hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

1615 Commits

Author SHA1 Message Date
CodeQL CI
07f6ce7f3b Merge pull request #6398 from erik-krogh/authHeader 
Approved by esbena
 2021-08-03 02:04:35 -07:00
Erik Krogh Kristensen
87c0c60c22 don't report dummy authentication headers as hardcoded-crendentials 2021-08-02 22:56:14 +02:00
Erik Krogh Kristensen
f719e0ca1b remove nunjucks template URLs from the target-blank query 2021-08-02 22:46:59 +02:00
Erik Krogh Kristensen
6da1007f67 mark new redos tests correctly 2021-07-16 13:37:47 +02:00
Erik Krogh Kristensen
b2b736db10 add more tests for non-empty positive lookaheads 2021-07-16 13:25:37 +02:00
Erik Krogh Kristensen
178d3de824 Merge branch 'main' into logs 2021-07-16 11:21:25 +02:00
CodeQL CI
a02a82caac Merge pull request #6284 from erik-krogh/qs 
Approved by asgerf
 2021-07-16 02:11:59 -07:00
CodeQL CI
c1d0e52492 Merge pull request #6286 from erik-krogh/mkdirp 
Approved by asgerf
 2021-07-16 02:11:07 -07:00
CodeQL CI
6c2c51a767 Merge pull request #6287 from erik-krogh/react-tooltip 
Approved by asgerf
 2021-07-16 02:10:36 -07:00
CodeQL CI
d4fa1f7d96 Merge pull request #6295 from erik-krogh/sort-keys 
Approved by asgerf
 2021-07-16 02:09:47 -07:00
CodeQL CI
520337577b Merge pull request #6298 from erik-krogh/ansi-to-html 
Approved by asgerf
 2021-07-16 02:09:03 -07:00
CodeQL CI
b14139f3a0 Merge pull request #6261 from max-schaefer/js/module-constructor 
Approved by asgerf
 2021-07-16 00:28:30 -07:00
Erik Krogh Kristensen
28b98c1bfa update expected output 2021-07-15 15:51:01 +02:00
Erik Krogh Kristensen
ae2fc7171b add a taint step through the ansi-to-html library 2021-07-15 14:04:16 +02:00
Erik Krogh Kristensen
aaa8969537 add sort-keys as a clone call 2021-07-15 13:16:17 +02:00
Erik Krogh Kristensen
80d784e37a add a step over empty lookaheads/lookbehinds 2021-07-14 23:40:04 +02:00
Erik Krogh Kristensen
22dfe84ee8 add xss sink for react-tooltip 2021-07-14 20:03:50 +02:00
Erik Krogh Kristensen
14b26f2a68 add mkdirp as a sink for tainted-path 2021-07-14 19:32:22 +02:00
Erik Krogh Kristensen
f462c9bb76 add taint through the parseqs library 2021-07-14 17:22:35 +02:00
Erik Krogh Kristensen
bec1818fc7 add taint through the normalize-url library 2021-07-14 17:15:14 +02:00
Erik Krogh Kristensen
193ddfc771 add taint through the qs library 2021-07-14 16:56:51 +02:00
CodeQL CI
436168aa4f Merge pull request #6267 from erik-krogh/read-pkg 
Approved by asgerf
 2021-07-14 01:01:33 -07:00
CodeQL CI
9d59cba644 Merge pull request #6262 from erik-krogh/slash 
Approved by asgerf
 2021-07-13 05:44:55 -07:00
Erik Krogh Kristensen
e13d53f001 support pino logging calls on request objects 2021-07-13 14:32:50 +02:00
Erik Krogh Kristensen
cce15bed1d add basic support for the pino library 2021-07-13 14:00:01 +02:00
Erik Krogh Kristensen
07bc5856db add the cwd option from read-pkg as sink for path-injection 2021-07-12 23:43:15 +02:00
Erik Krogh Kristensen
899e54fbc9 add support for the slash library 2021-07-12 16:36:54 +02:00
Max Schaefer
ce24215dd5 JavaScript: Improve modelling of Module.prototype._compile sink. 2021-07-12 15:32:21 +01:00
Erik Krogh Kristensen
23c3be6860 add support for the json-cycle library 2021-07-12 11:03:39 +02:00
Erik Krogh Kristensen
94cbc4b2c0 add step through the fclone library 2021-07-12 10:51:43 +02:00
Erik Krogh Kristensen
1792c9a611 add taint step through the prettyjson library 2021-07-12 10:51:43 +02:00
Esben Sparre Andreasen
85b9003af4 JS: add Mootools XSS sinks 2021-07-01 09:17:27 +02:00
CodeQL CI
c02c96369d Merge pull request #6139 from erik-krogh/colors 
Approved by esbena
 2021-06-23 14:02:17 -07:00
CodeQL CI
b66f4cb965 Merge pull request #6134 from erik-krogh/templates 
Approved by asgerf, esbena
 2021-06-23 05:09:23 -07:00
Erik Krogh Kristensen
fa02651542 add taint step through the strip-ansi library 2021-06-23 09:13:03 +02:00
Erik Krogh Kristensen
fe76341820 add taint step through the chalk library 2021-06-23 09:12:48 +02:00
Erik Krogh Kristensen
053d9b5564 add taint step through the kleur library 2021-06-23 09:12:25 +02:00
CodeQL CI
37b66f9045 Merge pull request #6117 from asgerf/js/sharpen-match-calls 
Approved by esbena
 2021-06-22 22:52:37 -07:00
Erik Krogh Kristensen
6e2b92468f add taint step through the slice-ansi library 2021-06-22 23:14:14 +02:00
Erik Krogh Kristensen
35c513d38a add taint step through the cli-color library 2021-06-22 23:10:40 +02:00
Erik Krogh Kristensen
ec9c885908 add taint step through the cli-highlight library 2021-06-22 23:06:50 +02:00
Erik Krogh Kristensen
d114cdc6e5 add taint step through the colorette library 2021-06-22 23:02:01 +02:00
Erik Krogh Kristensen
e4427bb34a add taint step through the wrap-ansi library 2021-06-22 22:59:03 +02:00
Erik Krogh Kristensen
626a653401 add taint step through the colors library 2021-06-22 22:55:15 +02:00
Erik Krogh Kristensen
a21ebbbe8f add taint step through the ansi-colors library 2021-06-22 22:47:58 +02:00
CodeQL CI
d719a1e627 Merge pull request #6114 from erik-krogh/promisify 
Approved by esbena
 2021-06-22 12:19:38 -07:00
Erik Krogh Kristensen
2ba2642c7a add more template sinks for the js/code-injection query 2021-06-22 20:24:42 +02:00
Asger Feldthaus
16e3681fd3 JS: Update RegExpInjection test case 2021-06-22 12:00:04 +02:00
Erik Krogh Kristensen
4360e5dcbc add model of the thenify library 2021-06-22 11:55:58 +02:00
Erik Krogh Kristensen
61cc415a32 add model of the util.promisify library 2021-06-22 11:55:58 +02:00