codeql

mirror of https://github.com/github/codeql.git synced 2025-12-23 04:06:37 +01:00

Author	SHA1	Message	Date
Tom Hvitved	a46964dfe8	Address review comments	2023-12-12 13:55:52 +01:00
erik-krogh	896432b646	add environment variable to skip extraction of types in TypeScript	2023-12-12 12:25:00 +01:00
erik-krogh	cf31ef4960	make sure `reset()` is called when manually invoking the TS extractor, so environment-variables are read	2023-12-12 10:51:09 +01:00
erik-krogh	c246a9c12c	move `TypeVarDepth` further up, so its declared before it's used	2023-12-12 10:34:42 +01:00
erik-krogh	13a01e1545	fix a `this` reference `this` didn't refer to anything specific, and it was in fact `undefined` in the context it was invoked. There was already a `let typeTable = this;` further up (where `this` refers to the class instance), so I used `typeTable`.	2023-12-12 10:32:31 +01:00
erik-krogh	ca95a6e9cf	exclude all the lib.d.ts files when running the TS extractor directly e.g. the `lib.es5.d.ts` file was not excluded	2023-12-12 10:29:09 +01:00
Tom Hvitved	28373e0fdf	JS: Adapt to changes in shared code	2023-12-10 11:25:43 +01:00
erik-krogh	e8f9e366d5	remove redundant imports for JS	2023-12-08 16:56:54 +01:00
github-actions[bot]	92af5f5386	Post-release preparation for codeql-cli-2.15.4	2023-12-06 22:59:22 +00:00
github-actions[bot]	c04457e9e7	Release preparation for version 2.15.4	2023-12-06 21:11:50 +00:00
Jorge	8abd1d9855	Merge branch 'main' into seclab/dotjs	2023-11-30 19:42:18 +01:00
Jorge	91bc043f30	Add `.html.dot` to `Autobuild.java`	2023-11-30 19:38:24 +01:00
Felicity Chapman	4cb2f53223	Remove unwanted period from query name Our style guide states that names should not end in a period. I'm updating this now to allow us to automate a process for GitHub docs, see: https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#query-name-name	2023-11-30 14:31:17 +00:00
Rafael	1a05c2e704	Added Django test	2023-11-29 08:26:49 +01:00
Rafael	0a74a3a765	Update javascript/ql/src/change-notes/2023-11-28-django-urls.md Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2023-11-29 08:23:02 +01:00
Rafael	0b0c9e3e48	Create 2023-11-28-django-urls.md	2023-11-28 22:29:53 +01:00
Rafael	286e3951bf	Detect Django template URLs Django URLs are currently not detected, but flask and nunjucks URL are. (See https://github.com/github/codeql/issues/12267)	2023-11-28 22:22:07 +01:00
erik-krogh	abb8d65483	Merge branch 'main' into amammad-js-SQLI	2023-11-23 21:17:58 +01:00
erik-krogh	43c76468c9	add change-note	2023-11-23 21:17:33 +01:00
amammad	60b422a35c	fix second round of code review. improve documents, fix better-sqlite3 method	2023-11-23 14:01:38 +01:00
erik-krogh	dd1e71ace9	update the JS change notes to mention security severity instead of just severity	2023-11-23 10:28:22 +01:00
amammad	eb552b7c93	add failingPositiveTests to inlinetests	2023-11-22 08:00:38 +01:00
amammad	0328a2986d	move TypeORM library file and tests to experimental add inline tests :) Fix TypeORM fuzzy method according to Review	2023-11-21 19:59:06 +01:00
amammad	999ec7053e	fix Query class docstring	2023-11-21 18:56:05 +01:00
Max Schaefer	2c5ce3216e	Merge pull request #14846 from github/max-schaefer/js/path-injection Update qhelp for js/path-injection.	2023-11-21 13:50:41 +00:00
Max Schaefer	dfffa1e237	Apply suggestions from code review Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>	2023-11-21 10:07:11 +00:00
erik-krogh	5611a3e417	use exact version	2023-11-20 20:48:51 +01:00
erik-krogh	10b3efa667	update to the stable version of TypeScript 5.3	2023-11-20 20:32:24 +01:00
erik-krogh	dde9a7cd7e	Merge branch 'main' into ts53-ts	2023-11-20 20:31:00 +01:00
Max Schaefer	d147faba4e	Update qhelp for js/path-injection.	2023-11-20 11:58:00 +00:00
github-actions[bot]	bad499e360	Post-release preparation for codeql-cli-2.15.3	2023-11-17 14:35:41 +00:00
github-actions[bot]	6ec9b95072	Release preparation for version 2.15.3	2023-11-16 13:07:16 +00:00
Henry Mercer	de83929a60	Remove LoC metrics from the analysis summary	2023-11-16 11:36:44 +00:00
Remco Vermeulen	52540b42fc	Merge branch 'main' into rvermeulen/javascript-adjust-security-severity	2023-11-14 11:21:38 -08:00
Remco Vermeulen	6bd7047e41	Restore XssThroughDom.ql's severity	2023-11-14 11:20:51 -08:00
Cornelius Riemenschneider	97fd2033f1	Take our node, not the one that comes first on the PATH.	2023-11-09 22:00:00 +01:00
Cornelius Riemenschneider	b4ec13235d	Address review.	2023-11-09 09:40:29 +01:00
Cornelius Riemenschneider	6b37d2009b	Merge branch 'main' into criemen/js-bazel	2023-11-08 16:11:47 +01:00
Rasmus Wriedt Larsen	43d9d2ceb7	Merge pull request #14603 from github/max-schaefer/broken-crypto-algorithm-link JavaScript/Python/Ruby: Improve alert message for `*/weak-cryptographic-algorithm`.	2023-11-08 14:29:24 +01:00
Erik Krogh Kristensen	f643fd7d74	Merge pull request #14716 from erik-krogh/invalid-main JS: catch when the main: path is invalid on Windows	2023-11-08 08:33:58 +01:00
Geoffrey White	b63294764b	Merge pull request #14705 from geoffw0/qhelplink Fix a dead ReDoS link in docs	2023-11-07 17:40:19 +00:00
erik-krogh	ae577d1e44	catch when the main: path is invalid on Windows	2023-11-07 17:42:21 +01:00
Geoffrey White	e8a466a02c	Update dead link.	2023-11-07 09:26:07 +00:00
Jorge	b08d57a85f	Add `{{!` to `TEMPLATE_EXPR_OPENING_TAG`	2023-11-06 20:40:00 +00:00
Cornelius Riemenschneider	be02512dfe	Add a build system for the junit tests. This is a bit more complicated than our usual setup, as we both need to unzip the typescript parser wrapper, and make node accessible on the path.	2023-11-06 17:58:28 +01:00
amammad	36f0a78450	fix typeorm test.ts according to Review	2023-11-06 16:23:35 +01:00
amammad	d7f1e19d40	fix sqlite.js test according to Review	2023-11-06 15:22:36 +01:00
amammad	cc5dd3180a	fix better-sqlite3 tests according to Review	2023-11-06 15:18:55 +01:00
amammad	c858e4974d	fix Sqlite and BetterSqlite3 issues according to Review	2023-11-06 14:57:40 +01:00
Cornelius Riemenschneider	52fcc5f435	Export test data directories.	2023-11-06 13:47:56 +01:00

1 2 3 4 5 ...

9399 Commits