mirror of
https://github.com/github/codeql.git
synced 2025-12-17 17:23:36 +01:00
206 lines
12 KiB
Plaintext
206 lines
12 KiB
Plaintext
ql/javascript/ql/src/AngularJS/DependencyMismatch.ql
|
|
ql/javascript/ql/src/AngularJS/DisablingSce.ql
|
|
ql/javascript/ql/src/AngularJS/DoubleCompilation.ql
|
|
ql/javascript/ql/src/AngularJS/DuplicateDependency.ql
|
|
ql/javascript/ql/src/AngularJS/IncompatibleService.ql
|
|
ql/javascript/ql/src/AngularJS/InsecureUrlWhitelist.ql
|
|
ql/javascript/ql/src/AngularJS/MissingExplicitInjection.ql
|
|
ql/javascript/ql/src/AngularJS/RepeatedInjection.ql
|
|
ql/javascript/ql/src/AngularJS/UseNgSrc.ql
|
|
ql/javascript/ql/src/DOM/DuplicateAttributes.ql
|
|
ql/javascript/ql/src/DOM/MalformedIdAttribute.ql
|
|
ql/javascript/ql/src/DOM/PseudoEval.ql
|
|
ql/javascript/ql/src/Declarations/ArgumentsRedefined.ql
|
|
ql/javascript/ql/src/Declarations/AssignmentToConst.ql
|
|
ql/javascript/ql/src/Declarations/ClobberingVarInit.ql
|
|
ql/javascript/ql/src/Declarations/ConflictingFunctions.ql
|
|
ql/javascript/ql/src/Declarations/DeadStoreOfLocal.ql
|
|
ql/javascript/ql/src/Declarations/DeadStoreOfProperty.ql
|
|
ql/javascript/ql/src/Declarations/DeclBeforeUse.ql
|
|
ql/javascript/ql/src/Declarations/DefaultArgumentReferencesNestedFunction.ql
|
|
ql/javascript/ql/src/Declarations/DuplicateVarDecl.ql
|
|
ql/javascript/ql/src/Declarations/IneffectiveParameterType.ql
|
|
ql/javascript/ql/src/Declarations/MissingThisQualifier.ql
|
|
ql/javascript/ql/src/Declarations/MissingVarDecl.ql
|
|
ql/javascript/ql/src/Declarations/MixedStaticInstanceThisAccess.ql
|
|
ql/javascript/ql/src/Declarations/SuspiciousMethodNameDeclaration.ql
|
|
ql/javascript/ql/src/Declarations/TemporalDeadZone.ql
|
|
ql/javascript/ql/src/Declarations/UniqueParameterNames.ql
|
|
ql/javascript/ql/src/Declarations/UniquePropertyNames.ql
|
|
ql/javascript/ql/src/Declarations/UnreachableMethodOverloads.ql
|
|
ql/javascript/ql/src/Declarations/UnusedVariable.ql
|
|
ql/javascript/ql/src/Diagnostics/ExtractedFiles.ql
|
|
ql/javascript/ql/src/Diagnostics/ExtractionErrors.ql
|
|
ql/javascript/ql/src/Electron/AllowRunningInsecureContent.ql
|
|
ql/javascript/ql/src/Electron/DisablingWebSecurity.ql
|
|
ql/javascript/ql/src/Expressions/ComparisonWithNaN.ql
|
|
ql/javascript/ql/src/Expressions/DuplicateCondition.ql
|
|
ql/javascript/ql/src/Expressions/DuplicateProperty.ql
|
|
ql/javascript/ql/src/Expressions/DuplicateSwitchCase.ql
|
|
ql/javascript/ql/src/Expressions/ExprHasNoEffect.ql
|
|
ql/javascript/ql/src/Expressions/HeterogeneousComparison.ql
|
|
ql/javascript/ql/src/Expressions/ImplicitOperandConversion.ql
|
|
ql/javascript/ql/src/Expressions/MissingAwait.ql
|
|
ql/javascript/ql/src/Expressions/MissingDotLengthInComparison.ql
|
|
ql/javascript/ql/src/Expressions/MissingSpaceInAppend.ql
|
|
ql/javascript/ql/src/Expressions/MisspelledVariableName.ql
|
|
ql/javascript/ql/src/Expressions/RedundantExpression.ql
|
|
ql/javascript/ql/src/Expressions/SelfAssignment.ql
|
|
ql/javascript/ql/src/Expressions/ShiftOutOfRange.ql
|
|
ql/javascript/ql/src/Expressions/StringInsteadOfRegex.ql
|
|
ql/javascript/ql/src/Expressions/SuspiciousInvocation.ql
|
|
ql/javascript/ql/src/Expressions/SuspiciousPropAccess.ql
|
|
ql/javascript/ql/src/Expressions/UnboundEventHandlerReceiver.ql
