hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-12 08:21:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,886 Commits 1,785 Branches 169 Tags
17dbf03c6da5facbd13b576b07059fc358063c95
Commit Graph

6432 Commits

Author SHA1 Message Date
Sotiris Dragonas
17dbf03c6d Merge branch 'main' into bazookamusic/cwe-1427 2026-06-11 12:05:57 +02:00
BazookaMusic
7bd5abf809 Refine SystemPromptInjection alert message and move test to stable 
Update the alert message to "This system prompt depends on a $@." matching the SQL injection query style, and move the test out of experimental into Security/CWE-1427 to mirror the stable query location.
 2026-06-11 11:51:25 +02:00
BazookaMusic
e612db2ec9 Promote user prompt injection query to stable security 
Move UserPromptInjection out of experimental into stable JavaScript security locations.

Set js/user-prompt-injection precision to low and remove experimental tagging.

Move supporting dataflow libraries, qhelp/examples, and tests to stable paths and update references.
 2026-06-11 11:28:14 +02:00
BazookaMusic
b6c951e90c Remove redundant file 2026-06-08 13:47:44 +02:00
BazookaMusic
2cb0851900 1. Rename AgentSDK -> AgentSdk 
2. Remove redundant constant comparison barriers. This is already happening by default by the taint tracking library.
 2026-06-08 12:55:52 +02:00
BazookaMusic
61be37d718 Formatting 2026-06-08 12:15:50 +02:00
BazookaMusic
da05992a09 Better document the new queries 2026-06-08 11:27:40 +02:00
tonghuaroot
e93bc11f6f Add experimental JS query for SSRF guards missing IPv6-transition unwrap 
Add javascript/ssrf-ipv6-transition-incomplete-guard, an experimental
@kind problem query that flags hand-rolled SSRF host guards which reject
private/loopback IPv4 ranges but never unwrap IPv6-transition forms
(IPv4-mapped ::ffff:, NAT64 64:ff9b::, 6to4 2002::). Such guards can be
bypassed by wrapping an internal IPv4 address in a transition literal.

Includes a .qhelp with good/bad examples, a change note, and a test pack
with two true-positive fixtures (private-ip package guard and a
hand-written RFC 1918 denylist) and two negative-control fixtures
(ipaddr.js range classifier and an explicit ::ffff: unwrap).

Signed-off-by: tonghuaroot <23011166+tonghuaroot@users.noreply.github.com>
 2026-06-06 21:47:24 +08:00
BazookaMusic
078d15e165 add openrouter support 2026-06-04 16:42:49 +02:00
github-actions[bot]
cfb18c2477 Post-release preparation for codeql-cli-2.25.6 2026-05-29 12:04:35 +00:00
github-actions[bot]
8b6f969cdb Release preparation for version 2.25.6 2026-05-29 11:27:54 +00:00
Henry Mercer
9bc0c1b1ab Revert "Release preparation for version 2.25.6" 2026-05-29 12:13:50 +01:00
github-actions[bot]
44a914e40f Release preparation for version 2.25.6 2026-05-25 10:23:26 +00:00
BazookaMusic
6c5c8e1c9b move system prompt injection to non-experimental 2026-05-20 10:48:07 +02:00
github-actions[bot]
9f64000962 Post-release preparation for codeql-cli-2.25.5 2026-05-18 15:20:31 +00:00
github-actions[bot]
e38616a2ef Release preparation for version 2.25.5 2026-05-18 12:05:32 +00:00
BazookaMusic
5ef09a102c add tests for langchain and remove wrong model for guardrails agent 2026-05-15 12:49:36 +02:00
BazookaMusic
fe7eabd56f Add run from agents into the user prompt and fix an issue with classifying it as a system prompt injection 2026-05-15 12:39:54 +02:00
BazookaMusic
535adc7a31 add barrier when data flows into user messages for system prompt detection, remove embeddings from user prompt injection query 2026-05-15 12:14:14 +02:00
BazookaMusic
9c136264de remove guardrails sanitizer for now 2026-05-13 13:37:44 +02:00
BazookaMusic
34da804aee Move structurally typed prompt injection sinks to Models as Data 
Move OpenAI, Anthropic, Google GenAI, and LangChain sinks that are
structurally typed (identified by API name alone) into MaD YAML files.

Role-filtered sinks that require inspecting a sibling 'role' property
remain in QL code since MaD cannot express conditional logic.

