hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.22.1
codeql/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
Napalys Klicius d1869941c2 Renamed UnhandledStreamPipe.ql to a better fitting name and ID 
As a side effect of merge `security-and-quality` does not contain anymore related new query.

Co-Authored-By: Asger F <316427+asgerf@users.noreply.github.com>
2025-06-03 13:57:10 +02:00

204 lines
12 KiB
Plaintext
Raw Permalink Blame History

ql/javascript/ql/src/AngularJS/DependencyMismatch.ql
ql/javascript/ql/src/AngularJS/DisablingSce.ql
ql/javascript/ql/src/AngularJS/DoubleCompilation.ql
ql/javascript/ql/src/AngularJS/DuplicateDependency.ql
ql/javascript/ql/src/AngularJS/IncompatibleService.ql
ql/javascript/ql/src/AngularJS/InsecureUrlWhitelist.ql
ql/javascript/ql/src/AngularJS/MissingExplicitInjection.ql
ql/javascript/ql/src/AngularJS/RepeatedInjection.ql
ql/javascript/ql/src/AngularJS/UseNgSrc.ql
ql/javascript/ql/src/DOM/DuplicateAttributes.ql
ql/javascript/ql/src/DOM/MalformedIdAttribute.ql
ql/javascript/ql/src/DOM/PseudoEval.ql
ql/javascript/ql/src/Declarations/ArgumentsRedefined.ql
ql/javascript/ql/src/Declarations/AssignmentToConst.ql
ql/javascript/ql/src/Declarations/ClobberingVarInit.ql
ql/javascript/ql/src/Declarations/ConflictingFunctions.ql
ql/javascript/ql/src/Declarations/DeadStoreOfLocal.ql
ql/javascript/ql/src/Declarations/DeadStoreOfProperty.ql
ql/javascript/ql/src/Declarations/DeclBeforeUse.ql
ql/javascript/ql/src/Declarations/DefaultArgumentReferencesNestedFunction.ql
ql/javascript/ql/src/Declarations/DuplicateVarDecl.ql
ql/javascript/ql/src/Declarations/IneffectiveParameterType.ql
ql/javascript/ql/src/Declarations/MissingThisQualifier.ql
ql/javascript/ql/src/Declarations/MissingVarDecl.ql
ql/javascript/ql/src/Declarations/MixedStaticInstanceThisAccess.ql
ql/javascript/ql/src/Declarations/SuspiciousMethodNameDeclaration.ql
ql/javascript/ql/src/Declarations/TemporalDeadZone.ql
ql/javascript/ql/src/Declarations/UniqueParameterNames.ql
ql/javascript/ql/src/Declarations/UniquePropertyNames.ql
ql/javascript/ql/src/Declarations/UnreachableMethodOverloads.ql
ql/javascript/ql/src/Declarations/UnusedVariable.ql
ql/javascript/ql/src/Diagnostics/ExtractedFiles.ql
ql/javascript/ql/src/Diagnostics/ExtractionErrors.ql
ql/javascript/ql/src/Electron/AllowRunningInsecureContent.ql
ql/javascript/ql/src/Electron/DisablingWebSecurity.ql
ql/javascript/ql/src/Expressions/ComparisonWithNaN.ql
ql/javascript/ql/src/Expressions/DuplicateCondition.ql
ql/javascript/ql/src/Expressions/DuplicateProperty.ql
ql/javascript/ql/src/Expressions/DuplicateSwitchCase.ql
ql/javascript/ql/src/Expressions/ExprHasNoEffect.ql
ql/javascript/ql/src/Expressions/HeterogeneousComparison.ql
ql/javascript/ql/src/Expressions/ImplicitOperandConversion.ql
ql/javascript/ql/src/Expressions/MissingAwait.ql
ql/javascript/ql/src/Expressions/MissingDotLengthInComparison.ql
ql/javascript/ql/src/Expressions/MissingSpaceInAppend.ql
ql/javascript/ql/src/Expressions/MisspelledVariableName.ql
ql/javascript/ql/src/Expressions/RedundantExpression.ql
ql/javascript/ql/src/Expressions/SelfAssignment.ql
