codeql

mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	038cca814a	Merge branch 'main' into ts4	2020-08-28 10:27:49 +02:00
CodeQL CI	80cb8be405	Merge pull request #4155 from asger-semmle/js/lower-duplicate-element-id-precision Approved by esbena	2020-08-28 08:52:58 +01:00
CodeQL CI	ac94869978	Merge pull request #3978 from dellalibera/js/insecure-cookies Approved by esbena	2020-08-28 08:31:38 +01:00
Asger Feldthaus	e7a0bc6be6	JS: Lower precision of ambiguous HTML ID attribute	2020-08-27 15:51:34 +01:00
Esben Sparre Andreasen	9aa1404646	JS: fix formatting of InsecureCookie.qll	2020-08-27 09:44:45 +02:00
Esben Sparre Andreasen	67278d9c93	Merge pull request #4141 from esbena/js/clarify-sanitization JS: make sanitization a "common" technique rather than "important"	2020-08-27 08:08:17 +02:00
ubuntu	736f76b685	Simplify getQueryCall	2020-08-27 02:12:17 +02:00
ubuntu	30e7f958a8	Highlight API call	2020-08-27 01:42:16 +02:00
ubuntu	7eeec0d765	Correct typo example	2020-08-27 01:07:13 +02:00
ubuntu	cbe879ae73	Correct typo examples	2020-08-27 01:05:49 +02:00
ubuntu	68ff480892	Update .qhelp	2020-08-27 00:51:08 +02:00
ubuntu	13f443d2c3	Update getLdapjsClientDNMethodName	2020-08-27 00:48:29 +02:00
Alessio Della Libera	616113aeff	Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-27 00:47:29 +02:00
ubuntu	94bd9c6d3e	Rename LdapjsDN to LdapjsDNArgument and add it as Sink	2020-08-27 00:43:38 +02:00
ubuntu	7d36b3b4d2	Correct typo	2020-08-27 00:26:54 +02:00
ubuntu	2305a642eb	Correct typo	2020-08-27 00:24:50 +02:00
Alessio Della Libera	23287aacee	Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-27 00:17:55 +02:00
Alessio Della Libera	f12ac8ca60	Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-27 00:17:33 +02:00
ubuntu	cd1d50b637	Update expected output	2020-08-26 23:50:15 +02:00
Alessio Della Libera	dcf51c75e9	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.ql Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 23:33:52 +02:00
Esben Sparre Andreasen	d27442e846	Apply suggestions from code review Co-authored-by: Felicity Chapman <felicitymay@github.com>	2020-08-26 20:18:54 +02:00
Esben Sparre Andreasen	89305865d0	JS: make sanitization a "common" technique rather than "important"	2020-08-26 15:41:54 +02:00
Erik Krogh Kristensen	61427393be	add qldoc to Generators.qll file	2020-08-26 09:11:39 +02:00
Alessio Della Libera	57f3c73d3d	Update javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-26 02:08:31 +02:00
Alessio Della Libera	6979c394fe	Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-26 02:08:18 +02:00
Alessio Della Libera	355c7bc3b5	Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-26 02:08:08 +02:00
Alessio Della Libera	e027c8cc13	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 01:48:05 +02:00
Alessio Della Libera	a1f64e26cf	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 01:47:52 +02:00
Alessio Della Libera	3bd7615a75	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 01:47:37 +02:00
Alessio Della Libera	57cf447188	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 01:46:59 +02:00
Erik Krogh Kristensen	e6bfffaed3	update basic-block on `ExceptionalFunctionReturnNode` and `FunctionReturnNode`	2020-08-25 20:09:41 +02:00
Erik Krogh Kristensen	90422fe705	add support for delegating yield	2020-08-25 20:05:53 +02:00
Erik Krogh Kristensen	afaaea8922	support basic generators	2020-08-25 20:04:30 +02:00
Erik Krogh Kristensen	592ed8a3a1	remove ordinary return flow from generator functions	2020-08-25 14:02:57 +02:00
CodeQL CI	722b1a24f6	Merge pull request #4087 from erik-krogh/thisJsx Approved by asgerf	2020-08-25 10:20:32 +01:00
ubuntu	22f5ae4ad4	Format code	2020-08-24 18:53:37 +02:00
CodeQL CI	e2c6a01c00	Merge pull request #4097 from erik-krogh/createRequire Approved by esbena	2020-08-24 15:57:10 +01:00
Erik Krogh Kristensen	eb84f97e7f	Merge branch 'main' into ts4	2020-08-24 12:20:48 +02:00
ubuntu	3e97ec85b2	Add CodeQL to detect LDAP Injection in JS	2020-08-23 15:24:29 +02:00
Erik Krogh Kristensen	db57f3661e	Merge branch 'main' into ts4	2020-08-21 15:08:30 +02:00
Erik Krogh Kristensen	65a1769d43	Merge branch 'main' into asyncCalls	2020-08-21 14:58:27 +02:00
Erik Krogh Kristensen	bbbb0a2c5e	specialize `module.createRequire` support to ES2015 modules	2020-08-21 14:14:05 +02:00
Erik Krogh Kristensen	906705f84c	add `SourceNode` example to the `TrackedNode` deprecation description	2020-08-20 15:01:40 +02:00
Erik Krogh Kristensen	fe41521e0c	add tutorial for how to get around TrackedNodes deprecation	2020-08-20 12:46:17 +02:00
Erik Krogh Kristensen	8f68f512df	deprecate TrackedNodes.qll	2020-08-20 11:26:22 +02:00
Erik Krogh Kristensen	3d5c1560e4	basic support for `.cjs` files	2020-08-19 10:53:57 +02:00
Erik Krogh Kristensen	1e65ed2228	support module.createRequire	2020-08-18 14:43:03 +02:00
Erik Krogh Kristensen	83ed41b247	move indices comment into plain comment	2020-08-17 15:43:52 +02:00
CodeQL CI	c917cd02bd	Merge pull request #4054 from erik-krogh/urlIncludes Approved by esbena	2020-08-17 13:54:25 +01:00
Erik Krogh Kristensen	6f28ddf1f8	proper support for `this` inside a JSX-name	2020-08-17 14:23:42 +02:00

... 57 58 59 60 61 ...

6144 Commits