codeql

mirror of https://github.com/github/codeql.git synced 2026-02-01 07:42:57 +01:00

Author	SHA1	Message	Date
Asger F	22b98c8959	JS: Restrict length of state path in vuex model	2023-06-14 15:48:58 +02:00
erik-krogh	44b6366586	delete old deprecations	2023-06-02 11:58:08 +02:00
Jami	3886ebffa9	Merge branch 'main' into jcogs33/update-javascript-sink-kinds	2023-06-01 14:09:10 -04:00
erik-krogh	cbd7601a41	implement `isShellInterpreted` on `ExecActionsCall`	2023-05-17 11:07:48 +02:00
Jami Cogswell	359f6ffd1e	JS: update 'credentials[%]' sink kind to 'credentials-%'	2023-05-16 15:45:55 -04:00
Kasper Svendsen	189f8515c0	JS: Make implicit this receivers explicit	2023-05-12 09:49:14 +02:00
Asger F	c376eeb133	Merge pull request #12978 from asgerf/js/github-actions-sources JS: Add sources and sinks related to GitHub Actions	2023-05-10 09:55:24 +02:00
Asger F	1a9956354e	JS: Restrict getInput to indirect command injection query	2023-05-03 16:10:03 +02:00
Kasper Svendsen	67950c8e6b	JS: Make implicit this receivers explicit	2023-05-03 15:31:00 +02:00
Asger F	4c6711d007	JS: Clarify the difference between context and input sources	2023-05-03 10:30:04 +02:00
Asger F	67afbee06d	Merge pull request #12825 from smiddy007/JS-Allow-Truncated-Hash-Forge-NonKeyCipher JS: Allow NonKeyCiphers to include truncated SHA-512 MDs in Forge JS libr…	2023-05-02 13:59:30 +02:00
Asger F	5eaaa7e074	JS: Add qldoc	2023-05-01 11:42:55 +02:00
Asger F	08785a4063	JS: Add sources from actions/core	2023-05-01 11:42:17 +02:00
Asger F	2c89f9747b	Merge pull request #12949 from asgerf/js/angular-native JS: Add a few more DOM element sources	2023-05-01 11:08:45 +02:00
Asger F	0497e60ce2	JS: Model actions/exec	2023-05-01 11:05:59 +02:00
Asger F	cb9b01cbb7	JS: Port new sources based on comment from JarLob	2023-05-01 11:04:54 +02:00
Asger F	3d208c0a62	JS: Port Actions sources based on PR from R3x	2023-05-01 10:48:43 +02:00
Erik Krogh Kristensen	3d41cd583f	Merge pull request #12963 from tyage/track-interfile-use-router JS: Track interfile useRouter	2023-04-28 22:41:43 +02:00
Asger F	f87740ab18	Merge pull request #12867 from asgerf/js/webpack-bundles JS: Ignore more webpack modules	2023-04-28 14:35:57 +02:00
tyage	933b55d37d	Track interfile useRouter	2023-04-28 15:49:26 +09:00
Asger F	0fb79bdf64	JS: Include a local step before store step	2023-04-27 17:58:02 +02:00
Asger F	c674afb674	JS: Fix condition in getRouteHandlerNode Previous version did not account for arrays	2023-04-27 17:58:02 +02:00
Asger F	36889f6d72	JS: Fix isResponse/isRequest	2023-04-27 16:35:56 +02:00
Asger F	70331c0ea4	JS: Decouple chaining from ExplicitResponseSource	2023-04-27 16:14:27 +02:00
Asger F	96e415aba6	JS: Track express route handlers into arrays	2023-04-27 16:14:22 +02:00
Asger F	cb04df49eb	JS: Treat Angular2 ElementRef.nativeElement as a DOM value	2023-04-26 14:33:04 +02:00
smiddy007	4f7275f064	Reformat doc and move change note	2023-04-19 13:39:18 -04:00
Asger F	1c2fdc8df9	JS: Ignore more webpack modules	2023-04-19 10:29:14 +02:00
smiddy007	ec97cdc8a0	Allow NonKeyCiphers to include truncated SHA-512 MDs in Forge JS library.	2023-04-13 23:16:20 -04:00
Asger F	2c65a49d7c	JS: Add getForwardingFunction() to API graphs	2023-04-11 14:00:30 +02:00
Asger F	4ce03d4dc4	JS: Restrict useSelector steps to local callbacks	2023-04-11 13:33:46 +02:00
Asger F	3cc931306f	JS: Add test for selector nodes with multiple access paths	2023-04-11 13:33:27 +02:00
Asger F	64cf27ab87	JS: Modernize crypto libraries	2023-03-31 14:49:23 +02:00
Asger F	40530ae14d	JS: Simplfy with set literal	2023-03-31 12:04:56 +02:00
Asger F	4a06b81429	JS: Use API graphs in CryptoJS	2023-03-31 12:03:14 +02:00
Asger F	dec1e4dfd6	Merge pull request #12666 from smiddy007/improve-insufficient-pw-hash-query JS: Improve insufficient pw hash query	2023-03-31 11:58:41 +02:00
smiddy007	0eb61d39d3	formatting	2023-03-28 11:28:32 -04:00
smiddy007	fe3b0a56ca	Removed unnecessary field	2023-03-28 11:27:23 -04:00
smiddy007	123eb1e57b	Update javascript/ql/lib/semmle/javascript/frameworks/CryptoLibraries.qll Co-authored-by: Asger F <asgerf@github.com>	2023-03-28 11:14:28 -04:00
Jeroen Ketema	3b8ad087eb	Make imports of `codeql.util.Unit` private	2023-03-28 14:14:13 +02:00
smiddy007	57ab5a06ae	autoformatted	2023-03-27 15:20:08 -04:00
smiddy007	3ef5f3070f	small change	2023-03-27 12:02:35 -04:00
smiddy007	cef6b95b15	Fixed Conflicts due to recent changes to file	2023-03-26 22:32:34 -04:00
smiddy007	ccf152df00	Added support for progressive hashing in crypto-js module	2023-03-26 21:29:55 -04:00
erik-krogh	f718d78a9a	avoid redundant sources	2023-03-16 13:34:01 +01:00
erik-krogh	a72436f6f1	recognize more express URL related sources	2023-03-15 10:14:31 +01:00
Asger F	d953ad63fe	Merge pull request #12445 from asgerf/js/react-forward-ref JS: Handle forwardRef in React	2023-03-14 13:21:16 +01:00
Asger F	8ab3f39b5e	Merge pull request #12423 from asgerf/js/trusted-types-global-flow JS: Track trusted types policy callbacks	2023-03-14 13:09:50 +01:00
Asger F	41dd63adc7	Handle forwardRef in React	2023-03-13 11:30:18 +01:00
erik-krogh	6c1ebd999e	Merge branch 'main' into delOldDeps	2023-03-13 11:00:29 +01:00

1 2 3 4 5 ...

421 Commits