hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 07:36:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,264 Commits 1,703 Branches 162 Tags
bcee901fbd8335ca29fb8c910f6993b10970f89e
Commit Graph

9398 Commits

Author SHA1 Message Date
Cornelius Riemenschneider
a773532d07 Refactor JS test suite to be more in line with other Java projects. 
Therefore, we move the test suite out of the `src` directory.
 2023-11-06 13:47:56 +01:00
Cornelius Riemenschneider
6c7ea86a12 Introduce a bazel-based build for the entire JS pack. 2023-11-06 13:47:56 +01:00
Cornelius Riemenschneider
465eb00228 More fine-grained dependency on internal extractors. 2023-11-06 13:44:28 +01:00
Arthur Baars
01e7d57dba Add changenote 2023-11-06 13:38:33 +01:00
Arthur Baars
7f4bcdfa64 Rename test files 2023-11-06 13:38:33 +01:00
Arthur Baars
eecf32db4d Add tests for deprecated 'assert' syntax 2023-11-06 13:38:33 +01:00
Arthur Baars
4192d09e5c Add tests for deprecated 'assert' syntax 2023-11-06 13:38:33 +01:00
Arthur Baars
b4d89f7554 Replace 'assert' with 'with' in QL test files 2023-11-06 13:38:33 +01:00
Arthur Baars
3d45944649 Rename 'assertions' to 'attributes' in JS extractor 2023-11-06 13:38:32 +01:00
Arthur Baars
bd62ec294e Support TS 5.3 import attributes (previously import assertions) 2023-11-06 13:38:32 +01:00
Arthur Baars
1067dd9dd3 Auto-format 2023-11-06 13:38:32 +01:00
Arthur Baars
ec075f8fbe Upgrade typescript to 5.3.1-rc 2023-11-06 13:38:24 +01:00
erik-krogh
abcb5a7a95 remove the remaining yarn files 2023-11-05 19:24:59 +01:00
erik-krogh
688afddaf2 Re-order expected test output of all JS tests 2023-10-31 16:38:22 +01:00
Arthur Baars
5cc94e1105 Express.js: add req.path as remote input source 2023-10-31 12:44:26 +01:00
Arthur Baars
21b7a51d0a Add test case for req.path 2023-10-31 12:44:25 +01:00
Arthur Baars
1479509d93 Re-order expected test ouput 2023-10-31 12:44:25 +01:00
Chris Smowton
79e1aa0498 Merge pull request #14634 from github/post-release-prep/codeql-cli-2.15.2 
Post-release preparation for codeql-cli-2.15.2
 2023-10-31 10:24:53 +00:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
Harry Maclean
083be305e1 Shared: Add neutralModel extensible predicate 
The neutralModel extensible predicate already exists in Java and C#, so
this change brings the dynamic languages more in line with static
languages. The Model Editor uses this predicate to mark endpoints as
"not interesting" from a data flow perspective.
 2023-10-30 11:31:57 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
erik-krogh
cf958f0828 lower the severity of js/identity-replacement to medium 2023-10-27 13:54:17 +02:00
Max Schaefer
104700f6d3 Address review comment. 2023-10-27 10:19:28 +01:00
Max Schaefer
08cc8b8e80 Autoformat. 2023-10-26 15:36:06 +01:00
erik-krogh
302199a74a fix TypeExprKinds crashing on a ThisExpression 2023-10-26 16:33:54 +02:00
Max Schaefer
abef8483bd Merge pull request #14600 from github/max-schaefer/express-rate-limit 
JavaScript: Add support for importing `express-rate-limit` using a named import.
 2023-10-26 15:15:22 +01:00
Max Schaefer
741735cc83 Port changes to JavaScript. 2023-10-26 14:47:24 +01:00
Max Schaefer
aff848b038 Update javascript/ql/lib/semmle/javascript/security/dataflow/MissingRateLimiting.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-10-26 13:06:52 +01:00
Max Schaefer
2c7291336d Move test files into right directory. 2023-10-26 12:16:52 +01:00
Max Schaefer
bb146a1758 JavaScript: Add support for rateLimit export from express-rate-limit package. 2023-10-26 12:14:57 +01:00
Cornelius Riemenschneider
790615fbc2 Merge pull request #14552 from github/criemen/bazel-js 
Javascript extractor: Bazel-based build
 2023-10-24 19:36:39 +02:00
Cornelius Riemenschneider
42c343e820 Address review 2023-10-24 16:03:35 +02:00
amammad
e3dbdc3887 add custom query builder and active record querybuilder support 2023-10-22 21:39:59 +02:00
Cornelius Riemenschneider
9ba32a0440 Add bazel-based build for the Javascript extractor. 2023-10-20 16:23:50 +02:00
Cornelius Riemenschneider
de85f2bbf8 Fix errorprone violations. 2023-10-20 16:23:35 +02:00
Erik Krogh Kristensen
f562d5319f Merge pull request #14539 from flyboss/main 
fix typo ('Configration' to ‘Configuration’)
 2023-10-20 14:10:42 +02:00
flyboss
ee813c1e61 Update UnsafeHtmlConstructionQuery.qll 
add a deprecated alias in case anyone depends on the misspelled name.
 2023-10-20 17:57:23 +08:00
flyboss
86336565eb fix typo 2023-10-19 02:34:31 +00:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Arthur Baars
0e3369f93f Merge pull request #14484 from aibaars/ts53-js 
JS: Support import attributes
 2023-10-16 10:47:49 +02:00
erik-krogh
69c3e62965 add change-note 2023-10-13 15:16:39 +02:00
erik-krogh
9080e84fc9 add support for extracting .jsp files 2023-10-13 12:09:27 +02:00
Arthur Baars
a4d0ef6350 Add changenote 2023-10-12 13:04:00 +02:00
Arthur Baars
a9a21aa313 Rename DynamicImportExpr::getImport{Attributes => Options} 2023-10-12 13:00:39 +02:00
Arthur Baars
1f4fcf1f31 Rename test files 2023-10-12 13:00:39 +02:00
Arthur Baars
a1c1f7b910 Add tests for deprecated 'assert' syntax 2023-10-12 13:00:39 +02:00
Arthur Baars
f38d2e1b89 Replace 'assert' with 'with' in QL test files 2023-10-12 13:00:39 +02:00
Arthur Baars
c28004f2a6 Rename 'getImportAssertion()' to 'getImportAttributes()' in QL library 2023-10-12 13:00:39 +02:00
Arthur Baars
07172da1bc Add tests for deprecated 'assert' syntax 2023-10-12 12:51:13 +02:00