codeql

mirror of https://github.com/github/codeql.git synced 2026-04-08 08:34:02 +02:00

Author	SHA1	Message	Date
Napalys	fdfdcc0d93	Undo unnecessary name tracking for request, response objects	2025-04-22 14:16:45 +02:00
Napalys Klicius	63402ea581	Merge pull request #2 from asgerf/js/fastify-addhook JS: Add isMiddlewareSetup() hook to Routing model	2025-04-22 12:07:39 +02:00
Asger F	00661b62dc	JS: Add isMiddlewareSetup() hook to Routing model	2025-04-22 12:00:02 +02:00
Napalys	5c3556da66	Add user-controlled property tracking and update code injection alerts in Fastify hooks	2025-04-15 09:41:52 +02:00
Napalys	9b194ea613	Added `addHook` to `RouteSetup` thus now it is recognized now as rouute handler	2025-04-15 09:37:13 +02:00
Napalys	c175081698	Added test cases for `fastify.addHook`	2025-04-15 09:33:41 +02:00
Napalys	f1a3293f4c	Added change note	2025-04-15 09:27:51 +02:00
Paolo Tranquilli	4ae49cfe35	Merge pull request #19281 from github/redsun82/rust-setup Rust: refine `ql/test/setup.sh`	2025-04-11 11:55:12 +02:00
Owen Mansel-Chan	472bfa2668	Merge pull request #19115 from owen-mc/java/port/java/string-replace-all-with-non-regex Java: Add new quality query to detect `String#replaceAll` with non-regex first argument	2025-04-11 10:31:38 +01:00
Napalys Klicius	3d7c0201d9	Merge pull request #19231 from Napalys/js/typed_array JS: Taint propagation from low-level `ArrayBuffer` to `Strings`	2025-04-11 11:29:01 +02:00
Napalys Klicius	d0dcf897cb	Update javascript/ql/lib/semmle/javascript/internal/flow_summaries/Strings.qll Co-authored-by: Asger F <asgerf@github.com>	2025-04-11 11:04:08 +02:00
Napalys Klicius	d17d29a387	Merge pull request #19218 from Napalys/js/upgrade_websocket JS: Refactor `WebSocket` to use `API` graphs	2025-04-11 10:05:54 +02:00
Napalys	e3f1720f9c	Renamed`DecodeLike` to `Decode` and updated `propagatesFlow`	2025-04-11 10:04:09 +02:00
Arthur Baars	85940484ab	Update rust/ql/test/setup.sh	2025-04-11 09:57:50 +02:00
Paolo Tranquilli	db1203acb3	Rust: reinstate adding `rust-src` for test toolchains	2025-04-11 08:57:14 +02:00
Paolo Tranquilli	becea89a47	Rust: refine `ql/test/setup.sh`	2025-04-11 08:26:48 +02:00
Tom Hvitved	7ed8a85e08	Merge pull request #19246 from hvitved/rust/cache-tweaks	2025-04-10 19:02:25 +02:00
Felicity Chapman	c2baf9a052	Merge pull request #19270 from github/felicitymay-patch-1 CodeQL docs: Fix ordering in side navigation bar for Query help	2025-04-10 15:10:14 +01:00
Owen Mansel-Chan	4f5bdbb517	Add new query to java-code-quality.qls.expected	2025-04-10 14:37:11 +01:00
Napalys Klicius	43bf0beae9	Merge pull request #19263 from Napalys/js/make-dir-lib JS: Add support for `make-dir` package	2025-04-10 15:09:43 +02:00
Asger F	eac14b9837	Merge pull request #19200 from asgerf/js/web-response JS: Add sinks for calls to 'new Response()'	2025-04-10 14:41:32 +02:00
Napalys	171a84609e	Applied copilot suggestion.	2025-04-10 14:13:48 +02:00
Felicity Chapman	78a26cfdb2	Update index.rst	2025-04-10 13:09:51 +01:00
