hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-14 06:01:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,068 Commits 1,690 Branches 160 Tags
c19085e56e6830c190efd307c271f44851ed06df
Commit Graph

11522 Commits

Author SHA1 Message Date
Napalys
9c8e0a5537 Applied changes from comments. 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 13:29:05 +01:00
erik-krogh
b70643b1a1 ensure the result from getPathFromFork is unique (to avoid a blowup) 2025-03-10 12:53:51 +01:00
Napalys
d077d6807a Applied changes from comments 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 12:24:45 +01:00
Napalys
f48eab903f Add RegExpSubtraction class to support subtraction terms in regex 2025-03-10 11:18:10 +01:00
Napalys
8cbc0aea05 Add RegExpQuotedString class to support quoted string escapes in regex 2025-03-10 11:18:03 +01:00
Erik Krogh Kristensen
8eb69079b7 fix typo from copy-pasted change-note 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-03-10 09:41:48 +01:00
erik-krogh
752fc64f42 bump to stable 5.8 release 2025-03-10 09:21:25 +01:00
erik-krogh
b641caa508 update TypeScript version to 5.8.1-RC 2025-03-10 09:20:29 +01:00
Napalys
e0f20b2bd1 Add RegExpIntersection class to support intersection terms in regex 2025-03-07 08:58:19 +01:00
Napalys
9cc26208d4 Add test cases for v flag operators in RegExp library-tests. 2025-03-07 08:32:10 +01:00
Napalys
c12c12c416 Added modeling for react-relay functions that retrieve data. 2025-03-06 18:30:21 +01:00
Napalys
5a1991bb69 Added test cases for react-relay functions that retrieve data 2025-03-06 18:10:27 +01:00
Napalys
0166e76cca Add change note 2025-03-06 18:10:24 +01:00
Napalys
1443f314a1 Added react-relay useFragment as threat model source. 2025-03-06 18:10:23 +01:00
Napalys
1e3b8625e6 Added a test case where useFragment from react-relay should be marked as a source but isn't 2025-03-06 18:10:21 +01:00
Anders Schack-Mulligen
c6761db2fc SSA: Replace the Guards interface in the SSA data flow integration. 2025-03-05 13:29:31 +01:00
Napalys
d884e5fe6b Upgraded javascrip database schema 2025-03-05 11:06:56 +01:00
Napalys
95d05ceab8 Now store vFlagEnabled instead of each time searching for it. 
Added `uFlagEnabled` for checking how should `\p{}` be treated. And small optimization.
 2025-03-05 10:34:38 +01:00
Napalys
8086c25abe Removed Union as standard character class is already an union. 2025-03-05 10:07:20 +01:00
Napalys
8099423b6d Renamed character class operators lists to elements. 2025-03-05 09:34:21 +01:00
Napalys
9ea89cd63f Added a test case from #18854 2025-03-05 09:34:20 +01:00
Napalys
c7f03df1eb Added change note 2025-03-05 09:34:18 +01:00
github-actions[bot]
58f355ae5a Post-release preparation for codeql-cli-2.20.6 2025-03-03 18:18:15 +00:00
Chuan-kai Lin
17acb31f65 JS: Fix changelog formatting 2025-03-03 09:19:01 -08:00
github-actions[bot]
fa850cccb1 Release preparation for version 2.20.6 2025-03-03 17:13:19 +00:00
Napalys
c0202f6085 Updated dbscheme 2025-03-03 14:37:47 +01:00
Napalys
fe6de2f672 Added support for character class union in regex processing 2025-03-03 14:37:46 +01:00
Napalys
1e05f327d6 Added test cases for union. 2025-03-03 14:37:44 +01:00
Napalys
3664d50772 Added support for -- subtraction opetor. 2025-03-03 14:37:43 +01:00
Napalys
ee83c42b71 Added test cases for subtraction --. 2025-03-03 14:37:42 +01:00
Napalys
381b5ebe8a Added intersection support 2025-03-03 14:37:40 +01:00
Napalys
fa5093f6ad Added test cases for intersection 2025-03-03 14:37:39 +01:00
Napalys
2333c538d9 Added ability to parse nested character classes while using v flag. 2025-03-03 14:37:38 +01:00
Napalys
de6f3b1d04 Add additional test cases. 2025-03-03 14:37:37 +01:00
Napalys
ab7e08f40f Added test cases for nested character class. 2025-03-03 14:37:35 +01:00
Napalys
ed418be97a Add support for '\q{}' escape sequence in regular expressions. 2025-03-03 14:37:20 +01:00
Napalys
d162acf02c Added quoted string \q parser test cases 2025-03-02 17:09:01 +01:00
Napalys
cb448db3ce Exposed flags to the regex parser 2025-03-02 17:08:52 +01:00
Asger F
2e32e441b8 Update javascript/ql/src/change-notes/2025-02-28-membership-regexp-test.md 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-02-28 14:25:56 +01:00
Asger F
c8a89c4203 JS: Change note 2025-02-28 14:04:40 +01:00
Asger F
c3ad805fe8 JS: Sharpen up EnumerationRegExp 2025-02-28 13:58:11 +01:00
Asger F
d97d67359b JS: Add test case showing lack of flow through non-sanitising regexp 2025-02-28 13:58:08 +01:00
Asger F
2a194a53af raw test output 2025-02-28 13:29:39 +01:00
Asger F
193b26e938 JS: Add query IDs 2025-02-28 13:29:37 +01:00
Asger F
33602ee52b JS: Convert some comments to JSX 2025-02-28 13:29:36 +01:00
Asger F
c67c5854ba Disable for more queries with alerts in JSON 2025-02-28 13:29:35 +01:00
Asger F
7bd01bf039 JS: Bulk update in UnneededDefensiveProgramming test 
The history of updates to this test got messed up so just squashing
into one commit.

Some possible regressions have been accepted, but the query is strangely
opinionated so it's just hard to say what it ought to flag.
 2025-02-28 13:29:33 +01:00
Asger F
64d39da5f8 JS: Accept Sources/Sink tags 2025-02-28 13:29:30 +01:00
Asger F
19cada38ff JS: Migrate a new file from OK-style comments 2025-02-28 13:29:29 +01:00
Asger F
fd6a9c6144 JS: Accept an alert 2025-02-28 13:29:27 +01:00