hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 20:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,114 Commits 1,673 Branches 157 Tags
b6db1a34d6beb504cfdd622ca02ca64694aade86
Commit Graph

10629 Commits

Author SHA1 Message Date
Asger F
bd2febcf00 JS: Implementing new signature members in StepInputSig 2025-01-16 13:38:08 +01:00
Asger F
6cd9752289 Merge pull request #18467 from github/js/shared-dataflow-branch 
JS: Migrate to shared data flow library (targeting main!) 🚀
 2025-01-16 11:28:57 +01:00
Geoffrey White
90faab456d Merge pull request #18473 from geoffw0/sensitive2 
Improve shared sensitive data library handling of snake_case variable names
 2025-01-15 18:02:33 +00:00
Geoffrey White
5ef5b04aac Add change notes. 2025-01-10 11:16:53 +00:00
Geoffrey White
f8659c0a4e Sync identical files. 2025-01-10 10:26:13 +00:00
Erik Krogh Kristensen
70a1a6454d Merge pull request #18452 from asgerf/js/import-spec-strings 
JS: Fix crash in case of string literal in export specifier
 2025-01-09 15:50:40 +01:00
Asger F
a7fbfb2c2d JS: Change note 2025-01-09 10:48:52 +01:00
Asger F
fd5a3dad90 JS: One more test 2025-01-09 10:46:45 +01:00
Asger F
138b000891 JS: Coerce the local export node to an Identifier 2025-01-09 10:42:25 +01:00
Asger F
db98880163 JS: Add crash reproduction to test case 2025-01-09 10:39:30 +01:00
Asger F
9c4d378a1d JS: Remove TODO comment 
It is not subsumed by the other case, both cases are needed
 2025-01-09 10:17:16 +01:00
Asger F
3f2882e1c6 JS: Remove an obsolete comment 
The RHS of an assignment actually has a post-update node now
 2025-01-09 09:59:23 +01:00
Asger F
b2d62a080b JS: Move a test failure explanation into the test suite 
We have an issue for fixing the underlying problem
 2025-01-09 09:57:44 +01:00
Asger F
d9da9444fa JS: Rephrase TODO 
This is useful info, but not something that can be fixed locally in this query, so a TODO comment isn't helping
 2025-01-09 09:45:39 +01:00
Asger F
3def8ecdee JS: Remove unimportant TODO 2025-01-09 09:43:03 +01:00
Asger F
388dd871e1 JS: Remove TODO tracked by an issue. 
This requires changes to the shared data flow library, not something we should track with a TODO in the JS codebase
 2025-01-09 09:41:40 +01:00
Asger F
8b060c4294 JS: Remove TODO about evaluating legacy steps 
There is an issue for tracking this. It's not a small fix.
 2025-01-09 09:40:29 +01:00
Asger F
a8f93cac05 JS: Remove obsolete comment 
The test case actually has the correct result now
 2025-01-09 09:39:32 +01:00
Asger F
dd37c474d8 JS: Remove mention of results from comments 2025-01-09 09:39:30 +01:00
Asger F
fb54a3bde8 JS: Remove obsolete TODO comment 2025-01-09 09:39:29 +01:00
Asger F
b29ee2acde JS: Remove references to localFieldStep 
These are tracked in https://github.com/github/codeql-javascript-team/issues/456
 2025-01-09 09:39:27 +01:00
Asger F
7766f97232 JS: Remove obsolete TODO 2025-01-09 09:39:26 +01:00
Asger F
8ac08db5c2 JS: Remove TODOs about WithArrayElement not being a taint step 
This isn't going to become a taint step, the workaround is the permanent solution
 2025-01-09 09:39:23 +01:00
Asger F
3cc1525985 JS: Remove obsolete TODOs 2025-01-09 09:19:30 +01:00
Asger F
1997e0a7b6 Merge pull request #18427 from asgerf/jss/change-note 
JS: Add migration guide and change note
 2025-01-09 09:13:16 +01:00
Asger F
b6b93dcead Merge pull request #18392 from asgerf/jss/deprecate-modules 
JS: Deprecate some .qll files
 2025-01-08 11:10:28 +01:00
Asger F
062391334e JS: Remove notes about changing API in the future 2025-01-08 09:15:13 +01:00
Asger F
df9b95575e JS: Add deprecation qldoc to Configuration classes 2025-01-08 09:15:12 +01:00
Asger F
e7d267e5d2 JS: Add migration guide and change note 2025-01-08 09:12:38 +01:00
Asger F
36f0d2f63e JS: Move VarAccessBarrier outside the deprecated Configuration.qll file 2025-01-08 08:56:53 +01:00
Asger F
c47419e66d JS: Remove an obsolete TODO comment (this has been fixed) 2025-01-08 08:54:41 +01:00
github-actions[bot]
fb20f6ca63 Post-release preparation for codeql-cli-2.20.1 2025-01-07 22:07:40 +00:00
github-actions[bot]
88b6f1e79a Release preparation for version 2.20.1 2025-01-07 20:50:36 +00:00
Dave Bartolomeo
72a53c4b23 Revert "Release preparation for version 2.20.1" 2025-01-07 13:32:23 -05:00
github-actions[bot]
fbf9f2fff8 Release preparation for version 2.20.1 2025-01-07 17:20:13 +00:00
Dave Bartolomeo
22e030584c Revert "Release preparation for version 2.20.1" 2025-01-07 12:14:27 -05:00
Asger F
f17cc5af15 JS: Move all hidden node definitions into DataFlowPrivate 2025-01-07 10:44:09 +01:00
Asger F
47cc3c09f5 JS: Deprecate an import 2025-01-07 10:43:40 +01:00
github-actions[bot]
a121c5a5d0 Release preparation for version 2.20.1 2025-01-06 18:20:22 +00:00
Asger F
0cdda87161 JS: Restrict AP length in prototype-polluting function 2025-01-06 14:33:41 +01:00
Asger F
7ccb476b1b JS: Restrict AP length in ExceptionXss 2025-01-06 14:28:58 +01:00
Asger F
23d7420cec JS: Hide default exceptional return node 2025-01-06 14:27:20 +01:00
Asger F
e2af19b946 JS: Restrict "get" step to Map objects 2025-01-06 13:17:32 +01:00
Asger F
4c9f406e34 JS: Exclude some sinks in UnvalidatedDynamicMethodCall 2025-01-06 10:32:11 +01:00
Asger F
25f5ecba25 JS: Deprecate the Configuration.qll file 2025-01-03 11:41:41 +01:00
Asger F
0339bd0f3e JS: Deprecate forward/backward exploration modules 2025-01-03 11:41:39 +01:00
Asger F
942ba189f7 JS: Minor test output change in nodes/edges 
I suspect this is due to some fixes in the DeduplicatePathGraph module
 2024-12-19 15:25:49 +01:00
Asger F
f8dc7eb25b JS: Update output from tests that changed on main 2024-12-19 15:25:47 +01:00
Asger F
4a6030c592 JS: Update expected with some absent result sets 2024-12-19 15:25:46 +01:00
Asger F
cd6ebb103e JS: Make test not assume implicit through for maps 2024-12-19 15:25:45 +01:00