Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
57,251 Commits 28 Branches 142 Tags 694 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Anders Kaseorg 975066e3f0 actions: Split out zerver.actions.message_send. 
Signed-off-by: Anders Kaseorg <anders@zulip.com>
 2022-04-14 17:14:34 -07:00
Anders Kaseorg 0b795e492f thumbnail: Remove unused is_camo_url parameter. 
Signed-off-by: Anders Kaseorg <anders@zulip.com>
 2021-08-19 01:51:37 -07:00
Anders Kaseorg 72d6ff3c3b docs: Fix more capitalization issues. 
Signed-off-by: Anders Kaseorg <anders@zulip.com>
 2020-10-23 11:46:55 -07:00
Graham Bleaney 461d5b1a3e pysa: Introduce sanitizers, models, and inline marking safe. 
This commit adds three `.pysa` model files: `false_positives.pysa`
for ruling out false positive flows with `Sanitize` annotations,
`req_lib.pysa` for educating pysa about Zulip's `REQ()` pattern for
extracting user input, and `redirects.pysa` for capturing the risk
of open redirects within Zulip code. Additionally, this commit
introduces `mark_sanitized`, an identity function which can be used
to selectively clear taint in cases where `Sanitize` models will not
work. This commit also puts `mark_sanitized` to work removing known
false postive flows.
 2020-06-11 12:57:49 -07:00
Graham Bleaney 89131bfcbb pysa: Add basic .pyre_configuration and taint.config for pysa. 
This commit adds the initial config files needed to be able to run
Pysa on Zulip code.
 2020-06-11 12:57:49 -07:00