hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
65,069 Commits 1,747 Branches 166 Tags
ac6c4add1480fc0ec35d2bf49231f1996226b604
Commit Graph

21 Commits

Author SHA1 Message Date
Ed Minnix
9d90c24006 Refactor to using MethodCall instead of MethodAccess 2023-10-25 14:31:56 -04:00
Edward Minnix III
2a91743477 Re-add IvParameterSpec constructor to otherApiCallableCredentialParam 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-10-25 14:31:55 -04:00
Ed Minnix
a28f19c857 Remove initialization vectors from SensitiveApi 2023-10-25 14:31:55 -04:00
Ed Minnix
c689065f83 Experiment: Remove IVs from credentials 2023-10-25 14:31:55 -04:00
Ed Minnix
9c15cf18e8 Refactor deprecated predicates to use new classes 
Modified the predicates in `SensitiveApi` to rely on the new classes
which are using models as data. This allows us to remove the old
predicates containing the pre-MaD versions of the models.
 2023-10-25 14:31:55 -04:00
Ed Minnix
3b0b5e403c Replace crypto-parameter with credentials-key 2023-10-25 14:31:55 -04:00
Ed Minnix
31b069041f Initialization vector models 2023-10-25 14:31:54 -04:00
Edward Minnix III
72a1289eba Rename class to CredentialsSinkNode to better align with naming convention 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-10-25 14:31:54 -04:00
Ed Minnix
a85df81b67 Rename sink kind to "credentials-username" to match naming convention 2023-10-25 14:31:54 -04:00
Ed Minnix
0612b3795a Rename sink kind to "credentials-password" to match naming convention 2023-10-25 14:31:54 -04:00
Ed Minnix
3ee0fa9bc4 Add deprecation messages 2023-10-25 14:31:54 -04:00
Edward Minnix III
2f53adf2c2 Fix typo 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-10-25 14:31:54 -04:00
Ed Minnix
ee6cb96d07 Add a superclass for credential nodes 2023-10-25 14:31:53 -04:00
Ed Minnix
4aec302fb7 Create new sink kinds 2023-10-25 14:31:53 -04:00
Ed Minnix
3ff1a97e38 Add byte[] signatures 2023-02-27 12:16:14 +01:00
Ed Minnix
fa6ac063d1 Add com.auth0.jwt.algorithm.Algorithm sinks 
The HMAC* constructors of the com.auth0.jwt.algorithm.Algorithm class
take a secret as a parameter. Therefore, the arguments should be added
to be checked for hardcoded credentials.
 2023-02-27 12:16:14 +01:00
Chad Bentz
cfe169a4f9 Adding MSSQL to SensitiveAPI 2023-02-13 19:42:28 -05:00
Chris Smowton
ca4ef6578d Spelling 2022-08-13 14:37:08 +01:00
Chris Smowton
8bea2a5f6c Add missing qldoc 2022-08-13 14:20:48 +01:00
Chris Smowton
b62e9dc92c Convert tests to inline expectations and fix one bug revealed doing so 
Specifically Apache sshd defines its sensitive api calls on an inherited interface, and they need to be described that way for us to pick them up.
 2022-08-13 14:02:05 +01:00
Chris Smowton
ddb0846e06 Split up hardcoded creds queries, ready for conversion to inline expectations 2022-08-13 12:39:16 +01:00