hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,207 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.5
Commit Graph

2380 Commits

Author SHA1 Message Date
Henry Mercer
e0e82ad7ad Add periods for consistency 2024-12-04 16:05:15 +00:00
github-actions[bot]
96564b7128 Release preparation for version 2.20.0 2024-12-04 16:01:14 +00:00
Henry Mercer
963f084d87 Merge branch 'main' into henrymercer/merge-back-rc-3.16 2024-12-04 13:39:10 +00:00
Asger F
3f0d0e3a05 JS: Deprecate DataFlow::BarrierGuardNode 2024-12-03 14:30:50 +01:00
Asger F
0d79c7141c JS: Update two more uses of SanitizerGuardNode 2024-12-03 14:30:35 +01:00
Asger F
f620191da4 JS: Deprecate SanitizerGuardNode 2024-12-03 14:30:33 +01:00
Asger F
2ae7386775 JS: Also apply new BarrierGuardLegacy pattern in Xss.qll 2024-12-03 14:30:32 +01:00
Asger F
21494fbdff JS: Refactor BarrierGuardLegacy pattern to not depend on SanitizerGuardNode 
Previously our barrier guard classes were direct descendents of SanitizerGuardNode which made it hard to deprecate that class.

Now our barrier guards are not descending from any shared class. Instead they are contributed to SanitizerGuardNode via a private helper class we can remove in the future.
 2024-12-03 14:30:29 +01:00
Asger F
e6680dec8f JS: Avoid use of LabeledSanitizerGuardNode in TaintedObject 
Drive-by bugfix: Rename sanitizes -> blocksExpr.
This fixes a bug that caused the sanitizer guard not to work in df2.

