hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

5825 Commits

Author SHA1 Message Date
Michael Nebel
64145cf181 Java: Make it evident that we print signature of the lifted callable. 2024-05-08 14:42:53 +02:00
Michael Nebel
f00ad7c0e7 C#/Java: Invert api filtering logic. 2024-05-08 14:42:53 +02:00
Michael Nebel
e8120afef9 Java: Improve super implementation and ensure that lift produces a result. 2024-05-08 14:42:52 +02:00
Michael Nebel
95ff5bae65 Merge pull request #16297 from michaelnebel/java/improveapitelemetry 
Java: Identify more APIs as supported in the telemetry queries.
 2024-05-03 12:34:19 +02:00
Michael Nebel
8b0f3af5b1 Java: Update change-note. 2024-05-02 14:05:44 +02:00
Michael Nebel
42653b5fec Java: Add change note about local query removal. 2024-05-01 13:07:22 +02:00
Michael Nebel
d9c7401ea2 Java: Deprecate the local content of UrlRedirectLocalQuery and remove the local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
ed7538d0b9 Java: Deprecate the local content of TaintedPathQuery and remove the local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
5b89bd23c7 Java: Deprecate the content of SqlTaintedLocalQuery and remove the local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
b68abab12a Java: Deprecate the content of ResponseSplittingLocalQuery and remove local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
d05c5e3d94 Java: Deprecate the content of NumericCastTaintedLocalQuery, remove the local query variant and update the non-local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
301a6cc191 Java: Deprecate the content of ImproperValidationOrArray and remove local query variants. 2024-05-01 13:07:21 +02:00
Michael Nebel
acd0fa4b7b Java: Deprecate the content of ExternallyControlledFormatStringLocalQuery and remove the externally controlled format string local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
85a4dd0325 Java: Deprecate the local content of CommandLineQuery and remove the exec tainted local query variant. 2024-05-01 13:07:20 +02:00
Michael Nebel
072f19008a Java: Deprecate the content of ArithmeticTaintedLocalQuery and remove the arithmetic tainted local query variant. 2024-05-01 08:59:51 +02:00
Michael Nebel
93988e5834 Java: Deprecate the content of XxeLocalQuery and remove the Xxe local query variant. 2024-05-01 08:59:50 +02:00
Michael Nebel
e0c2a43780 Java: Deprecate the content of XssLocalQuery and remove the Xss local query variant. 2024-05-01 08:59:50 +02:00
github-actions[bot]
99928b82ed Post-release preparation for codeql-cli-2.17.2 2024-04-30 12:15:35 +00:00
github-actions[bot]
5228d94d42 Release preparation for version 2.17.2 2024-04-30 10:25:51 +00:00
Michael Nebel
9db32f4d26 Java: Identify more APIs as supported in the telemetry queries (as QL defined sinks). 2024-04-26 12:39:46 +02:00
Michael Nebel
acb2bbb2a3 Java: Identify more APIs as supported in the telemetry queries (as QL defined sources). 2024-04-26 12:39:46 +02:00
github-actions[bot]
622e176a16 Post-release preparation for codeql-cli-2.17.1 2024-04-16 14:21:32 +00:00
github-actions[bot]
9bfe4ea90a Release preparation for version 2.17.1 2024-04-15 17:34:47 +00:00
Anders Schack-Mulligen
2925e45434 Java/Dataflow: Propagate MaD-id/model-id to PathGraph. 2024-04-12 09:19:51 +02:00
Dave Bartolomeo
996f535f0b Merge pull request #16103 from github/dbartol/javadoc-record 
Allow `@param` tags to apply to record parameters
 2024-04-09 14:21:45 -04:00
erik-krogh
8cb6598f50 fixing that I put a type on the wrong thing in the alert-message 2024-04-08 20:51:19 +02:00
erik-krogh
018b066b95 autoformat 2024-04-08 07:15:33 +02:00
erik-krogh
ca4f667053 add fallback if I can't easily determine the variable 2024-04-08 07:14:48 +02:00
erik-krogh
8b220cc1b3 also get the variable for array accesses 2024-04-08 07:14:48 +02:00
erik-krogh
795b767b6e add link to the source variable in the alert-message for java/implicit-cast-in-compound-assignment 2024-04-08 07:14:48 +02:00
Dave Bartolomeo
ce98353d22 Allow @param tags to apply to record parameters 2024-04-02 15:15:11 -04:00
github-actions[bot]
8e61c6625b Post-release preparation for codeql-cli-2.17.0 2024-04-01 15:27:42 +00:00
github-actions[bot]
ec97d9a304 Release preparation for version 2.17.0 2024-04-01 13:46:57 +00:00
Jami
d889e3cf98 Merge pull request #14854 from jcogs33/jcogs33/unsafe-url-forward-promotion 
Java: Promote Unsafe URL Forward query from experimental
 2024-03-29 16:34:06 -04:00
Jami
2f8c4df309 docs wording updates 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-03-28 16:15:05 -04:00
Ian Lynagh
5dcd635403 Merge pull request #15961 from igfoo/igfoo/MissingEnumInSwitch 
Java: Limit the amount of results that MissingEnumInSwitch produces per switch
 2024-03-28 11:13:45 +00:00
Ian Lynagh
fda3c92612 Java: Add a changenote for the MissingEnumInSwitch change 2024-03-27 15:12:55 +00:00
Ian Lynagh
59ae6dd5f5 Java: Add a couple of Oxford commas 2024-03-27 15:07:58 +00:00
Henry Mercer
0646744928 Merge branch 'main' into henrymercer/merge-back-rc-3.13 2024-03-26 12:59:12 +00:00
github-actions[bot]
f67b5f9158 Post-release preparation for codeql-cli-2.16.6 2024-03-25 18:17:15 +00:00
github-actions[bot]
71ab804274 Release preparation for version 2.16.6 2024-03-25 16:58:08 +00:00
Owen Mansel-Chan
f2db9ce312 Merge pull request #16028 from owen-mc/java/sensitive-log-whitelist-tokenimage 
Java: whitelist variable name `tokenImage` for `java/sensitive-log` as it's used in code generated by JavaCC
 2024-03-25 10:02:19 +00:00
Owen Mansel-Chan
ac6c4add14 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-03-24 20:20:37 +00:00
Owen Mansel-Chan
821f399193 Add change note 2024-03-23 23:51:52 +00:00
Arthur Baars
c219b1a3c7 Merge pull request #16013 from github/rc/3.13 
Merge rc/3.13 into main
 2024-03-21 16:04:58 +01:00
Henry Mercer
4e3a6e2140 Merge pull request #15874 from github/henrymercer/mark-loc-as-telemetry 
Show lines of code data in debug mode only
 2024-03-21 12:20:09 +00:00
Michael Nebel
6619be3137 Merge pull request #15940 from michaelnebel/csharp/sourcesinktests 
C#: Source- and sink tests.
 2024-03-21 08:12:16 +01:00
Henry Mercer
a76832f4e0 Mark LOC queries as debug instead 2024-03-20 21:18:55 +00:00
Dave Bartolomeo
311ba8ea1b Merge from main to resolve conflicts 2024-03-19 10:41:31 -04:00
Michael Nebel
70c6744944 Java/Go/Swift: Sync changes. 2024-03-19 14:20:43 +01:00