Anders Schack-Mulligen
|
7e83a608a2
|
Merge pull request #4954 from aschackmull/java/member-hasqualifiedname
Java: Add Member.hasQualifiedName.
|
2021-02-15 10:02:13 +01:00 |
|
Anders Schack-Mulligen
|
161e756c4b
|
Merge pull request #5141 from github/yo-h/java-flow-check-fix
Java: prepare to enforce additional compiler checks in test code
|
2021-02-15 09:41:03 +01:00 |
|
yo-h
|
1d007b6e72
|
Java: delete two test cases as per code review
|
2021-02-14 21:42:58 -05:00 |
|
CodeQL CI
|
178c54e69b
|
Merge pull request #5139 from RasmusWL/django-improvements
Approved by yoff
|
2021-02-14 02:16:52 -08:00 |
|
Tamás Vajk
|
77af7edaa4
|
Merge pull request #4628 from tamasvajk/feature/csharp9-foreach
C#: Extract underlying methods of foreach statements
|
2021-02-12 19:53:26 +01:00 |
|
Erik Krogh Kristensen
|
4fa33b151f
|
Merge pull request #5146 from github/more-redos-tests
JS: add two non ReDoS regular expressions to the ReDoS test suite
|
2021-02-12 18:56:52 +01:00 |
|
CodeQL CI
|
179a7a89dd
|
Merge pull request #5098 from erik-krogh/xml2js
Approved by asgerf
|
2021-02-12 09:22:40 -08:00 |
|
Chris Smowton
|
402f20c5e2
|
Merge pull request #5154 from smowton/smowton/admin/deprecate-old-maven-predicate-names
Java: Re-introduce deprecated versions of old Maven predicate names
|
2021-02-12 17:22:05 +00:00 |
|
Chris Smowton
|
80978c7c35
|
Merge pull request #5153 from smowton/smowton/admin/move-misplaced-experimental-query
Move misplaced experimental query into the conventional directory
|
2021-02-12 17:21:57 +00:00 |
|
Anders Schack-Mulligen
|
085286ab58
|
Merge pull request #5135 from pwntester/guava_preconditions
Add support for the Preconditions Class in the Guava framework
|
2021-02-12 14:15:17 +01:00 |
|
Chris Smowton
|
655cfb3a47
|
Re-introduce deprecated versions of old Maven predicate names
|
2021-02-12 12:24:19 +00:00 |
|
Chris Smowton
|
97df60f9d6
|
Move misplaced experimental query into the conventional directory
|
2021-02-12 12:12:16 +00:00 |
|
Chris Smowton
|
942ae7ef47
|
Merge pull request #5142 from Marcono1234/marcono1234/maven-pom-improvements
Java: Improve MavenPom documentation, rename inconsistent predicates
|
2021-02-12 11:52:19 +00:00 |
|
Rasmus Wriedt Larsen
|
1651f81ac8
|
Python: Refactor to avoid confusing name
After discussion with @yoff
|
2021-02-12 12:19:37 +01:00 |
|
Rasmus Wriedt Larsen
|
ed2dc5f6ad
|
Python: Fix date for change-note
|
2021-02-12 10:26:31 +01:00 |
|
Tamas Vajk
|
0aded1549e
|
Improve NestedLoopsSameVariable query performance
|
2021-02-12 09:33:33 +01:00 |
|
Marcono1234
|
e89891fa1f
|
Address review comments
|
2021-02-12 01:30:47 +01:00 |
|
Erik Krogh Kristensen
|
d14586de56
|
add two non ReDoS regular expressions to the ReDoS test suite
Adds the regular expression from #5145
|
2021-02-11 14:41:45 +01:00 |
|
Erik Krogh Kristensen
|
3ee0029cd8
|
Update javascript/change-notes/2021-02-08-xml-parser-taint.md
Co-authored-by: Asger F <asgerf@github.com>
|
2021-02-11 13:33:42 +01:00 |
|
CodeQL CI
|
02578cfff2
|
Merge pull request #5112 from erik-krogh/forms
Approved by asgerf
|
2021-02-11 04:32:14 -08:00 |
|
Marcono1234
|
2a1c11b517
|
Improve MavenPom documentation, rename inconsistent predicates
|
2021-02-10 23:56:45 +01:00 |
|
Rasmus Wriedt Larsen
|
c57a4df819
|
Python: Model taint of self.request on django view class
|