The test output reflects the fact that the barrier guard works now.
 2024-12-03 14:30:24 +01:00
Asger F
f758b67d30 JS: Openly recommend SummarizedCallable 2024-12-03 14:30:09 +01:00
Asger F
249104b8ae JS: Update comments referring to old Configuration style 
Also avoid the term "analysis-specific" because it's not a term we use anywhere else.
 2024-12-03 14:30:08 +01:00
Asger F
13ee597848 JS: Add some proper documentation to SummarizedCallable 2024-12-03 14:30:07 +01:00
Asger F
988fa9c0ef JS: Deprecate AdditionalSanitizerGuardNode 
We're deprecating the class through an alias, but it is still the base class for a non-deprecated class, for backwards compatibility. For this reason we're also deprecating all of its member predicates so we can remove those in the future.
 2024-12-03 14:30:06 +01:00
Asger F
0b1e859e70 JS: Remove uses of AdditionalSanitizerGuardNode 2024-12-03 14:30:05 +01:00
Asger F
c2abb0fbd0 JS: Remove reference to AdditionalSanitizerGuard from CachedStages 2024-12-03 14:30:04 +01:00
Asger F
82682d9a62 JS: Remove a non-deprecated reference to SanitizerGuardNode 2024-12-03 14:30:03 +01:00
Asger F
bc7753de29 JS: Remove non-deprecated reference to AdditionalBarrierGuardNode 2024-12-03 14:30:02 +01:00
Asger F
0cd2e3f9eb JS: Deprecate old data flow library, except some guard-related nodes 2024-12-03 14:30:01 +01:00
Asger F
054558d7b5 JS: Include content properties in type-tracker properties 
Reminder: we have two PropertyName classes because the one in Contents.qll can't depend on DataFlow::Node.
 2024-12-03 09:58:54 +01:00
Napalys Klicius
08ef0dc1f2 Update javascript/ql/lib/change-notes/2024-11-28-regexp-unknown-flags.md 
Co-authored-by: Asger F <asgerf@github.com>
 2024-12-02 13:35:52 +01:00
Asger F
cab8a40d00 JS: Fix accidental recursion 2024-11-29 14:23:57 +01:00
Asger F
2f0c80a98b JS: Include summary steps in type tracking 2024-11-29 14:23:55 +01:00
Asger F
e34064e3b5 JS: Initial instantiation of sumamry type tracking 
Instantiates the library without using it yet.
 2024-11-29 14:23:50 +01:00
Asger F
df12f255ac JS: Rename propagatesFlowExt -> propagatesFlow 2024-11-29 14:23:49 +01:00
Napalys Klicius
13afd6310b Update javascript/ql/lib/change-notes/2024-11-28-regexp-unknown-flags.md 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2024-11-29 08:26:04 +01:00
Napalys
d2de9a2238 Fixed change notes 2024-11-28 14:24:27 +01:00
Napalys Klicius
9ca0fe4cbf Update RegExp handling and add test case 
Co-authored-by: erik-krogh <erik-krogh@github.com>
 2024-11-28 14:13:40 +01:00
Napalys
fd773603e6 Added change notes 2024-11-28 12:04:09 +01:00
Napalys
9a1c1f4be3 JS: Added in RegExpCreationNode maybeGlobal predicate for more convenience. 2024-11-28 12:03:51 +01:00
Napalys
1d2e08a3b6 JS: now Reg Exp injection treats unknownFlags as sanitization, MetacharEscapeSanitizer 2024-11-28 11:26:58 +01:00
Napalys
e673348ed3 JS: now RegExp with unknown flags is not flagged as an issue within password Clear text storage of sensitive information 2024-11-28 11:26:56 +01:00
Napalys
a2c46749c6 JS: fixed issue where MaskingReplacer would work only with regexp literals but not objects 2024-11-28 11:26:55 +01:00
Napalys
c71778f1aa JS: xss does not flag anymore replace with RegExp unknown flags 2024-11-28 11:26:53 +01:00
Napalys
875478c1c6 JS: Fixed path query not flagging new RegExp with DotRemovingReplaceCall 2024-11-28 11:26:45 +01:00
Napalys
a0df33c3ac JS: UnsafeShellCommand Using unknown flags in the RegExp object is no longer flagged as bad sanitization to reduce false positives. 2024-11-28 11:26:43 +01:00
Napalys
23b18aeca9 JS: Now unknown flags are not flagged in taint paths 2024-11-28 11:26:41 +01:00
Napalys
eca7a88615 JS: Fixed docs description 2024-11-28 11:26:40 +01:00
Napalys
7db6f7c721 JS: Added test cases with new RegExp for Tainted paths, currently works only with literals 2024-11-28 11:26:39 +01:00
Napalys
faef9dd877 JS: protyte poluting now treats unknownFlags as potentially good sanitization. 2024-11-28 11:26:38 +01:00
Napalys
18c7b18f82 JS: Now BadHtmlSanitizers new RegExp with unknown flags is also flagged. 2024-11-28 11:26:36 +01:00
Napalys
38be0e4c0a JS: Now BadHtmlSanitizers also flags new RegExp as potential issue 2024-11-28 11:26:34 +01:00
Asger F
805fd0b46e JS: Refine speculative step definition 2024-11-26 15:56:56 +01:00
Asger F
c94a01e6b6 JS: Remove reference to argsParseStep 
This was removed as part of the PR that introduced threat models.
 2024-11-26 15:36:47 +01:00
Asger F
bf62582f53 JS: Implement 'speculativeTaintStep' 
It is a mandatory part of the interface now; just providing a bare-bones implementation for rather than 'none()'
 2024-11-26 15:36:46 +01:00
Asger F
82d61e4194 Merge branch 'js/shared-dataflow-branch' into js/shared-dataflow-merge-main 2024-11-26 15:36:16 +01:00
Napalys Klicius
61e00861e5 Merge pull request #18008 from Napalys/napalys/ES2024-group-functions 
JS: Added support for [Object, Map].groupBy ES2024 feature
 2024-11-21 19:03:57 +01:00
Alexander Eyers-Taylor
c0474c4e45 Revert "Revert "Post-release preparation for codeql-cli-2.19.4"" 2024-11-21 15:37:52 +00:00
Alexander Eyers-Taylor
4effe9e364 Revert "Post-release preparation for codeql-cli-2.19.4" 2024-11-21 14:43:15 +00:00
Napalys Klicius
7ee0a7b398 Update javascript/ql/lib/semmle/javascript/Collections.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2024-11-21 14:02:42 +01:00
Napalys Klicius
edb9b47111 Merge pull request #18047 from Napalys/napalys/ES2023-string-protytpe-toWellFormed 
JS: Added taint-step String.prototype.toWellFormed ES2023 feature
 2024-11-21 14:01:21 +01:00