hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 10:23:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,350 Commits 1,693 Branches 161 Tags
4fc5738deddbfba85fab2e79cd2fde7cb95498a3
Commit Graph

11583 Commits

Author SHA1 Message Date
Asger F
4fc5738ded JS: Change note 2025-06-23 16:08:21 +02:00
Asger F
61887beae0 JS: Add test case for false positive 2025-06-23 16:03:41 +02:00
Asger F
cc1a28ac7e JS: Add parameters of server functions as remote flow sources 2025-06-23 16:03:39 +02:00
Asger F
d9f4e4a90d JS: Add tests for functions with "use server" directive 2025-06-23 16:03:38 +02:00
Asger F
7dd7246cd4 JS: Update tests.expected 
Mostly noise due to renamed predicates and reordered result sets
 2025-06-23 16:03:35 +02:00
Asger F
180b023c7c JS: Add inline expectations to React test 2025-06-23 16:03:33 +02:00
Asger F
1787d4dce8 JS: Enable inline expectations in test 
Will update files in next commit
 2025-06-23 16:03:32 +02:00
Asger F
1a18e68364 JS: Remove reactLibraryRef 
This is not testing anything interesting, and is noisy when adding inline expectations
 2025-06-23 16:03:30 +02:00
Asger F
99fb6b62ad JS: Remove test_ prefix from query predicates 2025-06-23 16:03:29 +02:00
Asger F
8ff7182f3a JS: Move React test predicates into one file 2025-06-23 15:37:15 +02:00
Asger F
980d0f46fa JS: Add model for react 'use' 2025-06-23 15:27:21 +02:00
Asger F
768ccc6a54 JS: Add test for react 'use' function 2025-06-23 15:26:08 +02:00
Asger F
93c891a987 Merge pull request #19822 from Fdawgs/patch-1 
JS: Update Fastify tld
 2025-06-23 12:49:42 +02:00
Taus
ac8b41a5da Merge pull request #19680 from github/tausbn/javascript-exclude-obviously-generated-files 
JavaScript: Don't extract obviously generated files
 2025-06-20 15:52:39 +02:00
Napalys Klicius
3fbe348f99 Merge pull request #19784 from Napalys/js/express_middleware 
JS: Improve Express middleware taint tracking
 2025-06-20 15:36:26 +02:00
Napalys Klicius
c1b2fd86b2 Update javascript/ql/lib/semmle/javascript/frameworks/Express.qll 
Co-authored-by: Taus <tausbn@github.com>
 2025-06-20 14:29:51 +02:00
Napalys Klicius
bca536c5b6 Merge remote-tracking branch 'origin/main' into js/quality/loop_shift 2025-06-20 11:30:20 +02:00
Napalys Klicius
8c2bda32df Merge pull request #19776 from Napalys/js/mass_quality_promotion 
JS: Mass promotion of queries to `quality` status
 2025-06-20 10:53:32 +02:00
Napalys Klicius
7c25bcdad1 Changed js/duplicate-condition to reliability and correctness 2025-06-20 08:06:03 +02:00
Napalys Klicius
aa3e9c6579 Changed js/unreachable-statement to reliability and correctness 2025-06-19 19:52:03 +02:00
Napalys Klicius
32dd665472 Changed js/unused-loop-variable to reliability and correctness 2025-06-19 19:45:20 +02:00
Napalys Klicius
4fd3ef8f1c Changed js/useless-assignment-in-return to reliability and correctness 2025-06-19 19:37:13 +02:00
Napalys Klicius
4bc97326d1 Changed js/label-in-switch to reliability and correctness 2025-06-19 19:30:53 +02:00
Napalys Klicius
125add1e19 Changed js/node/missing-exports-qualifier to reliability and correctness 2025-06-19 19:24:00 +02:00
Napalys Klicius
2ab35d6a45 Changed js/node/assignment-to-exports-variable to reliability and correctness 2025-06-19 19:21:06 +02:00
Napalys Klicius
c1d29cc48a Changed js/whitespace-contradicts-precedence to reliability and correctness 2025-06-19 18:26:12 +02:00
Napalys Klicius
bb9a2289a3 Changed js/conditional-comment to reliability and correctness 2025-06-19 18:25:31 +02:00
Frazer Smith
094b67f88c JS: Update Fastify tld 2025-06-19 16:22:46 +01:00
Napalys Klicius
ad6c6b2d26 Changed js/angular/dependency-injection-mismatch to reliability and correctness 2025-06-19 17:16:32 +02:00
Napalys Klicius
c18fe303d0 JS: Changed MissingThisQualifier to reliability and correctness 2025-06-19 16:27:00 +02:00
Napalys Klicius
244bf428a1 JS: Fixed typo. 2025-06-19 16:26:07 +02:00
Napalys Klicius
8679151ace Update javascript/ql/src/change-notes/2025-06-12-loop-iteration.md 
Co-authored-by: Taus <tausbn@github.com>
 2025-06-19 14:21:08 +02:00
Napalys Klicius
5448071e09 Update javascript/ql/src/change-notes/2025-06-12-loop-iteration-fix.md 
Co-authored-by: Taus <tausbn@github.com>
 2025-06-19 14:20:37 +02:00
Napalys Klicius
f80651e78a Merge pull request #19750 from Napalys/js/remove_encodeURI 
JS: remove `encodeURI` from sanitizer list of request forgery
 2025-06-19 14:12:52 +02:00
Napalys Klicius
8b2bb07140 Updated quality extended expected file after merge 2025-06-19 10:27:57 +02:00
Napalys Klicius
119c1e61ec Merge remote-tracking branch 'origin/main' into js/mass_quality_promotion 2025-06-19 10:27:15 +02:00
Napalys Klicius
88f668781d Updated extended expected file after merge 2025-06-19 10:24:39 +02:00
Napalys Klicius
53cae4fa97 Merge remote-tracking branch 'origin/main' into js/quality/loop_shift 2025-06-19 10:21:52 +02:00
Tamas Vajk
e6a9ff08a3 Adjust query-suite integration test expected files 2025-06-18 13:10:34 +02:00
Tamas Vajk
40274dcd69 Add code-quality-extended query suites 2025-06-18 13:10:34 +02:00
Napalys Klicius
72528749f2 JS: add change note 2025-06-17 08:34:34 +02:00
Napalys Klicius
060b98d36c JS: enchance middleware taint tracking via local source 2025-06-17 08:30:19 +02:00
Napalys Klicius
fc0c8a8f5a JS: update change note 2025-06-17 08:20:35 +02:00
Napalys Klicius
da21a064ac JS: add _parsedUrl as remote input source 2025-06-16 16:28:30 +02:00
Napalys Klicius
67aac7abfa JS: add test cases for middleware property assignment tracking 2025-06-16 16:26:08 +02:00
Napalys Klicius
b14b661cd1 JS: add change note 2025-06-16 14:12:39 +02:00
Napalys Klicius
0c31838aa5 JS: mass add missing quality related tags to relevant queries 2025-06-16 14:05:57 +02:00
Napalys Klicius
0d5f5104d1 Updated UriEncodingSanitizer comment 2025-06-16 13:08:16 +02:00
Napalys Klicius
798721bd71 JS: add change note 2025-06-16 13:08:14 +02:00
Napalys Klicius
bdbc49c63f JS: Removed encodeURI from request forgery sanitizer list 2025-06-16 13:08:11 +02:00