8367 Commits

Author	SHA1	Message	Date
Rasmus Lerchedahl Petersen	02c41f3dcf	JavaScript: Use shared library for serverless	2023-07-12 16:46:34 +02:00
Asger F	c8af28c2ca	Merge pull request #13700 from asgerf/js/path-join-spread ... JS: Recognize 'fs/promises' alias and handle spread arguments in path.join()	2023-07-11 15:31:13 +02:00
Asger F	8234b8f175	JS: Change note	2023-07-10 13:19:44 +02:00
Asger F	27085b1fd0	JS: Fix whitespace	2023-07-10 12:07:13 +02:00
Asger F	fe90146a16	JS: Add test for path.join with spread argument	2023-07-10 12:07:07 +02:00
Asger F	06bc0f6957	JS: Add test for fs/promises	2023-07-10 12:05:03 +02:00
github-actions[bot]	13cf054a9d	Post-release preparation for codeql-cli-2.14.0	2023-07-07 14:55:41 +00:00
Asger F	965ca169e5	JS: Recognise fs/promises	2023-07-07 14:14:49 +02:00
Asger F	d49359a95c	JS: Add step through spread arg to path.join()	2023-07-07 14:10:50 +02:00
github-actions[bot]	6484ee106e	Release preparation for version 2.14.0	2023-07-07 08:22:14 +00:00
Dave Bartolomeo	9631e9f2f1	Bump minor version numbers post-GHES	2023-07-06 10:10:01 -04:00
Dave Bartolomeo	2bb9adfbf1	Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10	2023-07-06 10:00:46 -04:00
Erik Krogh Kristensen	b2a60bf3d1	Merge pull request #13642 from erik-krogh/san-script ... JS/RB: Fix FP in incomplete-multi-character-sanitization	2023-07-06 15:38:39 +02:00
Chuan-kai Lin	6912f7ed3a	Merge pull request #13638 from cklin/remove-pragma-assume-small-delta ... Remove pragma[assume_small_delta]	2023-07-03 07:00:36 -07:00
Asger F	4c9501eba5	Merge pull request #13529 from jorgectf/seclab/webix-modeling ... JS: Add models for `webix`	2023-07-03 12:03:18 +02:00
erik-krogh	f9eee906cf	fix FP by requiring that the regular expression mention on of the chars important in the prefix	2023-07-01 20:30:09 +02:00
erik-krogh	bd400be6ec	add FP for incomplete-multi-char-sanitization	2023-07-01 20:28:31 +02:00
Chuan-kai Lin	ce464a7d69	Remove pragma[assume_small_delta]	2023-06-30 11:09:29 -07:00
github-actions[bot]	668aaa2dc8	Post-release preparation for codeql-cli-2.13.5	2023-06-30 08:51:48 +00:00
Jorge	e210b0d0a7	Apply suggestions from code review ... Co-authored-by: Asger F <asgerf@github.com>	2023-06-29 16:06:34 +02:00
github-actions[bot]	9d7987f822	Release preparation for version 2.13.5	2023-06-29 09:26:18 +00:00
jorgectf	2ac334bf15	Adapt Webix modeling to support HTML use-cases	2023-06-28 15:26:30 +02:00
Kasper Svendsen	ab5e241310	Javascript: Enable implicit this warnings for remaining packs	2023-06-27 11:56:29 +02:00
jorgectf	1e663b8889	Update HeuristicSourceCodeInjection.expected	2023-06-26 13:32:20 +02:00
jorgectf	bb67a9000e	Fix WebixTemplateSink	2023-06-26 13:32:00 +02:00
Jorge	5bd044211e	Apply suggestions from code review ... Co-authored-by: Asger F <asgerf@github.com>	2023-06-26 13:27:23 +02:00
Rasmus Wriedt Larsen	0121263e03	Merge branch 'main' into python/enable-summaries-from-models	2023-06-26 11:34:12 +02:00
Jorge	08b9a5e2b2	Add missing ;	2023-06-23 23:10:06 +02:00
Jorge	3c980db93a	Format webix.js	2023-06-23 18:08:01 +02:00
Jorge	8ff525933e	Merge branch 'main' into seclab/webix-modeling	2023-06-23 18:06:26 +02:00
yoff	26856a82a6	Apply suggestions from code review ... Co-authored-by: Asger F <asgerf@github.com>	2023-06-23 10:15:20 +02:00
Kevin Stubbings	3605269e13	Add webix copy function	2023-06-22 22:16:28 -07:00
jorgectf	7e7e2aaac7	Remove non-existing import	2023-06-22 01:15:08 +02:00
jorgectf	868129c7e7	Add change note	2023-06-22 01:14:06 +02:00
jorgectf	6947e99c15	Add models for webix ... Co-authored-by: Kevin Stubbings <Kwstubbs@users.noreply.github.com>	2023-06-22 01:07:33 +02:00
Henry Mercer	5afdaf8fe1	Merge pull request #13525 from github/rc/3.10 ... Merge `rc/3.10` back to `main`	2023-06-21 17:13:36 +01:00
Adrien Pessu	e332a4348d	Update javascript/ql/src/Security/CWE-798/HardcodedCredentials.qhelp ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2023-06-21 12:55:33 +01:00
Adrien Pessu	4d1bbe36a9	Merge branch 'main' into main	2023-06-21 09:11:57 +01:00
Adrien Pessu	7dfb404fd7	clean examples	2023-06-21 08:11:39 +00:00
Adrien Pessu	e85987bfc5	remove useless phrase	2023-06-21 07:59:24 +00:00
Erik Krogh Kristensen	12b3913a4b	Merge pull request #13511 from tspascoal/patch-1 ... JS: Single quote was preventing the shell from expanding the BODY variable in Expression injection in Actions example	2023-06-21 09:57:20 +02:00
Adrien Pessu	9cb12cdcbe	Merge branch 'main' of https://github.com/adrienpessu/codeql	2023-06-20 17:28:28 +00:00
Adrien Pessu	2a2f6de78c	fixed text not in a tag	2023-06-20 17:27:37 +00:00
Adrien Pessu	77077da20c	Merge branch 'main' into main	2023-06-20 18:24:44 +01:00
Adrien Pessu	36cb60c746	Add fixed proposition for NodeJS	2023-06-20 17:22:56 +00:00
Jami	5259a6ecfc	Merge pull request #13324 from jcogs33/jcogs33/shared-sink-kind-validation ... Shared: share MaD kind validation across languages	2023-06-20 11:56:12 -04:00
Tiago Pascoal	150854603b	Single quote was preventing the shell from expanding the BODY variable ... While this prevents the attack highlighted in the query help it also prevents it from working. Double quotes will allow the expansion of the variable while still preventing the attack	2023-06-20 11:38:27 +01:00
github-actions[bot]	18b678e69e	Post-release preparation for codeql-cli-2.13.4	2023-06-20 10:20:05 +00:00
Adrien Pessu	eb28266bcb	improv example the help file	2023-06-19 17:00:52 +00:00
Tony Torralba	8f6d2ed2f9	Adjust ZipSlip query description according to review suggestions.	2023-06-19 10:27:41 +02:00