add missing qldoc (that was already missing?) 2022-08-22 21:22:39 +02:00
erik-krogh
e89e0eb7fb make some acronyms camelCase 2022-08-22 21:22:35 +02:00
erik-krogh
9c95dcc126 add change-note 2022-08-22 14:09:19 +02:00
erik-krogh
2ac5441aec rename the XMLDTD class to XmlDTD 2022-08-22 14:09:19 +02:00
erik-krogh
1a89ddae5d update some comments from XML to Xml 2022-08-22 14:09:19 +02:00
erik-krogh
ce9f69a639 rename all occurrences of XML to Xml 2022-08-22 14:08:31 +02:00
erik-krogh
2fd09d34de improve performance of global dataflow by inlining a step predicate 2022-08-22 08:35:19 +02:00
erik-krogh
2f11f3760e simplify getALibraryInputParameter by adding more general dataflow for the arguments object 2022-08-22 08:32:43 +02:00
Erik Krogh Kristensen
31c09ba678 implement flow for .apply() by adding a ReflectiveParametersNode data-flow node 2022-08-22 08:29:28 +02:00
Erik Krogh Kristensen
d86b7f6c54 recognize an access to the arguments object as library-input 2022-08-22 08:29:24 +02:00
Erik Krogh Kristensen
7b1ef7473e change ArrayCreationStep to a PreCallGraphStep and unrestrict the storeStep 2022-08-22 08:15:54 +02:00
Tom Hvitved
663096fe3a Remove redundant overrides 2022-08-19 13:57:41 +02:00
Asger F
349331d6ca Merge pull request #10082 from asgerf/js/exports-handling2 
JS: Handle nested conditions in "exports" section
 2022-08-18 11:10:59 +02:00
Harry Maclean
70ec70940a Merge pull request #8142 from github/hmac/incomplete-multi-char-sanitization 2022-08-18 10:02:39 +12:00
Erik Krogh Kristensen
e93ff8672c Merge pull request #10075 from erik-krogh/depOld 
delete old deprecations
 2022-08-17 21:21:57 +02:00
erik-krogh
6b9f01535b change All to Most in the change-notes 2022-08-17 15:34:57 +02:00
Erik Krogh Kristensen
bd4947fdbd Merge pull request #10046 from erik-krogh/protoFunc 
JS: generalize `BarrierGuardFunction`to work on function that have multiple parameters
 2022-08-17 14:50:54 +02:00
erik-krogh
2622c78766 add change-notes 2022-08-17 13:55:16 +02:00
erik-krogh
b2e3d8bb86 remove some more legacy code that existed to support deprecated code 2022-08-17 13:32:39 +02:00
Harry Maclean
1f4dad4167 Update for rename of ReDoSUtil to NfaUtils 2022-08-17 16:03:49 +12:00
Harry Maclean
f1a546c4d6 Rename IncompleteMultiCharacterSanitization[Query] 2022-08-17 16:03:49 +12:00
Harry Maclean
e48158b9ad JS: Share more code with Ruby 2022-08-17 16:03:49 +12:00
Harry Maclean
b7d9bf4066 Share IncompleteMultiCharacterSanitization JS/Ruby 
Most of the classes and predicates in this query can be shared between
the two languages. There's just a few language-specific things that we
place in IncompleteMultiCharacterSanitizationSpecific.
 2022-08-17 16:03:46 +12:00
erik-krogh
478e0bf5a3 delete old code that only existed to support a deleted deprecated feature 2022-08-16 23:35:48 +02:00
erik-krogh
5586c9a17e delete old deprecations 2022-08-16 22:27:15 +02:00
Erik Krogh Kristensen
fd5b8896df Merge pull request #10063 from erik-krogh/fixRbDep 
re-deprecate ReDoSUtil in ruby
 2022-08-16 13:27:52 +02:00
Alex Ford
d02ad51d74 Merge pull request #10032 from github/post-release-prep/codeql-cli-2.10.3 
Post-release preparation for codeql-cli-2.10.3
 2022-08-16 12:04:07 +01:00
Asger F
449e697761 JS: Handle nested conditions in "exports" section 2022-08-16 11:45:48 +02:00
erik-krogh
8e6a36256c import the non-deprecated NfaUtils in the overly-large-range query 2022-08-16 11:21:43 +02:00
Erik Krogh Kristensen
f106e064fa Merge pull request #9422 from erik-krogh/refacReDoS 
Refactorizations of the ReDoS libraries
 2022-08-16 09:32:08 +02:00
erik-krogh
14cfe2e250 improve the join-order of BarrierGuardFunction::isBarrierCall 2022-08-16 09:28:48 +02:00
erik-krogh
3355a7a046 generalize BarrierGuardFunctionto work on function that have multiple parameters 2022-08-16 09:13:15 +02:00
Asger F
eaf3aa7075 Merge pull request #10036 from asgerf/js/exports-handling 
JS: More precise handling of "exports"
 2022-08-15 15:32:00 +02:00
Erik Krogh Kristensen
0adb588fe8 Merge pull request #9712 from erik-krogh/badRange 
JS/RB/PY/Java: add suspicious range query
 2022-08-15 13:55:44 +02:00
Asger F
3c41f28519 JS: Use explicit this 2022-08-15 12:49:23 +02:00
Asger F
671573633b JS: Simplify getMain() 2022-08-15 12:48:41 +02:00