codeql

mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00

Author	SHA1	Message	Date
amammad	a20ca78599	V1	2023-09-22 19:23:34 +10:00
erik-krogh	984795ee46	fix off-by-one	2023-08-30 13:29:23 +02:00
erik-krogh	2643ab3dbf	`using` is not a keyword	2023-08-30 08:44:59 +02:00
erik-krogh	5e11fe74f7	Merge branch 'main' into ts52	2023-08-30 07:57:55 +02:00
Dave Bartolomeo	3343b78015	Merge pull request #14074 from github/post-release-prep/codeql-cli-2.14.3 Post-release preparation for codeql-cli-2.14.3	2023-08-28 13:34:10 -04:00
github-actions[bot]	3eba77421a	Post-release preparation for codeql-cli-2.14.3	2023-08-28 15:53:49 +00:00
erik-krogh	78487d437f	add test for await using in TypeScript	2023-08-28 13:30:35 +02:00
erik-krogh	be2712698b	add support for await using in the JS parser	2023-08-28 09:34:13 +02:00
erik-krogh	0273b20c75	add downgrade and upgrade script 🤞	2023-08-24 20:30:26 +02:00
erik-krogh	ce97d38a18	add to the stat file	2023-08-24 20:30:26 +02:00
erik-krogh	cb66d62959	add test for the new type-stuff in TS 5.2 we get for free	2023-08-24 20:30:26 +02:00
erik-krogh	dc454d3a72	add support for the new `using` keyword in TypeScript	2023-08-24 20:30:26 +02:00
erik-krogh	a7d92b3473	add JS support the `using` keyword	2023-08-24 20:30:26 +02:00
erik-krogh	dfc83d844a	very initial support for TypeScript 5.2	2023-08-24 20:30:25 +02:00
Asger F	2b540e251a	Merge pull request #14007 from asgerf/js/import-path-string JS: Follow immediate predecessors in path resolution	2023-08-23 15:28:22 +02:00
Asger F	d146514275	Merge pull request #13928 from asgerf/js/ignore-huge-files JS: Ignore files larger than 10 MB during extraction	2023-08-23 15:09:58 +02:00
Asger F	b8fc84e8e4	JS: Change note	2023-08-23 14:11:07 +02:00
Asger F	c6a757e085	JS: More robust handling of cyclic aliases	2023-08-23 14:11:07 +02:00
Asger F	794a459c1b	JS: Add reproduction test	2023-08-23 14:11:07 +02:00
Asger F	b93e404441	JS: Change log	2023-08-23 14:05:21 +02:00
Asger F	ae2a1c7399	JS: Change note	2023-08-23 13:39:56 +02:00
Asger F	dec6039469	JS: Follow immediate predecessors in path resolution	2023-08-23 09:53:51 +02:00
github-actions[bot]	098dfb4242	Release preparation for version 2.14.3	2023-08-18 14:48:15 +00:00
yoff	7f2f6f14e7	Merge pull request #13729 from yoff/python/model-aws-lambdas Python/JavaScript: Shared module for serverless functions	2023-08-16 15:14:08 +02:00
Erik Krogh Kristensen	6a3b9e10eb	Merge pull request #13914 from erik-krogh/escape-unicode ReDoS: escape unicode chars in the output for the ReDoS queries	2023-08-15 11:21:21 +02:00
Henry Mercer	1213eba630	Merge branch 'main' into post-release-prep/codeql-cli-2.14.2	2023-08-11 13:54:55 +01:00
erik-krogh	5ffce86768	change the defaults in the qhelp for missing-rate-limit to something more reasonable	2023-08-10 13:40:17 +02:00
github-actions[bot]	432c21d4fb	Post-release preparation for codeql-cli-2.14.2	2023-08-09 18:45:18 +00:00
erik-krogh	0bce42410a	support arbitrary codepoints in NfaUtils.qll	2023-08-08 22:14:51 +02:00
erik-krogh	92db7b047c	escape unicode chars in the output for the ReDoS queries	2023-08-08 00:15:54 +02:00
github-actions[bot]	79c90fa36a	Release preparation for version 2.14.2	2023-08-07 18:08:52 +00:00
Asger F	5950865b55	Merge pull request #13755 from github/max-schaefer/js-server-crash-help JavaScript: Improve qhelp for js/server-crash.	2023-08-03 10:04:08 +02:00
Asger F	c38cbe859d	Merge pull request #13737 from asgerf/dynamic/fuzzy-models Dynamic: add Fuzzy token	2023-08-03 09:58:24 +02:00
Max Schaefer	5124310f14	Update javascript/ql/src/Security/CWE-730/ServerCrash.qhelp Co-authored-by: Asger F <asgerf@github.com>	2023-08-01 17:03:05 +01:00
Jeongsoo Lee	1d5eb4a960	Update javascript/ql/lib/change-notes/2023-07-28-mad-log-injection.md Co-authored-by: Asger F <asgerf@github.com>	2023-07-31 15:38:35 -07:00
Jeongsoo Lee	4529d8b75a	Add support for log injection in MaD	2023-07-28 22:37:56 +00:00
github-actions[bot]	f91b7a9342	Post-release preparation for codeql-cli-2.14.1	2023-07-21 16:16:25 +00:00
github-actions[bot]	c936a920b0	Release preparation for version 2.14.1	2023-07-20 16:32:27 +00:00
Max Schaefer	9432fec612	JavaScript: Improve qhelp for js/server-crash. The examples now use `fs.access` instead of the deprecated `fs.exists`. I have also rewritten the async/await example, since as of Node.js v15 the default behaviour for uncaught exceptions has changed to terminating the process instead of logging a warning, making the previous advice incorrect.	2023-07-17 14:44:23 +01:00
Asger F	d57276ca35	Merge pull request #13719 from asgerf/js/barrier-inout JS: Replace barrier edges with barrier nodes	2023-07-13 16:36:52 +02:00
Asger F	f3fab587a9	JS: Add Fuzzy token in identifying access path	2023-07-13 14:01:06 +02:00
Asger F	7c9e1ad6ec	JS: Fix accidental recursion in Vue model The API graph entry point depended on API::Node. This was due to depending on the the TComponent newtype which has a branch that depends on API::Node	2023-07-13 13:41:21 +02:00
Max Schaefer	b8eb2ef8d8	Merge branch 'main' into max-schaefer/improve-command-injection-qhelp	2023-07-13 12:11:15 +01:00
Max Schaefer	ae237247f2	Apply suggestions from code review Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2023-07-13 12:10:57 +01:00
Rasmus Lerchedahl Petersen	02c41f3dcf	JavaScript: Use shared library for serverless	2023-07-12 16:46:34 +02:00
Asger F	c7abd4c2af	JS: Remove the unused edge-sanitizer hook in UnvalidatedDynamicMethodCall	2023-07-12 09:26:37 +02:00
Asger F	c8af28c2ca	Merge pull request #13700 from asgerf/js/path-join-spread JS: Recognize 'fs/promises' alias and handle spread arguments in path.join()	2023-07-11 15:31:13 +02:00
Asger F	1a395c5b34	JS: Use sanitizerOut in PrototypePollutingAssignment	2023-07-11 15:24:10 +02:00
Asger F	03bdebe3b3	JS: Update a test. The test had a bug on the line `src = src` so the new code is "more equivalent than usual"	2023-07-11 15:24:09 +02:00
Asger F	b09ed4b0e3	JS: Update UnsafeJQueryPlugin	2023-07-11 15:01:33 +02:00

1 2 3 4 5 ...

8434 Commits