hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,000 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.3
Commit Graph

4806 Commits

Author SHA1 Message Date
Asger F
1b7977bf90 Merge pull request #18466 from asgerf/js/view-component-inputs 
JS: Add view-component-input threat model
 2025-01-24 10:59:25 +01:00
aegilops
522f3d1337 Merge 2025-01-23 17:00:56 +00:00
Erik Krogh Kristensen
4bd4937e65 Merge pull request #18547 from erik-krogh/suffixCheck 
JS: Fix FPs with js/incorrect-suffix-check
 2025-01-22 21:13:27 +01:00
Asger F
b015c88c79 JS: Add view-component-input threat model 2025-01-22 10:45:46 +01:00
Asger F
dd55460d7f JS: Update test output 2025-01-21 14:03:30 +01:00
Asger F
f3b52adde6 JS: Add test showing DB-CHECK failure 2025-01-21 14:02:17 +01:00
erik-krogh
17afab7d0f support that two indexOf() calls use the same string-concatenation in getAnEquivalentIndexOfCall() 2025-01-21 09:43:57 +01:00
erik-krogh
d5529e3a7e ensure an indexOf call is equivalent with itself. (getAUse() is used later to find matching indexOf calls) 2025-01-21 09:42:30 +01:00
erik-krogh
905d904543 add a few failing tests 2025-01-21 09:40:24 +01:00
Asger F
aa0b9559bf Merge pull request #18472 from asgerf/js/test-suite 
JS: Port three tests to use the new post processing-based inline test expectations
 2025-01-17 12:06:32 +01:00
Asger F
2c65946684 JS: Add setOtherInput example 2025-01-17 10:29:03 +01:00
Asger F
e983e26f68 JS: Add example with safe field 2025-01-17 10:28:07 +01:00
Asger F
859783c08b JS: Support [(ngModel)] 2025-01-17 10:26:57 +01:00
Asger F
d55c68c1f1 JS: Add test case with [(ngModel)] 2025-01-17 10:24:16 +01:00
Asger F
97f5559e64 JS: Recognise form input from NgForm 2025-01-17 10:22:20 +01:00
Asger F
1ec3a62242 JS: Add test with NgForm.value 2025-01-17 10:20:59 +01:00
Asger F
d4daa21318 JS: Add DOM event sources in Angular2 model 2025-01-17 10:20:22 +01:00
Asger F
b8ba50a9ac JS: Add Angular test case in XssThroughDom 2025-01-17 10:12:42 +01:00
Asger F
1964b347c7 Merge branch 'main' into js/test-suite 2025-01-16 13:19:07 +01:00
Asger F
6cd9752289 Merge pull request #18467 from github/js/shared-dataflow-branch 
JS: Migrate to shared data flow library (targeting main!) 🚀
 2025-01-16 11:28:57 +01:00
Asger F
bc34a045d3 JS: Triage discrepancies and update test 2025-01-10 14:18:31 +01:00
Asger F
18ab066e79 JS: Remove OK comments that don't provide further explanation 2025-01-10 14:18:30 +01:00
Asger F
c2b65b1f85 JS: Port IncompleteUrlSubstringSanitization test 2025-01-10 14:18:29 +01:00
Asger F
6b4be13a8e JS: Move annotations to the correct line 2025-01-10 14:18:28 +01:00
Asger F
95e20a045b JS: Port IncompleteUrlSchemeCheck test 2025-01-10 14:18:26 +01:00
Asger F
563471dd52 JS: Triage discrepancies and update test 2025-01-10 14:18:25 +01:00
Asger F
48f7a58d01 JS: Update IncompleteHostnameRegExp test to match reality 2025-01-10 14:18:24 +01:00
Asger F
a83508a828 JS: Port IncompleteHostNameRegExt test 2025-01-10 14:18:23 +01:00
aegilops
da68a04cd1 Merge branch 'angular-sources-sinks' of https://github.com/aegilops/codeql into angular-sources-sinks 2025-01-09 18:03:39 +00:00
aegilops
b07e801c10 Add new test for new XSS sink, update expected to match 2025-01-09 18:02:45 +00:00
Asger F
fd5a3dad90 JS: One more test 2025-01-09 10:46:45 +01:00
Asger F
138b000891 JS: Coerce the local export node to an Identifier 2025-01-09 10:42:25 +01:00
Asger F
db98880163 JS: Add crash reproduction to test case 2025-01-09 10:39:30 +01:00
Asger F
b2d62a080b JS: Move a test failure explanation into the test suite 
We have an issue for fixing the underlying problem
 2025-01-09 09:57:44 +01:00
Asger F
942ba189f7 JS: Minor test output change in nodes/edges 
I suspect this is due to some fixes in the DeduplicatePathGraph module
 2024-12-19 15:25:49 +01:00
Asger F
f8dc7eb25b JS: Update output from tests that changed on main 2024-12-19 15:25:47 +01:00
Asger F
4a6030c592 JS: Update expected with some absent result sets 2024-12-19 15:25:46 +01:00
Asger F
cd6ebb103e JS: Make test not assume implicit through for maps 2024-12-19 15:25:45 +01:00
Asger F
dc2f39c399 JS: Add model of Map#groupBy 2024-12-19 15:25:43 +01:00
Asger F
de5e6ddeed JS: Update with changes in TaintTracking test 2024-12-19 15:25:42 +01:00
Asger F
c204527c08 JS: Update Array test output (new tests added on main) 2024-12-19 15:25:41 +01:00
Asger F
33e8bd5032 JS: Update testUtilities import 2024-12-19 15:25:39 +01:00
Asger F
3acd4814de Merge branch 'main' into js/shared-dataflow-merge-main 2024-12-19 10:14:38 +01:00
Asger F
db00dad033 JS: Avoid deprecation warnings in some tests 2024-12-16 15:35:49 +01:00
Asger F
cf6d166d29 JS: Also update tutorial code 2024-12-16 15:35:47 +01:00
Asger F
69b361ae70 JS: Migrate a test to use flow state 2024-12-16 15:35:42 +01:00
Asger F
14ca1c134b JS: Update TaintedUrlSuffix test 2024-12-13 10:08:07 +01:00
Michael Nebel
c3fe3e468c Javascript: Update all test util paths to point to the new location. 2024-12-12 13:54:25 +01:00
Michael Nebel
0f146f1486 Javascript: Move test utilities into the query pack. 2024-12-12 13:54:23 +01:00
Asger F
66eb458134 JS: Handle match/matchAll and unknown regexps 2024-12-09 15:38:36 +01:00