hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,531 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.7
Commit Graph

8 Commits

Author SHA1 Message Date
Asger F
64d39da5f8 JS: Accept Sources/Sink tags 2025-02-28 13:29:30 +01:00
Asger F
86932c51bc JS: Move some alerts to their correct location 
One of the diffs look confusing but:
Previously parameter {2,3} where flagged, now parameter {1,2} are flagged.

Note that for command injection, the SystemCommandExecution is flagged
despite the test file claiming otherwise.
 2025-02-28 13:27:40 +01:00
Asger F
9be041e27d JS: Update OK-style comments to $-style 2025-02-28 13:27:28 +01:00
Asger F
7a77432024 JS: Update lost result in insecure-download 
The VariableCapture library consumes one component of the access path limit, which means we lose this result
 2024-11-21 13:33:10 +01:00
Erik Krogh Kristensen
09d969a8ad recognize sensitive files by file-system writes 2020-06-25 15:19:42 +02:00
Erik Krogh Kristensen
8f5a3e9f4f add support for getASavePath() to js/insecure-download 2020-06-25 15:18:31 +02:00
Erik Krogh Kristensen
dafca8fd81 introduce flow-labels to js/insecure-download 2020-06-25 15:17:57 +02:00
Erik Krogh Kristensen
908edb39b9 unsecure -> insecure 2020-06-12 11:02:26 +02:00