hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
28,569 Commits 1,671 Branches 157 Tags
aeisenberg/codeql-workspace
Commit Graph

239 Commits

Author SHA1 Message Date
Tony Torralba
e58746508d Merge branch 'main' into atorralba/promote-ognl-injection 2021-05-19 10:41:08 +02:00
Anders Schack-Mulligen
9b0e3b1950 Merge pull request #5814 from JLLeitschuh/feat/JLL/jackson_as_taint_step 
[Java] Add taint tracking through Jackson deserialization
 2021-05-18 09:31:16 +02:00
Chris Smowton
ef410b9984 Update java/change-notes/2021-05-14-close-resource-leaks-improvements.md 2021-05-17 19:27:10 +01:00
Tony Torralba
347bd2ebc2 Added change note 2021-05-17 17:51:07 +02:00
luchua-bc
7af1984348 Update the change note 2021-05-17 11:35:35 +00:00
haby0
95c33a240f Update java/change-notes/2021-05-17-add-unsafe-deserialization-sinks.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-05-17 18:49:16 +08:00
haby0
58d774ae85 add change notes 2021-05-17 14:52:05 +08:00
Marcono1234
e205e4bbce Java: Add change note for close resource query changes 2021-05-14 22:31:14 +02:00
Tony Torralba
1fbdf6ecd0 Add change note 2021-05-13 15:13:25 +02:00
luchua-bc
4d014717b6 Add a change note and reset the qhelp file 2021-05-12 15:50:40 +00:00
Sebastian Bauersfeld
b05512a958 Add change notes. 2021-05-12 16:58:24 +07:00
Anders Schack-Mulligen
a247ae4357 Merge pull request #5843 from JLLeitschuh/feat/JLL/improve_kryo_support 
[Java] Fix Kryo FP & Kryo 5 Support
 2021-05-12 09:52:24 +02:00
Jonathan Leitschuh
b871f48c50 [Java] Add release note to Jackson change 2021-05-11 10:36:47 -04:00
Jonathan Leitschuh
0d9a85ca6b Update java/change-notes/2021-05-05-kryo-improvements.md 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-05-11 08:29:50 -04:00
Anders Schack-Mulligen
744c495ac2 Merge pull request #5824 from JLLeitschuh/feat/JLL/guava_first_non_null 
[Java] Add support for com.google.common.base.MoreObjects#firstNonNull
 2021-05-11 09:42:20 +02:00
Jonathan Leitschuh
d27316eb3e Apply suggestions from code review 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-05-10 11:55:31 -04:00
Tony Torralba
6884edf52a Merge branch 'main' into atorralba/promote-unsafe-android-webview-fetch 2021-05-07 16:31:55 +02:00
Tony Torralba
e78e5b9ee4 Merge branch 'main' into promote-jexl-injection 2021-05-07 12:36:49 +02:00
Tony Torralba
1f1f85aeb5 Add change note and fix some QLDocs 2021-05-06 13:13:23 +02:00
Tony Torralba
fb3e56eac8 Fix imports and stubs so that tests pass 2021-05-06 09:18:48 +02:00
Jonathan Leitschuh
67e9f06304 [Java] Fix Kryo FP & Kryo 5 Support 
Closes #4992
 2021-05-05 17:38:34 -04:00
Tony Torralba
f79d2e06f9 Fix failing checks 2021-05-04 11:29:09 +02:00
Jonathan Leitschuh
dfad1fc740 [Java] Add support for com.google.common.base.MoreObjects#firstNonNull 2021-05-03 12:58:00 -04:00
Chris Smowton
fce1d6122f Add change note 2021-04-21 15:47:20 +01:00
Chris Smowton
5158e7964e Add change note 2021-04-14 08:25:12 +01:00
Chris Smowton
42b63a61ae Add change note 2021-03-26 14:31:36 +00:00
Anders Schack-Mulligen
5b905cfe18 Java: Add change note for code duplication library removal. 2021-03-25 10:12:58 +01:00
Anders Schack-Mulligen
1564aee57a Java: Add change note for filter query removal. 2021-03-25 10:11:30 +01:00
Anders Schack-Mulligen
45c9428668 Merge pull request #5337 from smowton/smowton/feature/commons-lang-random-sources 
Java: Add support for Commons-Lang's RandomUtils
 2021-03-15 16:21:01 +01:00
Chris Smowton
82a000bcca Improve change note 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-03-11 16:22:56 +00:00
Chris Smowton
1c1ca70027 Add models for flow- and taint-preserving functions in Commons ObjectUtils. 
These should all be value-preserving, but we don't support value-preserving varargs methods yet.
 2021-03-11 16:22:54 +00:00
Chris Smowton
e8f81c4f30 Improve change note 2021-03-09 15:11:13 +00:00
Chris Smowton
074d73e325 Add change note 2021-03-09 15:11:13 +00:00
Taus
19b74e6e01 Merge pull request #5367 from tausbn/mergeback-rc/3.1-to-main 
Merge rc/3.1 into main
 2021-03-09 12:46:24 +01:00
Taus Brock-Nannestad
3d0d280972 Merge remote-tracking branch 'upstream/rc/3.1' into mergeback-rc/3.1-to-main 2021-03-08 22:15:10 +01:00
Chris Smowton
790fb7829a Improve comment and change-note accuracy 2021-03-08 11:00:05 +00:00
Chris Smowton
e3cf5c235e Add support for Commons-Lang's RandomUtils 
This is realised by somewhat generalising our interfaces for modelling RNGs. We also add tests for randomness-related queries that didn't have any, and addtest cases checking the Apache random-number generators are interchangeable with the stdlib ones.
 2021-03-05 12:09:33 +00:00
Joe Farebrother
61dcf3a275 Apply suggestions from code review 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-03-05 11:19:55 +00:00
Joe Farebrother
5278cc9e9e Fix change note file extension 2021-03-05 11:19:54 +00:00
Joe Farebrother
e916e04fe1 Add change note 2021-03-05 11:19:54 +00:00
Anders Schack-Mulligen
20ccb52912 Merge pull request #4299 from torque59/play-framework 
Initial support for Java - Play Framework > 2.6.x
 2021-03-05 10:51:53 +01:00
Francis Alexander
a35f6d030c Test fixes and change notes 2021-03-05 06:50:57 +05:30
Chris Smowton
224e537459 Add change note 2021-03-04 11:11:56 +00:00
Anders Schack-Mulligen
fe07630e40 Merge pull request #5219 from smowton/smowton/feature/backward-dataflow-for-fluent-methods 
Java: Add backward dataflow edges through fluent function invocations.
 2021-03-04 11:13:32 +01:00
Anders Schack-Mulligen
3400c121d6 Merge pull request #5202 from joefarebrother/apache-http 
Java: Add modelling for Apache HTTP Components
 2021-03-03 13:41:41 +01:00
Anders Schack-Mulligen
663c72ab1d Update java/change-notes/2021-03-23-guava-collections-and-preconditions.md 2021-03-03 12:53:16 +01:00
Joe Farebrother
a77cf12596 Add change note for Guava 2021-03-03 10:56:12 +00:00
Chris Smowton
5d2f3421d8 Add change notes 2021-03-01 16:59:20 +00:00
Anders Schack-Mulligen
f0d3841369 Merge pull request #5105 from JLLeitschuh/feat/JLL/depricated_bintray_usage 
CWE-1104: Maven POM dependence upon Bintray/JCenter
 2021-02-25 09:08:31 +01:00
Jonathan Leitschuh
237fefbcf1 Add release notes 2021-02-24 11:19:20 -05:00