hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-08 00:24:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
59,687 Commits 1,731 Branches 164 Tags
f14303acea4eb19c53bd95cfcb6293ced12645b6
Commit Graph

3776 Commits

Author SHA1 Message Date
Asger F
f14303acea JS: Port ConditionalBypass 2023-10-13 13:15:04 +02:00
Asger F
2296a273c4 JS: Port BuildArtifactLeak 2023-10-13 13:15:04 +02:00
Asger F
85617c292e JS: Port BrokenCryptoAlgorithm 2023-10-13 13:15:04 +02:00
Asger F
7a1aead831 JS: Port ZipSlip 2023-10-13 13:15:04 +02:00
Asger F
e9189f965f JS: Port LogInjection 2023-10-13 13:15:04 +02:00
Asger F
ae680e747b JS: Port LoopBoundInjection 2023-10-13 13:15:04 +02:00
Asger F
40d68cb4dc JS: Port CleartextStorage 2023-10-13 13:15:04 +02:00
Asger F
b8a6f81669 JS: Port CleartextLogging 2023-10-13 13:15:04 +02:00
Asger F
a5c221fcfc JS: Port PrototypePollutingMergeCall 2023-10-13 13:15:04 +02:00
Asger F
adf7d5409d JS: Port PrototypePollutingFunction 2023-10-13 13:15:04 +02:00
Asger F
f1f45927b1 JS: Port PrototypePollutingAssignment 2023-10-13 13:15:04 +02:00
Asger F
81d2721248 JS: Port ClientSideUrlRedirect 2023-10-13 13:15:04 +02:00
Asger F
46fd727a55 JS: Port ServerSideUrlRedirect 2023-10-13 13:15:04 +02:00
Asger F
92816b1c9a JS: Port ClientSideRequestForgery 2023-10-13 13:15:03 +02:00
Asger F
b2216627be JS: Port RequestForgery 2023-10-13 13:15:03 +02:00
Asger F
d7b4e0c206 JS: Port ExceptionXss 2023-10-13 13:15:03 +02:00
Asger F
cf5450dbd5 JS: Port XssThroughDom 2023-10-13 13:15:03 +02:00
Asger F
5f05232e02 JS: Port StoredXss 2023-10-13 13:15:03 +02:00
Asger F
46b90e51fc JS: Port ReflectedXss 2023-10-13 13:15:03 +02:00
Asger F
e091fdefa4 JS: Port DomBasedXss 2023-10-13 13:15:03 +02:00
Asger F
547a8a958a JS: Port SqlInjection 2023-10-13 13:15:03 +02:00
Asger F
65e9706c8e JS: Port TaintedPath 2023-10-13 13:15:03 +02:00
Asger F
fcfab5238e JS: Port CodeInjection 2023-10-13 13:15:03 +02:00
Asger F
17233a6749 JS: Port CommandInjection 2023-10-13 13:15:03 +02:00
Asger F
449ec72dbe JS: Port experimental queries 2023-10-13 13:15:03 +02:00
erik-krogh
7ca0996912 add a taint-tracking tests for calls to tagged template strings 2023-10-06 21:39:42 +02:00
erik-krogh
9b6501787a add API-graph test for the new tagged template calls 2023-10-06 21:25:34 +02:00
erik-krogh
18e6a5491c recognize tagged templates as DataFlow::CallNode 2023-10-06 21:14:00 +02:00
erik-krogh
951ed01d6b combine the library-tests/CallGraphs/FullTest tests into one file 2023-10-06 20:57:09 +02:00
Asger F
162c477236 JS: Add AmdModuleDefinition::Range 2023-10-04 20:38:37 +02:00
erik-krogh
fdd349c1a3 fix out of bounds string access in isUsingDecl 2023-09-13 20:11:21 +02:00
Max Schaefer
e722e3288f Merge pull request #13771 from github/max-schaefer/server-side-url-redirect-help 
JavaScript: Improve query help for `js/server-side-unvalidated-url-redirection`.
 2023-09-13 13:20:48 +01:00
Max Schaefer
a9e81672f0 Make suggestion to replace example.com more explicit. 2023-09-12 16:54:05 +01:00
Max Schaefer
a02f373e79 Use better sanitiser. 2023-09-06 14:06:16 +01:00
erik-krogh
984795ee46 fix off-by-one 2023-08-30 13:29:23 +02:00
erik-krogh
2643ab3dbf using is not a keyword 2023-08-30 08:44:59 +02:00
erik-krogh
78487d437f add test for await using in TypeScript 2023-08-28 13:30:35 +02:00
erik-krogh
be2712698b add support for await using in the JS parser 2023-08-28 09:34:13 +02:00
erik-krogh
cb66d62959 add test for the new type-stuff in TS 5.2 we get for free 2023-08-24 20:30:26 +02:00
erik-krogh
dc454d3a72 add support for the new using keyword in TypeScript 2023-08-24 20:30:26 +02:00
erik-krogh
a7d92b3473 add JS support the using keyword 2023-08-24 20:30:26 +02:00
Asger F
2b540e251a Merge pull request #14007 from asgerf/js/import-path-string 
JS: Follow immediate predecessors in path resolution
 2023-08-23 15:28:22 +02:00
Asger F
c6a757e085 JS: More robust handling of cyclic aliases 2023-08-23 14:11:07 +02:00
Asger F
794a459c1b JS: Add reproduction test 2023-08-23 14:11:07 +02:00
Asger F
dec6039469 JS: Follow immediate predecessors in path resolution 2023-08-23 09:53:51 +02:00
Max Schaefer
87364137df Use more sensible validator in example. 2023-08-21 15:14:01 +01:00
erik-krogh
0bce42410a support arbitrary codepoints in NfaUtils.qll 2023-08-08 22:14:51 +02:00
erik-krogh
92db7b047c escape unicode chars in the output for the ReDoS queries 2023-08-08 00:15:54 +02:00
Asger F
c38cbe859d Merge pull request #13737 from asgerf/dynamic/fuzzy-models 
Dynamic: add Fuzzy token
 2023-08-03 09:58:24 +02:00
Max Schaefer
7823ff968c JavaScript: Improve query help for js/server-side-unvalidated-url-redirection. 2023-07-19 13:23:25 +01:00