hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

19 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
3448751b4c JS: Consolidate command-line argument modeling 
Such that we can reuse the existing modeling, but have it globally
applied as a threat-model as well.

I Basically just moved the modeling. One important aspect is that this
changes is that the previously query-specific `argsParseStep` is now a
globally applied taint-step. This seems reasonable, if someone applied
the argument parsing to any user-controlled string, it seems correct to
propagate that taint for _any_ query.
 2024-10-25 15:03:43 +02:00
jorgectf
2ac334bf15 Adapt Webix modeling to support HTML use-cases 2023-06-28 15:26:30 +02:00
jorgectf
7e7e2aaac7 Remove non-existing import 2023-06-22 01:15:08 +02:00
jorgectf
6947e99c15 Add models for webix 
Co-authored-by: Kevin Stubbings <Kwstubbs@users.noreply.github.com>
 2023-06-22 01:07:33 +02:00
Asger F
3d208c0a62 JS: Port Actions sources based on PR from R3x 2023-05-01 10:48:43 +02:00
Asger F
fcdb2fa03f JS: Remove MaD models from .qll files 2022-12-07 11:35:13 +01:00
Asger F
47f1d62569 JS: Add generated typings to SQL models 2022-09-20 11:40:16 +02:00
Erik Krogh Kristensen
7f592a6c64 merge Clipboard.qll and DragAndDrop.qll, and support InputEvent 2022-04-18 22:17:31 +02:00
bananabr
0f1582f3f6 included JavaScript drag and drop API Xss sources 2022-04-09 22:33:30 -05:00
Erik Krogh Kristensen
d55920ad27 add model for the snapdragon library 2022-02-10 11:32:59 +01:00
Asger Feldthaus
772681d249 JS: Initial support for models as data 2022-01-05 14:34:52 +01:00
CodeQL CI
39ec7132af Merge pull request #7049 from asgerf/js/routing-trees 
Approved by erik-krogh
 2021-12-17 12:26:38 +00:00
Asger Feldthaus
7e947b2a65 JS: Use return value of trusted type policy callback as a sink 2021-12-14 13:28:46 +01:00
Asger Feldthaus
aae4260819 JS: Routing model 2021-12-07 10:41:55 +01:00
Erik Krogh Kristensen
2e912ee28e rename LDAP to Ldap 2021-10-27 19:05:56 +02:00
Erik Krogh Kristensen
d4de5e3248 refactoring and renamings in the ldap model 2021-10-01 09:01:14 +02:00
Erik Krogh Kristensen
2b286a856c naively move ldap into the SQL injection query 2021-10-01 09:00:10 +02:00
Erik Krogh Kristensen
8e98dcefb1 add clipboard data as a RemoteFlowSource 2021-09-13 20:43:31 +02:00
Andrew Eisenberg
45d1fa7f01 Packaging: Rafactor Javascript core libraries 
Extract the external facing `qll` files into the codeql/javascript-all
query pack.
 2021-08-25 12:15:56 -07:00