Commit Graph

12174 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
4f4cdf434b Merge pull request #22061 from MathiasVP/mad-write-through-model
Shared: Support flow summaries from `ReturnValue`s
2026-07-02 12:38:44 +01:00
Jeroen Ketema
daf97f7139 Add Windows integration tests showing that subst is handled inconsistently 2026-07-01 12:51:05 +02:00
Mathias Vorreiter Pedersen
b7b731bab7 Merge branch 'main' into mad-write-through-model 2026-06-30 15:12:02 +01:00
Asger F
cacdc467de Merge pull request #22036 from forks-felickz/felickz/js-angular-hostlistener-postmessage
JavaScript: Recognize Angular @HostListener('window:message') as a postMessage handler
2026-06-26 10:09:42 +02:00
github-actions[bot]
456e33773b Post-release preparation for codeql-cli-2.26.0 2026-06-25 16:24:06 +00:00
github-actions[bot]
237c5639e2 Release preparation for version 2.26.0 2026-06-25 15:27:00 +00:00
Mathias Vorreiter Pedersen
be56df7ad1 JS: Fixes after changes to the flow summary API. 2026-06-23 20:33:19 +01:00
Chad Bentz
d1d9df7729 Address review: restrict @HostListener handler to window/document message targets
Drop the plain 'message' event name from the @HostListener matcher. The
postMessage 'message' event is dispatched on window and does not bubble, so an
element-level @HostListener('message') does not receive cross-window messages.
Keeping only 'window:message' and 'document:message' makes the model more
precise and matches the accompanying comment and change note.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-06-22 21:35:21 -04:00
Chad Bentz
9bffcf81b5 JavaScript: Recognize Angular @HostListener('window:message') as a postMessage handler
Angular registers window message handlers via the
@HostListener('window:message', ['\']) decorator rather than
window.addEventListener('message', ...). The PostMessageEventHandler class
only modeled the addEventListener and window.onmessage forms, so the decorated
handler's event parameter was never treated as a message source. As a result,
js/missing-origin-check produced no alert and the event was not a client-side
remote flow source for downstream queries (e.g. client-side URL redirection).

Extend PostMessageEventHandler to also recognize methods decorated with
@HostListener for 'window:message', 'document:message', or 'message'.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-06-22 21:21:15 -04:00
Sotiris Dragonas
ea87f59480 JS: Add and reclassify prompt-injection sinks for AI SDKs
Add missing system/user prompt-injection sinks across the OpenAI,
Anthropic, and Google GenAI JavaScript models:

- OpenAI videos.create/edit/extend/remix prompts (user)
- OpenAI beta.realtime.sessions.create instructions (system)
- Anthropic legacy completions.create prompt (user)
- Google GenAI caches.create config.systemInstruction (system)
- Google GenAI caches.create config.contents (user)

Also reclassify the OpenAI legacy completions.create prompt from
system-prompt-injection to user-prompt-injection: the legacy
/v1/completions endpoint takes a single free-form prompt with no role
separation, so it is the text-in/text-out equivalent of a user message.

Note: videos.remix takes the prompt in Argument[1] (remix(videoID, body)),
and Google GenAI caches.create nests both contents and systemInstruction
under config, so the model entries differ slightly from a naive mapping.

Add corresponding test cases with inline annotations and regenerate the
.expected files.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-06-18 17:32:10 +03:00
Sotiris Dragonas
57f20064ba Merge branch 'main' into bazookamusic/cwe-1427 2026-06-17 17:12:20 +03:00
Sotiris Dragonas
c444f41a3f 1. Enable inline expectations for tests
2. Add annotations for sources
2. Fix a modelling issue in the openai library - missing coverage for a legacy method when moving to MaDs and a mistake in the assistants.create models
2026-06-17 14:53:48 +03:00
Sotiris Dragonas
b9025a54af Fix prompt injection severity 2026-06-17 12:52:33 +03:00
Mathias Vorreiter Pedersen
c12cf88c52 Merge branch 'main' into add-yaml-comments 2026-06-17 10:17:06 +01:00
Sotiris Dragonas
8f965a9614 Grammar
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-06-16 11:57:58 +03:00
Sotiris Dragonas
d72372c246 Fix system prompt injection description and title
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-06-16 11:57:37 +03:00
Sotiris Dragonas
7c11f19445 Merge branch 'main' into bazookamusic/cwe-1427 2026-06-15 10:15:16 +02:00
Matthew Costabile
923fe2dcb9 Merge branch 'main' into patch-1 2026-06-11 15:19:58 -04:00
Sotiris Dragonas
17dbf03c6d Merge branch 'main' into bazookamusic/cwe-1427 2026-06-11 12:05:57 +02:00
BazookaMusic
ef5678708c Update not_included_in_qls.expected for promoted prompt injection queries
UserPromptInjection moved from experimental to stable (precision low, so not in any well-known suite); the old experimental path no longer exists.
2026-06-11 12:01:56 +02:00
BazookaMusic
7bd5abf809 Refine SystemPromptInjection alert message and move test to stable
Update the alert message to "This system prompt depends on a $@." matching the SQL injection query style, and move the test out of experimental into Security/CWE-1427 to mirror the stable query location.
2026-06-11 11:51:25 +02:00
BazookaMusic
e612db2ec9 Promote user prompt injection query to stable security
Move UserPromptInjection out of experimental into stable JavaScript security locations.

