hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,482 Commits 1,671 Branches 157 Tags
next
Commit Graph

39 Commits

Author SHA1 Message Date
semmle-qlci
8174fb51ae Merge pull request #705 from asger-semmle/loop-index-concurrent-modification 
Approved by mc-semmle, xiemaisi
 2019-01-03 17:06:12 +00:00
Asger F
9f22da4557 JS: rename query to "Loop iteration skipped due to shifting" 2019-01-02 11:34:06 +00:00
Esben Sparre Andreasen
c57f8a6d6e Merge pull request #691 from asger-semmle/sendfile-root 
JS: Recognize 'root' option in Express res.sendFile
 2018-12-19 16:06:15 +01:00
semmle-qlci
495a1fcf3b Merge pull request #698 from asger-semmle/remove-cookie-as-source 
Approved by esben-semmle
 2018-12-19 15:05:44 +00:00
semmle-qlci
b11b714152 Merge pull request #696 from esben-semmle/js/host-request-forgery 
Approved by asger-semmle
 2018-12-19 15:04:08 +00:00
Asger F
60ae3e58b8 JS: update change note 2018-12-19 11:26:37 +00:00
Asger F
f9da1dc03e JS: add change note 2018-12-19 10:25:49 +00:00
Asger F
1246de466a JS: add change note 2018-12-18 13:58:03 +00:00
Asger F
e1c25c81f6 JS: add change note 2018-12-17 16:34:35 +00:00
Asger F
7adf1d9958 Merge pull request #631 from esben-semmle/js/bad-url-regexing 
JS: add query: js/incomplete-url-regexp
 2018-12-17 11:53:22 +00:00
Esben Sparre Andreasen
3cd62234d4 JS: change notes for js/request-forgery improvements 2018-12-17 10:33:39 +01:00
Esben Sparre Andreasen
bb3e3a541d JS: address doc review comments 2018-12-14 10:24:30 +01:00
Max Schaefer
e194021c3b Merge pull request #629 from esben-semmle/js/persistent-read-taint 
JS: add persistent storage taint steps
 2018-12-13 08:24:42 +00:00
Max Schaefer
969fe6e4f1 Merge pull request #657 from esben-semmle/js/classify-more-files 
JS: classify additional files
 2018-12-13 08:20:33 +00:00
Max Schaefer
4fc27aaa51 Merge branch 'master' into pseudo-random-bytes 2018-12-12 08:19:57 +00:00
Asger F
a01a9dc5cc JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql 2018-12-11 16:06:22 +00:00
Esben Sparre Andreasen
36e36a414e JS: change notes for improve file classification 2018-12-11 10:01:54 +01:00
Max Schaefer
4d186e0edc JavaScript: Teach Unused{Variable,Parameter} to ignore variables with leading underscore. 2018-12-11 08:50:50 +00:00
Esben Sparre Andreasen
09e7124bb1 JS: update change notes for renamed query 2018-12-10 22:22:54 +01:00
Esben Sparre Andreasen
c65c7e700e JS: change notes for js/incomplete-url-regexp 2018-12-10 22:21:01 +01:00
semmle-qlci
9e73ed71b9 Merge pull request #623 from esben-semmle/js/incomplete-url-sanitization 
Approved by mc-semmle
 2018-12-06 20:46:37 +00:00
Esben Sparre Andreasen
56fb63adbc JS: change notes for js/incomplete-url-substring-sanitization 2018-12-06 15:53:20 +01:00
semmle-qlci
3397533045 Merge pull request #628 from xiemaisi/js/setUnsafeHTML 
Approved by esben-semmle
 2018-12-06 13:58:52 +00:00
Esben Sparre Andreasen
bf048e7e49 JS: change notes for persistent storage taint step and cookie models 2018-12-06 14:53:22 +01:00
Max Schaefer
ef347b3870 JavaScript: Teach Xss query about WinJS HTML injection functions. 2018-12-06 09:13:21 +00:00
Max Schaefer
3c00d4be6d Merge pull request #607 from esben-semmle/js/more-react-methods 
JS: model additional React component methods
 2018-12-05 08:00:16 +00:00
semmle-qlci
d05b11f00d Merge pull request #587 from asger-semmle/incorrect-suffix-check 
Approved by mc-semmle, xiemaisi
 2018-12-04 16:18:42 +00:00
Asger F
7121a18eba JS: address comments 2018-12-04 10:40:43 +00:00
Esben Sparre Andreasen
b418968efb JS: add change note for improved React model 2018-12-04 10:55:24 +01:00
semmle-qlci
b58c263fd0 Merge pull request #602 from esben-semmle/js/additional-route-handlers-from-context 
Approved by xiemaisi
 2018-12-03 14:31:10 +00:00
Asger F
0462eb4b50 JS: add IncorrectSuffixCheck query 2018-12-03 11:23:02 +00:00
Esben Sparre Andreasen
88c69e2c9c JS: change note for tracked Hapi route handlers 2018-12-03 09:24:55 +01:00
Max Schaefer
52b8a6bb56 Merge branch 'master' into js/invalid-entity-transcoding 2018-11-30 16:49:20 +00:00
Max Schaefer
10166be535 JavaScript: Add new query DoubleEscaping. 2018-11-30 09:39:00 +00:00
Max Schaefer
3ed40d5da1 Merge branch 'master' into range-analysis 2018-11-30 09:36:40 +00:00
Asger F
d4023fe95a JS: address review 2018-11-29 11:37:38 +00:00
Asger F
b2a82ae598 JS: add 1.20 change note 2018-11-29 11:26:31 +00:00
Esben Sparre Andreasen
72092529d1 JS: add change note for js/unused-local-variable 2018-11-28 13:25:26 +01:00
Esben Sparre Andreasen
f3c90114df JS: add empty 1.20 change note 2018-11-28 13:24:26 +01:00