hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-14 23:14:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,680 Branches 158 Tags
alexet/avoid-path-node-java
Commit Graph

82643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
7bfa4c1947 Convert GoRestfulSource to MaD 2024-07-16 11:18:14 +01:00
Anders Schack-Mulligen
37d78249e7 Java: Update provenance ids. 2024-07-16 11:11:54 +02:00
Anders Schack-Mulligen
2bfd65f145 Java: update expected output 2024-07-16 11:11:54 +02:00
Anders Schack-Mulligen
b2f57b4b48 Java: Update expected output. 2024-07-16 11:11:53 +02:00
Anders Schack-Mulligen
938f46b888 Java: Remove superfluous clone models. 2024-07-16 11:11:53 +02:00
Anders Schack-Mulligen
dc64a08467 Java: Update test expectations for Object.clone(). 2024-07-16 11:11:52 +02:00
Anders Schack-Mulligen
12d6875cc4 Java: Replace the MaD Object.clone() models with a non-aliasing value step. 2024-07-16 11:11:50 +02:00
Geoffrey White
e39e7656da C++: Change note. 2024-07-16 09:59:42 +01:00
Anders Schack-Mulligen
0fb27fb6fc Merge pull request #16979 from aschackmull/dataflow/internsets 
Dataflow: Replace MakeSets with QlBuiltins::InternSets.
 2024-07-16 10:47:07 +02:00
Geoffrey White
195c20cfd5 C++: Fix provenance for sources/sinks. 2024-07-16 09:33:51 +01:00
Geoffrey White
eefbb676e9 C++: Support alert provenance. 2024-07-16 09:33:48 +01:00
Owen Mansel-Chan
2dc63ef8d1 Merge pull request #16856 from owen-mc/go/mad-sources-chi-echo-elazarl 
Go: Convert  chi echo and elazarl sources to MaD
 2024-07-16 08:00:51 +01:00
Alvaro Muñoz
270ca2ad7d feat(queries): Experimental Output clobbering query 2024-07-15 21:00:54 +02:00
Alvaro Muñoz
fc39249f92 feat(queries): Consider untrusted checkout as a source for code injections 2024-07-15 21:00:28 +02:00
Jami Cogswell
8f6d4be256 Java: update tests 2024-07-15 14:33:40 -04:00
Geoffrey White
391816c9e7 C++: Add path graph to one of the external models tests. 2024-07-15 17:37:55 +01:00
Jami
b70a4c839c Merge branch 'main' into jcogs33/add-toByteArray-summaries 2024-07-15 12:35:05 -04:00
Jami Cogswell
7f34dd1e0a Java: update change note 2024-07-15 12:15:02 -04:00
Jami Cogswell
cd82ada239 Java: add manual models for all overloads of IOUtils.toByteArray 2024-07-15 12:12:31 -04:00
Michael Nebel
18cde3bd78 Merge pull request #16873 from michaelnebel/csharp/narrowsourcegeneration 
C#: Narrow source model generation.
 2024-07-15 15:53:13 +02:00
Mathias Vorreiter Pedersen
1c336985e0 Merge pull request #16502 from github/MathiasVP-patch-1 
Swift: Remove beta label
 2024-07-15 13:54:34 +01:00
Mathias Vorreiter Pedersen
29e9c05f26 Merge branch 'main' into MathiasVP-patch-1 2024-07-15 13:27:42 +01:00
Anders Schack-Mulligen
da5abc8321 Dataflow: Replace MakeSets with QlBuiltins::InternSets. 2024-07-15 13:35:57 +02:00
Mathias Vorreiter Pedersen
5da3fb5e05 Merge pull request #16959 from MathiasVP/promote-iterator-to-expired-container-to-code-scanning 
C++: Promote `cp/iterator-to-expired-container` to Code Scanning
 2024-07-15 11:55:32 +01:00
Ian Lynagh
a951718f2e Merge pull request #16955 from igfoo/igfoo/kotlin-ga 
Kotlin: Kotlin support is now out of beta, and generally available
 2024-07-15 11:30:20 +01:00
am0o0
a10b5021b4 fix tests, it is not fixed 100% 2024-07-15 10:13:57 +02:00
Michael Nebel
8eba4a3e51 C#: Code quality improvement. 2024-07-15 08:05:13 +02:00
Owen Mansel-Chan
cd9b364e5a Merge pull request #16974 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-14 22:31:55 +01:00
am0o0
87b6495c91 add zlib tests with stubs :) 2024-07-14 21:10:56 +02:00
Owen Mansel-Chan
3efbee0d81 Accept provenance numbering changes 2024-07-14 16:06:29 +01:00
Owen Mansel-Chan
99ed3c2ac1 Convert ElazarlGoproxy::UserControlledRequestData to MaD 2024-07-14 14:28:48 +01:00
Owen Mansel-Chan
2ec64a9ca8 Convert EchoContextBinder to MaD 2024-07-14 14:28:47 +01:00
Owen Mansel-Chan
3fc598dbe9 Convert EchoContextSource to MaD 2024-07-14 14:28:46 +01:00
Owen Mansel-Chan
5b38d51f62 Convert Chi::UserControlledMethod to MaD 2024-07-14 14:28:46 +01:00
Owen Mansel-Chan
3bd4a203bb Convert Chi::UserControlledFunction to MaD 2024-07-14 14:28:44 +01:00
github-actions[bot]
7fc95b8eff Add changed framework coverage reports 2024-07-14 00:20:23 +00:00
Alvaro Muñoz
76ded33280 Bump qlpack versions 2024-07-13 23:29:36 +02:00
Alvaro Muñoz
cc64c95dbc feat(dataflow): Update edges predicate to only link to next step 
Previously each step was linking to all possible following steps. This change makes a better flow path explanation flowing from the checkout to the poisonable step, step by step
 2024-07-13 23:28:47 +02:00
Owen Mansel-Chan
dd1d5ecab4 Merge pull request #16967 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-13 17:24:36 +01:00
am0o0
bf506f8a9e remove redundent stubs 2024-07-13 18:06:02 +02:00
am0o0
71e1d63953 finilize tests 2024-07-13 18:00:50 +02:00
am0o0
d8e2d355df categorize the new stubs 2024-07-13 17:25:38 +02:00
am0o0
8f7c690529 revert some mistakes 2024-07-13 17:03:24 +02:00
am0o0
1d1c476674 update tests and use TaintFlowTestArgString 
add stubs
add missed sink models
 2024-07-13 16:58:51 +02:00
Jami
9c98296ad2 Merge pull request #16965 from jcogs33/jcogs33/add-FilePath-exists-sink 
Java: add path-injection sink for `hudson.FilePath.exists()`
 2024-07-13 10:15:37 -04:00
Chris Smowton
1cb9f6370f Use hasTaintFlow marker 2024-07-13 13:09:43 +02:00
Chris Smowton
059a1389c6 Run TaintedPath query on experimental tests 2024-07-13 13:09:26 +02:00
Chris Smowton
4e9a528df9 Move experimental tests 2024-07-13 13:09:08 +02:00
am0o0
025aa77e79 add the snappy missed sink 2024-07-13 11:15:45 +02:00
am0o0
8c106964ec remove duplicate parts thanks to @owen-mc 2024-07-13 11:11:07 +02:00