|
|
ql/javascript/ql/src/Expressions/UnclearOperatorPrecedence.ql
|
|
ql/javascript/ql/src/Expressions/UnknownDirective.ql
|
|
ql/javascript/ql/src/Expressions/UnneededDefensiveProgramming.ql
|
|
ql/javascript/ql/src/Expressions/WhitespaceContradictsPrecedence.ql
|
|
ql/javascript/ql/src/LanguageFeatures/BadTypeof.ql
|
|
ql/javascript/ql/src/LanguageFeatures/ConditionalComments.ql
|
|
ql/javascript/ql/src/LanguageFeatures/DeleteVar.ql
|
|
ql/javascript/ql/src/LanguageFeatures/ExpressionClosures.ql
|
|
ql/javascript/ql/src/LanguageFeatures/ForInComprehensionBlocks.ql
|
|
ql/javascript/ql/src/LanguageFeatures/IllegalInvocation.ql
|
|
ql/javascript/ql/src/LanguageFeatures/InconsistentNew.ql
|
|
ql/javascript/ql/src/LanguageFeatures/InvalidPrototype.ql
|
|
ql/javascript/ql/src/LanguageFeatures/LengthComparisonOffByOne.ql
|
|
ql/javascript/ql/src/LanguageFeatures/NonLinearPattern.ql
|
|
ql/javascript/ql/src/LanguageFeatures/PropertyWriteOnPrimitive.ql
|
|
ql/javascript/ql/src/LanguageFeatures/SemicolonInsertion.ql
|
|
ql/javascript/ql/src/LanguageFeatures/SetterReturn.ql
|
|
ql/javascript/ql/src/LanguageFeatures/SpuriousArguments.ql
|
|
ql/javascript/ql/src/LanguageFeatures/StrictModeCallStackIntrospection.ql
|
|
ql/javascript/ql/src/LanguageFeatures/SyntaxError.ql
|
|
ql/javascript/ql/src/LanguageFeatures/TemplateSyntaxInStringLiteral.ql
|
|
ql/javascript/ql/src/LanguageFeatures/ThisBeforeSuper.ql
|
|
ql/javascript/ql/src/LanguageFeatures/UnusedIndexVariable.ql
|
|
ql/javascript/ql/src/LanguageFeatures/WithStatement.ql
|
|
ql/javascript/ql/src/LanguageFeatures/YieldInNonGenerator.ql
|
|
ql/javascript/ql/src/NodeJS/InvalidExport.ql
|
|
ql/javascript/ql/src/NodeJS/MissingExports.ql
|
|
ql/javascript/ql/src/Performance/PolynomialReDoS.ql
|
|
ql/javascript/ql/src/Performance/ReDoS.ql
|
|
ql/javascript/ql/src/React/DirectStateMutation.ql
|
|
ql/javascript/ql/src/React/InconsistentStateUpdate.ql
|
|
ql/javascript/ql/src/React/UnsupportedStateUpdateInLifecycleMethod.ql
|
|
ql/javascript/ql/src/React/UnusedOrUndefinedStateProperty.ql
|
|
ql/javascript/ql/src/RegExp/BackrefBeforeGroup.ql
|
|
ql/javascript/ql/src/RegExp/BackrefIntoNegativeLookahead.ql
|
|
ql/javascript/ql/src/RegExp/DuplicateCharacterInCharacterClass.ql
|
|
ql/javascript/ql/src/RegExp/EmptyCharacterClass.ql
|
|
ql/javascript/ql/src/RegExp/IdentityReplacement.ql
|
|
ql/javascript/ql/src/RegExp/RegExpAlwaysMatches.ql
|
|
ql/javascript/ql/src/RegExp/UnboundBackref.ql
|
|
ql/javascript/ql/src/RegExp/UnmatchableCaret.ql
|
|
ql/javascript/ql/src/RegExp/UnmatchableDollar.ql
|
|
ql/javascript/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql
|
|
ql/javascript/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql
|
|
ql/javascript/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql
|
|
ql/javascript/ql/src/Security/CWE-020/IncorrectSuffixCheck.ql
|
|
ql/javascript/ql/src/Security/CWE-020/MissingOriginCheck.ql
|
|
ql/javascript/ql/src/Security/CWE-020/MissingRegExpAnchor.ql
|
|
ql/javascript/ql/src/Security/CWE-020/OverlyLargeRange.ql
|
|
ql/javascript/ql/src/Security/CWE-020/UselessRegExpCharacterEscape.ql
|
|
ql/javascript/ql/src/Security/CWE-022/TaintedPath.ql
|
|
ql/javascript/ql/src/Security/CWE-022/ZipSlip.ql
|
|
