hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,671 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

1856 Commits

Author SHA1 Message Date
Napalys
66737402c2 Updated test ouput with fixes from main. 2025-03-14 10:50:10 +01:00
Napalys Klicius
908f48a22f Merge branch 'main' into js/vue_tanstack_model 2025-03-14 10:45:42 +01:00
Napalys
de5c7efd63 Added test case for unescape. 2025-03-13 13:47:42 +01:00
Napalys
3640e5e425 Added model for tanstack-react useQueries 2025-03-13 12:45:26 +01:00
Napalys
03330ef24d Added test cases for tanstack-react useQueries. 2025-03-13 12:45:25 +01:00
Napalys
6c9aa0e872 Added modeling of tanstack-vue useQueries. 2025-03-13 12:45:23 +01:00
Napalys
4917d64ce7 Added test cases for tanstack-vue useQueries. 2025-03-13 12:45:05 +01:00
Napalys
0c0158899e Added tanstack-vue useQuery modeling 2025-03-13 12:25:07 +01:00
Napalys
7712ca368a Added useQuery tanstack-vue test case 2025-03-13 12:25:05 +01:00
Napalys Klicius
40903a9643 Merge pull request #18975 from Napalys/js/tanstack_angular 
JS: Update Angular Client Request's with API graph and `Tanstack` Angular modeling
 2025-03-12 15:30:26 +01:00
Napalys
770920e738 Add new model configuration for @tanstack/angular-query-experimental. 2025-03-12 11:54:55 +01:00
Napalys
184d23df46 Add test cases for @tanstack/angular-query-experimental injectQuery 2025-03-12 11:54:53 +01:00
Asger F
8599ab2503 JS: Fix attributes nodes missing an enclosing callable 2025-03-11 16:47:48 +01:00
Asger F
e8c5e4d006 Merge branch 'main' into js/test-suite 2025-03-11 13:17:08 +01:00
Napalys Klicius
7c9edff33c Merge pull request #18964 from Napalys/js/mark_down_table 
JS: Refactor `markdown-table` library modeling
 2025-03-11 09:02:56 +01:00
Napalys
13c701948a Refactor Markdown taint steps and update expected results for reflected XSS tests 2025-03-10 19:27:36 +01:00
Asger F
0f201d2070 JS: Line number changes in redos test case 2025-03-10 14:36:49 +01:00
Asger F
75ed0d0b46 JS: Remove duplicate '$ Alert' in libxml test 2025-03-10 14:23:44 +01:00
Asger F
122f68e525 Update javascript/ql/test/query-tests/Security/CWE-400/ReDoS/polynomial-redos.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:22:22 +01:00
Asger F
8ee5b237e2 Update javascript/ql/test/query-tests/Security/CWE-730/server-crash.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:21:46 +01:00
Asger F
92dfdc8194 Update javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/UnsafeHtmlExpansion.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:33 +01:00
Asger F
21d42bcd21 Update javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/exception-xss.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:01 +01:00
Asger F
dad4838d3b Update javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/tst.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:42 +01:00
Asger F
017f458534 Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:22 +01:00
Asger F
24c9b2ef9b Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:02 +01:00
Napalys
d077d6807a Applied changes from comments 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 12:24:45 +01:00
Napalys
c12c12c416 Added modeling for react-relay functions that retrieve data. 2025-03-06 18:30:21 +01:00
Napalys
5a1991bb69 Added test cases for react-relay functions that retrieve data 2025-03-06 18:10:27 +01:00
Napalys
1443f314a1 Added react-relay useFragment as threat model source. 2025-03-06 18:10:23 +01:00
Napalys
1e3b8625e6 Added a test case where useFragment from react-relay should be marked as a source but isn't 2025-03-06 18:10:21 +01:00
Asger F
2a194a53af raw test output 2025-02-28 13:29:39 +01:00
Asger F
193b26e938 JS: Add query IDs 2025-02-28 13:29:37 +01:00
Asger F
33602ee52b JS: Convert some comments to JSX 2025-02-28 13:29:36 +01:00
Asger F
c67c5854ba Disable for more queries with alerts in JSON 2025-02-28 13:29:35 +01:00
Asger F
64d39da5f8 JS: Accept Sources/Sink tags 2025-02-28 13:29:30 +01:00
Asger F
19cada38ff JS: Migrate a new file from OK-style comments 2025-02-28 13:29:29 +01:00
Asger F
fd6a9c6144 JS: Accept an alert 2025-02-28 13:29:27 +01:00
Asger F
b4ac2f7d73 JS: Add a query ID 2025-02-28 13:29:26 +01:00
Asger F
87518ba60e JS: Update tainted-sendFile.js 
This file was added on main while this branch was in progress. Porting the whole file in one step.
 2025-02-28 13:29:25 +01:00
Asger F
bb67a0e9b0 JS: Remove outdated comment 2025-02-28 13:29:23 +01:00
Asger F
0496de6c8f JS: Accept alerts in UselessCharacterEscape 2025-02-28 13:29:22 +01:00
Asger F
4d7cbe6f60 JS: Accept to web socket-based SSRF alerts 2025-02-28 13:29:07 +01:00
Asger F
764eb98809 JS: Move two alerts and add query ID 2025-02-28 13:29:06 +01:00
Asger F
976096540f JS: Accept an alert 2025-02-28 13:29:05 +01:00
Asger F
49274d5f73 JS: Accept an alert 2025-02-28 13:29:03 +01:00
Asger F
2d1aa3e00a JS: Accept missing alert and clarify reason 2025-02-28 13:29:02 +01:00
Asger F
9f8744680d JS: Remove a fixed spurious alert 2025-02-28 13:29:01 +01:00
Asger F
3a535dbf68 JS: Accept another alert 2025-02-28 13:29:00 +01:00
Asger F
db98dc6272 JS: Move some alerts and add query IDs 2025-02-28 13:28:59 +01:00
Asger F
c79d355d26 JS: Update alerts in example_bypass.js 
We happen to flag the condition with different-kinds-comparison-bypass.
The ConditionalBypass query was originally intended to flag this I think, but doesn't anymore.
 2025-02-28 13:28:57 +01:00