codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Asger F	2a194a53af	raw test output	2025-02-28 13:29:39 +01:00
Asger F	f5911c9e5a	JS: Accept raw test output	2025-02-28 13:27:38 +01:00
Asger F	426edd55f2	JS: Update output after line number change Some OK-style comments had to be moved to the following line, shifting line numbers. In selected range also included the comments themselves. Lastly, the result sets were reordered by the CLI in some cases.	2025-02-28 13:27:31 +01:00
Asger F	53efb5837b	JS: Update some tests with provenance columns Only includes the changes that purely contain the new provenance columns	2024-06-26 13:51:44 +02:00
Asger F	fcfab5238e	JS: Port CodeInjection	2023-10-13 13:15:03 +02:00
jorgectf	2ac334bf15	Adapt `Webix` modeling to support HTML use-cases	2023-06-28 15:26:30 +02:00
jorgectf	6947e99c15	Add models for `webix` Co-authored-by: Kevin Stubbings <Kwstubbs@users.noreply.github.com>	2023-06-22 01:07:33 +02:00
Asger F	1a9956354e	JS: Restrict getInput to indirect command injection query	2023-05-03 16:10:03 +02:00
Asger F	08785a4063	JS: Add sources from actions/core	2023-05-01 11:42:17 +02:00
Asger F	cb95dbfa14	JS: Add tests	2023-05-01 11:42:17 +02:00
erik-krogh	6192544fb4	add test for express-ws as a source	2023-02-13 15:26:50 +01:00
erik-krogh	02da718786	add code-injection sink for node-pty	2023-01-30 15:14:25 +01:00
erik-krogh	368f84785b	fix some more style-guide violations in the alert-messages	2022-10-07 11:22:22 +02:00
erik-krogh	a35fe1ffab	Merge branch 'main' into js-followMsg	2022-09-08 13:09:15 +02:00
erik-krogh	6447234428	recognize calls to Function where spread arguments are used	2022-09-07 22:55:51 +02:00
erik-krogh	e829387cdb	add failing test for call the Function with a spread argument	2022-09-07 22:54:21 +02:00
erik-krogh	aa56ca37ae	make the alert messages of taint-tracking queries more consistent	2022-09-05 14:04:52 +02:00
Erik Krogh Kristensen	68a5c1f5b5	add code-injection sink for calls to node	2022-02-07 13:34:18 +01:00
Max Schaefer	ce24215dd5	JavaScript: Improve modelling of `Module.prototype._compile` sink.	2021-07-12 15:32:21 +01:00
Erik Krogh Kristensen	2ba2642c7a	add more template sinks for the `js/code-injection` query	2021-06-22 20:24:42 +02:00
Asger Feldthaus	710cca5395	JS: Update expectations with new sources	2021-03-16 13:28:12 +00:00
Erik Krogh Kristensen	39591687ba	add `js/code-injection` sink for script tags in React	2021-01-29 12:50:17 +01:00
Asger Feldthaus	6211fe718b	JS: Add test	2020-12-01 17:05:48 +00:00
Max Schaefer	e1d90e90ad	JavaScript: Add modelling for `Module.prototype._compile`.	2020-10-19 09:42:17 +01:00
Erik Krogh Kristensen	b8154d41b1	type-track objects where the "$where" property has been written	2020-09-24 20:55:25 +02:00
Erik Krogh Kristensen	210e71cd93	update expected output	2020-06-16 21:52:59 +02:00
Erik Krogh Kristensen	c375a0c611	fix compilation and update expected output	2020-06-11 11:16:38 +02:00
semmle-qlci	14664be467	Merge pull request #3468 from p0/imp/nodejs-vm-sinks Approved by esbena	2020-05-18 11:10:13 +01:00
Pavel Avgustinov	ab2d059ed4	JavaScript: Model extra sinks in `vm` module	2020-05-14 10:01:40 +01:00
Esben Sparre Andreasen	7722d77c86	JS: add the NoSQL $where as a sink for js/code-injection	2020-05-13 08:30:22 +02:00
Max Schaefer	b42026a90a	JavaScript: Update expected output.	2019-10-29 15:36:24 +00:00
Max Schaefer	6964945c74	JavaScript: Restrict `edges` to only contain `nodes`.	2019-10-29 15:03:52 +00:00
Esben Sparre Andreasen	f3de75ae07	JS: update a js/code-injection test	2019-09-11 09:45:54 +02:00
Asger F	f7654d6f1c	JS: Add test	2019-09-06 14:42:07 +01:00
Max Schaefer	28d8011bcf	JavaScript: Add models for popular base64 transcoders.	2019-03-13 08:20:58 +00:00
Asger F	50a77ea843	JS: update test expectations	2019-03-06 08:41:03 +00:00
Max Schaefer	b4f400fb23	Merge remote-tracking branch 'upstream/next' into qlucie/master	2019-01-04 10:35:57 +00:00
Asger F	bc3b983768	JS: move CodeInjection tests into subfolder	2018-11-20 14:24:37 +00:00

38 Commits