hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
52,938 Commits 1,693 Branches 161 Tags
99d634c8a4cd62d6265bd106d8bd93e40c4247af
Commit Graph

386 Commits

Author SHA1 Message Date
Asger F
dec1e4dfd6 Merge pull request #12666 from smiddy007/improve-insufficient-pw-hash-query 
JS: Improve insufficient pw hash query
 2023-03-31 11:58:41 +02:00
smiddy007
0eb61d39d3 formatting 2023-03-28 11:28:32 -04:00
smiddy007
fe3b0a56ca Removed unnecessary field 2023-03-28 11:27:23 -04:00
smiddy007
123eb1e57b Update javascript/ql/lib/semmle/javascript/frameworks/CryptoLibraries.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-03-28 11:14:28 -04:00
Jeroen Ketema
3b8ad087eb Make imports of codeql.util.Unit private 2023-03-28 14:14:13 +02:00
smiddy007
57ab5a06ae autoformatted 2023-03-27 15:20:08 -04:00
smiddy007
3ef5f3070f small change 2023-03-27 12:02:35 -04:00
smiddy007
cef6b95b15 Fixed Conflicts due to recent changes to file 2023-03-26 22:32:34 -04:00
smiddy007
ccf152df00 Added support for progressive hashing in crypto-js module 2023-03-26 21:29:55 -04:00
erik-krogh
f718d78a9a avoid redundant sources 2023-03-16 13:34:01 +01:00
erik-krogh
a72436f6f1 recognize more express URL related sources 2023-03-15 10:14:31 +01:00
Asger F
d953ad63fe Merge pull request #12445 from asgerf/js/react-forward-ref 
JS: Handle forwardRef in React
 2023-03-14 13:21:16 +01:00
Asger F
8ab3f39b5e Merge pull request #12423 from asgerf/js/trusted-types-global-flow 
JS: Track trusted types policy callbacks
 2023-03-14 13:09:50 +01:00
Asger F
41dd63adc7 Handle forwardRef in React 2023-03-13 11:30:18 +01:00
erik-krogh
6c1ebd999e Merge branch 'main' into delOldDeps 2023-03-13 11:00:29 +01:00
Anders Schack-Mulligen
8d97fe9ed3 JavaScript: Autoformat 2023-03-10 09:41:20 +01:00
Asger F
0affd898de JS: Track trusted type policy callbacks 2023-03-07 10:22:26 +01:00
erik-krogh
a6c9af4182 add the html argument to the jQuery functions as an XSS sink 2023-03-03 11:09:53 +01:00
erik-krogh
f96d6accbb delete old deprecations 2023-03-03 09:23:02 +01:00
Alex Ford
1556b1a728 Merge branch 'main' into js-use-shared-cryptography 2023-02-15 17:13:53 +00:00
Alex Ford
8d90c02a67 JS: remove unused field 2023-02-14 15:24:22 +00:00
erik-krogh
6474cfd4c8 add support for express-ws 2023-02-12 23:25:27 +01:00
erik-krogh
ecafce8191 improve the CryptoJS model by using API::Node 2023-02-03 21:44:23 +01:00
Alex Ford
7768026e70 Merge branch 'main' into js-use-shared-cryptography 2023-02-03 15:18:30 +00:00
Alex Ford
e17b3d975d JS: pick up CryptographicKeys used in asmCrypto encrypt/decrypt calls 2023-02-03 12:16:25 +00:00
Alex Ford
983055b8f9 JS: Use shared CryptographicOperation concept and implement BlockMode getBlockMode() 2023-02-02 20:30:30 +00:00
erik-krogh
e3455a9b21 add support for axios used as a global variable 2023-01-29 22:55:20 +01:00
Michael Nebel
dc223cb82e Sync files and make corresponding changes for other languages. 2023-01-19 15:14:06 +01:00
Tony Torralba
3b6dae41cd JavaScript: Remove omittable exists variables 2023-01-10 13:37:21 +01:00
Erik Krogh Kristensen
1500fa5f67 Merge pull request #10663 from pwntester/restify_improvements 
Javascript: Improve Restify support and add new Spife support
 2022-12-15 11:08:22 +01:00
Erik Krogh Kristensen
55558120d9 add explicit this 2022-12-14 20:59:28 +01:00
Alvaro Muñoz
f46a8faf00 port RouteSetup API-based implementation to DataFlow one 2022-12-14 17:37:32 +01:00
Alvaro Muñoz
4cf7299d79 restore Spife.qll to working status 2022-12-14 15:41:53 +01:00
Alvaro Muñoz
701676eea1 Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-14 10:18:47 +01:00
Erik Krogh Kristensen
8a89849476 Merge pull request #11660 from erik-krogh/dynamic-useInstanceOf 
Py/JS/RB: Use instanceof in more places
 2022-12-13 21:50:13 +01:00
Asger F
ba1364a4cb JS: Add sinks mentioned in doc 
Note that 'sql-injection' was already added
 2022-12-13 11:33:12 +01:00
Alvaro Muñoz
270a4355df format Restify.qll 2022-12-13 11:22:24 +01:00
Alvaro Muñoz
4ba3190d29 Replace API::Node with DataFlow::Node for Spife's RouteSetup 2022-12-13 11:10:04 +01:00
erik-krogh
b3a9c1ca06 Py/JS/RB: Use instanceof in more places 2022-12-12 16:06:57 +01:00
Alvaro Muñoz
469d7f52dc Use fluent API instead of hasPropertyWrite 2022-12-12 10:46:50 +01:00
Alvaro Muñoz
1410d2838e Update javascript/ql/lib/semmle/javascript/frameworks/Spife.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-12 09:54:02 +01:00
Alvaro Muñoz
38b2f537d4 Use ReplyCall.super syntax instead of this.(ReplyCall) 2022-12-07 16:39:07 +01:00
Asger F
fcdb2fa03f JS: Remove MaD models from .qll files 2022-12-07 11:35:13 +01:00
Asger F
d8e566a50e Add data-extension files 2022-12-07 11:35:13 +01:00
Asger F
5af1b367c7 Support data extensions 2022-12-07 11:35:05 +01:00
Alvaro Muñoz
af015d3d30 restoring previous casts to avoid super type ambiguity 2022-12-07 10:39:58 +01:00
Alvaro Muñoz
407df37a74 Add feedback from Code review 2022-12-07 10:36:44 +01:00
Alvaro Muñoz
3e92b4c596 Apply suggestions from code review 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2022-12-07 10:29:29 +01:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
Asger F
76afc2dcc3 JS: Fix formatting and rephrase comment 2022-11-28 14:00:43 +01:00