hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-14 22:21:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,352 Commits 1,690 Branches 160 Tags
7ae2b7698e556ebf0493098682c14057155e7ccf
Commit Graph

362 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
dc6d3fe7ba Use flowFrom. 2025-12-03 14:04:18 +01:00
Nora Dimitrijević
bb80d83276 JS/SSRF 
javascript/ql/src/experimental/Security/CWE-918/SSRF.ql
 2025-10-28 09:40:19 +01:00
Napalys Klicius
8c34b7eaea Merge pull request #20146 from Napalys/js/move-cors-query-from-experimental 
JS: Move cors-misconfiguration query from experimental to Security
 2025-09-08 09:32:38 +02:00
Arthur Baars
5d3ec35e29 Remove non-breaking spaces from code 2025-09-05 09:41:15 +02:00
Napalys Klicius
358617f533 Move CORS misconfiguration query from experimental to Security 2025-07-30 10:22:59 +00:00
Asger F
3247babfa5 Merge pull request #19762 from trailofbits/VF/type-orm-model-improvements 
Improve TypeORM model
 2025-06-30 10:40:38 +02:00
Vasco-jofra
8a7516528d Update formatting 2025-06-26 09:29:07 +02:00
Napalys Klicius
3d9e2f5438 Merge pull request #19858 from Napalys/js/execa 
JS: moved `execa` out of experimental
 2025-06-25 10:34:52 +02:00
Napalys Klicius
d8b5cb5862 JS: moved execa out of experimental 2025-06-24 09:07:43 +02:00
Asger F
3a00e8d1c5 JS: Remove js/actions/pull-request-target 
Superseded by actions/untrusted-checkout/{medium,high,critical}
 2025-06-23 14:37:21 +02:00
Vasco-jofra
4ea53773b9 Model the TypeORM Repository API 2025-06-13 15:35:46 +02:00
Owen Mansel-Chan
cf614a596d Fix cwe tags to include leading zero 2025-04-30 16:43:03 +01:00
Asger F
ab74898bbb JS: Deprecate getUnknownMember() and replace its uses with getArrayElement() 
Although they mean slightly different things, every single call site
of getUnknownMember() just used it as a way to get array elements.

Since there is no known use-case for the original meaning of
getUnknownMember() I am deprecating it for now.
 2025-03-14 23:08:19 +01:00
Asger F
7e3f89842d JS: Provide more precise related locations 2025-02-11 14:12:03 +01:00
Asger F
102b187c35 JS: Ignore experimental queries for now 2025-01-23 12:53:18 +01:00
Asger F
dba76a0e4d JS: Rerun patch query after bugfix 2025-01-23 10:31:32 +01:00
Asger F
fd763a0883 JS: Auto-patch diff informed queries 2025-01-20 11:20:27 +01:00
Asger F
079294e55f JS: Mass rename to node1,state1,node2,state2 naming convention 2024-12-16 15:35:46 +01:00
Asger F
ebe596f227 JS: Migrate CorsPermissiveConfiguration 2024-12-16 15:35:39 +01:00
Asger F
d83ddfabaa JS: Migrate an experimental CodeInjection query 2024-12-16 15:35:38 +01:00
Asger F
a398599bfb JS: Rename an experimental query 
Having the same name as a standard query is just confusing
 2024-12-16 15:35:36 +01:00
Asger F
b3461989b1 JS: Remove use of SanitizerGuardNode in experimental SSRF query 
Makes a quick effort attempt to restore the original behaviour, though
it is not exactly the same due to lack of recursion.
 2024-12-03 14:30:36 +01:00
Asger F
a574ff1669 JS: Remove use of MakeLegacyBarrierGuard in experimental SSRF 2024-12-03 14:30:28 +01:00
Asger F
75ab4856b8 Remove unsupported features from PoI 2024-12-03 14:30:25 +01:00
Asger F
834d35bc42 JS: Port experimental DecompressionBombs to ConfigSig 2024-12-03 14:30:21 +01:00
Asger F
871bc3b84a JS: Port experimental CorsPermissiveConfiguration to ConfigSig 
The tests show a new (source, sink) pair for an already-flagged sink.

