19 Commits

Author	SHA1	Message	Date
erik-krogh	442749bb7f	JS: add heuristic variants of queries that use RemoteFlowSource	2022-12-19 12:01:22 +01:00
erik-krogh	368f84785b	fix some more style-guide violations in the alert-messages	2022-10-07 11:22:22 +02:00
Erik Krogh Kristensen	51b56a9e28	add cwe 090 (ldap injection) and cwe 943 (Improper Neutralization of Special Elements in Data Query Logic) to SqlInjection.ql	2021-10-01 09:01:29 +02:00
Asger Feldthaus	cb0075f15a	JS: Remove use of deprecated API	2021-08-12 09:30:43 +02:00
Calum Grant	771e686946	Update security-severity scores	2021-06-15 13:25:17 +01:00
Calum Grant	a594afb828	Add security-severity metadata	2021-06-10 20:11:08 +01:00
Max Schaefer	978d2db252	JavaScript: Add models for more Mongoose methods.	2020-11-30 16:32:13 +00:00
Esben Sparre Andreasen	1c5bffc095	JS: fix some FNs in the qhelp examples	2020-05-15 12:40:38 +02:00
Max Schaefer	31bb39a810	JavaScript: Autoformat all QL files.	2019-01-07 10:15:45 +00:00
Max Schaefer	6021d2499d	JavaScript: Remove accidentally committed .actual file.	2018-11-19 12:24:19 +00:00
Max Schaefer	3fcd02ab0e	JavaScript: Rename hasPathFlow to hasFlowPath for consistency with other languages.	2018-11-14 11:23:17 +00:00
Max Schaefer	52ae757279	JavaScript: Select Nodes (instead of PathNodes) everywhere.	2018-11-14 09:16:40 +00:00
Max Schaefer	e365b722ee	JavaScript: Select source and sink in all path queries.	2018-11-14 09:16:40 +00:00
Max Schaefer	11d6259dbf	JavaScript: Move from Node to PathNode.	2018-11-14 09:16:40 +00:00
Max Schaefer	8d87f556e1	JavaScript: Add import DataFlow::PathGraph.	2018-11-14 09:16:40 +00:00
Max Schaefer	60a1357092	JavaScript: Make all taint-based security queries have @kind path-problem.	2018-11-14 09:16:40 +00:00
Max Schaefer	65bcf0f526	JavaScript: Refactor security queries for uniformity.	2018-11-14 09:16:40 +00:00
Asger F	d72d7345b8	JS: make NosqlInjection use object taint	2018-10-10 17:05:59 +01:00
Pavel Avgustinov	b55526aa58	QL code and tests for C#/C++/JavaScript.	2018-08-02 17:53:23 +01:00