Skip to content

Commit 2473864

Browse files
jeongsoolee09jeongsoolee09
committed
Merge branch 'main' into jeongsoolee09/address-pathexpr-zipslip-deprecation
2 parents 4e6ab4a + fa204ec commit 2473864

File tree

52 files changed

+735
-715
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

52 files changed

+735
-715
lines changed

javascript/frameworks/cap/ext/qlpack.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
---
22
library: true
33
name: advanced-security/javascript-sap-cap-models
4-
version: 2.1.0
4+
version: 2.2.0
55
extensionTargets:
66
codeql/javascript-all: "^2.4.0"

javascript/frameworks/cap/lib/codeql-pack.lock.yml

Lines changed: 14 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,27 +2,29 @@
22
lockVersion: 1.0.0
33
dependencies:
44
codeql/concepts:
5-
version: 0.0.3
5+
version: 0.0.4
6+
codeql/controlflow:
7+
version: 2.0.14
68
codeql/dataflow:
7-
version: 2.0.13
9+
version: 2.0.14
810
codeql/javascript-all:
9-
version: 2.6.9
11+
version: 2.6.10
1012
codeql/mad:
11-
version: 1.0.29
13+
version: 1.0.30
1214
codeql/regex:
13-
version: 1.0.29
15+
version: 1.0.30
1416
codeql/ssa:
15-
version: 2.0.5
17+
version: 2.0.6
1618
codeql/threat-models:
17-
version: 1.0.29
19+
version: 1.0.30
1820
codeql/tutorial:
19-
version: 1.0.29
21+
version: 1.0.30
2022
codeql/typetracking:
21-
version: 2.0.13
23+
version: 2.0.14
2224
codeql/util:
23-
version: 2.0.16
25+
version: 2.0.17
2426
codeql/xml:
25-
version: 1.0.29
27+
version: 1.0.30
2628
codeql/yaml:
27-
version: 1.0.29
29+
version: 1.0.30
2830
compiled: false

javascript/frameworks/cap/lib/qlpack.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
---
22
library: true
33
name: advanced-security/javascript-sap-cap-all
4-
version: 2.1.0
4+
version: 2.2.0
55
suites: codeql-suites
66
extractor: javascript
77
dependencies:

javascript/frameworks/cap/src/codeql-pack.lock.yml

Lines changed: 14 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,27 +2,29 @@
22
lockVersion: 1.0.0
33
dependencies:
44
codeql/concepts:
5-
version: 0.0.3
5+
version: 0.0.4
6+
codeql/controlflow:
7+
version: 2.0.14
68
codeql/dataflow:
7-
version: 2.0.13
9+
version: 2.0.14
810
codeql/javascript-all:
9-
version: 2.6.9
11+
version: 2.6.10
1012
codeql/mad:
11-
version: 1.0.29
13+
version: 1.0.30
1214
codeql/regex:
13-
version: 1.0.29
15+
version: 1.0.30
1416
codeql/ssa:
15-
version: 2.0.5
17+
version: 2.0.6
1618
codeql/threat-models:
17-
version: 1.0.29
19+
version: 1.0.30
1820
codeql/tutorial:
19-
version: 1.0.29
21+
version: 1.0.30
2022
codeql/typetracking:
21-
version: 2.0.13
23+
version: 2.0.14
2224
codeql/util:
23-
version: 2.0.16
25+
version: 2.0.17
2426
codeql/xml:
25-
version: 1.0.29
27+
version: 1.0.30
2628
codeql/yaml:
27-
version: 1.0.29
29+
version: 1.0.30
2830
compiled: false

javascript/frameworks/cap/src/qlpack.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
---
22
library: false
33
name: advanced-security/javascript-sap-cap-queries
4-
version: 2.1.0
4+
version: 2.2.0
55
suites: codeql-suites
66
extractor: javascript
77
dependencies:
88
codeql/javascript-all: "^2.4.0"
9-
advanced-security/javascript-sap-cap-models: "^2.1.0"
10-
advanced-security/javascript-sap-cap-all: "^2.1.0"
9+
advanced-security/javascript-sap-cap-models: "^2.2.0"
10+
advanced-security/javascript-sap-cap-all: "^2.2.0"
1111
default-suite-file: codeql-suites/javascript-code-scanning.qls

javascript/frameworks/cap/test/codeql-pack.lock.yml

Lines changed: 14 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,27 +2,29 @@
22
lockVersion: 1.0.0
33
dependencies:
44
codeql/concepts:
5-
version: 0.0.3
5+
version: 0.0.4
6+
codeql/controlflow:
7+
version: 2.0.14
68
codeql/dataflow:
7-
version: 2.0.13
9+
version: 2.0.14
810
codeql/javascript-all:
9-
version: 2.6.9
11+
version: 2.6.10
1012
codeql/mad:
11-
version: 1.0.29
13+
version: 1.0.30
1214
codeql/regex:
13-
version: 1.0.29
15+
version: 1.0.30
1416
codeql/ssa:
15-
version: 2.0.5
17+
version: 2.0.6
1618
codeql/threat-models:
17-
version: 1.0.29
19+
version: 1.0.30
1820
codeql/tutorial:
19-
version: 1.0.29
21+
version: 1.0.30
2022
codeql/typetracking:
21-
version: 2.0.13
23+
version: 2.0.14
2224
codeql/util:
23-
version: 2.0.16
25+
version: 2.0.17
2426
codeql/xml:
25-
version: 1.0.29
27+
version: 1.0.30
2628
codeql/yaml:
27-
version: 1.0.29
29+
version: 1.0.30
2830
compiled: false

