hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

5825 Commits

Author SHA1 Message Date
Stephan Brandauer
170e895593 use newtype for related location type 2023-05-10 10:28:14 +02:00
Stephan Brandauer
5dab1b2a3b leftover renaming label->kind 2023-05-10 10:01:39 +02:00
Stephan Brandauer
1f60fd6d58 use specialized getAParameter predicate, instead of getParameter(_) 2023-05-10 10:01:04 +02:00
Stephan Brandauer
91ae61b744 more documentation 2023-05-10 09:42:22 +02:00
Stephan Brandauer
46741c6e42 rename kind -> label 2023-05-10 09:34:13 +02:00
Stephan Brandauer
85f519b7b4 documentation updates from review comments 2023-05-10 09:33:37 +02:00
Stephan Brandauer
94cb82e553 remove TestFileCharacteristic as it's redundant 2023-05-10 09:06:11 +02:00
Stephan Brandauer
d7aca9e909 use comma separator in concatenation 2023-05-10 08:57:27 +02:00
Kasper Svendsen
0de6e4138f Merge pull request #13037 from kaspersv/kaspersv/java-enable-implicit-this-warnings 
Java: Enable implicit this receiver warnings
 2023-05-09 10:24:31 +02:00
Kasper Svendsen
b0714904c0 Java: Enable implicit this receiver warnings 2023-05-09 08:25:40 +02:00
Michael Nebel
8435c31213 C#/Java: Update model converter queries to handle kind information. 2023-05-08 16:19:00 +02:00
Michael Nebel
d103a57141 Java: Adjust the model generator to produce kinds. 2023-05-08 16:18:59 +02:00
Edward Minnix III
2d5b35067e Merge pull request #12721 from egregius313/egregius313/java/move-configurations-to-libraries 
Java: Move more dataflow configurations to `*Query.qll` files
 2023-05-04 20:14:22 -04:00
Jami
3c74c8bbe0 Merge pull request #13019 from jcogs33/jcogs33/url-open-stream-updates 
Java: switch `url-open-stream` sink models to `experimentalSinkModel`
 2023-05-04 15:07:44 -04:00
Stephan Brandauer
62ab91c14a fix ql-for-ql warning 2023-05-04 17:48:50 +02:00
Stephan Brandauer
27703c777a pull subtypes-logic out into helper predicate, and document it 2023-05-04 17:45:17 +02:00
Stephan Brandauer
0e5591ff86 move getCallable to signature module implementation, and document it 2023-05-04 17:35:46 +02:00
Stephan Brandauer
a616a786f0 formatting 2023-05-04 17:27:27 +02:00
Stephan Brandauer
36aabc077e Update java/ql/src/Telemetry/AutomodelFrameworkModeCharacteristics.qll 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2023-05-04 16:50:37 +02:00
Ed Minnix
5f3c8fef3f Privacy markers and fixed imports 2023-05-04 10:25:17 -04:00
Ed Minnix
74fc6382a6 Add improper validation of array size query libraries 2023-05-04 10:25:17 -04:00
Ed Minnix
c319ee4c0d Add TempDirLocalInformationDisclosureQuery 2023-05-04 10:25:16 -04:00
Ed Minnix
b087cf9a0a Add Arithmetic query libraries 2023-05-04 10:25:16 -04:00
Ed Minnix
b6361cdd3d Move CWE-190/ArithmeticCommon.qll to semmle.code.java.security 2023-05-04 10:25:16 -04:00
Ed Minnix
24b00bac11 Add UnsafeHostnameVerificationQuery 2023-05-04 10:25:16 -04:00
Ed Minnix
f4a6f555b4 Add NumericCastTaintedQuery 2023-05-04 10:25:13 -04:00
Ed Minnix
e65a54b85f Add BrokenCryptoAlgorithmQuery 2023-05-04 10:19:12 -04:00
Ed Minnix
4b76564911 Add MaybeBrokenCryptoAlgorithmQuery 2023-05-04 10:15:00 -04:00
Ed Minnix
e4f47ece43 Add ResponseSplittingLocalQuery 2023-05-04 10:15:00 -04:00
Ed Minnix
91b3533035 Add SqlTaintedLocalQuery 2023-05-04 10:14:59 -04:00
Ed Minnix
a0f7575b34 Add StackTraceExposureQuery 2023-05-04 10:14:59 -04:00
Ed Minnix
aff299eafd Add ExecTaintedLocal 2023-05-04 10:14:59 -04:00
Ed Minnix
b39d5088de Add InsecureCookieQuery 2023-05-04 10:14:59 -04:00
Ed Minnix
be24b29e7a Add UrlRedirectLocalQuery.qll 2023-05-04 10:14:59 -04:00
Ed Minnix
0249187282 Add ExternallyControlledFormatStringLocalQuery.qll 2023-05-04 10:14:59 -04:00
Ed Minnix
5834e4ac52 Add UrlRedirectQuery.qll 2023-05-04 10:14:59 -04:00
Ed Minnix
cc22a7d4b4 Add XssLocalQuery 2023-05-04 10:14:59 -04:00
Ed Minnix
c2b6a3f4e0 Add XPathInjectionQuery 2023-05-04 10:14:59 -04:00
Ed Minnix
c15ce27957 Add SqlConcatenatedQuery 2023-05-04 10:14:59 -04:00
Ed Minnix
1af6d5f7b3 Add TaintedPermissionsCheckQuery 2023-05-04 10:14:59 -04:00
Kasper Svendsen
29239939c7 Merge pull request #13010 from kaspersv/kaspersv/java-explicit-this-receivers 
Java: Make implicit this receivers explicit
 2023-05-04 13:06:41 +02:00
Stephan Brandauer
32f2614fe0 add typecheckable mechanism to enforce minimal set of metadata 2023-05-03 16:00:50 +02:00
Jami Cogswell
917268e7e6 Java: activate the models in openstream query 2023-05-03 09:57:45 -04:00
Stephan Brandauer
6d29273c43 make framework mode explicit in file/module names 2023-05-03 14:36:42 +02:00
Stephan Brandauer
dfb9d88198 fix ql-for-ql errors 2023-05-03 14:17:11 +02:00
Ian Lynagh
b56b843d13 Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 
Post-release preparation for codeql-cli-2.13.1
 2023-05-03 13:12:10 +01:00
Kasper Svendsen
081085e128 Java: Make implicit this receivers explicit 2023-05-03 13:37:35 +02:00
Stephan Brandauer
05bf13b020 use getCallable predicate 2023-05-03 11:27:14 +02:00
Stephan Brandauer
09f3296134 export related locations using notation 2023-05-03 10:27:46 +02:00
Edward Minnix III
733a00039e Merge pull request #12864 from egregius313/egregius313/java/mad/update-typeAsModel 
Java: Erase generics in `typeAsModel` predicate used in model generator
 2023-05-02 15:28:51 -04:00