ql/javascript/ql/src/Security/CWE-073/TemplateObjectInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-078/CommandInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-078/IndirectCommandInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-078/SecondOrderCommandInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-078/ShellCommandInjectionFromEnvironment.ql
|
|
ql/javascript/ql/src/Security/CWE-078/UnsafeShellCommandConstruction.ql
|
|
ql/javascript/ql/src/Security/CWE-078/UselessUseOfCat.ql
|
|
ql/javascript/ql/src/Security/CWE-079/ExceptionXss.ql
|
|
ql/javascript/ql/src/Security/CWE-079/ReflectedXss.ql
|
|
ql/javascript/ql/src/Security/CWE-079/StoredXss.ql
|
|
ql/javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.ql
|
|
ql/javascript/ql/src/Security/CWE-079/UnsafeJQueryPlugin.ql
|
|
ql/javascript/ql/src/Security/CWE-079/Xss.ql
|
|
ql/javascript/ql/src/Security/CWE-079/XssThroughDom.ql
|
|
ql/javascript/ql/src/Security/CWE-089/SqlInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-094/CodeInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-094/ExpressionInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-094/ImproperCodeSanitization.ql
|
|
ql/javascript/ql/src/Security/CWE-094/UnsafeCodeConstruction.ql
|
|
ql/javascript/ql/src/Security/CWE-094/UnsafeDynamicMethodAccess.ql
|
|
ql/javascript/ql/src/Security/CWE-1004/ClientExposedCookie.ql
|
|
ql/javascript/ql/src/Security/CWE-116/BadTagFilter.ql
|
|
ql/javascript/ql/src/Security/CWE-116/DoubleEscaping.ql
|
|
ql/javascript/ql/src/Security/CWE-116/IncompleteHtmlAttributeSanitization.ql
|
|
ql/javascript/ql/src/Security/CWE-116/IncompleteMultiCharacterSanitization.ql
|
|
ql/javascript/ql/src/Security/CWE-116/IncompleteSanitization.ql
|
|
ql/javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.ql
|
|
ql/javascript/ql/src/Security/CWE-117/LogInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-1275/SameSiteNoneCookie.ql
|
|
ql/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql
|
|
ql/javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql
|
|
ql/javascript/ql/src/Security/CWE-200/FileAccessToHttp.ql
|
|
ql/javascript/ql/src/Security/CWE-200/PrivateFileExposure.ql
|
|
ql/javascript/ql/src/Security/CWE-201/PostMessageStar.ql
|
|
ql/javascript/ql/src/Security/CWE-209/StackTraceExposure.ql
|
|
ql/javascript/ql/src/Security/CWE-295/DisablingCertificateValidation.ql
|
|
ql/javascript/ql/src/Security/CWE-300/InsecureDependencyResolution.ql
|
|
ql/javascript/ql/src/Security/CWE-312/ActionsArtifactLeak.ql
|
|
ql/javascript/ql/src/Security/CWE-312/BuildArtifactLeak.ql
|
|
ql/javascript/ql/src/Security/CWE-312/CleartextLogging.ql
|
|
ql/javascript/ql/src/Security/CWE-312/CleartextStorage.ql
|
|
ql/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
|
|
ql/javascript/ql/src/Security/CWE-326/InsufficientKeySize.ql
|
|
ql/javascript/ql/src/Security/CWE-327/BadRandomness.ql
|
|
ql/javascript/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql
|
|
ql/javascript/ql/src/Security/CWE-338/InsecureRandomness.ql
|
|
ql/javascript/ql/src/Security/CWE-346/CorsMisconfigurationForCredentials.ql
|
|
ql/javascript/ql/src/Security/CWE-347/MissingJWTKeyVerification.ql
|
|
ql/javascript/ql/src/Security/CWE-352/MissingCsrfMiddleware.ql
|
|
ql/javascript/ql/src/Security/CWE-367/FileSystemRace.ql
