hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
45,395 Commits 1,671 Branches 157 Tags
e4321f07a064a88b6609d2a56acff0b19300cee3
Commit Graph

107 Commits

Author SHA1 Message Date
Josh Soref
e4321f07a0 spelling: mimic 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-20 08:18:23 -04:00
Felicity Chapman
c1323886b6 Update change-notes/1.24/analysis-javascript.md 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-04-17 13:30:49 +01:00
Felicity Chapman
01a31c1065 Minor editorial changes 2020-04-17 12:50:20 +01:00
Felicity Chapman
ee12e6a00b Sort alphabetically 2020-04-17 12:35:33 +01:00
Asger Feldthaus
2c6beadf68 JS: Recognize more forms of scheme checks 2020-04-06 12:30:03 +01:00
semmle-qlci
1975a83cdd Merge pull request #3116 from max-schaefer/js/postgres-type-tracking 
Approved by asgerf
 2020-03-27 09:23:52 +00:00
semmle-qlci
e7fd97e72b Merge pull request #3119 from erik-krogh/SockJS 
Approved by esbena
 2020-03-25 21:36:29 +00:00
Erik Krogh Kristensen
f7faaa634f change-note 2020-03-25 11:37:39 +01:00
Max Schaefer
efbcec09ef JavaScript: Add type tracking to Postgres model. 2020-03-24 17:30:07 +00:00
semmle-qlci
4c9a6b73ee Merge pull request #3107 from erik-krogh/FArgs 
Approved by esbena
 2020-03-24 08:32:56 +00:00
Erik Krogh Kristensen
833183c706 change note 2020-03-23 14:13:30 +01:00
Asger Feldthaus
de7fbce27b JS: Adjust whitespace in change notes 2020-03-18 11:55:13 +00:00
Asger Feldthaus
08ad4f785a JS: Tweak other parts of change note for consistency 2020-03-18 11:55:12 +00:00
Asger Feldthaus
ad2b150d05 JS: Add change note 2020-03-18 11:55:12 +00:00
Erik Krogh Kristensen
9403026fff add change note 2020-03-17 11:48:02 +01:00
semmle-qlci
7e093a8e5c Merge pull request #3041 from erik-krogh/JQueryAjax 
Approved by esbena
 2020-03-14 22:31:59 +00:00
Esben Sparre Andreasen
4d6aa20990 Merge pull request #3004 from esbena/js/additional-mongodb-and-mongoose-injection-sinks 
JS: Mongoose and MongoDB improvements
 2020-03-14 12:31:43 +01:00
Erik Krogh Kristensen
2c18144560 change note 2020-03-11 17:01:41 +01:00
Erik Krogh Kristensen
dd261c51f7 add change note 2020-03-11 14:42:57 +01:00
Esben Sparre Andreasen
5b1b945c35 JS: distinguishes escapes in strings and regular expression literals 2020-03-10 12:26:20 +01:00
Esben Sparre Andreasen
e61f522f30 JS: bump change notes for mongodb 2020-03-10 09:57:45 +01:00
Max Schaefer
3c785ecaa7 JavaScript: Move flow summaries to experimental. 
Also update description and change note to call out their experimental character more clearly.
 2020-03-09 12:57:20 +00:00
Asger Feldthaus
a9a9c14eea JS: Change note 2020-03-07 15:15:13 +00:00
semmle-qlci
7891f8621e Merge pull request #2982 from esbena/js/request-model-with-chaining 
Approved by asgerf
 2020-03-06 08:57:42 +00:00
Esben Sparre Andreasen
db335ae89b JS: add default/chaining for request 2020-03-04 12:36:49 +01:00
Asger Feldthaus
6f2b05932e JS: Change note 2020-03-04 11:18:12 +00:00
Esben Sparre Andreasen
4625217a68 Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules 2020-03-03 15:07:51 +01:00
semmle-qlci
7f3f629d39 Merge pull request #2913 from asger-semmle/js/prototype-pollution-path 
Approved by erik-krogh
 2020-03-03 10:29:47 +00:00
Esben Sparre Andreasen
adddebf039 Merge branch 'master' of github.com:Semmle/ql into js/more-fs-modules 2020-03-03 10:55:16 +01:00
Erik Krogh Kristensen
019266e537 change name of Useless cat 2020-03-02 13:06:08 +01:00
Esben Sparre Andreasen
a589061bee JS: add type-tracking to the fs-module and model the original-fs 2020-02-28 12:54:59 +01:00
Erik Krogh Kristensen
ce9cd53bf1 Merge remote-tracking branch 'upstream/master' into UselessCat 2020-02-28 09:56:23 +01:00
Erik Krogh Kristensen
17f1974e05 Apply suggestions from code review 
Co-Authored-By: mc <42146119+mchammer01@users.noreply.github.com>
 2020-02-28 09:43:32 +01:00
Asger Feldthaus
52ebe49a0b JS: Flag deep assignments in prototype pollution query 2020-02-27 12:17:55 +00:00
Erik Krogh Kristensen
9c06c48dc7 Merge pull request #2884 from esbena/js/practically-exploitable-redos 
JS: add query js/exploitable-polynomial-redos
 2020-02-27 10:19:17 +01:00
Esben Sparre Andreasen
1b73cee692 JS: add js/exploitable-polynomial-redos 2020-02-27 08:42:43 +01:00
Asger F
160fc48803 Merge pull request #2896 from asger-semmle/typescript-3.8 
TS: Support Typescript 3.8
 2020-02-25 08:19:01 +00:00
Asger F
e665e3c187 Update change-notes/1.24/analysis-javascript.md 
Co-Authored-By: Esben Sparre Andreasen <esbena@github.com>
 2020-02-24 15:07:28 +00:00
Asger Feldthaus
6360073da4 JS: Rephrase change note 2020-02-24 14:35:17 +00:00
Erik Krogh Kristensen
b72404dc99 add change note 2020-02-24 14:07:49 +01:00
Asger Feldthaus
05d9e64dab TS: Add change note 2020-02-24 11:40:27 +00:00
Asger Feldthaus
1ee112a341 JS: Add change note 2020-02-21 13:55:27 +00:00
Asger Feldthaus
01fed95fe6 JS: Add change note 2020-02-21 11:49:20 +00:00
Esben Sparre Andreasen
abe7aeef7c Merge pull request #2643 from esbena/js/unsafe-jquery 
JS: add query js/unsafe-jquery-plugin
 2020-02-18 09:26:14 +01:00
semmle-qlci
23ed2bcc64 Merge pull request #2782 from asger-semmle/js/export-as-ns 
Approved by erik-krogh, max-schaefer
 2020-02-17 11:22:58 +00:00
Max Schaefer
ad83a8946c JavaScript: Sort lines in change notes. 2020-02-14 11:15:09 +00:00
Max Schaefer
f181111886 JavaScript: Add model of http2 compatibility API. 
Also deprecated the `httpOrHttps` predicate, which was now only used in one place and seemed a little pointless anyway.
 2020-02-14 11:14:31 +00:00
semmle-qlci
da566a4484 Merge pull request #2828 from erik-krogh/CVE24 
Approved by esbena
 2020-02-14 09:12:48 +00:00
semmle-qlci
769dce511b Merge pull request #2788 from erik-krogh/CVE42-sink 
Approved by esbena
 2020-02-14 08:00:00 +00:00
Erik Krogh Kristensen
d6afd438ba add model for chrome-remote-interface as a ClientRequest 2020-02-13 10:58:07 +01:00