hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

5849 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
6f384630f1 Apply suggestions from code review 
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2021-02-18 10:36:49 +01:00
Erik Krogh Kristensen
f4e6f49ae7 change join order for API::Impl::trackDefNode 2021-02-17 21:23:11 +01:00
Erik Krogh Kristensen
dcef6cb974 change join order for API::InvokeNode::getParameter 2021-02-17 21:23:11 +01:00
Erik Krogh Kristensen
c80365c48a change join order for API::Impl::useStep 2021-02-17 21:23:11 +01:00
CodeQL CI
8716cbd7ee Merge pull request #5140 from erik-krogh/mark 
Approved by asgerf
 2021-02-17 11:50:11 -08:00
Erik Krogh Kristensen
4df85b44de Update javascript/change-notes/2021-02-10-markdown.md 
Co-authored-by: Asger F <asgerf@github.com>
 2021-02-17 18:30:31 +01:00
Erik Krogh Kristensen
a03507a544 avoid cartesian product in isFilteredPropertyName 2021-02-17 13:12:35 +01:00
Erik Krogh Kristensen
408ac2729d Merge pull request #5066 from CaptainFreak/express-hbs-lfr 
JS: add query for Express-HBS LFR
 2021-02-17 10:41:38 +01:00
CodeQL CI
b5143dbdb4 Merge pull request #5117 from erik-krogh/parseForm 
Approved by asgerf
 2021-02-15 04:30:59 -08:00
Erik Krogh Kristensen
74ce7369f8 Update javascript/change-notes/2021-02-09-form-parsers.md 
Co-authored-by: Asger F <asgerf@github.com>
 2021-02-15 12:35:16 +01:00
Erik Krogh Kristensen
e5db0ef16b remove the RequestExpr requirement from FormParsers.qll, and use API graphs. 2021-02-15 11:58:26 +01:00
CodeQL CI
9b8d94d76e Merge pull request #5148 from erik-krogh/apollo 
Approved by esbena
 2021-02-15 02:23:52 -08:00
Erik Krogh Kristensen
91f277681a fix typo in ApolloClientRequest 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-02-15 09:59:04 +01:00
Erik Krogh Kristensen
4fa33b151f Merge pull request #5146 from github/more-redos-tests 
JS: add two non ReDoS regular expressions to the ReDoS test suite
 2021-02-12 18:56:52 +01:00
CodeQL CI
179a7a89dd Merge pull request #5098 from erik-krogh/xml2js 
Approved by asgerf
 2021-02-12 09:22:40 -08:00
Erik Krogh Kristensen
004147a22f add change note 2021-02-11 17:54:53 +01:00
Erik Krogh Kristensen
6f405635ef add ClientRequest model for apollo-client 2021-02-11 17:49:44 +01:00
Erik Krogh Kristensen
fd46b7a7bc fix type in change-note 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2021-02-11 16:17:26 +01:00
Erik Krogh Kristensen
69d8aa143c add taint step for the snarkdown libary 2021-02-11 16:16:46 +01:00
Erik Krogh Kristensen
d14586de56 add two non ReDoS regular expressions to the ReDoS test suite 
Adds the regular expression from #5145
 2021-02-11 14:41:45 +01:00
Erik Krogh Kristensen
f12c38425f add change-note 2021-02-11 13:36:53 +01:00
Erik Krogh Kristensen
3ee0029cd8 Update javascript/change-notes/2021-02-08-xml-parser-taint.md 
Co-authored-by: Asger F <asgerf@github.com>
 2021-02-11 13:33:42 +01:00
Erik Krogh Kristensen
044f80215e add change note 2021-02-11 09:34:04 +01:00
Erik Krogh Kristensen
010d580f8e add model for multiparty 2021-02-11 09:34:04 +01:00
Erik Krogh Kristensen
61b4ffec3d add remote flow from the Formidable library 2021-02-11 09:34:04 +01:00
Erik Krogh Kristensen
a03f4ed3cd add remote flow source for busboy 2021-02-11 09:34:02 +01:00
Erik Krogh Kristensen
e2fbf8a68c add files uploaded with multer as RemoteFlowSource 2021-02-11 09:33:15 +01:00
Erik Krogh Kristensen
7cff1f441b add model for the unified and remark libraries 2021-02-10 18:13:01 +01:00
Erik Krogh Kristensen
0d497e8b9a add model for the showdown library 2021-02-10 17:22:42 +01:00
Erik Krogh Kristensen
f76018c039 add taint step for the markdown-table library 2021-02-10 15:11:41 +01:00
Erik Krogh Kristensen
b4704f7016 add taint-step for the marked library 2021-02-10 14:51:08 +01:00
Erik Krogh Kristensen
91f7d33044 add change note 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
101d4358a9 detect DOM nodes from event callbacks 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
be9636491b add source for react-hook-form in xss-through-dom 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
65d93c9061 detect for DOM elements from DOM events in React 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
458dda9d25 add xss-through-dom source from react-final-form 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
ff3950ce98 add model for formik 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
d1087d4e41 move sources from XssThroughDom into a customizations file 2021-02-10 14:17:49 +01:00
Erik Krogh Kristensen
4969a1ef4f add change note 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
0ca2310594 add model for htmlparser2 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
e2a66bf3ed add model for xml-js 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
73f7cd149f add model for sax 2021-02-10 14:16:31 +01:00
Erik Krogh Kristensen
c43025d7b3 add model for xml2js 2021-02-10 14:16:30 +01:00
Erik Krogh Kristensen
44ca2e26a6 add taint-step to XML parsers 2021-02-10 14:16:08 +01:00
Alexander Eyers-Taylor
1c43505d30 Merge pull request #5121 from alexet/fix-js-jdoc 
Javascript Extractor: Update <tt> tages to <code>
 2021-02-09 13:07:19 +00:00
CodeQL CI
475d216f8e Merge pull request #5087 from erik-krogh/immutable 
Approved by asgerf
 2021-02-09 12:43:19 +00:00
alexet
8dd5a7e7c7 Javascript Extractor: Update <tt> tages to <code> 2021-02-09 12:10:09 +00:00
CaptainFreak
503b339a1f remove hbs specific checks 2021-02-09 07:35:35 +05:30
CodeQL CI
8a2e063af7 Merge pull request #5107 from asgerf/js/json-in-script-tag 
Approved by erik-krogh
 2021-02-08 09:52:53 +00:00
Erik Krogh Kristensen
504db8739d fix typo in execa change-note file name 2021-02-08 10:00:26 +01:00