Not sure why it was not flagged originally since the data flow path seems valid, given the steps provided by our models.
 2024-12-03 14:30:20 +01:00
Asger F
f5a6485ef2 JS: Port experimental decodeJwtWithoutVerificationLocalSource 2024-12-03 14:30:19 +01:00
Asger F
72e522631d JS: Port experimental jwtDecodeWithoutVerification to ConfigSig 2024-12-03 14:30:18 +01:00
Asger F
7e162f5451 JS: Port experimental EnvValueInjection to ConfigSig 2024-12-03 14:30:17 +01:00
Asger F
4f839070a0 JS: Port experimental EnvValueAndKeyInjection to ConfigSig 2024-12-03 14:30:16 +01:00
Asger F
8887ca1722 JS: Port an experimental CodeInjection variant to ConfigSig 2024-12-03 14:30:15 +01:00
Asger F
d52bc971b8 Merge branch 'main' into js/shared-dataflow-merge-main 2024-11-20 14:05:03 +01:00
Rasmus Wriedt Larsen
dc8e645594 JS: Convert remaining queries to use ActiveThreatModelSourceAsSource 2024-11-01 10:47:10 +01:00
Asger F
df64388d79 Merge branch 'main' into js/shared-dataflow-merge-main 2024-08-02 13:18:38 +02:00
Maiky
d0cf2a978c Merge branch 'main' into maikypedia/javascript-cors 2024-06-27 20:24:42 +02:00
Asger F
ecf418b8f6 Merge branch 'main' into js/shared-dataflow 2024-06-25 11:48:41 +02:00
Erik Krogh Kristensen
db768960f4 Merge pull request #15060 from am0o0/amammad-js-envinjection 
JS: Env Injection query
 2024-06-20 21:27:21 +02:00
Erik Krogh Kristensen
555d7e5958 Merge pull request #14293 from am0o0/amammad-js-CodeInjection_dynamic_import 
JS: Dynamic import as code injection sink
 2024-06-20 21:19:57 +02:00
am0o0
4e1f7a930d fix invalid js file sample in qlhelp 2024-06-14 13:47:01 +02:00
am0o0
bb03a9faba format the query file 2024-06-13 14:54:29 +02:00
am0o0
84b9d4d1ac fix qlhelp errors 2024-06-13 14:32:41 +02:00
Maiky
8ba7ac678d Update javascript/ql/src/experimental/Security/CWE-942/CorsPermissiveConfigurationCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2024-06-12 19:38:13 +02:00
Maiky
4be5cf4e78 Update javascript/ql/src/experimental/Security/CWE-942/CorsPermissiveConfigurationCustomizations.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2024-06-12 19:38:02 +02:00
am0o0
9db334d02f update select statement, update test cases 2024-06-07 21:26:20 +02:00
am0o0
5e0a78c4c7 make predicate for env key and value nodes, use propertyRead/Write instead of API nodes to find env key and value assignments, fix a bug thanks to @erik-krogh 2024-06-07 21:15:30 +02:00
am0o0
b9e3b3310e update the remote flow based query thanks to @erik-krogh, update tests and separate the local and remote query tests 2024-06-07 06:01:49 +02:00
Am
af016f9416 Merge branch 'github:main' into amammad-js-JWT 2024-06-06 15:33:26 +03:30
am0o0
8258e377dd use PascalCase for URLConstructorLabel 2024-06-06 14:00:56 +02:00
am0o0
d27a378008 change query-id to avoid duplicate ids 2024-06-06 13:59:58 +02:00
Am
e3e59e02e5 Merge branch 'github:main' into amammad-js-CodeInjection_dynamic_import 2024-06-04 16:22:06 +04:00