2021-02-10 17:48:48 +01:00 |
|
Rasmus Wriedt Larsen
|
9ca738d921
|
Python: Add taint test for self.request on django view class
|
2021-02-10 17:48:41 +01:00 |
|
Rasmus Wriedt Larsen
|
ca0d345987
|
Django: Model any class used in django route setup as view class
|
2021-02-10 16:26:25 +01:00 |
|
Rasmus Wriedt Larsen
|
b428945bc2
|
Django: Fix DjangoRouteHandler char-pred
Before it the class would contain _all_ functions xD
|
2021-02-10 16:21:51 +01:00 |
|
Rasmus Wriedt Larsen
|
78a3206fce
|
Python: Add test with unkown view class in django
|
2021-02-10 15:56:33 +01:00 |
|
Anders Schack-Mulligen
|
b74911204a
|
Merge pull request #4945 from intrigus-lgtm/java/insecure-jxbrowser
Java: Insecure JXBrowser
|
2021-02-10 15:48:17 +01:00 |
|
Rasmus Wriedt Larsen
|
42eceb80bd
|
Python: Handle view functions with decorators
|
2021-02-10 15:47:55 +01:00 |
|
Erik Krogh Kristensen
|
91f7d33044
|
add change note
|
2021-02-10 14:17:49 +01:00 |
|
Erik Krogh Kristensen
|
101d4358a9
|
detect DOM nodes from event callbacks
|
2021-02-10 14:17:49 +01:00 |
|
Erik Krogh Kristensen
|
be9636491b
|
add source for react-hook-form in xss-through-dom
|
2021-02-10 14:17:49 +01:00 |
|
Erik Krogh Kristensen
|
65d93c9061
|
detect for DOM elements from DOM events in React
|
2021-02-10 14:17:49 +01:00 |
|
Erik Krogh Kristensen
|
458dda9d25
|
add xss-through-dom source from react-final-form
|
2021-02-10 14:17:49 +01:00 |
|
Erik Krogh Kristensen
|
ff3950ce98
|
add model for formik
|
2021-02-10 14:17:49 +01:00 |
|
Erik Krogh Kristensen
|
d1087d4e41
|
move sources from XssThroughDom into a customizations file
|
2021-02-10 14:17:49 +01:00 |
|
Erik Krogh Kristensen
|
4969a1ef4f
|
add change note
|
2021-02-10 14:16:31 +01:00 |
|
Erik Krogh Kristensen
|
0ca2310594
|
add model for htmlparser2
|
2021-02-10 14:16:31 +01:00 |
|
Erik Krogh Kristensen
|
e2a66bf3ed
|
add model for xml-js
|
2021-02-10 14:16:31 +01:00 |
|
Erik Krogh Kristensen
|
73f7cd149f
|
add model for sax
|
2021-02-10 14:16:31 +01:00 |
|
Erik Krogh Kristensen
|
c43025d7b3
|
add model for xml2js
|
2021-02-10 14:16:30 +01:00 |
|
Erik Krogh Kristensen
|
44ca2e26a6
|
add taint-step to XML parsers
|
2021-02-10 14:16:08 +01:00 |
|
intrigus
|
5c82ff83de
|
Java: Fix qhelp, fix CWE reference
|
2021-02-10 13:57:51 +01:00 |
|
Alvaro Muñoz
|
645b021845
|
Add support for the Preconditions Class in the Guava framework
|
2021-02-10 13:20:29 +01:00 |
|
Shati Patel
|
18225fa254
|
Merge pull request #4997 from github/shati-patel/cwe-coverage-docs
Docs: Add outline for CWE coverage page
|
2021-02-10 11:45:09 +00:00 |
|
Anders Schack-Mulligen
|
66d0bf6b5e
|
Merge pull request #5128 from hvitved/dataflow/exploration-clears-content
Data flow: Take `clearsContent()` into account in flow exploration
|
2021-02-10 11:52:24 +01:00 |
|
yoff
|
9930d59aca
|
Merge pull request #5124 from RasmusWL/typetracking-with-decorator
Python: Add test for type-tracking through decorators
|
2021-02-10 09:34:54 +01:00 |
|
Tom Hvitved
|
1f9b42f9ab
|
Data flow: Sync files
|
2021-02-09 20:10:23 +01:00 |
|
Tom Hvitved
|
e5970f4c65
|
Data flow: Take clearsContent() into account in flow exploration
|
2021-02-09 20:09:24 +01:00 |
|
yo-h
|
e5331a4735
|
Java: accept changes in expected output
|
2021-02-09 09:17:35 -05:00 |
|
yo-h
|
e194411cfa
|
Java: fix javac errors in test code
|
2021-02-09 09:16:57 -05:00 |
|