Set js/user-prompt-injection precision to low and remove experimental tagging.

Move supporting dataflow libraries, qhelp/examples, and tests to stable paths and update references.
2026-06-11 11:28:14 +02:00
tonghuaroot (童话)
4c1a0058bf Add SsrfIpv6TransitionIncompleteGuard.ql to not_included_in_qls.expected
Fix the JS integration test failure flagged in review by listing the new
experimental CWE-918 query in the expected not-included-in-qls suite, in
sorted order.
2026-06-10 08:42:42 +08:00
BazookaMusic
d0ffde8c45 Em-dash - of course :D 2026-06-08 14:03:12 +02:00
BazookaMusic
b6c951e90c Remove redundant file 2026-06-08 13:47:44 +02:00
BazookaMusic
2cb0851900 1. Rename AgentSDK -> AgentSdk
2. Remove redundant constant comparison barriers. This is already happening by default by the taint tracking library.
2026-06-08 12:55:52 +02:00
BazookaMusic
e370af6444 QLDoc + include the queries in the correct expected files per query suite 2026-06-08 12:38:28 +02:00
BazookaMusic
61be37d718 Formatting 2026-06-08 12:15:50 +02:00
BazookaMusic
da05992a09 Better document the new queries 2026-06-08 11:27:40 +02:00
tonghuaroot
e93bc11f6f Add experimental JS query for SSRF guards missing IPv6-transition unwrap
Add javascript/ssrf-ipv6-transition-incomplete-guard, an experimental
@kind problem query that flags hand-rolled SSRF host guards which reject
private/loopback IPv4 ranges but never unwrap IPv6-transition forms
(IPv4-mapped ::ffff:, NAT64 64:ff9b::, 6to4 2002::). Such guards can be
bypassed by wrapping an internal IPv4 address in a transition literal.

Includes a .qhelp with good/bad examples, a change note, and a test pack
with two true-positive fixtures (private-ip package guard and a
hand-written RFC 1918 denylist) and two negative-control fixtures
(ipaddr.js range classifier and an explicit ::ffff: unwrap).

Signed-off-by: tonghuaroot <23011166+tonghuaroot@users.noreply.github.com>
2026-06-06 21:47:24 +08:00
Mathias Vorreiter Pedersen
44c8a97e2f JS: Update test output. 2026-06-04 17:55:09 +01:00
Mathias Vorreiter Pedersen
e8f7454ea1 JS: Add tests. 2026-06-04 17:54:42 +01:00
Mathias Vorreiter Pedersen
3a90e8c77e JS: Add upgrade and downgrade scripts. 2026-06-04 17:54:40 +01:00
Mathias Vorreiter Pedersen
58b1a05985 JS: Support YAML comments. 2026-06-04 17:54:37 +01:00
BazookaMusic
078d15e165 add openrouter support 2026-06-04 16:42:49 +02:00
Jeroen Ketema
9d5dfea5c5 JS: Add Vue to file_coverage_languages and github_api_languages 2026-06-02 16:57:51 +02:00
github-actions[bot]
cfb18c2477 Post-release preparation for codeql-cli-2.25.6 2026-05-29 12:04:35 +00:00
github-actions[bot]
8b6f969cdb Release preparation for version 2.25.6 2026-05-29 11:27:54 +00:00
Henry Mercer
9bc0c1b1ab Revert "Release preparation for version 2.25.6" 2026-05-29 12:13:50 +01:00
Matthew Costabile
2884428b62 Merge branch 'main' into patch-1 2026-05-26 07:16:24 -04:00
github-actions[bot]
44a914e40f Release preparation for version 2.25.6 2026-05-25 10:23:26 +00:00
Óscar San José
996e79131e Merge branch 'main' into post-release-prep/codeql-cli-2.25.5 2026-05-22 16:32:30 +02:00
BazookaMusic
6c5c8e1c9b move system prompt injection to non-experimental 2026-05-20 10:48:07 +02:00
github-actions[bot]
9f64000962 Post-release preparation for codeql-cli-2.25.5 2026-05-18 15:20:31 +00:00
github-actions[bot]
e38616a2ef Release preparation for version 2.25.5 2026-05-18 12:05:32 +00:00
BazookaMusic
5ef09a102c add tests for langchain and remove wrong model for guardrails agent 2026-05-15 12:49:36 +02:00
BazookaMusic
fe7eabd56f Add run from agents into the user prompt and fix an issue with classifying it as a system prompt injection 2026-05-15 12:39:54 +02:00
BazookaMusic
535adc7a31 add barrier when data flows into user messages for system prompt detection, remove embeddings from user prompt injection query 2026-05-15 12:14:14 +02:00
Geoffrey White
a4b2c0f6fd Update change notes (Copilot's suggestions). 2026-05-15 09:24:29 +01:00
Geoffrey White
59dbd68a5e Add change notes. 2026-05-14 14:46:05 +01:00