hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,207 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.5
Commit Graph

10776 Commits

Author SHA1 Message Date
Asger F
947b785d47 JS: Remove reference to deprecated step relation that's empty anyway 2024-12-16 15:35:53 +01:00
Asger F
0b2914ff13 JS: A few more deprecation updates 2024-12-16 15:35:50 +01:00
Asger F
db00dad033 JS: Avoid deprecation warnings in some tests 2024-12-16 15:35:49 +01:00
Asger F
cf6d166d29 JS: Also update tutorial code 2024-12-16 15:35:47 +01:00
Asger F
079294e55f JS: Mass rename to node1,state1,node2,state2 naming convention 2024-12-16 15:35:46 +01:00
Asger F
ac6da6c2b1 JS: Add some missing qldoc 2024-12-16 15:35:44 +01:00
Asger F
d993c888b1 JS: Deprecate the FlowLabel class 2024-12-16 15:35:43 +01:00
Asger F
69b361ae70 JS: Migrate a test to use flow state 2024-12-16 15:35:42 +01:00
Asger F
73af3f3536 JS: Migrate PrototypePollutingFunction 2024-12-16 15:35:40 +01:00
Asger F
ebe596f227 JS: Migrate CorsPermissiveConfiguration 2024-12-16 15:35:39 +01:00
Asger F
d83ddfabaa JS: Migrate an experimental CodeInjection query 2024-12-16 15:35:38 +01:00
Asger F
a398599bfb JS: Rename an experimental query 
Having the same name as a standard query is just confusing
 2024-12-16 15:35:36 +01:00
Asger F
c951a29e2a JS: Migrate UnvalidatedDynamicMethodCall 2024-12-16 15:35:34 +01:00
Michael Nebel
aaf0cd5dee Merge pull request #17968 from michaelnebel/java/movetestutils 
Move test utilities to the query pack.
 2024-12-16 13:41:30 +01:00
Asger F
820f81fc10 JS: Migrate UnsafeDynamicMethodAccess 2024-12-13 11:32:25 +01:00
Asger F
a9e89ed8e3 JS: Migrate PrototypePollutingAssignment 2024-12-13 11:23:31 +01:00
Asger F
bcc1669f4c JS: Migrate InsecureDownload 2024-12-13 11:10:14 +01:00
Asger F
4e25036cdc JS: Follow naming convention in InsecureModuleFlow module 2024-12-13 11:09:59 +01:00
Asger F
d381ab1260 JS: Migrate IncompleteHtmlAttributeSanitization 2024-12-13 10:55:00 +01:00
Asger F
2112ecc44d JS: Migrate HardcodedDataInterpretedAsCode 2024-12-13 10:48:43 +01:00
Asger F
dc3d7a0159 Update ExceptionXssCustomizations.qll 2024-12-13 10:47:04 +01:00
Asger F
42a7208704 JS: Migrate ExceptionXss 2024-12-13 10:29:32 +01:00
Asger F
d9a43dbd85 JS: Migrate UnsafeHtmlConstruction 2024-12-13 10:08:17 +01:00
Asger F
8907252814 JS: Migrate TemplateObjectInjection 2024-12-13 10:08:16 +01:00
Asger F
3573f0b065 JS: Migrate SecondOrderCommandInjection 2024-12-13 10:08:15 +01:00
Asger F
355f7cdd54 JS: Migrate PrototypePollutingMergeCall 2024-12-13 10:08:13 +01:00
Asger F
c38e3a23eb JS: Migrate NoSqlInjection 2024-12-13 10:08:12 +01:00
Asger F
8e8de5cf23 JS: Migrate LoopBoundInjection 2024-12-13 10:08:11 +01:00
Asger F
daddff0dc6 JS: Avoid deprecation warning in XssThroughDom 2024-12-13 10:08:10 +01:00
Asger F
15d999a9dc JS: Migrate DeepObjectResourceExhaustion 2024-12-13 10:08:09 +01:00
Asger F
5f42a715f6 JS: Migrate TaintedObject to a CommonFlowState 2024-12-13 10:08:08 +01:00
Asger F
14ca1c134b JS: Update TaintedUrlSuffix test 2024-12-13 10:08:07 +01:00
Asger F
12289d4c39 JS: Migrate DomBasedXssQuery to FlowState 2024-12-13 10:08:06 +01:00
Asger F
114d4a141a JS: Move FlowState definition into CommonFlowState 
Needed for migrating the XSS query
 2024-12-13 10:08:05 +01:00
Asger F
3cf14d8506 JS: Migrate ClientSideUrlRedirect to flow state 2024-12-13 10:08:03 +01:00
Asger F
cca980298f JS: Use flow state in barrier and step relations 2024-12-13 10:08:02 +01:00
Asger F
a8fdd759f9 JS: Add FlowState class to TaintedUrlSuffix 2024-12-13 10:08:01 +01:00
Asger F
a53d294d91 Merge pull request #18203 from asgerf/jss/document-url 
JS: Use TaintedUrlSuffix in ClientSideUrlRedirect
 2024-12-12 15:47:51 +01:00
Michael Nebel
0bfc1b6ea8 Also move the postprocessing queries to the library pack. 2024-12-12 15:03:03 +01:00
Michael Nebel
941b0abbf6 Move modules to the library packs. 2024-12-12 15:03:01 +01:00
Geoffrey White
44a0ad2942 Update data-flow -> data flow in all versions of ConceptsShared.qll. 2024-12-12 13:36:26 +00:00
Michael Nebel
c3fe3e468c Javascript: Update all test util paths to point to the new location. 2024-12-12 13:54:25 +01:00
Michael Nebel
0f146f1486 Javascript: Move test utilities into the query pack. 2024-12-12 13:54:23 +01:00
Asger F
97b78e752b JS: Added more qldoc 2024-12-12 13:10:52 +01:00
Asger F
77f8e8ef4e JS: Use FlowState::fromFlowLabel instead of Label::toFlowState 
This works better for other queries where we don't already have a module named Label
 2024-12-10 11:57:18 +01:00
Asger F
38c9023dd9 JS: FlowLabel -> FlowState in ZipSlip 2024-12-10 11:16:07 +01:00
Asger F
0cd01cb96f JS: Use node1,state1,node2,state2 naming convention in tainted path 2024-12-10 11:16:05 +01:00
Asger F
0802107d9a JS: Flow label -> flow state in TaintedPath 2024-12-10 11:16:04 +01:00
Asger F
66eb458134 JS: Handle match/matchAll and unknown regexps 2024-12-09 15:38:36 +01:00
Asger F
6e7c5a3707 JS: Slightly more general getRoot() 2024-12-09 15:05:45 +01:00