hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-10 17:29:26 +02:00
Code Issues Packages Projects Releases Wiki Activity
71,978 Commits 1,754 Branches 167 Tags
b6103e1ef49df279aac81b548dfd6982bdc6acde
Commit Graph

27 Commits

Author SHA1 Message Date
erik-krogh
39a8b49222 add qhelp recommendation that you can use an obvious placeholder value 2024-05-03 19:37:31 +02:00
erik-krogh
ff85db36e2 exclude credentials as kind key from hardcoded-credentials when the key looks like a dummy password 2024-05-03 13:58:11 +02:00
Adrien Pessu
e332a4348d Update javascript/ql/src/Security/CWE-798/HardcodedCredentials.qhelp 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2023-06-21 12:55:33 +01:00
Adrien Pessu
7dfb404fd7 clean examples 2023-06-21 08:11:39 +00:00
Adrien Pessu
e85987bfc5 remove useless phrase 2023-06-21 07:59:24 +00:00
Adrien Pessu
2a2f6de78c fixed text not in a tag 2023-06-20 17:27:37 +00:00
Adrien Pessu
36cb60c746 Add fixed proposition for NodeJS 2023-06-20 17:22:56 +00:00
Adrien Pessu
eb28266bcb improv example the help file 2023-06-19 17:00:52 +00:00
Esben Sparre Andreasen
816d79692b ignore deliberately hardcoded password strings 2022-02-16 09:47:01 +01:00
Asger Feldthaus
f6da030572 JS: Migrate to *Query.qll convention 2021-08-12 09:30:18 +02:00
Erik Krogh Kristensen
87c0c60c22 don't report dummy authentication headers as hardcoded-crendentials 2021-08-02 22:56:14 +02:00
Calum Grant
771e686946 Update security-severity scores 2021-06-15 13:25:17 +01:00
Calum Grant
a594afb828 Add security-severity metadata 2021-06-10 20:11:08 +01:00
Esben Sparre Andreasen
1c5bffc095 JS: fix some FNs in the qhelp examples 2020-05-15 12:40:38 +02:00
Esben Sparre Andreasen
a5645e168a JS: exclude keys from whitelist 2019-09-16 10:13:18 +02:00
Esben Sparre Andreasen
0e2d2f8662 JS: whitelist some hardcoded dummy-passwords in two queries 2019-09-16 10:11:43 +02:00
Esben Sparre Andreasen
ee106ccff9 JS: simplify asExpr().getStringValue() calls 2019-09-11 10:56:57 +02:00
Esben Sparre Andreasen
aab17850d1 JS: eliminate redundant ConstantString casts 2019-09-11 10:56:49 +02:00
Max Schaefer
31bb39a810 JavaScript: Autoformat all QL files. 2019-01-07 10:15:45 +00:00
Max Schaefer
3fcd02ab0e JavaScript: Rename hasPathFlow to hasFlowPath for consistency with other languages. 2018-11-14 11:23:17 +00:00
Max Schaefer
52ae757279 JavaScript: Select Nodes (instead of PathNodes) everywhere. 2018-11-14 09:16:40 +00:00
Max Schaefer
e365b722ee JavaScript: Select source and sink in all path queries. 2018-11-14 09:16:40 +00:00
Max Schaefer
11d6259dbf JavaScript: Move from Node to PathNode. 2018-11-14 09:16:40 +00:00
Max Schaefer
8d87f556e1 JavaScript: Add import DataFlow::PathGraph. 2018-11-14 09:16:40 +00:00
Max Schaefer
60a1357092 JavaScript: Make all taint-based security queries have @kind path-problem. 2018-11-14 09:16:40 +00:00
Max Schaefer
65bcf0f526 JavaScript: Refactor security queries for uniformity. 2018-11-14 09:16:40 +00:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00