hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-15 06:23:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,068 Commits 1,690 Branches 160 Tags
c19085e56e6830c190efd307c271f44851ed06df
Commit Graph

1959 Commits

Author SHA1 Message Date
Napalys
933f3c6f77 Refactor Tanstack integration: remove Tanstack framework and added model as data for it instead. 2025-03-14 13:52:05 +01:00
Napalys
dc262236f4 Enhance taint tracking by including escape and unescape in TaintedPath customizations. 2025-03-14 11:43:22 +01:00
Napalys
c4b717b86c Added test case for escape. 2025-03-14 11:40:23 +01:00
Napalys
66737402c2 Updated test ouput with fixes from main. 2025-03-14 10:50:10 +01:00
Napalys Klicius
908f48a22f Merge branch 'main' into js/vue_tanstack_model 2025-03-14 10:45:42 +01:00
Napalys
de5c7efd63 Added test case for unescape. 2025-03-13 13:47:42 +01:00
Napalys
3640e5e425 Added model for tanstack-react useQueries 2025-03-13 12:45:26 +01:00
Napalys
03330ef24d Added test cases for tanstack-react useQueries. 2025-03-13 12:45:25 +01:00
Napalys
6c9aa0e872 Added modeling of tanstack-vue useQueries. 2025-03-13 12:45:23 +01:00
Napalys
4917d64ce7 Added test cases for tanstack-vue useQueries. 2025-03-13 12:45:05 +01:00
Napalys
0c0158899e Added tanstack-vue useQuery modeling 2025-03-13 12:25:07 +01:00
Napalys
7712ca368a Added useQuery tanstack-vue test case 2025-03-13 12:25:05 +01:00
Napalys Klicius
40903a9643 Merge pull request #18975 from Napalys/js/tanstack_angular 
JS: Update Angular Client Request's with API graph and `Tanstack` Angular modeling
 2025-03-12 15:30:26 +01:00
Napalys
770920e738 Add new model configuration for @tanstack/angular-query-experimental. 2025-03-12 11:54:55 +01:00
Napalys
184d23df46 Add test cases for @tanstack/angular-query-experimental injectQuery 2025-03-12 11:54:53 +01:00
Asger F
8599ab2503 JS: Fix attributes nodes missing an enclosing callable 2025-03-11 16:47:48 +01:00
Asger F
e8c5e4d006 Merge branch 'main' into js/test-suite 2025-03-11 13:17:08 +01:00
Napalys Klicius
7c9edff33c Merge pull request #18964 from Napalys/js/mark_down_table 
JS: Refactor `markdown-table` library modeling
 2025-03-11 09:02:56 +01:00
Napalys
13c701948a Refactor Markdown taint steps and update expected results for reflected XSS tests 2025-03-10 19:27:36 +01:00
Asger F
0f201d2070 JS: Line number changes in redos test case 2025-03-10 14:36:49 +01:00
Asger F
75ed0d0b46 JS: Remove duplicate '$ Alert' in libxml test 2025-03-10 14:23:44 +01:00
Asger F
122f68e525 Update javascript/ql/test/query-tests/Security/CWE-400/ReDoS/polynomial-redos.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:22:22 +01:00
Asger F
8ee5b237e2 Update javascript/ql/test/query-tests/Security/CWE-730/server-crash.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:21:46 +01:00
Asger F
92dfdc8194 Update javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/UnsafeHtmlExpansion.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:33 +01:00
Asger F
21d42bcd21 Update javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/exception-xss.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:19:01 +01:00
Asger F
dad4838d3b Update javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/tst.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:42 +01:00
Asger F
017f458534 Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:22 +01:00
Asger F
24c9b2ef9b Update javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat/uselesscat.js 
Co-authored-by: Napalys Klicius <napalys@github.com>
 2025-03-10 14:18:02 +01:00
Napalys
d077d6807a Applied changes from comments 
Co-authored-by: Asgerf <asgerf@github.com>
 2025-03-10 12:24:45 +01:00
Napalys
c12c12c416 Added modeling for react-relay functions that retrieve data. 2025-03-06 18:30:21 +01:00
Napalys
5a1991bb69 Added test cases for react-relay functions that retrieve data 2025-03-06 18:10:27 +01:00
Napalys
1443f314a1 Added react-relay useFragment as threat model source. 2025-03-06 18:10:23 +01:00
Napalys
1e3b8625e6 Added a test case where useFragment from react-relay should be marked as a source but isn't 2025-03-06 18:10:21 +01:00
Asger F
2a194a53af raw test output 2025-02-28 13:29:39 +01:00
Asger F
193b26e938 JS: Add query IDs 2025-02-28 13:29:37 +01:00
Asger F
33602ee52b JS: Convert some comments to JSX 2025-02-28 13:29:36 +01:00
Asger F
c67c5854ba Disable for more queries with alerts in JSON 2025-02-28 13:29:35 +01:00
Asger F
64d39da5f8 JS: Accept Sources/Sink tags 2025-02-28 13:29:30 +01:00
Asger F
19cada38ff JS: Migrate a new file from OK-style comments 2025-02-28 13:29:29 +01:00
Asger F
fd6a9c6144 JS: Accept an alert 2025-02-28 13:29:27 +01:00
Asger F
b4ac2f7d73 JS: Add a query ID 2025-02-28 13:29:26 +01:00
Asger F
87518ba60e JS: Update tainted-sendFile.js 
This file was added on main while this branch was in progress. Porting the whole file in one step.
 2025-02-28 13:29:25 +01:00
Asger F
bb67a0e9b0 JS: Remove outdated comment 2025-02-28 13:29:23 +01:00
Asger F
0496de6c8f JS: Accept alerts in UselessCharacterEscape 2025-02-28 13:29:22 +01:00
Asger F
4d7cbe6f60 JS: Accept to web socket-based SSRF alerts 2025-02-28 13:29:07 +01:00
Asger F
764eb98809 JS: Move two alerts and add query ID 2025-02-28 13:29:06 +01:00
Asger F
976096540f JS: Accept an alert 2025-02-28 13:29:05 +01:00
Asger F
49274d5f73 JS: Accept an alert 2025-02-28 13:29:03 +01:00
Asger F
2d1aa3e00a JS: Accept missing alert and clarify reason 2025-02-28 13:29:02 +01:00
Asger F
9f8744680d JS: Remove a fixed spurious alert 2025-02-28 13:29:01 +01:00