javascript/frameworks/cap/test/qlpack.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
---
22
name: advanced-security/javascript-sap-cap-queries-tests
3-
version: 2.1.0
3+
version: 2.2.0
44
extractor: javascript
55
dependencies:
66
codeql/javascript-all: "^2.4.0"
7-
advanced-security/javascript-sap-cap-queries: "^2.1.0"
8-
advanced-security/javascript-sap-cap-models: "^2.1.0"
9-
advanced-security/javascript-sap-cap-all: "^2.1.0"
7+
advanced-security/javascript-sap-cap-queries: "^2.2.0"
8+
advanced-security/javascript-sap-cap-models: "^2.2.0"
9+
advanced-security/javascript-sap-cap-all: "^2.2.0"

javascript/frameworks/cap/test/queries/cqlinjection/cqlinjection.expected

Lines changed: 327 additions & 327 deletions
Large diffs are not rendered by default.

javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service1-protocol-none/log-injection-with-service1-protocol-none.expected

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
edges
2-
| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:15:7:42 | messageToPass | provenance | |
3-
| srv/service2.js:7:15:7:42 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance | |
2+
| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:17:7:29 | messageToPass | provenance | |
3+
| srv/service2.js:7:17:7:29 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance | |
44
| srv/service2.js:7:35:7:42 | msg.data | srv/service2.js:7:15:7:31 | { messageToPass } | provenance | |
55
nodes
66
| srv/service2.js:7:15:7:31 | { messageToPass } | semmle.label | { messageToPass } |
7-
| srv/service2.js:7:15:7:42 | messageToPass | semmle.label | messageToPass |
7+
| srv/service2.js:7:17:7:29 | messageToPass | semmle.label | messageToPass |
88
| srv/service2.js:7:35:7:42 | msg.data | semmle.label | msg.data |
99
| srv/service2.js:9:32:9:44 | messageToPass | semmle.label | messageToPass |
1010
subpaths

javascript/frameworks/cap/test/queries/loginjection/log-injection-with-service2-protocol-none/log-injection-with-service2-protocol-none.expected

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,22 @@
11
edges
2-
| srv/service1.js:7:19:7:35 | { messageToPass } | srv/service1.js:7:19:7:46 | messageToPass | provenance | |
3-
| srv/service1.js:7:19:7:46 | messageToPass | srv/service1.js:9:38:9:50 | messageToPass | provenance | |
2+
| srv/service1.js:7:19:7:35 | { messageToPass } | srv/service1.js:7:21:7:33 | messageToPass | provenance | |
3+
| srv/service1.js:7:21:7:33 | messageToPass | srv/service1.js:9:38:9:50 | messageToPass | provenance | |
44
| srv/service1.js:7:39:7:46 | req.data | srv/service1.js:7:19:7:35 | { messageToPass } | provenance | |
55
| srv/service1.js:9:36:9:52 | { messageToPass } | srv/service2.js:6:29:6:31 | msg | provenance | |
66
| srv/service1.js:9:38:9:50 | messageToPass | srv/service1.js:9:36:9:52 | { messageToPass } | provenance | |
77
| srv/service2.js:6:29:6:31 | msg | srv/service2.js:7:35:7:37 | msg | provenance | |
8-
| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:15:7:42 | messageToPass | provenance | |
9-
| srv/service2.js:7:15:7:42 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance | |
8+
| srv/service2.js:7:15:7:31 | { messageToPass } | srv/service2.js:7:17:7:29 | messageToPass | provenance | |
9+
| srv/service2.js:7:17:7:29 | messageToPass | srv/service2.js:9:32:9:44 | messageToPass | provenance | |
1010
| srv/service2.js:7:35:7:37 | msg | srv/service2.js:7:15:7:31 | { messageToPass } | provenance | |
1111
nodes
1212
| srv/service1.js:7:19:7:35 | { messageToPass } | semmle.label | { messageToPass } |
13-
| srv/service1.js:7:19:7:46 | messageToPass | semmle.label | messageToPass |
13+
| srv/service1.js:7:21:7:33 | messageToPass | semmle.label | messageToPass |
1414
| srv/service1.js:7:39:7:46 | req.data | semmle.label | req.data |
1515
| srv/service1.js:9:36:9:52 | { messageToPass } | semmle.label | { messageToPass } |
1616
| srv/service1.js:9:38:9:50 | messageToPass | semmle.label | messageToPass |
1717
| srv/service2.js:6:29:6:31 | msg | semmle.label | msg |
1818
| srv/service2.js:7:15:7:31 | { messageToPass } | semmle.label | { messageToPass } |
19-
| srv/service2.js:7:15:7:42 | messageToPass | semmle.label | messageToPass |
19+
| srv/service2.js:7:17:7:29 | messageToPass | semmle.label | messageToPass |
2020
| srv/service2.js:7:35:7:37 | msg | semmle.label | msg |
2121
| srv/service2.js:9:32:9:44 | messageToPass | semmle.label | messageToPass |
2222
subpaths

0 commit comments

Comments
 (0)