hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-24 16:17:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
80,300 Commits 1,758 Branches 168 Tags
3e929141cd1c545eea62598e4ab51204cac2c4c3
Commit Graph

2785 Commits

Author SHA1 Message Date
Asger F
3e929141cd JS: Handle name resolution through dynamic imports 2025-06-26 12:47:51 +02:00
Asger F
1307564f2a JS: Add deprecation comment to qldoc 2025-06-26 12:47:45 +02:00
Asger F
b2a405774e JS: Fix qldoc coverage 2025-06-26 12:47:34 +02:00
Asger F
72142ac7da JS: Remove an unnecessary import 2025-06-26 12:47:31 +02:00
Asger F
bdd4b5f0d9 JS: Deprecate everything that depends on type extraction 2025-06-26 12:47:22 +02:00
Asger F
c59839d095 JS: Update an outdated QLDoc comment 2025-06-26 12:47:15 +02:00
Asger F
92956b3514 JS: Update API usage in MissingAwait 2025-06-26 12:47:11 +02:00
Asger F
117ada65c2 JS: Update API usage in ViewComponentInput 2025-06-26 12:47:07 +02:00
Asger F
e3bed52da8 JS: Update type usage use in Express model 2025-06-26 12:47:00 +02:00
Asger F
94c7d0a0f3 JS: Update type usage in Electron model 2025-06-26 12:46:57 +02:00
Asger F
8e7e5a4424 JS: Update type usage in ClassValidator.qll 2025-06-26 12:46:53 +02:00
Asger F
1d85cbddf8 JS: Update type usage in definitions.qll 2025-06-26 12:46:48 +02:00
Asger F
70c62ebdf5 JS: Update type usage in Nest library model 2025-06-26 12:46:44 +02:00
Asger F
3814ac2adf JS: Add public API 2025-06-26 12:46:40 +02:00
Asger F
92612b05bd JS: Add classHasGlobalName into NameResolution 2025-06-26 12:46:34 +02:00
Asger F
1ca6e73fd9 JS: Move some predicates into NameResolution 2025-06-26 12:46:31 +02:00
Taus
ac8b41a5da Merge pull request #19680 from github/tausbn/javascript-exclude-obviously-generated-files 
JavaScript: Don't extract obviously generated files
 2025-06-20 15:52:39 +02:00
Napalys Klicius
3fbe348f99 Merge pull request #19784 from Napalys/js/express_middleware 
JS: Improve Express middleware taint tracking
 2025-06-20 15:36:26 +02:00
Napalys Klicius
c1b2fd86b2 Update javascript/ql/lib/semmle/javascript/frameworks/Express.qll 
Co-authored-by: Taus <tausbn@github.com>
 2025-06-20 14:29:51 +02:00
Napalys Klicius
f80651e78a Merge pull request #19750 from Napalys/js/remove_encodeURI 
JS: remove `encodeURI` from sanitizer list of request forgery
 2025-06-19 14:12:52 +02:00
Napalys Klicius
72528749f2 JS: add change note 2025-06-17 08:34:34 +02:00
Napalys Klicius
060b98d36c JS: enchance middleware taint tracking via local source 2025-06-17 08:30:19 +02:00
Napalys Klicius
fc0c8a8f5a JS: update change note 2025-06-17 08:20:35 +02:00
Napalys Klicius
da21a064ac JS: add _parsedUrl as remote input source 2025-06-16 16:28:30 +02:00
Napalys Klicius
0d5f5104d1 Updated UriEncodingSanitizer comment 2025-06-16 13:08:16 +02:00
Napalys Klicius
798721bd71 JS: add change note 2025-06-16 13:08:14 +02:00
Napalys Klicius
bdbc49c63f JS: Removed encodeURI from request forgery sanitizer list 2025-06-16 13:08:11 +02:00
Napalys Klicius
eca69e1654 JS: remove serialize-javascript from JsonParsers.qll as it is not a parser 2025-06-16 12:59:36 +02:00
Napalys Klicius
fffbc0c0bc JS: add change note 2025-06-16 10:38:27 +02:00
Napalys Klicius
5a107ec33b JS: track taint through serialize-javascript calls with object arguments 2025-06-16 10:38:20 +02:00
Asger F
423ffc78db Merge pull request #19078 from asgerf/js/name-resolution 
JS: QL-side type/name resolution for TypeScript and JSDoc
 2025-06-11 14:17:11 +02:00
Asger F
e848aa747b JS: Clarifying comment on commonStep 2025-06-11 10:24:21 +02:00
Asger F
2aa5fa17f7 JS: Add comment and examples in FlowImpl doc 2025-06-11 10:21:24 +02:00
Asger F
72cc439125 JS: Normalize a few more extensions 2025-06-10 17:36:56 +02:00
Asger F
18f9133715 JS: Rename and clarify comment for trackFunctionType 2025-06-10 16:14:46 +02:00
Asger F
a6488cbad9 Update javascript/ql/lib/semmle/javascript/internal/NameResolution.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2025-06-10 16:06:42 +02:00
Napalys Klicius
51b83dbce5 Merge pull request #19579 from Napalys/js/dom_property_access 
JS: Improve `useless-expression` query to avoid duplicate alerts on compound expressions
 2025-06-10 15:17:13 +02:00
Napalys Klicius
e46581163a Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
 2025-06-10 13:23:31 +02:00
Napalys Klicius
496d8d44eb Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-10 13:19:48 +02:00
Napalys Klicius
e6f071ce46 Update javascript/ql/lib/Expressions/ExprHasNoEffect.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2025-06-10 13:18:48 +02:00
Napalys Klicius
c97da2eda5 Exclude expressions that are part of a conditional expression 2025-06-10 10:56:11 +02:00
github-actions[bot]
21463a9653 Post-release preparation for codeql-cli-2.22.0 2025-06-09 18:50:20 +00:00
github-actions[bot]
88ba02edf8 Release preparation for version 2.22.0 2025-06-09 18:14:51 +00:00
Chuan-kai Lin
631502e129 Merge branch 'main' into cklin/rc-3.18-mergeback 2025-06-09 07:19:40 -07:00
Taus
b8772bc736 JavaScript: Add change note 2025-06-05 15:06:40 +00:00
Asger F
691fdb106e JS: Nicer jump-to-def for function declarations 2025-06-04 22:17:42 +02:00
Asger F
57fad7e6c9 JS: Add SatisfiesExpr 2025-06-04 22:17:40 +02:00
Asger F
853ba49212 Update javascript/ql/lib/semmle/javascript/internal/TypeResolution.qll 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-06-04 10:17:25 +02:00
Napalys Klicius
aac56e089a JavaScript: Fix false positive on Flow type annotations in ExprHasNoEffect 2025-06-03 15:26:22 +02:00
Napalys Klicius
46b5ded862 JS: Enhance void context propagation 2025-06-03 15:20:55 +02:00