hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,671 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

4250 Commits

Author SHA1 Message Date
Dave Bartolomeo
996f535f0b Merge pull request #16103 from github/dbartol/javadoc-record 
Allow `@param` tags to apply to record parameters
 2024-04-09 14:21:45 -04:00
Dave Bartolomeo
b9cfeaf614 Add test case 2024-04-09 12:41:32 -04:00
erik-krogh
8cb6598f50 fixing that I put a type on the wrong thing in the alert-message 2024-04-08 20:51:19 +02:00
erik-krogh
ca4f667053 add fallback if I can't easily determine the variable 2024-04-08 07:14:48 +02:00
erik-krogh
8b220cc1b3 also get the variable for array accesses 2024-04-08 07:14:48 +02:00
erik-krogh
795b767b6e add link to the source variable in the alert-message for java/implicit-cast-in-compound-assignment 2024-04-08 07:14:48 +02:00
Owen Mansel-Chan
e10333bf2b Merge pull request #14919 from github/java/jdk-model-autogeneration 
Java: add dataflow-generated models for JDK17
 2024-04-04 21:12:55 +01:00
Dave Bartolomeo
2336e14627 Remove expectation of spurious diagnostic 2024-04-04 10:31:05 -04:00
Dave Bartolomeo
ce98353d22 Allow @param tags to apply to record parameters 2024-04-02 15:15:11 -04:00
Owen Mansel-Chan
fa614df3f4 Tests fixed by model for CharBuffer.wrap(char[]) 2024-04-01 14:03:42 +01:00
Owen Mansel-Chan
2d24fe011b Accept that lots of sinks are now summaries as well 2024-04-01 14:03:36 +01:00
Owen Mansel-Chan
9067a337b0 Test fixed by model for BasicAttributes(String, Object) 2024-04-01 14:03:30 +01:00
Owen Mansel-Chan
776c9d9eb2 Accept changes to top jdk apis test 2024-04-01 14:03:23 +01:00
Owen Mansel-Chan
52e6ea30e7 Accept more capture summary models 
This line is added because `FileOutputStream`'s constructor is now modeled as propagating taint, not just as a sink.
| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];ReturnValue;taint;df-generated |
 2024-04-01 14:03:00 +01:00
Jami
d889e3cf98 Merge pull request #14854 from jcogs33/jcogs33/unsafe-url-forward-promotion 
Java: Promote Unsafe URL Forward query from experimental
 2024-03-29 16:34:06 -04:00
Ian Lynagh
5dcd635403 Merge pull request #15961 from igfoo/igfoo/MissingEnumInSwitch 
Java: Limit the amount of results that MissingEnumInSwitch produces per switch
 2024-03-28 11:13:45 +00:00
Ian Lynagh
b6a1266ade Java: Accept test changes for MissingEnumInSwitch Oxford commas 2024-03-27 18:48:22 +00:00
Jami Cogswell
2391fe7d89 Java: use InlineFlowTest instead of InlineExpectationsTest 2024-03-27 08:44:17 -04:00
Dave Bartolomeo
c11b8f9d51 Remove unused data extension in test 2024-03-25 19:14:54 -04:00
Chris Smowton
568bddc4a9 Add test cases for cases falling directly out of switch blocks 2024-03-25 16:31:40 +00:00
Chris Smowton
9fa2f19990 Add test for guards in the presence of fall-through between pattern and constant cases 2024-03-25 16:31:39 +00:00
Chris Smowton
c48e64e536 Add tests for the combination of anonymous labels and a guard 2024-03-25 16:31:39 +00:00
Chris Smowton
1e0766dffa Add tests for case statement type test dominance against anonymous labels and fall-through 2024-03-25 16:31:39 +00:00
Chris Smowton
f2ff6c476a Add printast tests for anonymous variables 2024-03-25 16:31:38 +00:00
Chris Smowton
5cb5ee026c Fix pretty-printing of anonymous vars and multiple patterns; add test 2024-03-25 16:31:38 +00:00
Chris Smowton
f317f782ae Add test for control-flow with mixed patterns, constants and fall-through 2024-03-25 16:31:38 +00:00
Chris Smowton
6cf956d07a Add CFG test for anonymous variables and fall-throughs with pattern cases 2024-03-25 16:31:38 +00:00
Chris Smowton
cc8dcf63b0 Convert test to use an anonymous local 2024-03-25 16:31:38 +00:00
Chris Smowton
5243a62a41 Accept test changes 2024-03-25 16:31:37 +00:00
Owen Mansel-Chan
f4b3bae88b Add test for ParseException use of tokenImage 2024-03-23 23:48:16 +00:00
Owen Mansel-Chan
63a04c056a Add test with tokenImage as used in JavaCC 2024-03-23 21:30:33 +00:00
Tom Hvitved
fc55567d90 Merge pull request #15853 from hvitved/dataflow/get-location 
Data flow: Replace `hasLocationInfo` with `getLocation`
 2024-03-18 20:21:46 +01:00
Ian Lynagh
916b1e959e Java: Add a test for MissingEnumInSwitch 2024-03-18 15:56:10 +00:00
Jami Cogswell
a8eb1d10f6 Java: remove experimental tests 2024-03-17 22:35:27 -04:00
Tony Torralba
9d44045e6f Adjust test expectations 2024-03-14 09:41:34 +01:00
Jami Cogswell
1b01f26d09 Java: adjust BarrierPrefix to handle prepended chars 2024-03-13 16:28:45 -04:00
Jami Cogswell
5ac453eb38 Java: add spurious test case for StringBuilder.append 2024-03-13 16:28:45 -04:00
Jami Cogswell
04d27f2d65 Java: adjust prefix barriers 2024-03-13 16:28:44 -04:00
Jami Cogswell
e99cea340b Java: update UrlPathBarrier to include FollowsBarrierPrefix 2024-03-13 16:28:44 -04:00
Jami Cogswell
a002674587 Java: clean up comments on test cases 2024-03-13 16:28:44 -04:00
Jami Cogswell
d220b3a298 Java: some updates to test cases 2024-03-13 16:28:43 -04:00
Jami Cogswell
911a61df22 Java: initial update of barrier and test cases to remove FN 2024-03-13 16:28:42 -04:00
Jami Cogswell
e75c96c0f9 Java: combine test cases; add test for StaplerResponse.forward 2024-03-13 16:28:41 -04:00
Jami Cogswell
09bc21dbd3 Java: rename 'UnsafeUrlForward' to 'UrlForward' 2024-03-13 16:28:41 -04:00
Jami Cogswell
915e106ab3 Java: remove path-injection related models and tests for now 2024-03-13 16:28:40 -04:00
Jami Cogswell
35a083ae9e Java: update test cases to use inline expectations 2024-03-13 16:28:40 -04:00
Jami Cogswell
0d38a9625e Java: copy files from experimental 2024-03-13 16:28:39 -04:00
Tom Hvitved
02ae2d1520 Java: Implement new data flow interface 2024-03-13 14:41:57 +01:00
Erik Krogh Kristensen
863e3f79e5 Merge pull request #15731 from erik-krogh/java-url 
Java: More sanitizers for request-forgery
 2024-03-12 19:31:52 +01:00
Chris Smowton
dae20ca50c Explicitly import Lock 2024-03-07 09:54:17 +00:00