hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

4531 Commits

Author SHA1 Message Date
Jami Cogswell
181a711f04 Java: switch Collectors.joining model from neutral to summary 2023-01-10 21:06:03 -05:00
Jami Cogswell
faae811be7 Java: try simplification of paramsString and paramsStringPart 2023-01-10 13:35:52 -05:00
Jami Cogswell
65aa064838 Java: update paramsString qldoc 2023-01-10 13:33:47 -05:00
Edward Minnix III
ce06df3152 Merge pull request #11628 from egregius313/egregius313/android-webview-addjavascriptinterface-dataflow 
Java: Add parameters of methods annotated @JavascriptInterface as remote flow sources
 2023-01-10 12:41:52 -05:00
Tony Torralba
32471d326e Java: Remove omittable exists variables 2023-01-10 13:37:19 +01:00
Tony Torralba
da90ae0e8f Update java/ql/lib/semmle/code/java/dataflow/FlowSources.qll 2023-01-10 11:18:53 +01:00
Michael Nebel
16cd148961 Merge pull request #11711 from michaelnebel/externalflowcleanup 
C#/Java: Delete deprecated ModelCsv classes and related predicates.
 2023-01-10 10:22:50 +01:00
Ed Minnix
293a203756 Move JavascriptInterfaceMethod to WebView.qll 2023-01-09 15:10:23 -05:00
Ed Minnix
972b4629c8 Fix typo in change note 2023-01-09 10:01:38 -05:00
Chris Smowton
45c732a6f9 Java: improve naming and description of SqlUnescaped.ql 
Since the main thing it's objecting to is concatenation not lack of escaping (in particular it doesn't look for escaping sanitizers), rename and re-describe it accordingly.
 2023-01-09 10:56:13 +00:00
Jami Cogswell
a3c7b2c3a2 Java: move java.lang.Math.min to the correct file 2023-01-06 14:35:09 -05:00
Jami
f5e5f6dfd1 Merge pull request #11821 from jcogs33/jcogs33/fix-mad-typos 
Java: fix typos in MaD row `name` columns for `MappingSqlQuery` and `MappingSqlQueryWithParameters`
 2023-01-06 07:59:30 -05:00
github-actions[bot]
cdb8f67601 Post-release preparation for codeql-cli-2.12.0 2023-01-06 10:36:34 +00:00
github-actions[bot]
b6a8193785 Release preparation for version 2.12.0 2023-01-05 16:32:14 +00:00
Jami Cogswell
f03f687d61 Java: add change note 2023-01-05 09:08:04 -05:00
Jami Cogswell
0640bd9d8b Java: fix typos in the MaD row name columns for MappingSqlQuery and MappingSqlQueryWithParameters 2023-01-05 08:32:22 -05:00
Jami Cogswell
abe501c1af Java: add change note 2023-01-03 17:15:50 -05:00
Aditya Sharad
9988c19a42 Merge branch 'main' into tutorial/library-pack 2023-01-03 14:08:37 -08:00
Jami Cogswell
feaae16f7c Java: adjust comments 2023-01-03 16:08:14 -05:00
Ed Minnix
0be8648a9d Add changenote 2023-01-03 15:55:53 -05:00
Ed Minnix
ab7ca1d642 Java: Add parameters of @JavascriptInterface methods as a remote flow sources 2023-01-03 15:31:40 -05:00
Jami Cogswell
29221ae426 Java: add summary model for System.getProperty, adjust comments 2023-01-03 15:11:21 -05:00
Jami Cogswell
21a018e5c5 Java: add summary model and test for File.getName 2023-01-03 13:12:24 -05:00
Ed Minnix
515fa21aad Change notes 2022-12-31 17:18:37 -05:00
Ed Minnix
e259ef5d1d Java: Add class for android.webkit.WebSettings.setAllowContentAccess 2022-12-31 15:00:28 -05:00
Jami Cogswell
939279af38 Java: add comments 2022-12-22 16:25:12 -05:00
Jami Cogswell
a81c54b58c Java: updates to order alphabetically 2022-12-22 13:22:12 -05:00
Jami Cogswell
6007827dd3 Java: update test cases 2022-12-22 12:29:57 -05:00
Jami Cogswell
16de30e07e Java: add java.util.stream models 2022-12-21 13:05:23 -05:00
Jami Cogswell
1db829e55c Java: add java.util models 2022-12-21 13:03:57 -05:00
Jami Cogswell
573de92441 Java: add java.util.function models 2022-12-21 12:59:58 -05:00
Jami Cogswell
a8c55ee4b7 Java: add java.util.concurrent models 2022-12-21 12:59:00 -05:00
Jami Cogswell
db0d24fdd1 Java: add java.util.concurrent.atomic models 2022-12-21 12:57:22 -05:00
Jami Cogswell
cfe075ef54 Java: add java.time models 2022-12-21 12:54:35 -05:00
Jami Cogswell
8e20aeb314 Java: add java.text models 2022-12-21 12:51:44 -05:00
Jami Cogswell
b9ce588076 Java: add java.sql models 2022-12-21 12:49:29 -05:00
Jami Cogswell
1544f49f91 Java: add java.math models 2022-12-21 12:47:32 -05:00
Jami Cogswell
ed534b06d5 Java: add java.lang models 2022-12-21 12:45:12 -05:00
Jami Cogswell
99ddd484be Java: add java.io models 2022-12-21 12:34:26 -05:00
Jami
c9258effb6 Merge pull request #11572 from jcogs33/jcogs33/model-top-jdk-apis 
Java: model top 100 JDK APIs
 2022-12-20 09:13:53 -05:00
Jami
dc0bad3dc5 update change note 
Co-authored-by: yo-h <55373593+yo-h@users.noreply.github.com>
 2022-12-20 07:55:58 -05:00
Tony Torralba
149cae9603 Merge pull request #10971 from joefarebrother/android-certificate-pinning 
Java: Add Android missing certificate pinning query (CWE-295)
 2022-12-20 11:03:16 +01:00
Tony Torralba
3e7a819fe7 Simplification 2022-12-20 09:42:25 +01:00
Jeroen Ketema
edc768b43b Merge pull request #11707 from smowton/smowton/fix/java-empty-multiline-comment 
Java: handle printing an empty comment (/**/); add relevant tests
 2022-12-20 08:07:42 +01:00
Aditya Sharad
ed29b3e4d6 Shared packs: Depend on codeql/tutorial from all language libraries 
This allows `import tutorial` from queries targeting
any language, just like before, while removing the
duplicate copies of `tutorial.qll`.
 2022-12-19 15:52:11 -08:00
Jami Cogswell
19deb59d07 Java: sort neutral models alphabetically 2022-12-19 14:22:17 -05:00
Edward Minnix III
39a7c7bb12 Merge pull request #11282 from egregius313/egregiu313/webview-addjavascriptinterface 
Java: Query for detecting addJavascriptInterface method calls
 2022-12-19 11:28:45 -05:00
Jami Cogswell
f37f0a09aa Java: update change note 2022-12-19 08:41:56 -05:00
Chris Smowton
2ca56e0c1e Java: handle printing an empty comment (/**/); add relevant tests 2022-12-19 14:12:09 +01:00
erik-krogh
ba7321ac5c add qldoc to RegExpCharEscape 2022-12-18 17:23:45 +01:00