codeql

mirror of https://github.com/github/codeql.git synced 2025-12-27 22:26:31 +01:00

Author	SHA1	Message	Date
erik-krogh	fe5e4845b1	use 1-based column locations for diagnostics	2023-04-12 08:14:15 +02:00
Arthur Baars	83cd55cb29	Js/Yaml: add getFile() predicate	2023-04-11 16:01:44 +01:00
erik-krogh	3c4bd5b6a7	forward toString() etc. predicates from YamlNode to Locatable	2023-04-11 15:37:01 +02:00
erik-krogh	b5e90483f5	improve the ESLint model to avoid overriding Yaml classes	2023-04-11 15:36:18 +02:00
Asger F	aef0fa3c8a	JS: Expand QLDoc	2023-04-11 14:16:36 +02:00
Asger F	d702c7b990	Merge pull request #12759 from asgerf/js/getset-in-pattern JS: Fix parsing of 'get' or 'set' pattern with a default value	2023-04-11 14:03:00 +02:00
Asger F	2c65a49d7c	JS: Add getForwardingFunction() to API graphs	2023-04-11 14:00:30 +02:00
Asger F	4ce03d4dc4	JS: Restrict useSelector steps to local callbacks	2023-04-11 13:33:46 +02:00
Asger F	3cc931306f	JS: Add test for selector nodes with multiple access paths	2023-04-11 13:33:27 +02:00
Nate Johnson	a0f4a5100f	Insecure HTTP parser query for JavaScript	2023-04-09 20:38:55 -04:00
tyage	40d475863d	Add change note	2023-04-08 18:36:50 +09:00
tyage	320cb99dbf	Add replace method test	2023-04-08 18:31:48 +09:00
tyage	668e1accaa	Remove unnecessary whiteline	2023-04-08 18:24:31 +09:00
tyage	7f9b8557ac	Add Next.js router push as XSS sink	2023-04-08 18:18:34 +09:00
Arthur Baars	4fca4b668c	JS: use shared YAML library	2023-04-06 15:11:35 +02:00
Henry Mercer	e1b3807dfc	Merge remote-tracking branch 'origin/rc/3.9' into henrymercer/merge-back-3.9	2023-04-05 14:57:57 +01:00
github-actions[bot]	ac426b1302	Post-release preparation for codeql-cli-2.12.6	2023-04-04 16:49:26 +00:00
Asger F	5cc7380bcd	JS: Change note	2023-04-04 16:49:14 +02:00
Asger F	621e2e71c8	JS: Don't try to parse "get=" as a method prop	2023-04-04 16:37:28 +02:00
Asger F	eb8046daef	JS: Add trap test showing parse error	2023-04-04 16:33:13 +02:00
erik-krogh	0b4f239ab5	only set the file in the diagnostics message if the file is within the source root	2023-04-03 13:49:29 +01:00
erik-krogh	a7c2892af4	only set the file in the diagnostics message if the file is within the source root	2023-04-03 12:38:10 +02:00
Asger F	53de9ae580	Merge pull request #12729 from asgerf/js/crypto-modernize JS: Modernize crypto libraries	2023-04-03 12:16:22 +02:00
Jeroen Ketema	17bd9c12d7	JS: Fix qhelp after file rename	2023-04-03 09:25:19 +02:00
Erik Krogh Kristensen	1e1a692ee6	Merge pull request #12686 from erik-krogh/backtick-parse-error JS: add backticks around the concrete parse error	2023-03-31 14:56:38 +02:00
Asger F	64cf27ab87	JS: Modernize crypto libraries	2023-03-31 14:49:23 +02:00
Asger F	40530ae14d	JS: Simplfy with set literal	2023-03-31 12:04:56 +02:00
Asger F	4a06b81429	JS: Use API graphs in CryptoJS	2023-03-31 12:03:14 +02:00
Asger F	dec1e4dfd6	Merge pull request #12666 from smiddy007/improve-insufficient-pw-hash-query JS: Improve insufficient pw hash query	2023-03-31 11:58:41 +02:00
github-actions[bot]	0a3218676c	Release preparation for version 2.12.6	2023-03-30 19:25:06 +00:00
Alex Ford	62fcea030a	Merge pull request #12718 from github/post-release-prep/codeql-cli-2.12.5 Post-release preparation for codeql-cli-2.12.5	2023-03-30 15:50:56 +01:00
Erik Krogh Kristensen	b382465078	Merge pull request #12679 from ctbellanti/improved-certificate-validation JS: Improved coverage for disabled certificate validation	2023-03-30 16:24:33 +02:00
github-actions[bot]	e87ce62f95	Post-release preparation for codeql-cli-2.12.5	2023-03-30 13:48:58 +00:00
erik-krogh	47783326c2	add test for https.createServer in DisablingCertificateValidation.ql	2023-03-30 14:15:25 +02:00
Asger F	43174cfe3a	Merge pull request #12668 from asgerf/js/jquery-callback-sinks JS: fix handling of jQuery sinks involving callback	2023-03-30 12:42:53 +02:00
Jeroen Ketema	0acca2ba76	Merge pull request #12687 from jketema/unit-2 Make imports of `codeql.util.Unit` private	2023-03-29 13:07:12 +02:00
Asger F	2ef1743bf4	Merge pull request #11615 from asgerf/js/extension-docs JS: docs for customizing library models with data extensions	2023-03-29 10:20:53 +02:00
smiddy007	0eb61d39d3	formatting	2023-03-28 11:28:32 -04:00
smiddy007	fe3b0a56ca	Removed unnecessary field	2023-03-28 11:27:23 -04:00
smiddy007	8e9f2185c8	Merge branch 'main' into improve-insufficient-pw-hash-query	2023-03-28 11:15:10 -04:00
smiddy007	123eb1e57b	Update javascript/ql/lib/semmle/javascript/frameworks/CryptoLibraries.qll Co-authored-by: Asger F <asgerf@github.com>	2023-03-28 11:14:28 -04:00
Erik Krogh Kristensen	13c0effbd2	change to minor change	2023-03-28 15:27:16 +02:00
erik-krogh	4b3a419509	just use quoteWithBackticks	2023-03-28 15:23:15 +02:00
Erik Krogh Kristensen	451f6f01bb	Merge pull request #12633 from erik-krogh/more-global-flow JS: better callgraph support for global variables	2023-03-28 15:19:50 +02:00
Jeroen Ketema	3b8ad087eb	Make imports of `codeql.util.Unit` private	2023-03-28 14:14:13 +02:00
Asger F	61a7ee9387	JS: Use getABoundFunctionValue instead of type-tracking	2023-03-28 12:56:03 +02:00
erik-krogh	70dfa6e15c	use StringUtil.quoteWithBackticks instead of manually quoting with a single backtick	2023-03-28 12:34:44 +02:00
erik-krogh	e5e20ab42c	add backticks around the concrete parse error	2023-03-28 10:57:13 +02:00
Asger F	04b28c5118	Merge branch 'main' into js/extension-docs	2023-03-28 10:12:22 +02:00
smiddy007	2caab8748e	Merge branch 'improve-insufficient-pw-hash-query' of https://github.com/smiddy007/codeql into improve-insufficient-pw-hash-query	2023-03-27 15:20:24 -04:00

1 2 3 4 5 ...

8897 Commits