ql/javascript/ql/src/Expressions/ShiftOutOfRange.ql
ql/javascript/ql/src/Expressions/StringInsteadOfRegex.ql
ql/javascript/ql/src/Expressions/SuspiciousInvocation.ql
ql/javascript/ql/src/Expressions/SuspiciousPropAccess.ql
ql/javascript/ql/src/Expressions/UnboundEventHandlerReceiver.ql
ql/javascript/ql/src/Expressions/UnclearOperatorPrecedence.ql
ql/javascript/ql/src/Expressions/UnknownDirective.ql
ql/javascript/ql/src/Expressions/UnneededDefensiveProgramming.ql
ql/javascript/ql/src/Expressions/WhitespaceContradictsPrecedence.ql
ql/javascript/ql/src/LanguageFeatures/BadTypeof.ql
ql/javascript/ql/src/LanguageFeatures/ConditionalComments.ql
ql/javascript/ql/src/LanguageFeatures/DeleteVar.ql
ql/javascript/ql/src/LanguageFeatures/ExpressionClosures.ql
ql/javascript/ql/src/LanguageFeatures/ForInComprehensionBlocks.ql
ql/javascript/ql/src/LanguageFeatures/IllegalInvocation.ql
ql/javascript/ql/src/LanguageFeatures/InconsistentNew.ql
ql/javascript/ql/src/LanguageFeatures/InvalidPrototype.ql
ql/javascript/ql/src/LanguageFeatures/LengthComparisonOffByOne.ql
ql/javascript/ql/src/LanguageFeatures/NonLinearPattern.ql
ql/javascript/ql/src/LanguageFeatures/PropertyWriteOnPrimitive.ql
ql/javascript/ql/src/LanguageFeatures/SemicolonInsertion.ql
ql/javascript/ql/src/LanguageFeatures/SetterReturn.ql
ql/javascript/ql/src/LanguageFeatures/SpuriousArguments.ql
ql/javascript/ql/src/LanguageFeatures/StrictModeCallStackIntrospection.ql
ql/javascript/ql/src/LanguageFeatures/SyntaxError.ql
ql/javascript/ql/src/LanguageFeatures/TemplateSyntaxInStringLiteral.ql
ql/javascript/ql/src/LanguageFeatures/ThisBeforeSuper.ql
ql/javascript/ql/src/LanguageFeatures/UnusedIndexVariable.ql
ql/javascript/ql/src/LanguageFeatures/WithStatement.ql
ql/javascript/ql/src/LanguageFeatures/YieldInNonGenerator.ql
ql/javascript/ql/src/NodeJS/InvalidExport.ql
ql/javascript/ql/src/NodeJS/MissingExports.ql
ql/javascript/ql/src/Performance/PolynomialReDoS.ql
ql/javascript/ql/src/Performance/ReDoS.ql
ql/javascript/ql/src/React/DirectStateMutation.ql
ql/javascript/ql/src/React/InconsistentStateUpdate.ql
ql/javascript/ql/src/React/UnsupportedStateUpdateInLifecycleMethod.ql
ql/javascript/ql/src/React/UnusedOrUndefinedStateProperty.ql
ql/javascript/ql/src/RegExp/BackrefBeforeGroup.ql
ql/javascript/ql/src/RegExp/BackrefIntoNegativeLookahead.ql
ql/javascript/ql/src/RegExp/DuplicateCharacterInCharacterClass.ql
ql/javascript/ql/src/RegExp/EmptyCharacterClass.ql
ql/javascript/ql/src/RegExp/IdentityReplacement.ql
ql/javascript/ql/src/RegExp/RegExpAlwaysMatches.ql
ql/javascript/ql/src/RegExp/UnboundBackref.ql
ql/javascript/ql/src/RegExp/UnmatchableCaret.ql
ql/javascript/ql/src/RegExp/UnmatchableDollar.ql
ql/javascript/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql
ql/javascript/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql
ql/javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql
ql/javascript/ql/src/Security/CWE-020/IncorrectSuffixCheck.ql
ql/javascript/ql/src/Security/CWE-020/MissingOriginCheck.ql
ql/javascript/ql/src/Security/CWE-020/MissingRegExpAnchor.ql
ql/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql
