Fix failing checks

2025-12-20 10:46:30 +01:00 · 2021-05-04 11:29:09 +02:00
parent 6b79ca6403
commit f79d2e06f9
5 changed files with 4 additions and 0 deletions
--- a/java/change-notes/2021-05-04-jexl-injection-query.md
+++ b/java/change-notes/2021-05-04-jexl-injection-query.md
@@ -0,0 +1,2 @@
 lgtm,codescanning
 * The query "Expression language injection (JEXL)" (`java/jexl-expression-injection`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @artem-smotrakov](https://github.com/github/codeql/pull/4965)
--- a/java/ql/src/experimental/Security/CWE/CWE-094/SaferJexlExpressionEvaluationWithSandbox.java
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/SaferJexlExpressionEvaluationWithSandbox.java
--- a/java/ql/src/experimental/Security/CWE/CWE-094/SaferJexlExpressionEvaluationWithUberspectSandbox.java
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/SaferJexlExpressionEvaluationWithUberspectSandbox.java
--- a/java/ql/src/experimental/Security/CWE/CWE-094/UnsafeJexlExpressionEvaluation.java
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/UnsafeJexlExpressionEvaluation.java
--- a/java/ql/src/semmle/code/java/security/JexlInjection.qll
+++ b/java/ql/src/semmle/code/java/security/JexlInjection.qll
@@ -1,3 +1,5 @@
 /** Provides classes to reason about Expression Langauge (JEXL) injection vulnerabilities. */
 import java
 import semmle.code.java.dataflow.TaintTracking
 private import semmle.code.java.dataflow.ExternalFlow
		`@@ -0,0 +1,2 @@`
							`lgtm,codescanning`
							* The query "Expression language injection (JEXL)" (`java/jexl-expression-injection`) has been promoted from experimental to the main query pack. Its results will now appear by default. This query was originally [submitted as an experimental query by @artem-smotrakov](https://github.com/github/codeql/pull/4965)