hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-26 17:28:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,699 Commits 1,721 Branches 163 Tags
d5d08da545571ee6704af03ab64faaa6e22e677f
Commit Graph

1451 Commits

Author SHA1 Message Date
Asger F
96d6115452 Merge branch 'master' into js/sql-type-tracking 2020-05-18 15:58:42 +01:00
Max Schaefer
bdd778f989 JavaScript: Add change note. 2020-05-18 12:08:36 +01:00
semmle-qlci
6041d52936 Merge pull request #3424 from asger-semmle/js/express-param-handler 
Approved by esbena
 2020-05-18 08:48:24 +01:00
semmle-qlci
0230b79efc Merge pull request #3391 from erik-krogh/SplitFPs 
Approved by esbena
 2020-05-18 08:46:26 +01:00
semmle-qlci
8d41ce1630 Merge pull request #3480 from erik-krogh/moreSlip 
Approved by esbena
 2020-05-16 21:17:27 +01:00
Asger Feldthaus
435f9ea09f JS: Change note 2020-05-15 17:27:30 +01:00
Asger Feldthaus
e311cc7689 JS: Change note 2020-05-15 13:06:37 +01:00
Erik Krogh Kristensen
7df35a6bab update change note 2020-05-15 09:52:59 +02:00
semmle-qlci
a536069059 Merge pull request #3408 from esbena/js/unsafe-html-expansion 
Approved by asgerf, mchammer01
 2020-05-15 08:24:12 +01:00
semmle-qlci
23532ae49a Merge pull request #3467 from erik-krogh/tarSlip 
Approved by esbena
 2020-05-14 14:06:42 +01:00
semmle-qlci
57f44c5a81 Merge pull request #2886 from asger-semmle/js/call-graph-exploration 
Approved by erik-krogh, esbena
 2020-05-14 14:01:23 +01:00
Erik Krogh Kristensen
422ade16db Apply suggestions from code review 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-05-14 10:05:59 +02:00
Erik Krogh Kristensen
ce5356f592 change note 2020-05-14 09:48:50 +02:00
Calum Grant
f5daeea618 Merge pull request #3421 from hvitved/csharp/dataflow/change-note 
C#/Java/C++: Add change note for #3110
 2020-05-13 13:53:01 +01:00
Esben Sparre Andreasen
c6fa88af28 JS: change notes 2020-05-13 12:56:33 +02:00
Esben Sparre Andreasen
7722d77c86 JS: add the NoSQL $where as a sink for js/code-injection 2020-05-13 08:30:22 +02:00
Esben Sparre Andreasen
20cf04442c JS: model marsdb and minimongo 2020-05-13 08:28:59 +02:00
Erik Krogh Kristensen
83d34b939c change note 2020-05-12 14:24:04 +02:00
Erik Krogh Kristensen
8b3e86c4f8 change note 2020-05-11 13:40:59 +02:00
Tom Hvitved
c837ab7d1a Apply suggestions from code review 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-05-11 11:42:50 +02:00
Tom Hvitved
948c2f7f7e C++: Add change note 2020-05-07 16:01:55 +02:00
Tom Hvitved
0b85f3fed4 Address review comments 2020-05-07 15:58:46 +02:00
Erik Krogh Kristensen
a3fb13882b Merge branch 'master' into SplitFPs 2020-05-07 10:51:11 +02:00
Tom Hvitved
f19b1045d6 Java: Add change note 2020-05-06 15:52:49 +02:00
Tom Hvitved
ddd62a56cc C#: Add change note for #3110 2020-05-06 14:28:47 +02:00
semmle-qlci
9210660ea0 Merge pull request #3401 from erik-krogh/jsonLike 
Approved by esbena
 2020-05-06 08:00:44 +01:00
Tom Hvitved
3d37a49ccd C#: Add change note 2020-05-05 14:28:13 +02:00
Erik Krogh Kristensen
a4eee7e88e more -> additional 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2020-05-05 14:01:39 +02:00
Erik Krogh Kristensen
bffb12725b add test and change-note to prototype-polution 2020-05-05 13:49:11 +02:00
Erik Krogh Kristensen
38db731e0b add change note and new test for js/incomplete-url-scheme-check 2020-05-05 13:38:27 +02:00
Erik Krogh Kristensen
f56915d99f add change note for js/xss 2020-05-05 13:36:50 +02:00
Erik Krogh Kristensen
9a7f8d97d2 change note 2020-05-04 09:49:20 +02:00
Erik Krogh Kristensen
ffdbe31a30 change-note 2020-05-04 09:08:46 +02:00
Esben Sparre Andreasen
04b5a794f1 Merge pull request #3313 from esbena/js/typical-bad-sanitizer 
New query: Incomplete HTML attribute sanitization
 2020-04-27 14:31:13 +02:00
semmle-qlci
cbe417f5eb Merge pull request #3336 from erik-krogh/MoarJQuery 
Approved by esbena
 2020-04-25 15:17:55 +01:00
Esben Sparre Andreasen
f0a05f6a6c JS: change notes 2020-04-24 09:18:16 +02:00
Jonas Jensen
d98e956c2b Merge pull request #3322 from felicitymay/merge-124-master 
Merge rc/1.24 into master
 2020-04-24 08:48:54 +02:00
Erik Krogh Kristensen
e7d8cd8e8c Merge remote-tracking branch 'upstream/master' into MoarJQuery 2020-04-23 14:10:53 +02:00
Erik Krogh Kristensen
67443718c0 change note 2020-04-23 13:55:37 +02:00
Erik Krogh Kristensen
5382976195 change note 2020-04-23 11:52:16 +02:00
semmle-qlci
da3292606c Merge pull request #3191 from erik-krogh/XssDom 
Approved by esbena, mchammer01
 2020-04-23 09:17:07 +01:00
Felicity Chapman
89bf35cd43 Merge branch 'rc/1.24' into merge-124-master 
Conflicts:
	change-notes/1.24/analysis-javascript.md
    Resolved in favor of the rc/1.24 branch
 2020-04-22 19:01:47 +01:00
Felicity Chapman
523f1068b8 Editorial suggestions 
We don't hyphenate "QL-library" and there were a few typos. Feel free to further revise this if I've changed the meaning too much.

As discussed separately, I was unable to raise this as a PR in GitHub.com and had to resort to a direct commit.

(cherry picked from commit e29468135d)
 2020-04-22 18:15:43 +01:00
Taus
ac8cca37e8 Apply suggestions from code review 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
(cherry picked from commit 44b570f7b6)
 2020-04-22 18:15:43 +01:00
Taus Brock-Nannestad
63234aae40 Python: Finalise change notes for 1.24. 
(cherry picked from commit e97d88c158)
 2020-04-22 18:15:42 +01:00
Felicity Chapman
e29468135d Editorial suggestions 
We don't hyphenate "QL-library" and there were a few typos. Feel free to further revise this if I've changed the meaning too much.

As discussed separately, I was unable to raise this as a PR in GitHub.com and had to resort to a direct commit.
 2020-04-22 15:48:01 +01:00
Taus
44b570f7b6 Apply suggestions from code review 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
 2020-04-22 16:03:20 +02:00
Taus Brock-Nannestad
e97d88c158 Python: Finalise change notes for 1.24. 2020-04-22 14:31:04 +02:00
Erik Krogh Kristensen
ac44cb425e Merge branch 'master' into js/call-graph-exploration 2020-04-22 10:49:26 +02:00
Erik Krogh Kristensen
a5bbfa30d1 add change note 2020-04-22 10:23:07 +02:00