hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
69,850 Commits 1,741 Branches 165 Tags
a2dd47aeb2f339be0ffc3a13bc33da9095db5621
Commit Graph

1646 Commits

Author SHA1 Message Date
Asger F
102ca77acf Switch to getLocation() in DataFlowCall 2024-06-25 11:49:19 +02:00
Asger F
ecf418b8f6 Merge branch 'main' into js/shared-dataflow 2024-06-25 11:48:41 +02:00
Asger F
f43a189f06 JS: Make CaptureNode.toString() more explicit 2024-06-25 09:56:39 +02:00
aegilops
252c9e9416 Added data extension to set defaults, updated help, added README to explain customization 2024-06-19 17:27:17 +01:00
Rasmus Wriedt Larsen
3f2befc3e5 JS: Support spread arguments in array.splice 2024-06-14 15:33:17 +02:00
Rasmus Wriedt Larsen
ec18786488 JS: Provide better model for Array.splice 2024-06-12 16:29:21 +02:00
Rasmus Wriedt Larsen
1027ca266d JS: Allow many Array steps to be used in type-tracking 2024-06-12 16:14:13 +02:00
Anders Schack-Mulligen
0c47203580 Javascript: Add support for pretty-printed provenace in tests. 2024-06-07 11:47:49 +02:00
am0o0
ee05ec0386 remove sanitnzer and add a where condition instead 
use a simpler where condition(the former sanitizer) for overcoming performance problems
 2024-06-06 14:16:41 +02:00
am0o0
61a11c6512 Or to or in docs 2024-06-06 14:10:15 +02:00
am0o0
c2f96a1352 fix a document 2024-05-25 19:35:20 +02:00
Am
2226f5126b Merge branch 'main' into amammad-js-hardcodedJWTKey 2024-05-25 13:40:46 +03:30
am0o0
c299b5657a Revert "stash" 
This reverts commit bdee99ae88.
 2024-05-25 12:03:00 +02:00
Asger F
3b211089d6 JS: Remove redundant import 2024-05-21 14:40:17 +02:00
Asger F
43abc72780 JS: Add TypeModel.isTypeUsed 
f
 2024-05-21 14:19:56 +02:00
Joe Farebrother
01a6c5e82f Merge pull request #16446 from joefarebrother/shared-sensitive-heuristics 
Ruby/Python/JS/Swift: Add category of Private information to shared sensitive data heuristics
 2024-05-21 09:07:13 +01:00
Erik Krogh Kristensen
03cf9b702c Merge pull request #14291 from am0o0/amammad-js-CodeInjection_Shelljs 
JS: Shelljs improvement
 2024-05-17 11:14:11 +02:00
am0o0
42a9962519 make shellJSMember predicate private, improve predicate document 2024-05-16 14:05:06 +02:00
amammad
bdee99ae88 stash 2024-05-13 14:37:05 +02:00
Joe Farebrother
9aff22c664 Fix typos in sensitive data regex 2024-05-09 09:39:03 +01:00
Joe Farebrother
5f4bc4197b Add private category to sensitive data heuristics 2024-05-08 10:02:00 +01:00
Asger F
536c115c1c JS: Fix location override in CaptureNode 2024-05-06 13:51:25 +02:00
Asger F
5a2260b481 JS: Update to match changes to API 2024-05-06 10:13:25 +02:00
Asger F
19f14622f3 JS: Update use of Locations 2024-05-06 10:13:24 +02:00
erik-krogh
d9e8e0e00a use some more standard values for credentials-kind for NodeJS client credentials 2024-05-03 13:58:37 +02:00
Asger F
c408ab9e6a Merge branch 'main' into js/shared-dataflow 2024-05-02 19:43:34 +02:00
Owen Mansel-Chan
83249cd9c2 Fix grammar in comment 2024-05-02 09:59:48 +01:00
Owen Mansel-Chan
16dcc0969b Standardise comment explaining why extensible predicates must be defined 2024-05-01 22:00:01 +01:00
Owen Mansel-Chan
09e59ccf44 Name files with empty definitions of MaD extensible predicates to erowdmpty.model.yml 2024-05-01 21:39:38 +01:00
Erik Krogh Kristensen
7e839792da Merge pull request #16330 from erik-krogh/del-deps-apr-2024 
All: delete outdated deprecations
 2024-04-30 10:43:39 +02:00
erik-krogh
baa31e1469 delete outdated deprecations 2024-04-25 22:19:28 +02:00
Asger F
d0c9e3f7ad JS: Expose InternalModuleNaming 2024-04-25 13:33:17 +02:00
Rasmus Wriedt Larsen
290b0fc4ab Merge pull request #16308 from asgerf/js/model-generation-quote 
JS: Fix naming issue in generated models
 2024-04-25 11:36:36 +02:00
Asger F
db07c162e4 JS: Allow generated models to use (package) 2024-04-23 20:25:55 +02:00
Asger F
e4f23b31c6 JS: Add quotes around package name to correct parsing 2024-04-23 20:04:23 +02:00
Nick Rolfe
003d208574 JS: do fewer regexp matches in SensitiveActions 2024-04-23 15:31:38 +01:00
Asger F
ac34b922ec Merge pull request #16241 from asgerf/js/re-export 
JS: Improve support for `export * as ...` declarations
 2024-04-19 10:03:17 +02:00
Asger F
3c885f3969 JS: Fix bug in MkClassInstance use-nodes 
This only worked when the RHS was a SourceNode, which is not generally the case
 2024-04-18 10:06:11 +02:00
Asger F
2dcb5fbd16 Ensure props are included in MkMemberLabel 2024-04-17 14:46:00 +02:00
Asger F
3eb4e39251 JS: Also do this for use-steps and exclude pseudo-properties 2024-04-17 14:45:58 +02:00
Asger F
55b9724f59 JS: Add store step into namespace re-export specifier 2024-04-17 14:14:12 +02:00
Asger F
5e7026c6c6 JS: Use AccessPath as parameter type 2024-04-17 13:31:51 +02:00
Asger F
be64daf265 Merge branch 'main' into js/graph-export 2024-04-16 20:23:33 +02:00
Asger F
330229c463 Update javascript/ql/lib/semmle/javascript/frameworks/data/ModelsAsData.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2024-04-12 15:00:17 +02:00
Tom Hvitved
e7dc120456 Add deprecation comments 2024-04-12 13:40:15 +02:00
Tom Hvitved
9d8b93ed45 JS: No longer use models-as-data CSV interface 2024-04-12 13:40:15 +02:00
Tom Hvitved
fdb77457b3 Sync files 2024-04-12 13:40:14 +02:00
Asger F
15eabb42ef JS: Address review comments 2024-04-12 11:35:34 +02:00
Anders Schack-Mulligen
fdfb4a1a18 JS: Adapt to shared ApiGraphModels.qll changes. 2024-04-12 09:20:13 +02:00
Anders Schack-Mulligen
44147b9520 JS: Sync. 2024-04-12 09:20:11 +02:00