hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

6144 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
0d497e8b9a add model for the showdown library 2021-02-10 17:22:42 +01:00
Erik Krogh Kristensen
f76018c039 add taint step for the markdown-table library 2021-02-10 15:11:41 +01:00
Erik Krogh Kristensen
b4704f7016 add taint-step for the marked library 2021-02-10 14:51:08 +01:00
Erik Krogh Kristensen
101d4358a9 detect DOM nodes from event callbacks 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
be9636491b add source for react-hook-form in xss-through-dom 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
65d93c9061 detect for DOM elements from DOM events in React 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
458dda9d25 add xss-through-dom source from react-final-form 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
ff3950ce98 add model for formik 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
d1087d4e41 move sources from XssThroughDom into a customizations file 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
0ca2310594 add model for htmlparser2 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
e2a66bf3ed add model for xml-js 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
73f7cd149f add model for sax 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
c43025d7b3 add model for xml2js 2021-02-10 14:16:30 +01:00
Erik Krogh Kristensen
44ca2e26a6 add taint-step to XML parsers 2021-02-10 14:16:08 +01:00
CodeQL CI
475d216f8e Merge pull request #5087 from erik-krogh/immutable 
Approved by asgerf
 2021-02-09 12:43:19 +00:00
CaptainFreak
503b339a1f remove hbs specific checks 2021-02-09 07:35:35 +05:30
alexet
9d06c75aed Javascript: improve performance of ExplicitInvokeNode::getArgument 2021-02-04 15:55:51 +00:00
Erik Krogh Kristensen
6cbf7b3267 add of Set, Stack and similar to the Immutable model 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
b74df66463 implement Immutable merge 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
c0de6a3af2 add support for Immutable Record 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
609b16b1f7 implement Immutable OrderedMap 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
2e7bf9b53c implement Immutable lists 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
a5c9492c87 add support for fromJS in the Immutable model 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
6cbe4caecc support toJS() by using plain property names instead of pseudoproperties. 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
b1f092f052 add support for map.set in Immutable model 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
b77dd54618 implement basic map get/set for immutable.js 2021-02-04 12:05:44 +01:00
Erik Krogh Kristensen
d016ba2252 rename name dataflow configuration in js/template-object-injection 2021-02-03 12:29:23 +01:00
Erik Krogh Kristensen
a5bde53bfe use the TaintedObject library in js/template-object-injection 2021-02-03 12:26:37 +01:00
CaptainFreak
12ee497485 move query to src, rename and refactor 2021-02-03 15:48:02 +05:30
CodeQL CI
653c900d62 Merge pull request #4987 from erik-krogh/defensiveFunctions 
Approved by esbena
 2021-02-02 14:47:23 -08:00
CodeQL CI
209fe8d7e5 Merge pull request #5049 from erik-krogh/singleQuote 
Approved by esbena
 2021-02-02 13:48:42 -08:00
CodeQL CI
4fdbda3543 Merge pull request #5056 from erik-krogh/react 
Approved by asgerf
 2021-02-02 01:40:08 -08:00
Erik Krogh Kristensen
ca435763b0 separate message for double and single quotes 2021-02-01 23:54:12 +01:00
Erik Krogh Kristensen
39591687ba add js/code-injection sink for script tags in React 2021-01-29 12:50:17 +01:00
Erik Krogh Kristensen
3f1e81533c support html attribute concatenations with single quotes 2021-01-29 10:37:37 +01:00
Asger Feldthaus
1637b72092 JS: Ignore Angular templates in a few non-security queries 2021-01-27 11:02:19 +00:00
CodeQL CI
76e1e4d668 Merge pull request #4712 from asgerf/js/api-graph-tweaks 
Approved by max-schaefer
 2021-01-26 04:04:05 -08:00
CodeQL CI
0be0929693 Merge pull request #4958 from asgerf/js/angular2 
Approved by erik-krogh
 2021-01-26 02:53:33 -08:00
Asger Feldthaus
e6d9cd1905 JS: Add clause to getReturn/getInstance 2021-01-26 10:14:12 +00:00
Asger Feldthaus
d59ccb7687 JS: Remove unhelpful mat-table load step 2021-01-26 09:27:48 +00:00
Asger Feldthaus
89225e222c JS: Remove confusing comment 2021-01-26 09:25:12 +00:00
CodeQL CI
4601eb9c7c Merge pull request #4706 from max-schaefer/issue-247 
Approved by asgerf
 2021-01-25 07:11:35 -08:00
Erik Krogh Kristensen
0ba610f7db Merge pull request #5013 from erik-krogh/asmWhitespace 
JS: remove benign result for js/whitespace-contradicts-precedence related to " | 0" expressions
 2021-01-25 13:29:07 +01:00
Erik Krogh Kristensen
d86705fe7a remove benign result for js/whitespace-contradicts-precedence related to " | 0" expressions 2021-01-25 10:43:39 +01:00
CodeQL CI
527c41520e Merge pull request #4951 from esbena/js/reintroduce-server-crash 
Approved by erik-krogh
 2021-01-22 06:37:50 -08:00
Esben Sparre Andreasen
3f3962f7a9 Update javascript/ql/src/Security/CWE-730/examples/server-crash.GOOD-B.js 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-01-22 14:03:21 +01:00
Esben Sparre Andreasen
718f6eb3fd JS: update and prettify examples 2021-01-22 13:17:38 +01:00
Erik Krogh Kristensen
11f35a5193 Update javascript/ql/src/semmle/javascript/security/performance/ReDoSUtil.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-01-21 23:11:50 +01:00
Erik Krogh Kristensen
62746bbbac skip analyzing regular expressions in minified files for ReDoS 2021-01-21 22:31:42 +01:00
CodeQL CI
d0b70d15f0 Merge pull request #4996 from esbena/js/nodejs-client-request-event-emitter 
Approved by erik-krogh
 2021-01-21 12:37:00 -08:00