codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00

Author	SHA1	Message	Date
Asger F	cc8fe10801	JS: Update locations in expected files	2025-08-29 12:03:11 +02:00
Napalys Klicius	73309fb9dd	Updated modeling of `aws-sdk` with `MaD`	2025-04-28 14:00:12 +02:00
Napalys Klicius	42d5b80e81	Added support for `AWS.Credentials` hardcoded credentials	2025-04-28 14:00:12 +02:00
Napalys Klicius	f69037c176	Added ability to detect direct write to global `AWS.config`	2025-04-28 14:00:12 +02:00
Napalys Klicius	05e4677fd1	Added ability to detect `new AWS.ServiceName` cases with hardcoded credentials	2025-04-28 14:00:12 +02:00
Asger F	2a194a53af	raw test output	2025-02-28 13:29:39 +01:00
Asger F	f5911c9e5a	JS: Accept raw test output	2025-02-28 13:27:38 +01:00
Asger F	a2dd47aeb2	JS: Update test output These files conflicted and have been regenerated.	2024-08-22 14:27:15 +02:00
Asger F	2473274681	JS: Benign test output changes	2024-06-27 09:06:45 +02:00
Asger F	bd3fccd1a8	JS: Update test output with provenance column	2024-06-25 10:30:56 +02:00
Asger F	4bac90252c	JS: Port HardcodedCredentials	2023-10-13 13:15:04 +02:00
erik-krogh	9f2d7dfb29	update expected output	2022-09-29 22:48:41 +02:00
Esben Sparre Andreasen	816d79692b	ignore deliberately hardcoded password strings	2022-02-16 09:47:01 +01:00
Esben Sparre Andreasen	78744a0182	add additional tests	2022-02-16 09:44:56 +01:00
Esben Sparre Andreasen	e67c09f9ab	change example passwords in test	2022-02-16 08:56:00 +01:00
Erik Krogh Kristensen	87c0c60c22	don't report dummy authentication headers as hardcoded-crendentials	2021-08-02 22:56:14 +02:00
Erik Krogh Kristensen	99d03bab24	only flag the secret key in JWT	2020-11-12 21:36:05 +01:00
Erik Krogh Kristensen	5ecae55e77	add keys used by `jsonwebtoken` as CredentialsExpr	2020-11-10 10:41:39 +01:00
Erik Krogh Kristensen	a90c8769ee	update expected output	2020-06-03 15:24:04 +02:00
Erik Krogh Kristensen	a1940979ba	support credentials in a Buffer	2020-06-03 12:02:00 +02:00
Erik Krogh Kristensen	ba44ebe8a8	better support for browser based fetch API	2020-06-03 11:51:24 +02:00
Erik Krogh Kristensen	3622fb8716	support more variants of the Headers API	2020-06-03 11:50:10 +02:00
Erik Krogh Kristensen	3c802007a3	add support for string concatenations and base64-encoding of hardcoded credentials	2020-06-02 23:15:13 +02:00
Erik Krogh Kristensen	b6dc94fccb	add fetch.Headers.Authorization as a CredentialsExpr	2020-06-02 23:02:16 +02:00
Max Schaefer	b42026a90a	JavaScript: Update expected output.	2019-10-29 15:36:24 +00:00
Max Schaefer	dc1d1c2f22	JavaScript: Update expected output.	2019-10-29 15:30:06 +00:00
Esben Sparre Andreasen	a5645e168a	JS: exclude keys from whitelist	2019-09-16 10:13:18 +02:00
Esben Sparre Andreasen	0e2d2f8662	JS: whitelist some hardcoded dummy-passwords in two queries	2019-09-16 10:11:43 +02:00
Esben Sparre Andreasen	aa3f4a7048	JS: change passwords in tests	2019-09-16 10:09:59 +02:00
Max Schaefer	9221b62ded	JavaScript: Update expectd test output for security path queries to include `nodes` and `edges` query predicates.	2018-11-14 09:32:31 +00:00
Pavel Avgustinov	b55526aa58	QL code and tests for C#/C++/JavaScript.	2018-08-02 17:53:23 +01:00

31 Commits