codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00

Author	SHA1	Message	Date
Asger F	cc8fe10801	JS: Update locations in expected files	2025-08-29 12:03:11 +02:00
Asger F	2a194a53af	raw test output	2025-02-28 13:29:39 +01:00
Asger F	64d39da5f8	JS: Accept Sources/Sink tags	2025-02-28 13:29:30 +01:00
Asger F	86932c51bc	JS: Move some alerts to their correct location One of the diffs look confusing but: Previously parameter {2,3} where flagged, now parameter {1,2} are flagged. Note that for command injection, the SystemCommandExecution is flagged despite the test file claiming otherwise.	2025-02-28 13:27:40 +01:00
Asger F	f5911c9e5a	JS: Accept raw test output	2025-02-28 13:27:38 +01:00
Asger F	d0ce53ed82	JS: Enable post-processing for all .qlref files	2025-02-28 13:27:33 +01:00
Asger F	9be041e27d	JS: Update OK-style comments to $-style	2025-02-28 13:27:28 +01:00
Asger F	7a77432024	JS: Update lost result in insecure-download The VariableCapture library consumes one component of the access path limit, which means we lose this result	2024-11-21 13:33:10 +01:00
Asger F	bd3fccd1a8	JS: Update test output with provenance column	2024-06-25 10:30:56 +02:00
Asger F	99f63b1cfa	JS: Port InsecureDownload	2023-10-13 13:15:05 +02:00
Erik Krogh Kristensen	09d969a8ad	recognize sensitive files by file-system writes	2020-06-25 15:19:42 +02:00
Erik Krogh Kristensen	8f5a3e9f4f	add support for getASavePath() to js/insecure-download	2020-06-25 15:18:31 +02:00
Erik Krogh Kristensen	dafca8fd81	introduce flow-labels to js/insecure-download	2020-06-25 15:17:57 +02:00
Erik Krogh Kristensen	908edb39b9	unsecure -> insecure	2020-06-12 11:02:26 +02:00
Erik Krogh Kristensen	9780fcf8fe	fix ftp protocol regexp	2020-06-12 10:54:56 +02:00
Erik Krogh Kristensen	3f957103ed	improve alert message - and autoformat	2020-06-12 10:53:19 +02:00
Erik Krogh Kristensen	5b491313ad	add simple query for detecting sensitive files downloaded over unsecure connection	2020-06-11 23:19:28 +02:00

17 Commits