Use two distinct sink kinds:
- user-prompt-injection: picked up by UserPromptInjection.ql
- system-prompt-injection: picked up by SystemPromptInjection.ql

New files:
- javascript/ql/lib/ext/openai.model.yml
- javascript/ql/lib/ext/anthropic.model.yml
- javascript/ql/lib/ext/google-genai.model.yml
- javascript/ql/lib/ext/langchain.model.yml
 2026-05-13 11:08:25 +02:00
BazookaMusic
98379cffcb Documentation 2026-05-12 16:11:31 +02:00
BazookaMusic
9006ddb793 default threat model 2026-05-12 15:28:08 +02:00
github-actions[bot]
7610277199 Post-release preparation for codeql-cli-2.25.4 2026-05-05 10:10:06 +00:00
github-actions[bot]
88e1d86c27 Release preparation for version 2.25.4 2026-05-05 09:34:30 +00:00
BazookaMusic
74a3ba1f0d changes for spliting into system and user 2026-05-04 11:57:43 +02:00
BazookaMusic
0b7133c4ce JS: Add prompt injection detection (CWE-1427) for OpenAI, Anthropic, and Google GenAI SDKs 
Add experimental CodeQL query detecting prompt injection vulnerabilities
in JavaScript/TypeScript applications using AI SDK libraries.

Modeled frameworks:
- openai (OpenAI, AzureOpenAI): responses, chat.completions, completions,
  images, embeddings, beta.assistants, beta.threads, audio APIs
- @openai/agents: Agent instructions, handoffDescription, run/Runner.run,
  asTool, tool()
- @anthropic-ai/sdk: messages.create, beta.messages.create,
  beta.agents.create/update
- @google/genai (GoogleGenAI): generateContent, generateContentStream,
  generateImages, editImage, chats, live.connect

Includes role-based filtering (system/developer/assistant/model roles)
and constant-comparison sanitizer guard.
 2026-04-30 17:39:09 +02:00
github-actions[bot]
a0bab539bb Post-release preparation for codeql-cli-2.25.3 2026-04-20 12:40:34 +00:00
github-actions[bot]
c861d99802 Release preparation for version 2.25.3 2026-04-20 09:27:23 +00:00
Henry Mercer
43c9b95e6f Merge branch 'main' into post-release-prep/codeql-cli-2.25.2 2026-04-14 13:56:52 +01:00
Tom Hvitved
fcfb8c9c6b Add change note 2026-04-13 12:22:30 +02:00
github-actions[bot]
242090e0ac Post-release preparation for codeql-cli-2.25.2 2026-04-06 13:49:20 +00:00
github-actions[bot]
4fe2f6d2b4 Release preparation for version 2.25.2 2026-04-06 10:30:38 +00:00
github-actions[bot]
ce6e6d5db3 Post-release preparation for codeql-cli-2.25.1 2026-03-30 08:43:48 +00:00
github-actions[bot]
fb011842c9 Release preparation for version 2.25.1 2026-03-25 23:43:06 +00:00
github-actions[bot]
8cf0954796 Release preparation for version 2.25.1 2026-03-25 08:28:30 +00:00
github-actions[bot]
d6055754b6 Release preparation for version 2.25.0 2026-03-16 12:15:34 +00:00
github-actions[bot]
e152f08468 Post-release preparation for codeql-cli-2.24.3 2026-03-02 22:51:27 +00:00
github-actions[bot]
7795badd18 Release preparation for version 2.24.3 2026-03-02 13:23:40 +00:00
github-actions[bot]
b5898c5a30 Post-release preparation for codeql-cli-2.24.2 2026-02-16 17:07:45 +00:00
github-actions[bot]
ef04f927fb Release preparation for version 2.24.2 2026-02-16 13:29:25 +00:00
github-actions[bot]
73d06f26cb Post-release preparation for codeql-cli-2.24.1 2026-02-02 14:04:26 +00:00
github-actions[bot]
0db542e9f0 Release preparation for version 2.24.1 2026-02-02 12:09:09 +00:00
github-actions[bot]
48475e66af Post-release preparation for codeql-cli-2.24.0 2026-01-19 15:49:08 +00:00
github-actions[bot]
4142b9c4ce Release preparation for version 2.24.0 2026-01-19 14:49:14 +00:00
Asger F
bedb80346a Merge pull request #20940 from asgerf/js/detect-minified-files 
JS: Skip minified file if avg line length > 200
 2026-01-19 14:31:09 +01:00
Asger F
077bbb24ac Merge pull request #21159 from asgerf/js/vue-prop-function 
JS: Add support for props callbacks in Vue router configs
 2026-01-19 10:13:49 +01:00
Asger F
06cc323aee Update javascript/ql/src/change-notes/2025-12-05-skip-minified-files.md 
Co-authored-by: Taus <tausbn@github.com>
 2026-01-14 11:40:01 +01:00
Asger F
b47ae420ca Update javascript/ql/src/change-notes/2025-12-05-skip-minified-files.md 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-14 11:40:01 +01:00
Asger F
739ed4b3bb JS: Change note 2026-01-14 11:40:01 +01:00