hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
58,700 Commits 1,672 Branches 157 Tags
b18de9e6417c60b51d2371c98394f4033d2683e4
Commit Graph

9197 Commits

Author SHA1 Message Date
Asger F
cb04df49eb JS: Treat Angular2 ElementRef.nativeElement as a DOM value 2023-04-26 14:33:04 +02:00
Asger F
c9c281cb9a JS: Change note 2023-04-26 12:50:59 +02:00
Asger F
5f011a262c JS: Change note 2023-04-26 12:49:24 +02:00
Asger F
611a7060b4 JS: Add tests 2023-04-26 12:46:20 +02:00
Asger F
a446c5452d JS: Update test output 2023-04-26 11:44:56 +02:00
Asger F
799d92b218 TS: Fix self-reference check for alias types 2023-04-26 11:44:56 +02:00
smiddy007
a2a82fcde9 Merge branch 'main' into JS-Allow-Truncated-Hash-Forge-NonKeyCipher 2023-04-25 12:23:31 -04:00
Asger F
c3c3faa4b5 JS: Alias references are not always safe to expand 2023-04-25 11:27:40 +02:00
Asger F
3694ed5ed6 JS: Deduplicate union/intersection members 2023-04-25 11:27:40 +02:00
Asger F
cab76507e7 JS: Recognize type vars on anonymous function types 2023-04-25 11:27:40 +02:00
Asger F
ff67118097 JS: Add hanging test case 2023-04-25 11:27:40 +02:00
Henry Mercer
3d1da8a45d JS: Update message when the file is not located in the source root 2023-04-24 21:08:00 +01:00
Henry Mercer
927522c563 JS: Only populate diagnostic locations within the source root 2023-04-24 20:53:42 +01:00
jarlob
6e9f54ef55 Use double curly braces 2023-04-21 19:03:38 +02:00
Arthur Baars
94e0828ab9 Merge pull request #12793 from aibaars/js-yaml-extractor 
JavaScript: switch to shared YamlPopulator
 2023-04-20 14:46:06 +02:00
Asger F
1d0a0dec6f JS: Fix typo 2023-04-20 12:48:17 +02:00
Asger F
1acc0d2ddf JS: Update model of js-yaml 2023-04-20 12:47:13 +02:00
smiddy007
bda0ef3a75 Merge branch 'github:main' into JS-Allow-Truncated-Hash-Forge-NonKeyCipher 2023-04-19 13:40:32 -04:00
smiddy007
4f7275f064 Reformat doc and move change note 2023-04-19 13:39:18 -04:00
smiddy007
31b56bf966 Update javascript/ql/lib/change-notes/2023-04-13-Forge-truncated-sha512-hash 
Co-authored-by: Asger F <asgerf@github.com>
 2023-04-19 13:32:23 -04:00
Asger F
1c2fdc8df9 JS: Ignore more webpack modules 2023-04-19 10:29:14 +02:00
Arthur Baars
dcca0e0c6c JavaScript: switch to shared YamlPopulator 2023-04-19 08:34:38 +02:00
Nate Johnson
4ae8377713 Merge branch 'main' into js-insecure-http-parser 2023-04-18 22:00:13 -04:00
Nate Johnson
78229bb264 Moved into experimental 2023-04-18 21:59:14 -04:00
Alex Ford
924ce250dd Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 
Post-release preparation for codeql-cli-2.13.0
 2023-04-18 14:40:40 +01:00
Arthur Baars
e5d89b969a Merge pull request #12780 from aibaars/shared-yaml-lib 
JS: extract YAML library to a shared pack
 2023-04-18 11:09:53 +02:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
Kasper Svendsen
9d34d090ab Merge pull request #12843 from kaspersv/kaspersv/prevent-bad-js-join-order 
Prevent JS join order regression
 2023-04-18 09:09:43 +02:00
Nate Johnson
bbb1ee9597 Merge branch 'main' into js-insecure-http-parser 2023-04-18 00:45:32 -04:00
Nate Johnson
cb90f9af3c Fix to include specification of flag in NODE_OPTIONS 2023-04-18 00:41:48 -04:00
Nate Johnson
522a285d9e Qhelp file for explanation 2023-04-18 00:41:28 -04:00
Nate Johnson
2e27447c65 Include example 2023-04-18 00:41:11 -04:00
smiddy007
e4ec1ae261 Update InsufficientPasswordHash.qhelp 
change file name to original
 2023-04-17 13:18:47 -04:00
smiddy007
88d2f65c5f Rename InsufficientPasswordHash_NodeJS_fixed.js to InsufficientPasswordHash_fixed.js 2023-04-17 13:17:13 -04:00
smiddy007
cbe45f7e55 Rename InsufficientPasswordHash_NodeJS.js to InsufficientPasswordHash.js 2023-04-17 13:16:57 -04:00
smiddy007
36d7370998 Delete InsufficientPasswordHash_CryptoJS_fixed 
file not used in qhelp
 2023-04-17 13:16:25 -04:00
smiddy007
e65daaae49 Delete InsufficientPasswordHash_CryptoJS.js 
not used in qhelp file
 2023-04-17 13:15:10 -04:00
github-actions[bot]
648f0e19ec Post-release preparation for codeql-cli-2.13.0 2023-04-17 15:39:24 +00:00
Kasper Svendsen
ad82433a88 Prevent JS join order regression 2023-04-17 13:24:19 +02:00
Arthur Baars
34d3040ce2 Add change note 2023-04-17 12:59:14 +02:00
Asger F
13b1e97caa JS: Fix the ExtendCall restriction 2023-04-17 12:30:08 +02:00
Asger F
eafef91dbc JS: Update test output after ExtendCall restriction 2023-04-17 12:28:23 +02:00
Asger F
024760610a JS: Add prototype pollution test 2023-04-17 12:27:34 +02:00
Asger F
2f4a181a7d JS: revert path sanitizers in proto pollution query 2023-04-17 12:21:00 +02:00
Asger F
04079752f7 JS: update test output after adding 'this' sanitizer 2023-04-17 12:15:46 +02:00
Asger F
f87f6c8556 JS: Add test to unsafe jquery plugin 2023-04-17 12:15:05 +02:00
Asger F
b728f71b4b JS: Move 'this' sanitizer to customizations 2023-04-17 12:11:18 +02:00
Asger F
62dca44ee5 Update UntrustedDataToExternalAPI.expected 2023-04-17 08:23:04 +02:00
Asger F
c250ba7f27 JS: Undo sanitization of path.normalize() 2023-04-17 08:23:04 +02:00
Asger F
9db63c3a6a JS: Change note 2023-04-17 08:23:04 +02:00