hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,680 Commits 1,671 Branches 157 Tags
aibaars/drop-duplicate-query
Commit Graph

112 Commits

Author SHA1 Message Date
Chris Smowton
9c91d1a965 Add change note 2021-06-23 16:09:29 +01:00
Anders Schack-Mulligen
7eb6da3888 Merge pull request #5772 from smowton/smowton/feature/apache-tuple-flow 
Add models for Apache Commons Lang's tuple types
 2021-06-18 11:25:07 +02:00
Chris Smowton
5cf0243dd0 Add change note 2021-06-17 12:34:40 +01:00
Chris Smowton
09f27554d0 Note incidental extra models in change note 2021-06-17 11:43:33 +01:00
Chris Smowton
8d70e3d22e Fix casing of change note 2021-06-17 11:41:05 +01:00
Chris Smowton
fb2989c16b Copyedit comments and function names 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-06-17 11:41:04 +01:00
Chris Smowton
575198a0e4 Java SSRF query: Server Side -> Server-Side everywhere. 2021-06-17 11:41:04 +01:00
Chris Smowton
5bdd9da27a Java SSRF query: credit original author 2021-06-17 11:41:04 +01:00
Chris Smowton
93a9f471ce Add change note 2021-06-17 11:41:04 +01:00
Anders Schack-Mulligen
6ca8d69b26 Merge pull request #5881 from haby0/java/UnsafeDeserialization 
Java: CWE-502 Add UnsafeDeserialization sinks
 2021-06-17 12:36:34 +02:00
Anders Schack-Mulligen
8fe2f4a554 Merge pull request #6034 from owen-mc/java/jax-rs 
Improve JAX-WS and JAX-RS models
 2021-06-17 12:35:34 +02:00
haby0
c1ada6d85b Merge branch 'main' into java/UnsafeDeserialization 2021-06-16 16:37:03 +08:00
Anders Schack-Mulligen
19305a217a Merge pull request #5374 from joefarebrother/guava-base 
Java: Model additional flow steps for the package `com.google.common.base` of the Guava framwork.
 2021-06-15 10:58:48 +02:00
Joe Farebrother
dc19d1db35 Add change note 2021-06-11 11:41:30 +01:00
Tony Torralba
c828c7031f Add change note 2021-06-11 12:04:11 +02:00
Chris Smowton
f71897d166 Rename JAX-WS -> JAX-RS where necessary. Improve change note and fix missing QLDoc. 2021-06-08 15:12:03 +01:00
Chris Smowton
260a228367 Add change note 2021-06-08 15:12:02 +01:00
Anders Schack-Mulligen
96da85449d Merge pull request #5823 from atorralba/promote-jexl-injection 
Java: Promote JEXL Injection query from experimental
 2021-06-07 10:03:12 +02:00
Anders Schack-Mulligen
f73960da8f Merge pull request #5788 from Marcono1234/marcono1234/stmt-toString 
Java: Override toString() for statements
 2021-06-04 12:41:03 +02:00
Anders Schack-Mulligen
60377a8f86 Merge pull request #5383 from smowton/smowton/feature/strbuilder-fluent-methods 
Java: Add models for StrBuilder's fluent methods
 2021-06-04 12:33:24 +02:00
Anders Schack-Mulligen
30cb80b341 Merge pull request #5181 from smowton/smowton/feature/commons-tostringbuilder 
Java: Add models for Commons ToStringBuilder
 2021-06-04 12:30:36 +02:00
Marcono1234
6003b6edd2 Java: Adjust change note for statement toString() changes 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-06-03 17:17:00 +02:00
Marcono1234
2889f94128 Java: Add change note for statement toString() changes 2021-06-03 16:27:37 +02:00
Anders Schack-Mulligen
bd9e3d0fa9 Merge pull request #5751 from aschackmull/java/collection-flow 
Java: Convert all collection and array steps from taint flow to value flow.
