codeql

mirror of https://github.com/github/codeql.git synced 2026-03-06 07:36:47 +01:00

Author	SHA1	Message	Date
Max Schaefer	3c785ecaa7	JavaScript: Move flow summaries to `experimental`. Also update description and change note to call out their experimental character more clearly.	2020-03-09 12:57:20 +00:00
Asger Feldthaus	a9a9c14eea	JS: Change note	2020-03-07 15:15:13 +00:00
semmle-qlci	7891f8621e	Merge pull request #2982 from esbena/js/request-model-with-chaining Approved by asgerf	2020-03-06 08:57:42 +00:00
Esben Sparre Andreasen	db335ae89b	JS: add default/chaining for `request`	2020-03-04 12:36:49 +01:00
Asger Feldthaus	6f2b05932e	JS: Change note	2020-03-04 11:18:12 +00:00
Esben Sparre Andreasen	4625217a68	Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules	2020-03-03 15:07:51 +01:00
semmle-qlci	7f3f629d39	Merge pull request #2913 from asger-semmle/js/prototype-pollution-path Approved by erik-krogh	2020-03-03 10:29:47 +00:00
Esben Sparre Andreasen	adddebf039	Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules	2020-03-03 10:55:16 +01:00
semmle-qlci	e1c5449885	Merge pull request #2867 from erik-krogh/UselessCat Approved by esbena	2020-03-03 09:10:25 +00:00
Erik Krogh Kristensen	019266e537	change name of Useless cat	2020-03-02 13:06:08 +01:00
Anders Schack-Mulligen	b210009eec	Merge pull request #2923 from yo-h/java-customizations Java: add `Customizations.qll`	2020-03-02 09:58:34 +01:00
Esben Sparre Andreasen	a589061bee	JS: add type-tracking to the fs-module and model the `original-fs`	2020-02-28 12:54:59 +01:00
Erik Krogh Kristensen	ce9cd53bf1	Merge remote-tracking branch 'upstream/master' into UselessCat	2020-02-28 09:56:23 +01:00
Erik Krogh Kristensen	17f1974e05	Apply suggestions from code review Co-Authored-By: mc <42146119+mchammer01@users.noreply.github.com>	2020-02-28 09:43:32 +01:00
Asger Feldthaus	52ebe49a0b	JS: Flag deep assignments in prototype pollution query	2020-02-27 12:17:55 +00:00
Erik Krogh Kristensen	9c06c48dc7	Merge pull request #2884 from esbena/js/practically-exploitable-redos JS: add query js/exploitable-polynomial-redos	2020-02-27 10:19:17 +01:00
Esben Sparre Andreasen	1b73cee692	JS: add js/exploitable-polynomial-redos	2020-02-27 08:42:43 +01:00
yo-h	62f8bf2b2e	Java: add release note for `Customizations.qll`	2020-02-26 14:36:27 -05:00
Asger F	160fc48803	Merge pull request #2896 from asger-semmle/typescript-3.8 TS: Support Typescript 3.8	2020-02-25 08:19:01 +00:00
Asger F	e665e3c187	Update change-notes/1.24/analysis-javascript.md Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>	2020-02-24 15:07:28 +00:00
Asger Feldthaus	6360073da4	JS: Rephrase change note	2020-02-24 14:35:17 +00:00
Erik Krogh Kristensen	b72404dc99	add change note	2020-02-24 14:07:49 +01:00
Asger Feldthaus	05d9e64dab	TS: Add change note	2020-02-24 11:40:27 +00:00
Asger Feldthaus	1ee112a341	JS: Add change note	2020-02-21 13:55:27 +00:00
semmle-qlci	ee5cf95f5b	Merge pull request #2892 from asger-semmle/js/field-methods Approved by esbena	2020-02-21 13:49:42 +00:00
Asger Feldthaus	01fed95fe6	JS: Add change note	2020-02-21 11:49:20 +00:00
Robert Marsh	7a7444b4e1	Docs: Simplify change note Co-Authored-By: Felicity Chapman <felicitymay@github.com>	2020-02-20 12:50:52 -08:00
Robert Marsh	d151c2eeb7	C++: change note for IR-based GVN	2020-02-19 14:39:36 -08:00
Robert Marsh	8ea5739b7a	C++: release note for DefaultTaintTracking	2020-02-19 14:32:49 -08:00
Esben Sparre Andreasen	abe7aeef7c	Merge pull request #2643 from esbena/js/unsafe-jquery JS: add query js/unsafe-jquery-plugin	2020-02-18 09:26:14 +01:00
semmle-qlci	ecad925101	Merge pull request #2631 from hvitved/dataflow/generalize-flow-summaries Approved by aschackmull	2020-02-17 18:22:46 +00:00
semmle-qlci	23ed2bcc64	Merge pull request #2782 from asger-semmle/js/export-as-ns Approved by erik-krogh, max-schaefer	2020-02-17 11:22:58 +00:00
Tom Hvitved	8e325ead91	Add change notes	2020-02-17 11:00:10 +01:00
Max Schaefer	ad83a8946c	JavaScript: Sort lines in change notes.	2020-02-14 11:15:09 +00:00
Max Schaefer	f181111886	JavaScript: Add model of `http2` compatibility API. Also deprecated the `httpOrHttps` predicate, which was now only used in one place and seemed a little pointless anyway.	2020-02-14 11:14:31 +00:00
semmle-qlci	da566a4484	Merge pull request #2828 from erik-krogh/CVE24 Approved by esbena	2020-02-14 09:12:48 +00:00
semmle-qlci	769dce511b	Merge pull request #2788 from erik-krogh/CVE42-sink Approved by esbena	2020-02-14 08:00:00 +00:00
Erik Krogh Kristensen	d6afd438ba	add model for chrome-remote-interface as a ClientRequest	2020-02-13 10:58:07 +01:00
Taus	12113e947f	Merge pull request #2603 from RasmusWL/python-fix-http-source-sink Python: Make web libs use HttpRequestTaintSource and HttpResponseTaintSink	2020-02-12 13:42:22 +01:00
Robert Marsh	5269fb713f	Merge pull request #2812 from geoffw0/nospacezero C++: Improve NoSpaceForZeroTerminator.ql	2020-02-11 14:37:32 -05:00
Geoffrey White	87781a944b	C++: Change note.	2020-02-11 15:25:59 +00:00
Tom Hvitved	1948446ad3	Address review comments	2020-02-11 11:56:40 +01:00
Tom Hvitved	dc27ee7b9f	C#: Add change note	2020-02-10 20:33:57 +01:00
Tom Hvitved	2b2bb5db80	Merge pull request #2803 from calumgrant/cs/stackalloc-expr C#: Handle implicitly-typed stackallocs	2020-02-10 20:28:16 +01:00
Erik Krogh Kristensen	67cd303a91	add change note	2020-02-10 13:51:48 +01:00
Calum Grant	a95ef31984	C#: Analysis change notes	2020-02-10 11:36:30 +00:00
Esben Sparre Andreasen	736ccb98c2	JS: model the `send` library for `js/path-injection`	2020-02-07 12:45:32 +01:00
Calum Grant	389e6266d9	Merge pull request #2773 from hvitved/csharp/useless-assignment-to-local-default C#: Remove false positives for `cs/useless-assignment-to-local`	2020-02-07 10:37:19 +00:00
Asger Feldthaus	91a5385e7f	JS: Add libraries to change note	2020-02-06 14:59:52 +00:00
Asger Feldthaus	75c008eec1	JS: Change note	2020-02-06 14:33:20 +00:00

1 2 3 4 5 ...

1328 Commits