6351 Commits

Author	SHA1	Message	Date
Tom Hvitved	eb9df008b0	JS: Remove two invalid QHelp links	2025-10-24 08:45:12 +02:00
Owen Mansel-Chan	66f95bcbcd	Merge pull request #20603 from owen-mc/update-broken-algo-qhelp ... Many languages: Update broken algo qhelp	2025-10-17 12:30:43 +01:00
Napalys Klicius	45e8164f14	JS: remove quality tag from SyntaxError query	2025-10-15 09:07:11 +02:00
github-actions[bot]	6dd07790ac	Post-release preparation for codeql-cli-2.23.3	2025-10-14 11:16:33 +00:00
github-actions[bot]	33542f7d40	Release preparation for version 2.23.3	2025-10-14 09:30:24 +00:00
Owen Mansel-Chan	0bcdb91639	Improve qhelp for broken crypto algo queries ... Previously it focussed too much on the risk of data being decrypted, and didn't explain why using weak algorithms is a problem in other contexts.	2025-10-08 14:10:54 +01:00
github-actions[bot]	a7a4e43991	Post-release preparation for codeql-cli-2.23.2	2025-09-29 15:10:19 +00:00
github-actions[bot]	d2130a589b	Release preparation for version 2.23.2	2025-09-29 10:28:45 +00:00
Florin Coada	ba520c60d2	Update 2.1.0.md	2025-09-26 10:11:03 +01:00
Florin Coada	09833e2541	Update CHANGELOG for query promotion and acknowledgment ... Promote 'Permissive CORS configuration' query to default suite and acknowledge contributor.	2025-09-26 10:09:30 +01:00
Florin Coada	2f96e32ec9	Update 2.1.0.md	2025-09-26 10:08:31 +01:00
Ian Lynagh	c653d939d9	Merge pull request #20451 from github/post-release-prep/codeql-cli-2.23.1 ... Post-release preparation for codeql-cli-2.23.1	2025-09-17 13:00:14 +01:00
Michael Nebel	6d330891db	Merge pull request #20395 from michaelnebel/javascript/code-quality-extended ... JS: Add most `medium` precision queries to the `code-quality-extended` suite.	2025-09-17 13:47:02 +02:00
github-actions[bot]	4e8343664f	Post-release preparation for codeql-cli-2.23.1	2025-09-17 10:13:40 +00:00
github-actions[bot]	02a1b1efcb	Release preparation for version 2.23.1	2025-09-16 14:14:42 +00:00
Asger F	edf79a3730	JS: Change note	2025-09-16 13:53:31 +02:00
Chris Smowton	c375f24598	Merge pull request #20423 from smowton/smowton/fix/length-comparison-off-by-one-fp ... JS: Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access	2025-09-15 18:24:45 +01:00
Ian Lynagh	d0091e1b3c	javascript: Fix spelling error in documentation ... Corrects the spelling of "occurrences" in the Incomplete Multi-Character Sanitization documentation to improve clarity.	2025-09-15 14:53:22 +01:00
Chris Smowton	db5c58180e	Change note	2025-09-12 14:32:12 +01:00
Chris Smowton	f5780ae369	Amend docstring	2025-09-12 14:32:10 +01:00
Chris Smowton	4fb133a43d	Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access	2025-09-12 14:32:07 +01:00
Asger F	d575d3c9e4	Merge pull request #20374 from asgerf/js/typescript-5.9 ... JS: Support TypeScript 5.9 and support 'import defer' syntax	2025-09-09 20:50:04 +02:00
Michael Nebel	58862f4ace	JavaScript: Add some medium precision queries to the code-quality-extended suite.	2025-09-09 15:47:03 +02:00
Napalys Klicius	8c34b7eaea	Merge pull request #20146 from Napalys/js/move-cors-query-from-experimental ... JS: Move cors-misconfiguration query from experimental to Security	2025-09-08 09:32:38 +02:00
Napalys Klicius	b2feaaceea	Merge branch 'main' into js/move-cors-query-from-experimental	2025-09-05 12:11:09 +02:00
Asger F	ef114c4a07	JS: Add change note	2025-09-05 12:04:53 +02:00
Napalys Klicius	e6eacca50b	Update change note to reflect changes	2025-09-05 11:27:29 +02:00
Arthur Baars	5d3ec35e29	Remove non-breaking spaces from code	2025-09-05 09:41:15 +02:00
Napalys Klicius	c4c8dbcf7d	Merge remote-tracking branch 'origin/main' into js/move-cors-query-from-experimental	2025-09-04 15:24:44 +02:00
Napalys Klicius	d3d608fa33	Updated query description and added a sanitizer	2025-09-04 13:16:37 +00:00
Michael Nebel	8009ddebce	Merge pull request #20329 from michaelnebel/javascript/ql4ql ... JS: Fix some Ql4Ql violations.	2025-09-04 13:01:37 +02:00
Napalys Klicius	8fc81f4263	Merge branch 'main' into js/remote-property-injection-update	2025-09-03 14:02:19 +02:00
github-actions[bot]	e8a2600a0c	Post-release preparation for codeql-cli-2.23.0	2025-09-02 11:46:23 +00:00
github-actions[bot]	0bfa93828b	Release preparation for version 2.23.0	2025-09-02 11:09:32 +00:00
Michael Nebel	8b10ad49d7	JS: Fix some Ql4Ql violations.	2025-09-01 15:17:53 +02:00
Napalys Klicius	e0916c8750	JS: add change note	2025-08-27 10:32:45 +00:00
github-actions[bot]	42e3d31c49	Post-release preparation for codeql-cli-2.22.4	2025-08-18 14:42:42 +00:00
github-actions[bot]	90d29994c8	Release preparation for version 2.22.4	2025-08-18 14:06:09 +00:00
Napalys Klicius	b2346183d6	Merge pull request #20148 from Napalys/js/reg-exp-env-variable-threat-model ... JS: Exclude environment variables from `js/regex-injection` query by default	2025-08-18 09:32:15 +02:00
github-actions[bot]	fb4b0aac53	Post-release preparation for codeql-cli-2.22.3	2025-08-04 17:18:08 +00:00
github-actions[bot]	fd82aeb1f8	Release preparation for version 2.22.3	2025-08-04 15:47:57 +00:00
Napalys Klicius	3f9061abdb	Added change note	2025-07-31 13:20:38 +02:00
Napalys Klicius	021aa13ee2	Added change note	2025-07-31 12:45:34 +02:00
Napalys Klicius	791a7e242e	Updated qhelp for cors permissive configuration	2025-07-31 11:31:10 +02:00
Napalys Klicius	358617f533	Move CORS misconfiguration query from experimental to Security	2025-07-30 10:22:59 +00:00
github-actions[bot]	37cc78255a	Post-release preparation for codeql-cli-2.22.2	2025-07-22 14:22:20 +00:00
github-actions[bot]	997547b8ef	Release preparation for version 2.22.2	2025-07-22 14:04:14 +00:00
Nick Rolfe	825c813095	Revert "Release preparation for version 2.22.2"	2025-07-22 14:33:45 +01:00
github-actions[bot]	c8632b70b7	Release preparation for version 2.22.2	2025-07-21 16:45:45 +00:00
Nick Rolfe	ad9b637bec	Revert "Merge pull request #19994 from github/post-release-prep/codeql-cli-2.22.2" ... This reverts commit e5b4a15e35, reversing changes made to 33e63109bb.	2025-07-21 15:18:59 +01:00