codeql

mirror of https://github.com/github/codeql.git synced 2026-02-17 15:33:45 +01:00

Author	SHA1	Message	Date
Asger F	a36e39359f	Merge pull request #16739 from RasmusWL/js-array-steps JS: Allow many Array steps to be used in type-tracking	2024-06-20 11:39:46 +02:00
Rasmus Wriedt Larsen	596102d3fb	Update javascript/ql/lib/change-notes/2024-06-14-type-tracking-array-steps.md Co-authored-by: Asger F <asgerf@github.com>	2024-06-20 10:07:49 +02:00
Paolo Tranquilli	b7a2ea8981	CI: accept other diagnostic format related test changes	2024-06-19 11:33:50 +02:00
Rasmus Wriedt Larsen	3fc8401370	JS: Add change-note	2024-06-14 15:37:25 +02:00
Rasmus Wriedt Larsen	3f2befc3e5	JS: Support spread arguments in `array.splice`	2024-06-14 15:33:17 +02:00
Rasmus Wriedt Larsen	269f8ca2cd	JS: Add `splice(...arr)` test	2024-06-14 15:19:56 +02:00
Rasmus Wriedt Larsen	68ccec3d43	JS: Prepare for new test	2024-06-14 15:18:47 +02:00
Rasmus Wriedt Larsen	194ef607f7	JS: Updated `.expected`	2024-06-14 14:49:34 +02:00
Rasmus Wriedt Larsen	ec18786488	JS: Provide better model for `Array.splice`	2024-06-12 16:29:21 +02:00
Rasmus Wriedt Larsen	54a0e6dc45	JS: Add new test for Array.splice	2024-06-12 16:24:33 +02:00
Rasmus Wriedt Larsen	9ed6da1072	JS: prepare to extend Array tests Oh how I have enjoyed working with InlineExpectationTests for these sort of things, not worrying about all the .expected files changing because you add a few lines in the middle of your tests :D	2024-06-12 16:22:55 +02:00
Rasmus Wriedt Larsen	1027ca266d	JS: Allow many Array steps to be used in type-tracking	2024-06-12 16:14:13 +02:00
github-actions[bot]	8a25081a0e	Post-release preparation for codeql-cli-2.17.5	2024-06-10 15:33:08 +00:00
github-actions[bot]	877bfa2468	Release preparation for version 2.17.5	2024-06-10 13:40:39 +00:00
Anders Schack-Mulligen	0c47203580	Javascript: Add support for pretty-printed provenace in tests.	2024-06-07 11:47:49 +02:00
Asger F	6e0f3df573	Merge pull request #14120 from asgerf/dynamic/typemodel-istypeused Dynamic: add TypeModel.isTypeUsed	2024-06-06 15:31:16 +02:00
Paolo Tranquilli	096a31dbef	Mark all integration tests as legacy This is in preparation for the new integration test framework. Tests marked thus will be run by the current framework and ignored by the new one.	2024-05-31 16:04:50 +02:00
github-actions[bot]	906b65d09c	Post-release preparation for codeql-cli-2.17.4	2024-05-28 18:02:25 +00:00
github-actions[bot]	33b4ae8bbb	Release preparation for version 2.17.4	2024-05-28 15:44:32 +00:00
Erik Krogh Kristensen	c743abad54	Merge pull request #14294 from am0o0/amammad-js-CodeInjection_execa JS: provide command execution sinks for execa package	2024-05-24 09:20:19 +02:00
Dave Bartolomeo	613ccaac1d	Add change note to all v1.0.0 packs	2024-05-23 13:01:22 -04:00
erik-krogh	c80f48b23a	Merge branch 'main' into amammad-js-CodeInjection_execa	2024-05-23 08:02:22 +02:00
Dave Bartolomeo	ffe4c8c87b	Update all pack versions to `1.0.0`	2024-05-22 13:39:08 -04:00
erik-krogh	a30bac14e9	add change-note	2024-05-21 22:14:39 +02:00
