hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

6874 Commits

Author SHA1 Message Date
Cornelius Riemenschneider
341dad5f73 Merge pull request #6490 from criemen/criemen/delete-flaky-test 
JS: Delete flaky test.
 2021-08-17 12:33:03 +02:00
CodeQL CI
e3cdc4522e Merge pull request #6450 from asgerf/js/query-suffix-convention2 
Approved by erik-krogh
 2021-08-17 11:31:21 +01:00
Cornelius Riemenschneider
59b3d55b9a JS: Delete flaky test. 2021-08-17 10:58:39 +02:00
Andrew Eisenberg
e566fb9c5a Packaging: Update suite-helpers qlpack 
Uses new style naming scheme.
 2021-08-16 17:51:33 -07:00
Erik Krogh Kristensen
cc2a267b07 recognize array elements from JQuery objects as DOM values 2021-08-16 22:35:57 +02:00
Erik Krogh Kristensen
46959234b7 Merge pull request #6288 from erik-krogh/emptyRedos 
JS/Python: Fix FP in redos related to empty lookaheads
 2021-08-16 13:48:22 +02:00
Asger Feldthaus
0047536337 JS: Add change note 2021-08-16 13:22:43 +02:00
Asger Feldthaus
4923bda0f3 JS: Autoformat 2021-08-16 12:33:55 +02:00
Asger Feldthaus
a6c389698e JS: Fix DomBasedXssQuery.qll 2021-08-12 09:31:24 +02:00
Asger Feldthaus
fd027451b1 JS: Fix StoresXss example query 2021-08-12 09:30:43 +02:00
Asger Feldthaus
020d65befc Fix StoredXssTypeTracking example query 2021-08-12 09:30:43 +02:00
Asger Feldthaus
cb0075f15a JS: Remove use of deprecated API 2021-08-12 09:30:43 +02:00
Asger Feldthaus
3a6da34454 JS: Add missing QLdoc 2021-08-12 09:30:43 +02:00
Asger Feldthaus
71930f93f1 JS: Fix cleartext logging 2021-08-12 09:30:43 +02:00
Asger Feldthaus
abb819ed88 JS: Fix insecure randomness 2021-08-12 09:30:43 +02:00
Asger Feldthaus
5638a33199 JS: Remove obsolete module prefix 2021-08-12 09:30:43 +02:00
Asger Feldthaus
f6da030572 JS: Migrate to *Query.qll convention 2021-08-12 09:30:18 +02:00
CodeQL CI
8fe2a43fd9 Merge pull request #6433 from asgerf/js/tainted-url-suffix 
Approved by erik-krogh
 2021-08-12 00:28:46 -07:00
Asger Feldthaus
2da40b8b07 JS: Fix some performance issues 2021-08-11 14:31:06 +02:00
Asger Feldthaus
13fa49a7f1 JS: Update TRAP output 2021-08-11 12:54:22 +02:00
Asger Feldthaus
b9b10af9b5 JS: Tolerate parse errors in test due to speculative parsing 2021-08-11 12:54:22 +02:00
Asger Feldthaus
74505544e9 JS: Remove unused getTemplateContentNode 2021-08-11 12:54:22 +02:00
Asger Feldthaus
5d2bc5e40b JS: Update stats file 2021-08-11 12:54:22 +02:00
Asger Feldthaus
31d93bb150 JS: Add upgrade script 2021-08-11 12:54:22 +02:00
Asger Feldthaus
349a851631 JS: Add change note 2021-08-11 12:54:19 +02:00
Asger Feldthaus
65b44248f8 JS: Autoformat 2021-08-11 12:50:54 +02:00
Asger Feldthaus
4f4f524937 JS: Add test for upward traversal 2021-08-11 12:50:54 +02:00
Asger Feldthaus
b7339348ef JS: Add tests for EJS includes 2021-08-11 12:50:54 +02:00
Asger Feldthaus
b1cadc8ae7 JS: Add test for AngularJS sinks 2021-08-11 12:50:54 +02:00
Asger Feldthaus
e61d534c59 JS: Add ambiguity test for template file resolution 2021-08-11 12:50:54 +02:00
Asger Feldthaus
308461a3e3 JS: Pass around base folder in file resolution 2021-08-11 12:50:54 +02:00
Asger Feldthaus
e8d10b983e JS: Tests for template file resolution 2021-08-11 12:50:54 +02:00
Asger Feldthaus
28fe8da37c JS: Add similar test for .njk file 2021-08-11 12:50:54 +02:00
Asger Feldthaus
1444ec5255 JS: Add similar test for hbs 2021-08-11 12:50:54 +02:00
Asger Feldthaus
7045fb4679 JS: Expand on test 2021-08-11 12:50:54 +02:00
Asger Feldthaus
ec5e0283d5 JS: Bump extractor version string 2021-08-11 12:50:54 +02:00
Asger Feldthaus
e3e24f9880 JS: Use separate ScopeManager for template exprs 2021-08-11 12:50:54 +02:00
Asger Feldthaus
b36e9e0e54 JS: Filter out common string literal sinks 2021-08-11 12:50:53 +02:00
Asger Feldthaus
f563a015a4 JS: Recognize .njk extension in QL 2021-08-11 12:50:53 +02:00
Asger Feldthaus
e19b6c2c3b JS: Update taint step 2021-08-11 12:50:53 +02:00
Asger Feldthaus
13aa511364 JS: Support TemplatePlaceholderTag.getEnclosingExpr 
fixup! makeLocation
 2021-08-11 12:50:52 +02:00
Asger Feldthaus
0a14de1741 JS: Also extract .njk files 2021-08-11 12:36:35 +02:00
Asger Feldthaus
14bada4bbe JS: Model consolidate and factor in template syntax from call site 2021-08-11 12:36:35 +02:00
Asger Feldthaus
425bd7abf9 JS: Model template instantiation from Fastify, Hapi, and Koa 2021-08-11 12:36:35 +02:00
Asger Feldthaus
266c10462e JS: More aggressive TemplateFileReference.getValue 2021-08-11 12:36:35 +02:00
Asger Feldthaus
bc73d9f431 JS: Support templates importing each other 2021-08-11 12:36:35 +02:00
Asger Feldthaus
bb80fdddbd JS: Handle leading ../ in template resolution 2021-08-11 12:36:35 +02:00
Asger Feldthaus
6954a9ac23 JS: Treat EJS-include calls as template instantiations 
JS: Fixup EJS include call (API node)
 2021-08-11 12:36:35 +02:00
Asger Feldthaus
248715c743 JS: Restrict FileAccessToHttp a bit 2021-08-11 12:36:35 +02:00
Asger Feldthaus
8a50d99f33 JS: Treat GeneratedCodeExpr as DirectEval in UnusedVariable.ql 2021-08-11 12:36:35 +02:00