hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 19:03:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,312 Commits 1,692 Branches 161 Tags
abf21ba767e2a23c7ddeda6df33c36549f307da1
Commit Graph

351 Commits

Author SHA1 Message Date
erik-krogh
c166cb406a Merge branch 'main' into amammad-js-CodeInjection_execa 2024-05-21 08:48:12 +02:00
Asger F
5e7d1d5c2c Merge branch 'main' into js/shared-dataflow-merged 2024-03-13 14:27:16 +01:00
erik-krogh
f2d6640003 fix ambiguous import. It could refer both to a module or a file 2024-03-12 15:15:50 +01:00
erik-krogh
c1fd7a6190 autoformat 2024-03-12 15:09:45 +01:00
maikypedia
699d8d4719 x 2024-03-07 18:15:22 +01:00
GitHub Security Lab
df10a7e7f0 Merge branch 'main' into amammad-js-bombs 2024-01-25 11:23:38 +01:00
maikypedia
78e7793e01 Move to experimental 2024-01-09 01:11:58 +01:00
Maiky
191766a47b Use config.getCorsConfiguration().getOrigin()) 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-12-18 12:38:39 +01:00
amammad
18d0b28024 v1 2023-12-10 20:27:21 +01:00
amammad
1547cd0546 added inline tests, move to experimental dir 2023-12-05 18:59:46 +01:00
Maiky
4ef4c92e2c Move Customizations and Query 2023-11-23 21:29:09 +01:00
erik-krogh
abb8d65483 Merge branch 'main' into amammad-js-SQLI 2023-11-23 21:17:58 +01:00
amammad
60b422a35c fix second round of code review. improve documents, fix better-sqlite3 method 2023-11-23 14:01:38 +01:00
amammad
0328a2986d move TypeORM library file and tests to experimental 
add inline tests :)
Fix TypeORM fuzzy method according to Review
 2023-11-21 19:59:06 +01:00
Asger F
a02ab2ad88 JS: Port heuristic versions of standard queries 2023-10-13 13:15:08 +02:00
Asger F
449ec72dbe JS: Port experimental queries 2023-10-13 13:15:03 +02:00
Maiky
c0e6d7c049 Merge branch 'github:main' into maikypedia/javascript-cors 2023-10-11 12:20:42 +02:00
amammad
32859eb057 move to experimental 2023-10-10 22:46:44 +02:00
amammad
4198f61c16 fix a qldoc isuse 2023-10-10 22:21:43 +02:00
erik-krogh
c2942b37a7 JS: delete various outdated deprecations 2023-10-09 09:14:55 +02:00
amammad
3f41a42c38 remove unused classes 2023-10-08 11:08:05 +02:00
amammad
15671682c5 remove unused flowLable, update path query alert message 2023-10-08 11:06:13 +02:00
amammad
41e7b91d78 fix flowLabels 2023-10-08 11:00:07 +02:00
amammad
aff6f00450 comments improvement,separate module file, fix tests 2023-10-07 12:02:39 +02:00
amammad
5a49f6bb9b fix tests 2023-10-06 22:10:57 +02:00
amammad
eef8137166 add Dice package, add global taint steps by SharedTaintStep, use getASuccessor 2023-10-06 10:58:26 +02:00
amammad
faaddd4dfe updates for FormParsers and ReadableStream modules, add separate module for Readable Streams, BusBoy RemoteFlowSources is covering more sources now!, modularize 2023-10-05 21:46:58 +02:00
Maiky
816eebbb51 Add .qhelp and apply some review changes 2023-10-02 18:05:39 +02:00
amammad
e81a4fc330 remove CLI sources Library file and local sources for lower FPs 2023-10-01 05:44:13 +10:00
amammad
921198ed30 add separate query for sinks that accepts data: URL 2023-09-28 20:33:38 +10:00
amammad
77dcd68a86 v2 2023-08-31 21:26:25 +10:00
amammad
d06444e639 upgrade additional steps 2023-08-30 05:03:19 +10:00
amammad
369bc50709 fix comments 2023-08-30 04:53:58 +10:00
amammad
4f04dc8f6e add test cases 2023-08-29 21:34:02 +10:00
amammad
65b97745c2 V1 2023-08-29 21:23:02 +10:00
Asger F
094302a27b JS: Replace sanitizing prefix edge with node 2023-07-11 14:48:13 +02:00
amammad
516fdf627a update stream pipe 2023-06-28 00:09:39 +10:00
amammad
c7a7594821 merge all ql files into one 2023-06-27 01:56:23 +10:00
amammad
8a80a734d8 fix an accident :) 2023-06-26 20:20:00 +10:00
amammad
3bd45a8536 fix query identifier 2023-06-26 03:01:19 +10:00
amammad
effb8024a4 fix yargs bug 2023-06-25 23:30:24 +10:00
amammad
c16a2827d7 fix format warnings/errors 2023-06-25 23:24:12 +10:00
amammad
307187f6c1 V1 2023-06-23 06:06:37 +10:00
erik-krogh
b343dcaadd put string/object in the alert-message for sql-injection 2023-05-31 08:06:04 +02:00
Asger F
20e8ee8423 Merge pull request #12748 from JarLob/yi 
JS: Add more sources, more unit tests, fixes to the GitHub Actions injection query
 2023-05-15 11:03:00 +02:00
Kasper Svendsen
67950c8e6b JS: Make implicit this receivers explicit 2023-05-03 15:31:00 +02:00
Nate Johnson
78229bb264 Moved into experimental 2023-04-18 21:59:14 -04:00
jarlob
a8a6913512 Simplify exists according to the warning 2023-04-13 23:10:16 +02:00
jarlob
72b66ffe97 Fix comment. 2023-04-07 10:01:14 +02:00
jarlob
39ff3c72a2 Remove label sanitizer because it is prone to race conditions 2023-04-03 23:28:31 +02:00