hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

5825 Commits

Author SHA1 Message Date
Edward Minnix III
8c8e71dd82 Grammar, concision, and style edits 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2022-12-09 11:35:02 -05:00
Michael Nebel
67732cbfa0 Java: Remove unneeded import for RegenerateModels.py. 2022-12-09 15:04:43 +01:00
Michael Nebel
2cb88037a4 C#/Java: Rename Negative Summary Model to Neutral Model in conversion and generator tooling. 2022-12-09 15:04:43 +01:00
Michael Nebel
3af00a8f3f Java: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:43 +01:00
Michael Nebel
079d48c42a Sync files. 2022-12-09 15:04:42 +01:00
Joe Farebrother
a14ebb7c03 Fixes 2022-12-09 13:41:18 +00:00
Joe Farebrother
fae4043008 Add change note 2022-12-09 13:41:18 +00:00
Joe Farebrother
603c1c1693 Add the domain used to the alert message 2022-12-09 13:41:18 +00:00
Joe Farebrother
ceb253e6d1 Add qhelp 2022-12-09 13:41:18 +00:00
Joe Farebrother
749ecab6b1 Add security severity 2022-12-09 13:41:18 +00:00
Joe Farebrother
c8aca06190 Implement pinning through a TrustManager 
+ Fix that the query was accidentally placed in experimental
 2022-12-09 13:41:18 +00:00
Joe Farebrother
c3da3a9aef Add a bit of additional context to the alert message; fix issue with finding the config file 2022-12-09 13:41:17 +00:00
Joe Farebrother
17348fbd32 Add android certificate pinning query 2022-12-09 13:41:17 +00:00
Jami Cogswell
2c3adb769b Java: remove MadModeledCallable class and update predicate names 2022-12-08 23:32:07 -05:00
Jami Cogswell
974c000b65 Java: add bindingset for package 2022-12-08 23:17:53 -05:00
Jami Cogswell
a32ed21480 Java: clean up comments and predicates 2022-12-08 23:09:09 -05:00
Jami Cogswell
ca00e0ab9e Java: adjust none and all calculations 2022-12-08 22:14:28 -05:00
Jami Cogswell
6248efd394 Java: adjust column names and metric formulas 2022-12-08 21:13:52 -05:00
Jami Cogswell
9e0027cf5b Java: remove negative models 2022-12-08 20:58:37 -05:00
Jami Cogswell
d558f93972 Java: update DataFlowTargetApi for funcexpr and paramless constructor exclusions 2022-12-08 20:51:40 -05:00
Jami Cogswell
f48cc9f40e Java: remove previous uses of isUninteresting 2022-12-08 16:56:43 -05:00
Jami Cogswell
29046e7960 Java: update ExternalApi characteristic predicate to include not isUninteresting 2022-12-08 12:31:46 -05:00
Henry Mercer
d196704a2d Merge pull request #11574 from github/henrymercer/check-query-ids 
Add a PR check to ensure query IDs are unique
 2022-12-08 15:31:26 +00:00
Chris Smowton
85ee4e6ca1 Merge pull request #11578 from retanoj/MybatisSqli 
Java: Add MyBatis Sql Injection no @Param case
 2022-12-08 13:53:44 +00:00
Henry Mercer
3036b15af2 Merge branch 'main' into henrymercer/check-query-ids 2022-12-08 13:05:46 +00:00
Chris Smowton
0d2474bd55 Autoformat 2022-12-08 11:30:53 +00:00
Chris Smowton
49bc524fd0 Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main 2022-12-08 11:12:30 +00:00
Jami Cogswell
e9e5f92603 Java: update notModeled for negative numbers 2022-12-07 21:46:52 -05:00
retanoj
0edfc6e01e greedy matching 2022-12-08 09:23:24 +08:00
Jami Cogswell
aa7e6d7811 Java: add negative numbers 2022-12-07 17:17:35 -05:00
Edward Minnix III
170c9af9e8 Merge pull request #11238 from egregius313/egregius313/webview-setjavascriptenabled 
Java: Query for detecting enabling Javascript in Android WebSettings
 2022-12-07 09:31:58 -05:00
retanoj
9cfeaeb18e Merge branch 'main' into MybatisSqli 2022-12-07 21:19:08 +08:00
Tony Torralba
cabce5fb36 Merge pull request #11549 from mbaluda/mbaluda/insecure-cookie 
Java: Support interprocedural setting of cookie security
 2022-12-07 12:14:46 +01:00
Jami Cogswell
b82f9b1911 Java: add draft of generated vs manual MaD metrics query 2022-12-06 22:15:19 -05:00
retanoj
8ee418405b consider blankspace / comma /dot field 2022-12-07 10:06:39 +08:00
Ed Minnix
1c81f8d8d5 Apply suggestion from docs review 2022-12-06 15:32:54 -05:00
retanoj
b0c86d8e51 change string match to regex match 2022-12-06 21:50:09 +08:00
Michael Nebel
8e4190d84a Merge pull request #11516 from michaelnebel/java/externalflowcleanup 
Java: Cleanup imports of `ExternalFlow`
 2022-12-06 14:26:39 +01:00
retanoj
2bbd37f9ab change code snippet to or condition 2022-12-06 19:27:29 +08:00
retanoj
82d0551215 Merge branch 'main' into MybatisSqli 2022-12-06 17:19:30 +08:00
retanoj
d2140eb4b1 MyBatisAnnotationSqlInjection no @Param case 2022-12-06 17:07:49 +08:00
Henry Mercer
2627632a41 Java: Fix duplicate IDs 2022-12-05 19:06:03 +00:00
Mauro Baluda
7c4b76b08b Update InsecureCookie.ql 2022-12-05 12:55:53 +01:00
Michael Nebel
a9ba964be4 Java: Update the Java model re-generate script. 2022-12-05 11:39:44 +01:00
Michael Nebel
243b94b54a Java/C#: Delete old model generator scripts and rename the new ones. 2022-12-05 11:39:44 +01:00
Mauro Baluda
16d7dc0853 Restrict DF configuration 2022-12-05 11:02:19 +01:00
Michael Nebel
4c7cdc6245 Java: Remove unneeded imports of ExternalFlow.qll. 2022-12-05 09:49:38 +01:00
Ed Minnix
7c4bd509a7 Java: add AssetLoader example to WebView file access documentation 2022-12-02 14:43:52 -05:00
Jami
edfcc0cd6d Merge pull request #11487 from jcogs33/jcogs33/supportedexternalapis-telemetry-query 
Java/C#: add SupportedExternalApis telemetry query
 2022-12-02 13:27:51 -05:00
Mauro Baluda
f3f8f35069 Update InsecureCookie.ql 
Support interprocedural setting of cookie security
 2022-12-02 17:37:23 +01:00