Joe Farebrother	7f7fca9e27	Merge pull request #19165 from joefarebrother/python-qual-loop-var-capture Python: Modernize the Loop Variable Capture query	2025-04-10 13:07:05 +01:00
Owen Mansel-Chan	acfcc6d490	Sort ids in `java-code-quality.qls`	2025-04-10 12:35:42 +01:00
Owen Mansel-Chan	576f4cf19f	Update tags	2025-04-10 12:21:09 +01:00
Owen Mansel-Chan	ad89e7980e	Tweak documentation	2025-04-10 12:21:08 +01:00
Owen Mansel-Chan	3ea5cc1b66	Add query to code-quality query suite	2025-04-10 12:21:06 +01:00
Owen Mansel-Chan	e1c5517de7	Keep COMPLIANT and NON_COMPLIANT comments in test	2025-04-10 12:21:05 +01:00
Owen Mansel-Chan	04ec1d7830	Update test expectations	2025-04-10 12:21:03 +01:00
Owen Mansel-Chan	626a7d5007	Fix punctuation	2025-04-10 12:21:02 +01:00
Owen Mansel-Chan	c4e56b1ec8	Add quality and cwe tag to query CWE-1176: Inefficient CPU Computation	2025-04-10 12:21:00 +01:00
Owen Mansel-Chan	042fe07494	Adjust alert message	2025-04-10 11:47:19 +01:00
Owen Mansel-Chan	fea3d10b97	Update qhelp	2025-04-10 11:47:18 +01:00
Owen Mansel-Chan	441c79ebdf	Use existing class StringReplaceAllCall	2025-04-10 11:47:17 +01:00
Owen Mansel-Chan	b5b252b10f	Convert test to inline expectations	2025-04-10 11:47:15 +01:00
Owen Mansel-Chan	ff2947a0e5	Adjust query name	2025-04-10 11:47:14 +01:00
Owen Mansel-Chan	041adcd63a	Java: Add initial version of string replaceAll with no regex query	2025-04-10 11:46:59 +01:00
Asger F	d2a4f1e17a	Merge pull request #19267 from asgerf/js/json-array-trailing-comma JS: Tolerate trailing commas in JSON arrays	2025-04-10 12:38:16 +02:00
Joe Farebrother	6802037c89	Update qhelp formatting	2025-04-10 09:52:18 +01:00
Joe Farebrother	00999baf9a	Apply docs review suggestion - Reword query description. Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2025-04-10 09:06:01 +01:00
Asger F	3da1f261f7	JS: Change note	2025-04-10 07:21:48 +02:00
Asger F	cfa1a9b603	JS: Update extractor version string	2025-04-10 07:20:53 +02:00
Asger F	1434f7acd2	JS: Tolerate trailing comma in JSON array Previously we'd fail to extract some tsconfig.json files because of this.	2025-04-10 07:20:51 +02:00
Asger F	800dd168c2	JS: Add failing TRAP test for trailing comma	2025-04-10 07:20:49 +02:00
Tom Hvitved	0e31bf1e7b	Merge pull request #19265 from hvitved/rust/crate-graph-self-crate-ref	2025-04-09 22:54:53 +02:00
Tom Hvitved	a6b20d7731	Merge pull request #19259 from hvitved/ruby/fix-bad-join Ruby: Fix bad join in `DeadStoreOfLocal.ql`	2025-04-09 19:03:33 +02:00
Tom Hvitved	1ba06ab3bf	Merge pull request #19216 from hvitved/rust/path-resolution-path-attr Rust: Handle path attributes in path resolution	2025-04-09 18:57:56 +02:00
Aditya Sharad	ef0065546a	Merge pull request #19264 from github/coadaflorin-actions-docs-patch Update codeql-library-for-actions.rst	2025-04-09 21:46:28 +05:30
Aditya Sharad	29af6f7f0d	Merge pull request #19257 from adityasharad/actions/fix/autobuild-powershell-spaces Actions: Fix invocation of autobuild PowerShell script	2025-04-09 21:26:32 +05:30

1 2 3 4 5 ...

78201 Commits