hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

32 Commits

Author SHA1 Message Date
Asger F
33e8bd5032 JS: Update testUtilities import 2024-12-19 15:25:39 +01:00
Asger F
4d7401a074 JS: Deprecate tests for deprecated APIs 
Mainly adds 'deprecated' in front of a bunch of tests for deprecated APIs.
 2024-12-03 14:30:12 +01:00
Asger F
2473274681 JS: Benign test output changes 2024-06-27 09:06:45 +02:00
Asger F
53efb5837b JS: Update some tests with provenance columns 
Only includes the changes that purely contain the new provenance columns
 2024-06-26 13:51:44 +02:00
Asger F
5e7d1d5c2c Merge branch 'main' into js/shared-dataflow-merged 2024-03-13 14:27:16 +01:00
erik-krogh
fe3e768414 update expected output of tests 2023-12-20 14:10:36 +01:00
Asger F
3983530983 JS: Update Templating/Xss test 2023-10-13 13:15:07 +02:00
Asger F
fcfab5238e JS: Port CodeInjection 2023-10-13 13:15:03 +02:00
Asger F
213cabccc0 JS: Test with file more extensions 2023-08-04 14:24:51 +02:00
Kevin Stubbings
9f4389cbb5 Search for html.dot extension instead of dot 2023-08-04 00:55:51 -07:00
jorgectf
f1f3d8e18a Add dot.jssupport 
Co-authored-by: Kevin Stubbings <Kwstubbs@users.noreply.github.com>
 2023-06-29 19:17:37 +02:00
erik-krogh
368f84785b fix some more style-guide violations in the alert-messages 2022-10-07 11:22:22 +02:00
erik-krogh
aa56ca37ae make the alert messages of taint-tracking queries more consistent 2022-09-05 14:04:52 +02:00
Erik Krogh Kristensen
173e1d0262 move the DomBasedXss sources/sinks into the Customizations file 2022-04-20 18:10:53 +02:00
Erik Krogh Kristensen
f083e87fa1 refactor the js/xss query to use three flowlabels and one configuration 2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
896d2bad0e update expected output now that JSON.stringify() is seen as a sanitizer 2022-02-07 13:34:18 +01:00
CodeQL CI
de4b655ddb Merge pull request #7327 from asgerf/js/handlebars-more-raw-interpolation 
Approved by erik-krogh
 2021-12-17 14:07:57 +00:00
Asger Feldthaus
e2c6dd7d56 JS: Recognize {{& ... }} as an XSS sink 2021-12-17 10:31:50 +01:00
Asger Feldthaus
61cc84ba69 JS: Recognize leading/trailing ~ and & in mustache-tags 2021-12-17 10:31:50 +01:00
Asger Feldthaus
995e33158f JS: Add test for res.locals flow to template 2021-12-15 16:00:19 +01:00
Asger Feldthaus
04bdba85ea JS: Shift line numbers in test expectations 2021-12-15 16:00:19 +01:00
Asger Feldthaus
bac212c610 JS: Fix typo: instantiaton -> instantiation 2021-08-19 14:41:18 +02:00
Asger Feldthaus
65b44248f8 JS: Autoformat 2021-08-11 12:50:54 +02:00
Asger Feldthaus
4f4f524937 JS: Add test for upward traversal 2021-08-11 12:50:54 +02:00
Asger Feldthaus
b7339348ef JS: Add tests for EJS includes 2021-08-11 12:50:54 +02:00
Asger Feldthaus
b1cadc8ae7 JS: Add test for AngularJS sinks 2021-08-11 12:50:54 +02:00
Asger Feldthaus
e61d534c59 JS: Add ambiguity test for template file resolution 2021-08-11 12:50:54 +02:00
Asger Feldthaus
e8d10b983e JS: Tests for template file resolution 2021-08-11 12:50:54 +02:00
Asger Feldthaus
28fe8da37c JS: Add similar test for .njk file 2021-08-11 12:50:54 +02:00
Asger Feldthaus
1444ec5255 JS: Add similar test for hbs 2021-08-11 12:50:54 +02:00
Asger Feldthaus
7045fb4679 JS: Expand on test 2021-08-11 12:50:54 +02:00
Asger Feldthaus
14bada4bbe JS: Model consolidate and factor in template syntax from call site 2021-08-11 12:36:35 +02:00