hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

5056 Commits

Author SHA1 Message Date
Asger Feldthaus
00f4694616 JS: Recognize methods returning DOM objects 2021-08-04 16:25:56 +02:00
valeria-meli
595ea6c383 files for qhelp 2021-08-03 18:00:29 -03:00
valeria-meli
57ac944319 rename folders 2021-08-03 17:39:48 -03:00
valeria-meli
92c874c2e2 rename query 2021-08-03 17:32:36 -03:00
valeria-meli
0e4865c40c Merge branch 'main' into javascript/ssrf 2021-08-03 17:17:50 -03:00
CodeQL CI
07f6ce7f3b Merge pull request #6398 from erik-krogh/authHeader 
Approved by esbena
 2021-08-03 02:04:35 -07:00
CodeQL CI
394d3349ac Merge pull request #6213 from asgerf/js/vuex 
Approved by erik-krogh
 2021-08-03 01:49:06 -07:00
Erik Krogh Kristensen
6b579dfad3 normalize auth-headers to lowercase 2021-08-03 09:09:47 +02:00
Asger Feldthaus
c88d213f37 JS: Use appendToNamespace 2021-08-03 08:52:19 +02:00
Asger Feldthaus
f5f255d93d JS: Rename getPrefix -> getNamespace 2021-08-03 08:51:35 +02:00
Asger F
ff17d298b0 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-08-03 08:45:56 +02:00
Erik Krogh Kristensen
87c0c60c22 don't report dummy authentication headers as hardcoded-crendentials 2021-08-02 22:56:14 +02:00
Erik Krogh Kristensen
f719e0ca1b remove nunjucks template URLs from the target-blank query 2021-08-02 22:46:59 +02:00
valeria-meli
f3c0bf7826 copy-paste from our repo 2021-07-27 18:09:11 -03:00
Erik Krogh Kristensen
36de24aecb use API nodes instead of type-tracking in the pino model 2021-07-16 11:32:32 +02:00
Erik Krogh Kristensen
178d3de824 Merge branch 'main' into logs 2021-07-16 11:21:25 +02:00
CodeQL CI
a02a82caac Merge pull request #6284 from erik-krogh/qs 
Approved by asgerf
 2021-07-16 02:11:59 -07:00
CodeQL CI
c1d0e52492 Merge pull request #6286 from erik-krogh/mkdirp 
Approved by asgerf
 2021-07-16 02:11:07 -07:00
CodeQL CI
6c2c51a767 Merge pull request #6287 from erik-krogh/react-tooltip 
Approved by asgerf
 2021-07-16 02:10:36 -07:00
CodeQL CI
d4fa1f7d96 Merge pull request #6295 from erik-krogh/sort-keys 
Approved by asgerf
 2021-07-16 02:09:47 -07:00
CodeQL CI
520337577b Merge pull request #6298 from erik-krogh/ansi-to-html 
Approved by asgerf
 2021-07-16 02:09:03 -07:00
CodeQL CI
f4f8ce0d36 Merge pull request #6294 from erik-krogh/arrify 
Approved by asgerf
 2021-07-16 02:08:19 -07:00
CodeQL CI
8ef57366c4 Merge pull request #6278 from erik-krogh/toUnicodeInAngular 
Approved by asgerf
 2021-07-16 02:07:18 -07:00
Asger Feldthaus
be8c574d5c JS: Add test and comment for access path termination criteria 2021-07-16 09:42:59 +02:00
CodeQL CI
b14139f3a0 Merge pull request #6261 from max-schaefer/js/module-constructor 
Approved by asgerf
 2021-07-16 00:28:30 -07:00
Erik Krogh Kristensen
ae2fc7171b add a taint step through the ansi-to-html library 2021-07-15 14:04:16 +02:00
Erik Krogh Kristensen
aaa8969537 add sort-keys as a clone call 2021-07-15 13:16:17 +02:00
Erik Krogh Kristensen
d2c74480b9 add taint step through flatten libraries 2021-07-15 12:36:07 +02:00
Erik Krogh Kristensen
77f4d56cd9 add taint step through array-union, array-uniq, and uniq 2021-07-15 12:32:29 +02:00
Erik Krogh Kristensen
5ff7d208b7 add taint step through arrify 2021-07-15 11:24:50 +02:00
Erik Krogh Kristensen
e64f29fe8f add support for Array.prototype.find and polyfills 2021-07-15 11:16:06 +02:00
Erik Krogh Kristensen
f6f63e2811 add model for the array-from polyfill 2021-07-15 10:51:55 +02:00
Erik Krogh Kristensen
80d784e37a add a step over empty lookaheads/lookbehinds 2021-07-14 23:40:04 +02:00
Erik Krogh Kristensen
22dfe84ee8 add xss sink for react-tooltip 2021-07-14 20:03:50 +02:00
Erik Krogh Kristensen
14b26f2a68 add mkdirp as a sink for tainted-path 2021-07-14 19:32:22 +02:00
Erik Krogh Kristensen
f462c9bb76 add taint through the parseqs library 2021-07-14 17:22:35 +02:00
Erik Krogh Kristensen
bec1818fc7 add taint through the normalize-url library 2021-07-14 17:15:14 +02:00
Erik Krogh Kristensen
86de10e6a1 simplify some implementations in UriLibraries.qll 2021-07-14 17:01:40 +02:00
Erik Krogh Kristensen
193ddfc771 add taint through the qs library 2021-07-14 16:56:51 +02:00
Erik Krogh Kristensen
73491d88da use the new .toUnicode method in the Angular2 model 2021-07-14 10:19:48 +02:00
CodeQL CI
436168aa4f Merge pull request #6267 from erik-krogh/read-pkg 
Approved by asgerf
 2021-07-14 01:01:33 -07:00
CodeQL CI
f9b539e5b9 Merge pull request #6253 from asgerf/js/more-precise-capture-steps 
Approved by erik-krogh
 2021-07-13 07:42:07 -07:00
Erik Krogh Kristensen
086c9c8156 remove redundant getACall() 
Co-authored-by: Asger F <asgerf@github.com>
 2021-07-13 16:32:14 +02:00
CodeQL CI
9d59cba644 Merge pull request #6262 from erik-krogh/slash 
Approved by asgerf
 2021-07-13 05:44:55 -07:00
CodeQL CI
c87fe95d52 Merge pull request #6258 from erik-krogh/case 
Approved by asgerf
 2021-07-13 05:44:49 -07:00
CodeQL CI
b34f444c88 Merge pull request #6254 from erik-krogh/json2csv 
Approved by asgerf
 2021-07-13 05:44:36 -07:00
Erik Krogh Kristensen
e13d53f001 support pino logging calls on request objects 2021-07-13 14:32:50 +02:00
Erik Krogh Kristensen
cce15bed1d add basic support for the pino library 2021-07-13 14:00:01 +02:00
Erik Krogh Kristensen
07bc5856db add the cwd option from read-pkg as sink for path-injection 2021-07-12 23:43:15 +02:00
Erik Krogh Kristensen
cadbdcff0a add missing qldoc in MooTools.qll 2021-07-12 23:20:51 +02:00