hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,509 Commits 1,690 Branches 160 Tags
31b4dda7bde068a9a710b1b953e12796118ff494
Commit Graph

334 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
8a89849476 Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00
Asger F
ba1364a4cb JS: Add sinks mentioned in doc 
Note that 'sql-injection' was already added
 2022-12-13 11:33:12 +01:00
erik-krogh
b3a9c1ca06 Py/JS/RB: Use instanceof in more places 2022-12-12 16:06:57 +01:00
Asger F
fcdb2fa03f JS: Remove MaD models from .qll files 2022-12-07 11:35:13 +01:00
Asger F
d8e566a50e Add data-extension files 2022-12-07 11:35:13 +01:00
Asger F
5af1b367c7 Support data extensions 2022-12-07 11:35:05 +01:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
Asger F
76afc2dcc3 JS: Fix formatting and rephrase comment 2022-11-28 14:00:43 +01:00
Asger F
e99571baae Update javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-28 11:45:08 +01:00
Asger F
5a51d718c6 Update some comments referring to the package column 2022-11-23 14:44:03 +01:00
Asger F
2e3413c9b8 JS: Merge package/type columns 2022-11-23 11:17:42 +01:00
erik-krogh
64707f4f7b remove redundant assignments 2022-11-21 17:45:05 +01:00
erik-krogh
635b8772d7 JS: delete old deprecations 2022-11-17 22:12:50 +01:00
Mauro Baluda
49f476d3b4 Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 23:53:07 +01:00
Mauro Baluda
8bf0bbb715 code generalization 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 12:06:23 +01:00
Mauro Baluda
798b03f29d code generalization 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-16 12:06:07 +01:00
Mauro Baluda
8109a7b67a Update javascript/ql/lib/semmle/javascript/frameworks/Hapi.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-11-15 16:27:21 +01:00
Mauro Baluda
e5e3bb3705 Generalize the server definition in plugin registration 2022-11-15 16:27:14 +01:00
Mauro Baluda
563a56af9d Update Hapi.qll 2022-11-15 15:46:34 +01:00
Mauro Baluda
5ea03b1ded Update Hapi.qll 
Add `server` definitions in plugin registration and plugin dependency declaration
 2022-11-14 22:56:06 +01:00
Mauro Baluda
53f1985e77 Merge branch 'github:main' into main 2022-11-10 13:27:20 +01:00
Mauro Baluda
ee02265ac2 Add property params to RequestInputAccess 2022-11-10 12:24:39 +01:00
Mauro Baluda
8e546e8496 Add req.url.origin to RequestInputAccess 2022-11-08 16:14:10 +01:00
Mauro Baluda
8b33e6d175 Improved Hapi support 
- server defined by Glue
 2022-11-07 16:29:44 +01:00
Michael Nebel
3c8fb0520e C#: Sync files. 2022-11-04 08:20:53 +01:00
tyage
c22f9443f2 Refactoring Next.js parameter 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-10-27 10:28:51 +09:00
tyage
ac27307a2b Update javascript/ql/lib/semmle/javascript/frameworks/Next.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-10-27 10:23:59 +09:00
tyage
95dca7c3ed update comment 2022-10-26 15:13:59 +09:00
tyage
09f8ca8cc0 add query in comment 2022-10-26 15:13:03 +09:00
tyage
232893aafa make query parameters in ServerSideProps and next/router 
as a RemoteFlowSource
 2022-10-26 14:41:07 +09:00
Josh Soref
08a79531cf spelling: response 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Josh Soref
0a4c724b69 spelling: implementation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 00:23:36 -04:00
Tom Hvitved
dc432c7774 Sync shared files 2022-09-30 14:56:56 +02:00
Asger F
24f2a3cdff Sync ApiGraphModels.qll 2022-09-28 12:17:44 +02:00
Asger F
11ba0f0bbe Merge pull request #10253 from asgerf/js/type-defs-squashed 
JS: Add generated typings to SQL models
 2022-09-23 11:34:01 +02:00
Asger F
2fc5961b10 JS: Restrict where sub path edges are computed 2022-09-20 11:40:17 +02:00
Asger F
baa559e696 JS: Fix a hole in the sequelize-typescript typings 2022-09-20 11:40:17 +02:00
Asger F
47f1d62569 JS: Add generated typings to SQL models 2022-09-20 11:40:16 +02:00
erik-krogh
26d8553f6e ensure consistent casing of names 2022-09-09 10:34:14 +02:00
Erik Krogh Kristensen
9893650f7c Merge pull request #8604 from erik-krogh/httpNode 
JS: refactor most library models away from AST nodes
 2022-09-09 10:04:17 +02:00
erik-krogh
0407198dd2 add a markdown step through the mermaid library 2022-09-08 09:23:45 +02:00
Asger F
e8864d072d JS: Remove stray module DF export 2022-09-06 15:06:33 +02:00
Asger F
95c60858d4 Export as DataFlow instead of DF 2022-09-06 15:02:48 +02:00
Asger F
f07e0592d0 JS: Drive-by fix for accidental recursion 2022-09-06 09:30:02 +02:00
Asger F
2cbba65617 JS: Sync with JS 
fixup JS
 2022-09-06 09:30:02 +02:00
Erik Krogh Kristensen
90bc8a5038 run the explicit-this patch on javascript/ 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
26f5643f3e update the deprecation notice of RouteExpr such that it points to public APIs 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
5b61db9fd3 refactor miscellaneous expression uses to dataflow nodes 2022-09-05 16:11:55 +02:00
Erik Krogh Kristensen
b4968eb645 refactor the SensitiveExpr to be a dataflow node 2022-09-05 16:11:54 +02:00
Erik Krogh Kristensen
0c4f08c841 refactor the CredentialsExpr to be a dataflow node 2022-09-05 16:11:54 +02:00