Asger F	3b211089d6	JS: Remove redundant import	2024-05-21 14:40:17 +02:00
Asger F	6f19fc2fcd	JS: Add isTypeUsed to avoid overpruning	2024-05-21 14:38:52 +02:00
Asger F	632cce2c16	JS: Add failing test due to overpruning	2024-05-21 14:20:13 +02:00
Asger F	43abc72780	JS: Add TypeModel.isTypeUsed f	2024-05-21 14:19:56 +02:00
Joe Farebrother	01a6c5e82f	Merge pull request #16446 from joefarebrother/shared-sensitive-heuristics Ruby/Python/JS/Swift: Add category of Private information to shared sensitive data heuristics	2024-05-21 09:07:13 +01:00
erik-krogh	c166cb406a	Merge branch 'main' into amammad-js-CodeInjection_execa	2024-05-21 08:48:12 +02:00
Erik Krogh Kristensen	03cf9b702c	Merge pull request #14291 from am0o0/amammad-js-CodeInjection_Shelljs JS: Shelljs improvement	2024-05-17 11:14:11 +02:00
am0o0	42a9962519	make shellJSMember predicate private, improve predicate document	2024-05-16 14:05:06 +02:00
Asger F	499c4df79b	Merge pull request #13554 from am0o0/amammad-js-bombs JS: Decompression Bombs	2024-05-16 13:25:41 +02:00
erik-krogh	56dff8540f	add an example of how to get a floating point value between 0 and 1	2024-05-16 11:15:07 +02:00
erik-krogh	066f3b61a2	RandomSource is deprecated, it's crypto now	2024-05-16 11:14:50 +02:00
github-actions[bot]	32e8b5c667	Post-release preparation for codeql-cli-2.17.3	2024-05-14 21:14:08 +00:00
github-actions[bot]	100166fa53	Release preparation for version 2.17.3	2024-05-14 19:23:18 +00:00
Chuan-kai Lin	1758a1e04b	Merge pull request #16422 from github/cklin/javascript-entities-reorder JS: Use entities in reorder directives	2024-05-13 10:26:41 -07:00
Joe Farebrother	da93a08639	Add change notes No change note is needed for Swift, as the new heuristics are unused and thus should not affect any queries.	2024-05-09 10:03:20 +01:00
Joe Farebrother	9aff22c664	Fix typos in sensitive data regex	2024-05-09 09:39:03 +01:00
Joe Farebrother	5f4bc4197b	Add private category to sensitive data heuristics	2024-05-08 10:02:00 +01:00
Chuan-kai Lin	9b51e0e0ee	JS: Use entities in reorder directives	2024-05-03 11:17:13 -07:00
erik-krogh	39a8b49222	add qhelp recommendation that you can use an obvious placeholder value	2024-05-03 19:37:31 +02:00
erik-krogh	b209fc67cb	test the change to hardcoded-credentials	2024-05-03 19:34:18 +02:00
erik-krogh	d9e8e0e00a	use some more standard values for credentials-kind for NodeJS client credentials	2024-05-03 13:58:37 +02:00
erik-krogh	ff85db36e2	exclude credentials as kind `key` from hardcoded-credentials when the key looks like a dummy password	2024-05-03 13:58:11 +02:00
Owen Mansel-Chan	83249cd9c2	Fix grammar in comment	2024-05-02 09:59:48 +01:00
Owen Mansel-Chan	16dcc0969b	Standardise comment explaining why extensible predicates must be defined	2024-05-01 22:00:01 +01:00
Owen Mansel-Chan	09e59ccf44	Name files with empty definitions of MaD extensible predicates to erowdmpty.model.yml	2024-05-01 21:39:38 +01:00
github-actions[bot]	99928b82ed	Post-release preparation for codeql-cli-2.17.2	2024-04-30 12:15:35 +00:00

1 2 3 4 5 ...

8859 Commits