ql/javascript/ql/src/Security/CWE-020/UselessRegExpCharacterEscape.ql
ql/javascript/ql/src/Security/CWE-022/TaintedPath.ql
ql/javascript/ql/src/Security/CWE-022/ZipSlip.ql
ql/javascript/ql/src/Security/CWE-073/TemplateObjectInjection.ql
ql/javascript/ql/src/Security/CWE-078/CommandInjection.ql
ql/javascript/ql/src/Security/CWE-078/IndirectCommandInjection.ql
ql/javascript/ql/src/Security/CWE-078/SecondOrderCommandInjection.ql
ql/javascript/ql/src/Security/CWE-078/ShellCommandInjectionFromEnvironment.ql
ql/javascript/ql/src/Security/CWE-078/UnsafeShellCommandConstruction.ql
ql/javascript/ql/src/Security/CWE-078/UselessUseOfCat.ql
ql/javascript/ql/src/Security/CWE-079/ExceptionXss.ql
ql/javascript/ql/src/Security/CWE-079/ReflectedXss.ql
ql/javascript/ql/src/Security/CWE-079/StoredXss.ql
ql/javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.ql
ql/javascript/ql/src/Security/CWE-079/UnsafeJQueryPlugin.ql
ql/javascript/ql/src/Security/CWE-079/Xss.ql
ql/javascript/ql/src/Security/CWE-079/XssThroughDom.ql
ql/javascript/ql/src/Security/CWE-089/SqlInjection.ql
ql/javascript/ql/src/Security/CWE-094/CodeInjection.ql
ql/javascript/ql/src/Security/CWE-094/ExpressionInjection.ql
ql/javascript/ql/src/Security/CWE-094/ImproperCodeSanitization.ql
ql/javascript/ql/src/Security/CWE-094/UnsafeCodeConstruction.ql
ql/javascript/ql/src/Security/CWE-094/UnsafeDynamicMethodAccess.ql
ql/javascript/ql/src/Security/CWE-1004/ClientExposedCookie.ql
ql/javascript/ql/src/Security/CWE-116/BadTagFilter.ql
ql/javascript/ql/src/Security/CWE-116/DoubleEscaping.ql
ql/javascript/ql/src/Security/CWE-116/IncompleteHtmlAttributeSanitization.ql
ql/javascript/ql/src/Security/CWE-116/IncompleteMultiCharacterSanitization.ql
ql/javascript/ql/src/Security/CWE-116/IncompleteSanitization.ql
ql/javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.ql
ql/javascript/ql/src/Security/CWE-117/LogInjection.ql
ql/javascript/ql/src/Security/CWE-1275/SameSiteNoneCookie.ql
ql/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql
ql/javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql
ql/javascript/ql/src/Security/CWE-200/FileAccessToHttp.ql
ql/javascript/ql/src/Security/CWE-200/PrivateFileExposure.ql
ql/javascript/ql/src/Security/CWE-201/PostMessageStar.ql
ql/javascript/ql/src/Security/CWE-209/StackTraceExposure.ql
ql/javascript/ql/src/Security/CWE-295/DisablingCertificateValidation.ql
ql/javascript/ql/src/Security/CWE-300/InsecureDependencyResolution.ql
ql/javascript/ql/src/Security/CWE-312/ActionsArtifactLeak.ql
ql/javascript/ql/src/Security/CWE-312/BuildArtifactLeak.ql
ql/javascript/ql/src/Security/CWE-312/CleartextLogging.ql
ql/javascript/ql/src/Security/CWE-312/CleartextStorage.ql
ql/javascript/ql/src/Security/CWE-326/InsufficientKeySize.ql
ql/javascript/ql/src/Security/CWE-327/BadRandomness.ql
ql/javascript/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql
ql/javascript/ql/src/Security/CWE-338/InsecureRandomness.ql
ql/javascript/ql/src/Security/CWE-346/CorsMisconfigurationForCredentials.ql
ql/javascript/ql/src/Security/CWE-347/MissingJWTKeyVerification.ql
ql/javascript/ql/src/Security/CWE-352/MissingCsrfMiddleware.ql
