hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,267 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.1
Commit Graph

2537 Commits

Author SHA1 Message Date
Napalys
762ca2f8f5 Added test case with async readFile, currently not flagged. 2025-03-26 14:21:44 +01:00
Napalys
ae645e49ba Added support for @hapi/hapi server. 2025-03-26 11:41:11 +01:00
Napalys
649b4e07e2 Added test cases for @hapi/hapi 2025-03-26 11:35:58 +01:00
Napalys
4cdc40d115 Added SQL injection detection for exec method embeded Express client from hdbext. 2025-03-25 18:39:54 +01:00
Napalys
7cc0634f57 Added createProcStatement as potential sql sink. 2025-03-25 14:50:38 +01:00
Napalys
0285cb6c7a Added @sap/hdbext.loadProccedure as sql sink. 2025-03-25 14:48:40 +01:00
Napalys
e595def8b0 Modeled execute as potential hana's sink. 2025-03-25 14:44:37 +01:00
Napalys
d28af9508a Added sink models for hana's client prepare function. 2025-03-25 14:42:27 +01:00
Napalys
9229962096 Add sink model for SQL injection detection in exec clients. 2025-03-25 14:36:13 +01:00
Napalys
032cfc134f Added test cases for hana clients. 2025-03-25 14:29:06 +01:00
Napalys Klicius
0689cf7f5e Update javascript/ql/lib/ext/axios.model.yml 
Co-authored-by: Asger F <asgerf@github.com>
 2025-03-25 10:56:01 +01:00
Napalys
1ee3fde214 Added support for axios.interceptors.response. 2025-03-25 10:55:34 +01:00
Napalys
20bb831ce9 Added test case for axios.interceptors.response with missing alert. 2025-03-25 10:55:14 +01:00
Napalys
10498bbaa4 Added support for axios.interceptors.request. 2025-03-25 10:54:56 +01:00
Napalys
ea181e4173 Added test case for axios.interceptors.request 2025-03-25 10:54:17 +01:00
Napalys
056bf4fde7 Added test case with inheretence. 2025-03-20 13:08:56 +01:00
Napalys
cb18408502 Added data as model for ApolloServer. 2025-03-19 13:36:06 +01:00
Napalys
23fdc3534f Added test case @apollo/server with SSRF. 2025-03-19 13:34:27 +01:00
Asger F
1324c11044 Merge pull request #19012 from asgerf/js/api-graph-array-element 
JS: Make API graphs use steps from summaries
 2025-03-18 18:03:43 +01:00
Napalys Klicius
749a0560b4 Merge pull request #19027 from Napalys/js/escape 
JS: Add support for `escape`
 2025-03-17 10:48:44 +01:00
Asger F
4c1c0b79a6 JS: Make API-graphs use Content internally, and use steps from flow summaries 2025-03-14 23:08:16 +01:00
Napalys
4a691b778b Added escape as UriEncodingSanitizer 2025-03-14 14:53:21 +01:00
Napalys
37e02e4261 Added escape as StringManipulationTaintStep. 2025-03-14 14:49:45 +01:00
Napalys
933f3c6f77 Refactor Tanstack integration: remove Tanstack framework and added model as data for it instead. 2025-03-14 13:52:05 +01:00
Napalys
dc262236f4 Enhance taint tracking by including escape and unescape in TaintedPath customizations. 2025-03-14 11:43:22 +01:00
Napalys
c4b717b86c Added test case for escape. 2025-03-14 11:40:23 +01:00
Napalys
66737402c2 Updated test ouput with fixes from main. 2025-03-14 10:50:10 +01:00
Napalys Klicius
908f48a22f Merge branch 'main' into js/vue_tanstack_model 2025-03-14 10:45:42 +01:00
Napalys
de5c7efd63 Added test case for unescape. 2025-03-13 13:47:42 +01:00
Napalys
3640e5e425 Added model for tanstack-react useQueries 2025-03-13 12:45:26 +01:00
Napalys
03330ef24d Added test cases for tanstack-react useQueries. 2025-03-13 12:45:25 +01:00
Napalys
6c9aa0e872 Added modeling of tanstack-vue useQueries. 2025-03-13 12:45:23 +01:00
Napalys
4917d64ce7 Added test cases for tanstack-vue useQueries. 2025-03-13 12:45:05 +01:00
Napalys
0c0158899e Added tanstack-vue useQuery modeling 2025-03-13 12:25:07 +01:00
Napalys
7712ca368a Added useQuery tanstack-vue test case 2025-03-13 12:25:05 +01:00
Napalys Klicius
40903a9643 Merge pull request #18975 from Napalys/js/tanstack_angular 
JS: Update Angular Client Request's with API graph and `Tanstack` Angular modeling
 2025-03-12 15:30:26 +01:00
Napalys
770920e738 Add new model configuration for @tanstack/angular-query-experimental. 2025-03-12 11:54:55 +01:00
Napalys
184d23df46 Add test cases for @tanstack/angular-query-experimental injectQuery 2025-03-12 11:54:53 +01:00
Asger F
8599ab2503 JS: Fix attributes nodes missing an enclosing callable 2025-03-11 16:47:48 +01:00
Asger F
6499e5458b JS: Restore line lost in merge 
'Accept incoming changes' in vscode somehow deleted this line.
 2025-03-11 13:19:29 +01:00
Asger F
e8c5e4d006 Merge branch 'main' into js/test-suite 2025-03-11 13:17:08 +01:00
Napalys Klicius
a4f2264f17 Merge pull request #18899 from Napalys/js/ecma-2024-regex 
JS: Add ECMAScript 2024 `v` Flag Operators for Regex Parsing
 2025-03-11 12:50:44 +01:00
Napalys Klicius
7c9edff33c Merge pull request #18964 from Napalys/js/mark_down_table 
JS: Refactor `markdown-table` library modeling
 2025-03-11 09:02:56 +01:00
Napalys
13c701948a Refactor Markdown taint steps and update expected results for reflected XSS tests 2025-03-10 19:27:36 +01:00
Asger F
0f201d2070 JS: Line number changes in redos test case 2025-03-10 14:36:49 +01:00
Asger F
75ed0d0b46 JS: Remove duplicate '$ Alert' in libxml test 2025-03-10 14:23:44 +01:00
Asger F
6a47678b60 JS: Fix broken alert comment in HeterogenousComparison 2025-03-10 14:23:43 +01:00
Asger F
c88eac486a JS: Remove stray $ Alert comment inside a doc comment 2025-03-10 14:23:42 +01:00
Asger F
0df893e280 JS: Remove blank lines and add trailing newline 2025-03-10 14:23:40 +01:00
Asger F
6fe3a368eb JS: Remove blank line and add trailing newline to file 2025-03-10 14:23:39 +01:00