 2021-06-03 15:29:14 +02:00
Tony Torralba
56a429a5f9 Merge branch 'main' into promote-jexl-injection 2021-06-03 11:10:56 +02:00
Anders Schack-Mulligen
8e6dd51f50 Merge pull request #5868 from Marcono1234/marcono1234/ignore-not-closing-char-array-closeable 
Java: Ignore char array based closeables for CloseReader.ql and CloseWriter.ql
 2021-06-02 15:00:59 +02:00
Anders Schack-Mulligen
922b421a45 Java: Add change note. 2021-06-01 14:33:52 +02:00
Alvaro Muñoz
f60df3b26a Update java/change-notes/2021-05-28-remove-senderror-xss-sink.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-05-28 15:13:19 +02:00
Alvaro Muñoz
db2f05ac24 Updated Java change notes 2021-05-28 15:13:18 +02:00
Sebastian Bauersfeld
ffcca4d5e9 Add change note. 2021-05-20 20:07:14 +07:00
Anders Schack-Mulligen
9b0e3b1950 Merge pull request #5814 from JLLeitschuh/feat/JLL/jackson_as_taint_step 
[Java] Add taint tracking through Jackson deserialization
 2021-05-18 09:31:16 +02:00
Chris Smowton
ef410b9984 Update java/change-notes/2021-05-14-close-resource-leaks-improvements.md 2021-05-17 19:27:10 +01:00
haby0
95c33a240f Update java/change-notes/2021-05-17-add-unsafe-deserialization-sinks.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-05-17 18:49:16 +08:00
haby0
58d774ae85 add change notes 2021-05-17 14:52:05 +08:00
Marcono1234
e205e4bbce Java: Add change note for close resource query changes 2021-05-14 22:31:14 +02:00
Sebastian Bauersfeld
b05512a958 Add change notes. 2021-05-12 16:58:24 +07:00
Anders Schack-Mulligen
a247ae4357 Merge pull request #5843 from JLLeitschuh/feat/JLL/improve_kryo_support 
[Java] Fix Kryo FP & Kryo 5 Support
 2021-05-12 09:52:24 +02:00
Jonathan Leitschuh
b871f48c50 [Java] Add release note to Jackson change 2021-05-11 10:36:47 -04:00
Jonathan Leitschuh
0d9a85ca6b Update java/change-notes/2021-05-05-kryo-improvements.md 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-05-11 08:29:50 -04:00
Anders Schack-Mulligen
744c495ac2 Merge pull request #5824 from JLLeitschuh/feat/JLL/guava_first_non_null 
[Java] Add support for com.google.common.base.MoreObjects#firstNonNull
 2021-05-11 09:42:20 +02:00
Jonathan Leitschuh
d27316eb3e Apply suggestions from code review 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2021-05-10 11:55:31 -04:00
Tony Torralba
e78e5b9ee4 Merge branch 'main' into promote-jexl-injection 2021-05-07 12:36:49 +02:00
Tony Torralba
fb3e56eac8 Fix imports and stubs so that tests pass 2021-05-06 09:18:48 +02:00
Jonathan Leitschuh
67e9f06304 [Java] Fix Kryo FP & Kryo 5 Support 
Closes #4992
 2021-05-05 17:38:34 -04:00
Tony Torralba
f79d2e06f9 Fix failing checks 2021-05-04 11:29:09 +02:00
Jonathan Leitschuh
dfad1fc740 [Java] Add support for com.google.common.base.MoreObjects#firstNonNull 2021-05-03 12:58:00 -04:00
Chris Smowton
fce1d6122f Add change note 2021-04-21 15:47:20 +01:00
Chris Smowton
5158e7964e Add change note 2021-04-14 08:25:12 +01:00
Chris Smowton
42b63a61ae Add change note 2021-03-26 14:31:36 +00:00
Anders Schack-Mulligen
5b905cfe18 Java: Add change note for code duplication library removal. 2021-03-25 10:12:58 +01:00