codeql

mirror of https://github.com/github/codeql.git synced 2025-12-27 14:16:34 +01:00

Author	SHA1	Message	Date
Arthur Baars	fbe9823a42	Merge branch 'main' into henrymercer/polish-diagnostics	2023-03-14 23:42:33 +01:00
Henry Mercer	1394abcf98	JS: Update diagnostics IDs for consistency with rules	2023-03-14 21:44:19 +00:00
Henry Mercer	1f63c5d5e4	JS: Update parse error diagnostic name for consistency	2023-03-14 21:43:32 +00:00
Asger F	feb7c49006	Merge pull request #12382 from asgerf/js/import-assertion JS: Support import assertions	2023-03-14 14:56:32 +01:00
Asger F	d953ad63fe	Merge pull request #12445 from asgerf/js/react-forward-ref JS: Handle forwardRef in React	2023-03-14 13:21:16 +01:00
Asger F	8ab3f39b5e	Merge pull request #12423 from asgerf/js/trusted-types-global-flow JS: Track trusted types policy callbacks	2023-03-14 13:09:50 +01:00
Erik Krogh Kristensen	060c37b6a2	Merge pull request #12345 from erik-krogh/delOldDeps delete old deprecations	2023-03-13 12:48:24 +01:00
Asger F	5461f94c6c	Merge pull request #12424 from asgerf/js/html-sanitizer-for-sql JS: Add html sanitizers as a taint step in a few queries	2023-03-13 11:36:19 +01:00
Asger F	41dd63adc7	Handle forwardRef in React	2023-03-13 11:30:18 +01:00
erik-krogh	6c1ebd999e	Merge branch 'main' into delOldDeps	2023-03-13 11:00:29 +01:00
Anders Schack-Mulligen	8d97fe9ed3	JavaScript: Autoformat	2023-03-10 09:41:20 +01:00
Henry Mercer	079451142e	Merge branch 'main' into codeql-ci/atm/release-0.4.9	2023-03-09 16:08:22 +00:00
github-actions[bot]	a82aaea514	JS: Bump version of ML-powered library and query packs to 0.4.10	2023-03-09 15:54:49 +00:00
github-actions[bot]	f0bb25bfce	JS: Bump patch version of ML-powered library and query packs	2023-03-09 15:46:31 +00:00
Asger F	6e744093e2	Merge pull request #12398 from github/post-release-prep/codeql-cli-2.12.4 Post-release preparation for codeql-cli-2.12.4	2023-03-09 15:38:21 +01:00
Arthur Baars	942cd7c275	Merge pull request #12113 from erik-krogh/diagnostics JS: Implement diagnostics	2023-03-09 12:57:06 +01:00
Arthur Baars	7ab0f88f78	JS: add link to docs to parse error diagnostic	2023-03-08 16:47:43 +01:00
Arthur Baars	e5be8ab1e5	JS: add integration test for diagnostic messages	2023-03-08 16:04:49 +01:00
Asger F	05b5aea477	JS: Changenote	2023-03-07 13:15:44 +01:00
Asger F	856b50735d	JS: Expand test case	2023-03-07 13:04:26 +01:00
Asger F	0affd898de	JS: Track trusted type policy callbacks	2023-03-07 10:22:26 +01:00
Asger F	4f0e17bf97	JS: Add step to a few other queries	2023-03-07 09:39:40 +01:00
Asger F	d4b4d22378	JS: Step through HTML sanitizers in SQL injection query	2023-03-06 15:10:26 +01:00
github-actions[bot]	af61b45785	Post-release preparation for codeql-cli-2.12.4	2023-03-04 14:16:55 +00:00
Dave Bartolomeo	b342e93989	Move change note to appropriate pack	2023-03-03 14:43:00 -05:00
github-actions[bot]	462da63970	Release preparation for version 2.12.4	2023-03-03 14:11:51 +00:00
Asger F	37999eaea0	JS: Fix implicit this	2023-03-03 13:43:17 +01:00
Asger F	f4b13e0955	JS: Update printAst expected output	2023-03-03 13:42:42 +01:00
Erik Krogh Kristensen	d94e51aaf6	Merge pull request #12377 from erik-krogh/jHtml JS: add the html argument to the jQuery functions as an XSS sink	2023-03-03 13:19:38 +01:00
Asger F	7f96fe725b	JS: Change note	2023-03-03 12:21:20 +01:00
Asger F	7a55b003d2	JS: Fix location of assert clause	2023-03-03 12:21:20 +01:00
Asger F	38194c6ae7	JS: Extract import assertions to DB	2023-03-03 12:21:20 +01:00
erik-krogh	a6c9af4182	add the html argument to the jQuery functions as an XSS sink	2023-03-03 11:09:53 +01:00
erik-krogh	94870b838f	add failing test	2023-03-03 11:08:33 +01:00
erik-krogh	a928f4c9ef	add change-notes	2023-03-03 09:23:10 +01:00
erik-krogh	f96d6accbb	delete old deprecations	2023-03-03 09:23:02 +01:00
github-actions[bot]	50c90bbc5c	ATM: Update model pack dependency of ML-powered model building and query packs	2023-03-02 17:31:03 +00:00
Erik Krogh Kristensen	64dad3db8a	Merge pull request #12333 from kaspersv/kaspersv/fix-join-order ReflectedXss: Prevent bad join order	2023-03-01 12:48:30 +01:00
Kasper Svendsen	86925646f3	ReflectedXss: Prevent bad join order	2023-02-28 12:06:27 +01:00
Erik Krogh Kristensen	50aa5e072a	Merge pull request #12177 from erik-krogh/alias-html JS: More precise type-test sanitizer guards in unsafe-html-construction	2023-02-27 18:16:11 +01:00
Erik Krogh Kristensen	927c322b7b	Merge pull request #11769 from erik-krogh/moreSan JS: Sanitizer for `sanitizer(x) === true`	2023-02-27 15:48:34 +01:00
Alex Ford	7c85448cba	Merge pull request #12080 from alexrford/js-use-shared-cryptography JS: Use shared `CryptographicOperation` concept	2023-02-27 12:26:38 +00:00
erik-krogh	0e60fc5512	Merge branch 'main' into alias-html	2023-02-27 09:16:25 +01:00
Erik Krogh Kristensen	f8f926ad50	Merge pull request #12175 from erik-krogh/reg-input JS: add process.env and process.argv etc. as source for `js/regex-injection`	2023-02-27 09:12:02 +01:00
Erik Krogh Kristensen	4ffe20ae75	Merge pull request #12189 from erik-krogh/more-export JS: also consider relative exports when finding library inputs	2023-02-27 09:02:55 +01:00
Henry Mercer	eb1fe57590	Merge branch 'main' into codeql-ci/atm/release-0.4.8	2023-02-23 16:23:32 +00:00
github-actions[bot]	7e2b286f03	JS: Bump version of ML-powered library and query packs to 0.4.9	2023-02-23 16:12:23 +00:00
github-actions[bot]	e02368f6fa	JS: Bump patch version of ML-powered library and query packs	2023-02-23 16:04:39 +00:00
github-actions[bot]	8eb8daa4d4	Post-release preparation for codeql-cli-2.12.3	2023-02-16 17:23:25 +00:00
github-actions[bot]	b0315119c6	Release preparation for version 2.12.3	2023-02-16 11:49:06 +00:00

1 2 3 4 5 ...

7984 Commits