ql/javascript/ql/src/Security/CWE-367/FileSystemRace.ql
ql/javascript/ql/src/Security/CWE-377/InsecureTemporaryFile.ql
ql/javascript/ql/src/Security/CWE-384/SessionFixation.ql
ql/javascript/ql/src/Security/CWE-400/DeepObjectResourceExhaustion.ql
ql/javascript/ql/src/Security/CWE-400/RemotePropertyInjection.ql
ql/javascript/ql/src/Security/CWE-502/UnsafeDeserialization.ql
ql/javascript/ql/src/Security/CWE-506/HardcodedDataInterpretedAsCode.ql
ql/javascript/ql/src/Security/CWE-598/SensitiveGetQuery.ql
ql/javascript/ql/src/Security/CWE-601/ClientSideUrlRedirect.ql
ql/javascript/ql/src/Security/CWE-601/ServerSideUrlRedirect.ql
ql/javascript/ql/src/Security/CWE-611/Xxe.ql
ql/javascript/ql/src/Security/CWE-614/ClearTextCookie.ql
ql/javascript/ql/src/Security/CWE-640/HostHeaderPoisoningInEmailGeneration.ql
ql/javascript/ql/src/Security/CWE-643/XpathInjection.ql
ql/javascript/ql/src/Security/CWE-693/InsecureHelmet.ql
ql/javascript/ql/src/Security/CWE-730/RegExpInjection.ql
ql/javascript/ql/src/Security/CWE-730/ServerCrash.ql
ql/javascript/ql/src/Security/CWE-754/UnvalidatedDynamicMethodCall.ql
ql/javascript/ql/src/Security/CWE-770/MissingRateLimiting.ql
ql/javascript/ql/src/Security/CWE-770/ResourceExhaustion.ql
ql/javascript/ql/src/Security/CWE-776/XmlBomb.ql
ql/javascript/ql/src/Security/CWE-807/ConditionalBypass.ql
ql/javascript/ql/src/Security/CWE-829/InsecureDownload.ql
ql/javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedDomain.ql
ql/javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedSource.ql
ql/javascript/ql/src/Security/CWE-834/LoopBoundInjection.ql
ql/javascript/ql/src/Security/CWE-843/TypeConfusionThroughParameterTampering.ql
ql/javascript/ql/src/Security/CWE-862/EmptyPasswordInConfigurationFile.ql
ql/javascript/ql/src/Security/CWE-912/HttpToFileAccess.ql
ql/javascript/ql/src/Security/CWE-915/PrototypePollutingAssignment.ql
ql/javascript/ql/src/Security/CWE-915/PrototypePollutingFunction.ql
ql/javascript/ql/src/Security/CWE-915/PrototypePollutingMergeCall.ql
ql/javascript/ql/src/Security/CWE-916/InsufficientPasswordHash.ql
ql/javascript/ql/src/Security/CWE-918/ClientSideRequestForgery.ql
ql/javascript/ql/src/Security/CWE-918/RequestForgery.ql
ql/javascript/ql/src/Statements/DanglingElse.ql
ql/javascript/ql/src/Statements/IgnoreArrayResult.ql
ql/javascript/ql/src/Statements/InconsistentLoopOrientation.ql
ql/javascript/ql/src/Statements/LabelInCase.ql
ql/javascript/ql/src/Statements/LoopIterationSkippedDueToShifting.ql
ql/javascript/ql/src/Statements/MisleadingIndentationAfterControlStmt.ql
ql/javascript/ql/src/Statements/ReturnAssignsLocal.ql
ql/javascript/ql/src/Statements/SuspiciousUnusedLoopIterationVariable.ql
ql/javascript/ql/src/Statements/UnreachableStatement.ql
ql/javascript/ql/src/Statements/UseOfReturnlessFunction.ql
ql/javascript/ql/src/Statements/UselessComparisonTest.ql
ql/javascript/ql/src/Statements/UselessConditional.ql
ql/javascript/ql/src/Summary/LinesOfCode.ql
ql/javascript/ql/src/Summary/LinesOfUserCode.ql
ql/javascript/ql/src/Vue/ArrowMethodOnVueInstance.ql
Reference in New Issue View Git Blame Copy Permalink