github-actions[bot]
fb20f6ca63
Post-release preparation for codeql-cli-2.20.1
2025-01-07 22:07:40 +00:00
github-actions[bot]
88b6f1e79a
Release preparation for version 2.20.1
2025-01-07 20:50:36 +00:00
Dave Bartolomeo
72a53c4b23
Revert "Release preparation for version 2.20.1"
2025-01-07 13:32:23 -05:00
github-actions[bot]
fbf9f2fff8
Release preparation for version 2.20.1
2025-01-07 17:20:13 +00:00
Dave Bartolomeo
22e030584c
Revert "Release preparation for version 2.20.1"
2025-01-07 12:14:27 -05:00
github-actions[bot]
a121c5a5d0
Release preparation for version 2.20.1
2025-01-06 18:20:22 +00:00
Asger F
0cdda87161
JS: Restrict AP length in prototype-polluting function
2025-01-06 14:33:41 +01:00
Asger F
3acd4814de
Merge branch 'main' into js/shared-dataflow-merge-main
2024-12-19 10:14:38 +01:00
Asger F
947b785d47
JS: Remove reference to deprecated step relation that's empty anyway
2024-12-16 15:35:53 +01:00
Asger F
079294e55f
JS: Mass rename to node1,state1,node2,state2 naming convention
2024-12-16 15:35:46 +01:00
Asger F
73af3f3536
JS: Migrate PrototypePollutingFunction
2024-12-16 15:35:40 +01:00
Asger F
ebe596f227
JS: Migrate CorsPermissiveConfiguration
2024-12-16 15:35:39 +01:00
Asger F
d83ddfabaa
JS: Migrate an experimental CodeInjection query
2024-12-16 15:35:38 +01:00
Asger F
a398599bfb
JS: Rename an experimental query
...
Having the same name as a standard query is just confusing
2024-12-16 15:35:36 +01:00
Asger F
4e25036cdc
JS: Follow naming convention in InsecureModuleFlow module
2024-12-13 11:09:59 +01:00
github-actions[bot]
cf71a1525b
Post-release preparation for codeql-cli-2.20.0
2024-12-04 18:36:17 +00:00
github-actions[bot]
96564b7128
Release preparation for version 2.20.0
2024-12-04 16:01:14 +00:00
Henry Mercer
963f084d87
Merge branch 'main' into henrymercer/merge-back-rc-3.16
2024-12-04 13:39:10 +00:00
Asger F
b3461989b1
JS: Remove use of SanitizerGuardNode in experimental SSRF query
...
Makes a quick effort attempt to restore the original behaviour, though
it is not exactly the same due to lack of recursion.
2024-12-03 14:30:36 +01:00
Asger F
a574ff1669
JS: Remove use of MakeLegacyBarrierGuard in experimental SSRF
2024-12-03 14:30:28 +01:00
Asger F
75ab4856b8
Remove unsupported features from PoI
2024-12-03 14:30:25 +01:00
Asger F
04a3a6707f
JS: Update a reference to AdditionalSanitizerGuardNode
...
Unlike most other references to this class, we're not subclassing it here, we're
just trying to reuse some standard barrier guards but with a different flow state.
2024-12-03 14:30:22 +01:00
Asger F
834d35bc42
JS: Port experimental DecompressionBombs to ConfigSig
2024-12-03 14:30:21 +01:00
Asger F
871bc3b84a
JS: Port experimental CorsPermissiveConfiguration to ConfigSig
...
The tests show a new (source, sink) pair for an already-flagged sink.
Not sure why it was not flagged originally since the data flow path seems valid, given the steps provided by our models.
2024-12-03 14:30:20 +01:00
Asger F
f5a6485ef2
JS: Port experimental decodeJwtWithoutVerificationLocalSource
2024-12-03 14:30:19 +01:00
Asger F
72e522631d
JS: Port experimental jwtDecodeWithoutVerification to ConfigSig
2024-12-03 14:30:18 +01:00
Asger F
7e162f5451
JS: Port experimental EnvValueInjection to ConfigSig
2024-12-03 14:30:17 +01:00
Asger F
4f839070a0
JS: Port experimental EnvValueAndKeyInjection to ConfigSig
2024-12-03 14:30:16 +01:00
Asger F
8887ca1722
JS: Port an experimental CodeInjection variant to ConfigSig
2024-12-03 14:30:15 +01:00
Napalys
9d4e737bc2
JS: follow proper code standards for get predicates
...
Co-authored-by: asgerf <asgerf@github.com >
2024-11-29 11:32:10 +01:00
Napalys
3171f38cdd
JS: fixed bad alert messages when it came to incomplete sanitization for new RegExp objects
2024-11-29 11:14:45 +01:00
Napalys
98fd97799c
JS: imcomplete sanization now handles properly maybe global
2024-11-28 11:26:50 +01:00
Napalys
1ae174849f
JS: incomplete sanitization now also works with RegExp objects
2024-11-28 11:26:48 +01:00
Napalys Klicius
d6372aebc7
Update javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2024-11-25 12:12:12 +01:00
Napalys
e38b63ebcd
JS: previously js/case-sensitive-middleware-path was not taking into consideration unknown flags
2024-11-25 11:56:06 +01:00
Alexander Eyers-Taylor
c0474c4e45
Revert "Revert "Post-release preparation for codeql-cli-2.19.4""
2024-11-21 15:37:52 +00:00
Alexander Eyers-Taylor
4effe9e364
Revert "Post-release preparation for codeql-cli-2.19.4"
2024-11-21 14:43:15 +00:00
Asger F
d52bc971b8
Merge branch 'main' into js/shared-dataflow-merge-main
2024-11-20 14:05:03 +01:00
github-actions[bot]
3909df75dc
Post-release preparation for codeql-cli-2.19.4
2024-11-19 17:54:03 +00:00
github-actions[bot]
9783a11565
Release preparation for version 2.19.4
2024-11-19 16:21:37 +00:00
Napalys
a28fc8e772
JS: Add: Use of returnless function support for findLast and findLastIndex
2024-11-15 14:44:25 +01:00
Napalys Klicius
c8c15a0899
Merge pull request #17910 from Napalys/napalys/matchAll-support
...
JS: Support for matchAll
2024-11-14 15:36:20 +01:00
Mikaël Barbero
881fe0ba57
fix: add "actions" tag to ActionsArtifactLeak
...
Similar to javascript/ql/src/Security/CWE-094/ExpressionInjection.ql
2024-11-05 15:58:46 +01:00
Napalys Klicius
5e8b1b061f
Update javascript/ql/src/Security/CWE-020/MissingRegExpAnchor.ql
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2024-11-05 10:29:22 +01:00
Napalys Klicius
7825a46085
Merge branch 'github:main' into napalys/matchAll-support
2024-11-05 09:31:30 +01:00
Napalys
ccee34d6d3
Added support for matchAll in CWE-020 including new test cases
2024-11-05 08:51:24 +01:00
github-actions[bot]
f107d16b4e
Post-release preparation for codeql-cli-2.19.3
2024-11-04 17:20:08 +00:00
github-actions[bot]
cc7b724123
Release preparation for version 2.19.3
2024-11-04 16:37:28 +00:00
Rasmus Wriedt Larsen
dc8e645594
JS: Convert remaining queries to use ActiveThreatModelSourceAsSource
2024-11-01 10:47:10 +01:00
Asger F
443987b484
Merge branch 'main' into js/shared-dataflow-merge-main
2024-10-22 10:30:53 +02:00
