codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00

Author	SHA1	Message	Date
Cornelius Riemenschneider	97fd2033f1	Take our node, not the one that comes first on the PATH.	2023-11-09 22:00:00 +01:00
Cornelius Riemenschneider	b4ec13235d	Address review.	2023-11-09 09:40:29 +01:00
Cornelius Riemenschneider	6b37d2009b	Merge branch 'main' into criemen/js-bazel	2023-11-08 16:11:47 +01:00
Rasmus Wriedt Larsen	43d9d2ceb7	Merge pull request #14603 from github/max-schaefer/broken-crypto-algorithm-link JavaScript/Python/Ruby: Improve alert message for `*/weak-cryptographic-algorithm`.	2023-11-08 14:29:24 +01:00
Erik Krogh Kristensen	f643fd7d74	Merge pull request #14716 from erik-krogh/invalid-main JS: catch when the main: path is invalid on Windows	2023-11-08 08:33:58 +01:00
Geoffrey White	b63294764b	Merge pull request #14705 from geoffw0/qhelplink Fix a dead ReDoS link in docs	2023-11-07 17:40:19 +00:00
erik-krogh	ae577d1e44	catch when the main: path is invalid on Windows	2023-11-07 17:42:21 +01:00
Geoffrey White	e8a466a02c	Update dead link.	2023-11-07 09:26:07 +00:00
Cornelius Riemenschneider	be02512dfe	Add a build system for the junit tests. This is a bit more complicated than our usual setup, as we both need to unzip the typescript parser wrapper, and make node accessible on the path.	2023-11-06 17:58:28 +01:00
Cornelius Riemenschneider	52fcc5f435	Export test data directories.	2023-11-06 13:47:56 +01:00
Cornelius Riemenschneider	63854e36b4	Use the TestPaths helper to lookup files.	2023-11-06 13:47:56 +01:00
Cornelius Riemenschneider	a773532d07	Refactor JS test suite to be more in line with other Java projects. Therefore, we move the test suite out of the `src` directory.	2023-11-06 13:47:56 +01:00
Cornelius Riemenschneider	6c7ea86a12	Introduce a bazel-based build for the entire JS pack.	2023-11-06 13:47:56 +01:00
Cornelius Riemenschneider	465eb00228	More fine-grained dependency on internal extractors.	2023-11-06 13:44:28 +01:00
erik-krogh	abcb5a7a95	remove the remaining yarn files	2023-11-05 19:24:59 +01:00
erik-krogh	688afddaf2	Re-order expected test output of all JS tests	2023-10-31 16:38:22 +01:00
Arthur Baars	5cc94e1105	Express.js: add req.path as remote input source	2023-10-31 12:44:26 +01:00
Arthur Baars	21b7a51d0a	Add test case for req.path	2023-10-31 12:44:25 +01:00
Arthur Baars	1479509d93	Re-order expected test ouput	2023-10-31 12:44:25 +01:00
Chris Smowton	79e1aa0498	Merge pull request #14634 from github/post-release-prep/codeql-cli-2.15.2 Post-release preparation for codeql-cli-2.15.2	2023-10-31 10:24:53 +00:00
github-actions[bot]	2b939fdf08	Post-release preparation for codeql-cli-2.15.2	2023-10-30 16:06:51 +00:00
Harry Maclean	083be305e1	Shared: Add neutralModel extensible predicate The neutralModel extensible predicate already exists in Java and C#, so this change brings the dynamic languages more in line with static languages. The Model Editor uses this predicate to mark endpoints as "not interesting" from a data flow perspective.	2023-10-30 11:31:57 +00:00
github-actions[bot]	4641990021	Release preparation for version 2.15.2	2023-10-30 11:05:53 +00:00
erik-krogh	cf958f0828	lower the severity of js/identity-replacement to medium	2023-10-27 13:54:17 +02:00
Max Schaefer	104700f6d3	Address review comment.	2023-10-27 10:19:28 +01:00
Max Schaefer	08cc8b8e80	Autoformat.	2023-10-26 15:36:06 +01:00
erik-krogh	302199a74a	fix `TypeExprKinds` crashing on a `ThisExpression`	2023-10-26 16:33:54 +02:00
Max Schaefer	abef8483bd	Merge pull request #14600 from github/max-schaefer/express-rate-limit JavaScript: Add support for importing `express-rate-limit` using a named import.	2023-10-26 15:15:22 +01:00
Max Schaefer	741735cc83	Port changes to JavaScript.	2023-10-26 14:47:24 +01:00
Max Schaefer	aff848b038	Update javascript/ql/lib/semmle/javascript/security/dataflow/MissingRateLimiting.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2023-10-26 13:06:52 +01:00
Max Schaefer	2c7291336d	Move test files into right directory.	2023-10-26 12:16:52 +01:00
Max Schaefer	bb146a1758	JavaScript: Add support for `rateLimit` export from `express-rate-limit` package.	2023-10-26 12:14:57 +01:00
Cornelius Riemenschneider	790615fbc2	Merge pull request #14552 from github/criemen/bazel-js Javascript extractor: Bazel-based build	2023-10-24 19:36:39 +02:00
Cornelius Riemenschneider	42c343e820	Address review	2023-10-24 16:03:35 +02:00
Cornelius Riemenschneider	9ba32a0440	Add bazel-based build for the Javascript extractor.	2023-10-20 16:23:50 +02:00
Cornelius Riemenschneider	de85f2bbf8	Fix errorprone violations.	2023-10-20 16:23:35 +02:00
Erik Krogh Kristensen	f562d5319f	Merge pull request #14539 from flyboss/main fix typo ('Configration' to ‘Configuration’)	2023-10-20 14:10:42 +02:00
flyboss	ee813c1e61	Update UnsafeHtmlConstructionQuery.qll add a deprecated alias in case anyone depends on the misspelled name.	2023-10-20 17:57:23 +08:00
flyboss	86336565eb	fix typo	2023-10-19 02:34:31 +00:00
github-actions[bot]	8dcd8b9e5b	Post-release preparation for codeql-cli-2.15.1	2023-10-17 20:24:00 +00:00
github-actions[bot]	3b3c036626	Release preparation for version 2.15.1	2023-10-16 17:49:39 +00:00
Arthur Baars	0e3369f93f	Merge pull request #14484 from aibaars/ts53-js JS: Support import attributes	2023-10-16 10:47:49 +02:00
erik-krogh	69c3e62965	add change-note	2023-10-13 15:16:39 +02:00
erik-krogh	9080e84fc9	add support for extracting `.jsp` files	2023-10-13 12:09:27 +02:00
Arthur Baars	a4d0ef6350	Add changenote	2023-10-12 13:04:00 +02:00
Arthur Baars	a9a21aa313	Rename DynamicImportExpr::getImport{Attributes => Options}	2023-10-12 13:00:39 +02:00
Arthur Baars	1f4fcf1f31	Rename test files	2023-10-12 13:00:39 +02:00
Arthur Baars	a1c1f7b910	Add tests for deprecated 'assert' syntax	2023-10-12 13:00:39 +02:00
Arthur Baars	f38d2e1b89	Replace 'assert' with 'with' in QL test files	2023-10-12 13:00:39 +02:00
Arthur Baars	c28004f2a6	Rename 'getImportAssertion()' to 'getImportAttributes()' in QL library	2023-10-12 13:00:39 +02:00

1 2 3 4 5 ...

9282 Commits