Skip to content
Navigation Menu
Toggle navigation
Sign in
Product
GitHub Copilot
Write better code with AI
GitHub Advanced Security
Find and fix vulnerabilities
Actions
Automate any workflow
Codespaces
Instant dev environments
Issues
Plan and track work
Code Review
Manage code changes
Discussions
Collaborate outside of code
Code Search
Find more, search less
Explore
Why GitHub
All features
Documentation
GitHub Skills
Blog
Solutions
By company size
Enterprises
Small and medium teams
Startups
Nonprofits
By use case
DevSecOps
DevOps
CI/CD
View all use cases
By industry
Healthcare
Financial services
Manufacturing
Government
View all industries
View all solutions
Resources
Topics
AI
DevOps
Security
Software Development
View all
Explore
Learning Pathways
Events & Webinars
Ebooks & Whitepapers
Customer Stories
Partners
Executive Insights
Open Source
GitHub Sponsors
Fund open source developers
The ReadME Project
GitHub community articles
Repositories
Topics
Trending
Collections
Enterprise
Enterprise platform
AI-powered developer platform
Available add-ons
GitHub Advanced Security
Enterprise-grade security features
Copilot for business
Enterprise-grade AI features
Premium Support
Enterprise-grade 24/7 support
Pricing
Search or jump to...
Search code, repositories, users, issues, pull requests...
Search syntax tips
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign in
Sign up
Reseting focus
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
github
/
codeql
Public
Notifications
You must be signed in to change notification settings
Fork
1.7k
Star
8.3k
Code
Issues
841
Pull requests
364
Discussions
Actions
Projects
0
Security
Insights
Additional navigation options
Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights
Commits
Breadcrumbs
History for
codeql
javascript
on
main
User selector
All users
Datepicker
All time
Commit History
Commits on Apr 29, 2025
Merge pull request #19300 from Napalys/js/fastify
Show description for 6de38b1
Napalys
authored
6de38b1
Copy full SHA for 6de38b1
Merge pull request #19393 from asgerf/js/json-extractor-trailing-commas2
Show description for 6e64a22
asgerf
authored
6e64a22
Copy full SHA for 6e64a22
Commits on Apr 28, 2025
Merge pull request #19401 from github/post-release-prep/codeql-cli-2.21.2
Show description for 50f7ee1
nickrolfe
authored
50f7ee1
Copy full SHA for 50f7ee1
Post-release preparation for codeql-cli-2.21.2
github-actions[bot]
committed
2e0699a
Copy full SHA for 2e0699a
Fix, prevent addHook return values from being treated as XSS sinks
Napalys
committed
8b53f8f
Copy full SHA for 8b53f8f
Updated modeling of `aws-sdk` with `MaD`
Napalys
committed
73309fb
Copy full SHA for 73309fb
Fixed naming acronyms to be `PascalCase`
Napalys
committed
654177d
Copy full SHA for 654177d
Updated `takesConfigurationObject` with API graphs
Napalys
committed
f7f9fb8
Copy full SHA for f7f9fb8
Added support for `AWS.Credentials` hardcoded credentials
Napalys
committed
42d5b80
Copy full SHA for 42d5b80
Added ability to detect direct write to global `AWS.config`
Napalys
committed
f69037c
Copy full SHA for f69037c
Added ability to detect `new AWS.ServiceName` cases with hardcoded credentials
Napalys
committed
05e4677
Copy full SHA for 05e4677
Added test cases for individual AWS services, direct modification of global credentials and AWS.Credentials
Napalys
committed
e6450a1
Copy full SHA for e6450a1
Release preparation for version 2.21.2
github-actions[bot]
committed
625354c
Copy full SHA for 625354c
JS: Tolerate trailing comma in JSON objects
asgerf
committed
152d6f3
Copy full SHA for 152d6f3
JS: Add test with trailing comma in JSON object
asgerf
committed
6dd8114
Copy full SHA for 6dd8114
Commits on Apr 25, 2025
Add query suite inclusion tests for actions, csharp, go, javascript, ruby, rust
tamasvajk
committed
a4a2447
Copy full SHA for a4a2447
Commits on Apr 23, 2025
Javascript: Update test files.
michaelnebel
committed
2e0ce44
Copy full SHA for 2e0ce44
Commits on Apr 22, 2025
Undo unnecessary name tracking for request, response objects
Napalys
committed
fdfdcc0
Copy full SHA for fdfdcc0
JS: Add isMiddlewareSetup() hook to Routing model
asgerf
committed
00661b6
Copy full SHA for 00661b6
Merge pull request #19283 from asgerf/js/rest-pattern-fix
Show description for c2cab18
asgerf
authored
c2cab18
Copy full SHA for c2cab18
Commits on Apr 15, 2025
Post-release preparation for codeql-cli-2.21.1
github-actions[bot]
committed
d78736b
Copy full SHA for d78736b
Add user-controlled property tracking and update code injection alerts in Fastify hooks
Napalys
committed
5c3556d
Copy full SHA for 5c3556d
Added `addHook` to `RouteSetup` thus now it is recognized now as rouute handler
Napalys
committed
9b194ea
Copy full SHA for 9b194ea
Added test cases for `fastify.addHook`
Napalys
committed
c175081
Copy full SHA for c175081
Added change note
Napalys
committed
f1a3293
Copy full SHA for f1a3293
Commits on Apr 14, 2025
Release preparation for version 2.21.1
github-actions[bot]
committed
b961c59
Copy full SHA for b961c59
Merge pull request #19184 from Napalys/js/request_handlers
Show description for 8631371
Napalys
authored
8631371
Copy full SHA for 8631371
Commits on Apr 11, 2025
JS: Update more test output
asgerf
committed
6c01709
Copy full SHA for 6c01709
Merge pull request #19231 from Napalys/js/typed_array
Show description for 3d7c020
Napalys
authored
3d7c020
Copy full SHA for 3d7c020
Now `nextUrl` is of type `parameter` and loosen the restriction for `NextAppRouteHandler`
Napalys
committed
11abbf8
Copy full SHA for 11abbf8
Update javascript/ql/lib/semmle/javascript/frameworks/Next.qll
Show description for 92e4f11
Napalys
and
asgerf
authored
92e4f11
Copy full SHA for 92e4f11
Update javascript/ql/lib/semmle/javascript/internal/flow_summaries/Strings.qll
Show description for d0dcf89
Napalys
and
asgerf
authored
d0dcf89
Copy full SHA for d0dcf89
Merge pull request #19218 from Napalys/js/upgrade_websocket
Show description for d17d29a
Napalys
authored
d17d29a
Copy full SHA for d17d29a
Renamed`DecodeLike` to `Decode` and updated `propagatesFlow`
Napalys
committed
e3f1720
Copy full SHA for e3f1720
Added change note
Napalys
committed
2c4b352
Copy full SHA for 2c4b352
Pagination
Previous
Next
You can’t perform that action at this time.
github-actions[bot]
