hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-29 18:41:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
63,997 Commits 1,763 Branches 168 Tags
8e05f2a1f0f99d65fba5f8a1b0b7e18d7cfe4abe
Commit Graph

481 Commits

Author SHA1 Message Date
dilanbhalla
8e05f2a1f0 Update SQL.qll 2024-02-27 13:38:39 -08:00
dilanbhalla
134010ac7e Update SQL.qll 2024-02-27 13:30:38 -08:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Asger F
59c9ac735a Merge pull request #15295 from asgerf/js/type-model-export 
JS: Include sink nodes as base-case when resolving types
 2024-01-11 20:47:32 +01:00
Erik Krogh Kristensen
d782bd9b1f Merge pull request #13624 from jorgectf/seclab/dotjs 
JS: Add `dot.js` support
 2024-01-11 14:57:19 +01:00
Asger F
82cee61999 JS: Include sink nodes as base-case when resolving types 2024-01-11 13:41:21 +01:00
Erik Krogh Kristensen
3000b4b9b3 rename PropsTaintStep to PropsFlowStep 
Co-authored-by: Asger F <asgerf@github.com>
 2024-01-10 09:45:29 +01:00
erik-krogh
a9f2b3fad6 promote PropsTaintStep to a PreCallGraphStep 2024-01-04 10:45:22 +01:00
Jorge
f8cfd698fa Merge branch 'main' into seclab/dotjs 2023-12-19 10:44:52 +01:00
Tom Hvitved
a46964dfe8 Address review comments 2023-12-12 13:55:52 +01:00
Tom Hvitved
28373e0fdf JS: Adapt to changes in shared code 2023-12-10 11:25:43 +01:00
erik-krogh
e8f9e366d5 remove redundant imports for JS 2023-12-08 16:56:54 +01:00
Jorge
8abd1d9855 Merge branch 'main' into seclab/dotjs 2023-11-30 19:42:18 +01:00
erik-krogh
abb8d65483 Merge branch 'main' into amammad-js-SQLI 2023-11-23 21:17:58 +01:00
amammad
60b422a35c fix second round of code review. improve documents, fix better-sqlite3 method 2023-11-23 14:01:38 +01:00
amammad
0328a2986d move TypeORM library file and tests to experimental 
add inline tests :)
Fix TypeORM fuzzy method according to Review
 2023-11-21 19:59:06 +01:00
amammad
999ec7053e fix Query class docstring 2023-11-21 18:56:05 +01:00
Rasmus Wriedt Larsen
43d9d2ceb7 Merge pull request #14603 from github/max-schaefer/broken-crypto-algorithm-link 
JavaScript/Python/Ruby: Improve alert message for `*/weak-cryptographic-algorithm`.
 2023-11-08 14:29:24 +01:00
amammad
c858e4974d fix Sqlite and BetterSqlite3 issues according to Review 2023-11-06 14:57:40 +01:00
Arthur Baars
5cc94e1105 Express.js: add req.path as remote input source 2023-10-31 12:44:26 +01:00
Harry Maclean
083be305e1 Shared: Add neutralModel extensible predicate 
The neutralModel extensible predicate already exists in Java and C#, so
this change brings the dynamic languages more in line with static
languages. The Model Editor uses this predicate to mark endpoints as
"not interesting" from a data flow perspective.
 2023-10-30 11:31:57 +00:00
Max Schaefer
08cc8b8e80 Autoformat. 2023-10-26 15:36:06 +01:00
Max Schaefer
741735cc83 Port changes to JavaScript. 2023-10-26 14:47:24 +01:00
amammad
e3dbdc3887 add custom query builder and active record querybuilder support 2023-10-22 21:39:59 +02:00
amammad
242f7e1c53 update pg :) 2023-10-10 11:42:32 +02:00
amammad
bbeb7b39d7 add better-sqlite3 2023-10-10 11:17:04 +02:00
erik-krogh
c2942b37a7 JS: delete various outdated deprecations 2023-10-09 09:14:55 +02:00
amammad
58f4cd77dc add TypeORM to javascript.qll file 
add tests
improvement on comments
 2023-09-29 01:23:22 +10:00
amammad
0c40223192 v1 2023-09-23 18:17:49 +10:00
amammad
a8aeb1d03e add active record and data mapper patterns support 2023-09-22 22:50:55 +10:00
amammad
522a2e2594 v2 2023-09-22 18:56:47 +10:00
amammad
54a44777b7 v1 2023-09-13 19:14:15 +10:00
yoff
7f2f6f14e7 Merge pull request #13729 from yoff/python/model-aws-lambdas 
Python/JavaScript: Shared module for serverless functions
 2023-08-16 15:14:08 +02:00
Asger F
f3fab587a9 JS: Add Fuzzy token in identifying access path 2023-07-13 14:01:06 +02:00
Asger F
7c9e1ad6ec JS: Fix accidental recursion in Vue model 
The API graph entry point depended on API::Node.

This was due to depending on the the TComponent newtype which has a branch that depends on API::Node
 2023-07-13 13:41:21 +02:00
Rasmus Lerchedahl Petersen
02c41f3dcf JavaScript: Use shared library for serverless 2023-07-12 16:46:34 +02:00
Asger F
965ca169e5 JS: Recognise fs/promises 2023-07-07 14:14:49 +02:00
Asger F
4c9501eba5 Merge pull request #13529 from jorgectf/seclab/webix-modeling 
JS: Add models for `webix`
 2023-07-03 12:03:18 +02:00
jorgectf
f1f3d8e18a Add dot.jssupport 
Co-authored-by: Kevin Stubbings <Kwstubbs@users.noreply.github.com>
 2023-06-29 19:17:37 +02:00
Jorge
e210b0d0a7 Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-29 16:06:34 +02:00
jorgectf
2ac334bf15 Adapt Webix modeling to support HTML use-cases 2023-06-28 15:26:30 +02:00
Rasmus Wriedt Larsen
0121263e03 Merge branch 'main' into python/enable-summaries-from-models 2023-06-26 11:34:12 +02:00
yoff
26856a82a6 Apply suggestions from code review 
Co-authored-by: Asger F <asgerf@github.com>
 2023-06-23 10:15:20 +02:00
Jami
5259a6ecfc Merge pull request #13324 from jcogs33/jcogs33/shared-sink-kind-validation 
Shared: share MaD kind validation across languages
 2023-06-20 11:56:12 -04:00
Rasmus Lerchedahl Petersen
3cf9e3e692 Py/js/ruby: sync files 2023-06-18 21:52:49 +02:00
Asger F
22b98c8959 JS: Restrict length of state path in vuex model 2023-06-14 15:48:58 +02:00
Jami
35591113c2 Merge branch 'main' into jcogs33/shared-sink-kind-validation 2023-06-14 08:06:34 -04:00
Jami Cogswell
9abe3e3da4 Shared: use a module as input to 'KindValidation' 2023-06-09 14:35:37 -04:00
Jami Cogswell
da58b2afc8 Shared: move shared file to 'shared' folder and add parameterized module for 'getInvalidModelKind' 2023-06-08 20:05:27 -04:00
Jami Cogswell
5a23421d9a Shared: minor updates to comments 2023-06-05 13:46:56 -04:00