- GitHub Staff
- Denmark
- http://webbies.dk
Highlights
- 1 discussion answered
- 11 security advisory credits
Block or Report
Block or report erik-krogh
Report abuse
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abusePinned
-
github/codeql Public
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security (code scanning), LGTM.com, and LGTM Enterprise
-
The repository for high quality TypeScript type definitions.
-
4,537 contributions in the last year
Less
More
Contribution activity
March 2022
Created 126 commits in 1 repository
Created a pull request in github/codeql that received 25 comments
remove all deprecations that are over a year old
We tend to add deprecated predicates to keep backwards compatibility. But I've yet to see us remove deprecated predicates after the 1 year deprecat…
+189
−3,932
•
25
comments
Opened 26 other pull requests in 2 repositories
github/codeql
6
open
17
merged
- ReDoS refactorizations
- Ruby: sync ExponentialBackTracking.qll
- JS: filter away reads of .src that end in a URL sink for js/xss-through-dom
- JS: recognize string replacement chains as scheme checks in js/incomplete-url-scheme-check
- QL: expand redundant-inline-cast, and rename to redundant-cast
- JS: add missing @security-severity to JS queries
- QL: detect unqueryable code
- disallow lowercase import-as aliases
- renaming more upper-case acronyms to PascalCase
- JS: add some API-nodes to js/disabling-certificate-validation
- Delete dead code
- JS: Address some code that weren't affecting any query result
- QL: add restrictive transitive closure query
-
QL: make a query checking for
edgesrelation in a path-problem query - Rename all upper-case variables, and all lower-case modules
- QL: add query detecting ordering by a constant
- JS: support that the base is not a method-call in getAChainedMethodCall
- QL: add query detecting block comments in a position where a QLDoc should be
- QL: add query detecting inconsistent deprecations
- Enforcing consistent casing of acronyms
- JS: Refactor the XSS / Client-side-url queries
- JS: Fix ATM timeout on NodeJS
- JS: Add support for TypeScript 4.6
erik-krogh/ql
1
open
2
closed
Reviewed 22 pull requests in 1 repository
github/codeql
22 pull requests
- JS: Add dedicated API graph label for the receiver, instead of parameter -1
- Python/JS/Ruby: Shared concepts scaffolding
- JS: filter away reads of .src that end in a URL sink for js/xss-through-dom
- Ruby: Add rb/tainted-format-string query
- Release preparation for version 2.8.4
- JS: fix context sensitivity bug in store-load matching
- Ruby: Add rb/http-to-file-access query
- Ruby: IncompleteHostnameRegExp.ql
- Delete dead code
- Rename all upper-case variables, and all lower-case modules
- Ruby: initial prototype of models-as-data
-
Ruby: resolve
ql/field-only-used-in-charpredalerts -
Ruby: add
rb/clear-text-storage-sensitive-dataquery - JS: Taint analysis for win paths
- Java: Add ReDoS queries
- remove all deprecations that are over a year old
- Incomplete url string sanitization
- Enforcing consistent casing of acronyms
- QL: field only used in charPred
- JS: Refactor the XSS / Client-side-url queries
- Python: Add def nodes to API graphs
- JS: Fix ATM timeout on NodeJS
Created an issue in microsoft/TypeScript that received 4 comments
Stackoverflow when compiling a specific getter method
Stackoverflow when compiling a specific getter method
4
comments
Answered 1 discussion in 1 repository
github/codeql
github/codeql
178
contributions
in private repositories
Mar 1 – Mar 23