|
|
ql/javascript/ql/src/Security/CWE-377/InsecureTemporaryFile.ql
|
|
ql/javascript/ql/src/Security/CWE-384/SessionFixation.ql
|
|
ql/javascript/ql/src/Security/CWE-400/DeepObjectResourceExhaustion.ql
|
|
ql/javascript/ql/src/Security/CWE-400/RemotePropertyInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-502/UnsafeDeserialization.ql
|
|
ql/javascript/ql/src/Security/CWE-506/HardcodedDataInterpretedAsCode.ql
|
|
ql/javascript/ql/src/Security/CWE-598/SensitiveGetQuery.ql
|
|
ql/javascript/ql/src/Security/CWE-601/ClientSideUrlRedirect.ql
|
|
ql/javascript/ql/src/Security/CWE-601/ServerSideUrlRedirect.ql
|
|
ql/javascript/ql/src/Security/CWE-611/Xxe.ql
|
|
ql/javascript/ql/src/Security/CWE-614/ClearTextCookie.ql
|
|
ql/javascript/ql/src/Security/CWE-640/HostHeaderPoisoningInEmailGeneration.ql
|
|
ql/javascript/ql/src/Security/CWE-643/XpathInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-693/InsecureHelmet.ql
|
|
ql/javascript/ql/src/Security/CWE-730/RegExpInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-730/ServerCrash.ql
|
|
ql/javascript/ql/src/Security/CWE-754/UnvalidatedDynamicMethodCall.ql
|
|
ql/javascript/ql/src/Security/CWE-770/MissingRateLimiting.ql
|
|
ql/javascript/ql/src/Security/CWE-770/ResourceExhaustion.ql
|
|
ql/javascript/ql/src/Security/CWE-776/XmlBomb.ql
|
|
ql/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
|
|
ql/javascript/ql/src/Security/CWE-807/ConditionalBypass.ql
|
|
ql/javascript/ql/src/Security/CWE-829/InsecureDownload.ql
|
|
ql/javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedDomain.ql
|
|
ql/javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedSource.ql
|
|
ql/javascript/ql/src/Security/CWE-834/LoopBoundInjection.ql
|
|
ql/javascript/ql/src/Security/CWE-843/TypeConfusionThroughParameterTampering.ql
|
|
ql/javascript/ql/src/Security/CWE-862/EmptyPasswordInConfigurationFile.ql
|
|
ql/javascript/ql/src/Security/CWE-912/HttpToFileAccess.ql
|
|
ql/javascript/ql/src/Security/CWE-915/PrototypePollutingAssignment.ql
|
|
ql/javascript/ql/src/Security/CWE-915/PrototypePollutingFunction.ql
|
|
ql/javascript/ql/src/Security/CWE-915/PrototypePollutingMergeCall.ql
|
|
ql/javascript/ql/src/Security/CWE-916/InsufficientPasswordHash.ql
|
|
ql/javascript/ql/src/Security/CWE-918/ClientSideRequestForgery.ql
|
|
ql/javascript/ql/src/Security/CWE-918/RequestForgery.ql
|
|
ql/javascript/ql/src/Statements/DanglingElse.ql
|
|
ql/javascript/ql/src/Statements/IgnoreArrayResult.ql
|
|
ql/javascript/ql/src/Statements/InconsistentLoopOrientation.ql
|
|
ql/javascript/ql/src/Statements/LabelInCase.ql
|
|
ql/javascript/ql/src/Statements/LoopIterationSkippedDueToShifting.ql
|
|
ql/javascript/ql/src/Statements/MisleadingIndentationAfterControlStmt.ql
|
|
ql/javascript/ql/src/Statements/ReturnAssignsLocal.ql
|
|
ql/javascript/ql/src/Statements/SuspiciousUnusedLoopIterationVariable.ql
|
|
ql/javascript/ql/src/Statements/UnreachableStatement.ql
|
|
ql/javascript/ql/src/Statements/UseOfReturnlessFunction.ql
|
|
ql/javascript/ql/src/Statements/UselessComparisonTest.ql
|
|
ql/javascript/ql/src/Statements/UselessConditional.ql
|
|
ql/javascript/ql/src/Summary/LinesOfCode.ql
|
|
ql/javascript/ql/src/Summary/LinesOfUserCode.ql
|
|
ql/javascript/ql/src/Vue/ArrowMethodOnVueInstance.ql
|