hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

876 Commits

Author SHA1 Message Date
Owen Mansel-Chan
162245fb9a Fix unrelated test using reverse DNS as source 2024-06-24 21:23:50 +01:00
Owen Mansel-Chan
9aa0c9f1f3 Fix test expectations 2024-06-14 15:55:30 +01:00
Owen Mansel-Chan
7a13c31021 Exclude loopback address from reverse DNS source 2024-06-14 14:05:01 +01:00
Owen Mansel-Chan
5973f3fadc Add test for reverse DNS from loopback address 2024-06-14 14:04:47 +01:00
Owen Mansel-Chan
098b732937 Fix formatting of inline expectation test comment 2024-06-14 14:04:42 +01:00
Mauro Baluda
a464a8e48e @mbaluda 
Update provenance in test expectations
 2024-06-11 15:15:50 +02:00
Mauro Baluda
bb5ef3ccd9 Update provenance in test expectations 2024-06-10 19:57:37 +02:00
Anders Schack-Mulligen
4ec4da4c8c Dataflow/Java: Add support for pretty-printed provenace in tests. Convert one test. 2024-06-07 11:45:13 +02:00
Tony Torralba
292395b80e Update test expectations 2024-06-04 10:35:16 +02:00
Tony Torralba
f16dd8c010 Apply code review suggestions. 2024-06-04 10:35:11 +02:00
Tony Torralba
f84c2a842d Java: Add more File-related sinks for path-injection 2024-06-04 10:35:07 +02:00
Mauro Baluda
e2479a7ce2 Disable csrf for ServerHttpSecurity 2024-05-30 23:08:57 +02:00
Anders Schack-Mulligen
15a7c3faeb Java: Accept qltest .expected file changes. 2024-05-22 15:42:40 +02:00
Anders Schack-Mulligen
a650499a9c Java: Accept qltest .expected file changes (interesting). 2024-05-22 15:42:12 +02:00
Anders Schack-Mulligen
a74cf6501a Java: update qltest expected files. 2024-05-22 11:13:06 +02:00
Rasmus Wriedt Larsen
2451a6d3f6 Accept .expected changes 2024-05-21 14:47:42 +02:00
Michael Nebel
b1329fd806 Merge pull request #16362 from michaelnebel/java/removelocalqueries 
Java: Remove local query variants.
 2024-05-16 14:34:04 +02:00
Max Schaefer
d406646414 Java: Add tests for comparison-with-wider-type. 2024-05-15 12:45:19 +01:00
Michael Nebel
5b89bd23c7 Java: Deprecate the content of SqlTaintedLocalQuery and remove the local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
d05c5e3d94 Java: Deprecate the content of NumericCastTaintedLocalQuery, remove the local query variant and update the non-local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
301a6cc191 Java: Deprecate the content of ImproperValidationOrArray and remove local query variants. 2024-05-01 13:07:21 +02:00
Michael Nebel
acd0fa4b7b Java: Deprecate the content of ExternallyControlledFormatStringLocalQuery and remove the externally controlled format string local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
85a4dd0325 Java: Deprecate the local content of CommandLineQuery and remove the exec tainted local query variant. 2024-05-01 13:07:20 +02:00
Michael Nebel
072f19008a Java: Deprecate the content of ArithmeticTaintedLocalQuery and remove the arithmetic tainted local query variant. 2024-05-01 08:59:51 +02:00
Anders Schack-Mulligen
f85ff9defc Java: Update expected output (interesting). 2024-04-12 09:20:28 +02:00
Anders Schack-Mulligen
c2f5731e8d Java: Update expected output (uninteresting). 2024-04-12 09:20:26 +02:00
erik-krogh
8cb6598f50 fixing that I put a type on the wrong thing in the alert-message 2024-04-08 20:51:19 +02:00
erik-krogh
ca4f667053 add fallback if I can't easily determine the variable 2024-04-08 07:14:48 +02:00
erik-krogh
8b220cc1b3 also get the variable for array accesses 2024-04-08 07:14:48 +02:00
erik-krogh
795b767b6e add link to the source variable in the alert-message for java/implicit-cast-in-compound-assignment 2024-04-08 07:14:48 +02:00
Owen Mansel-Chan
e10333bf2b Merge pull request #14919 from github/java/jdk-model-autogeneration 
Java: add dataflow-generated models for JDK17
 2024-04-04 21:12:55 +01:00
Owen Mansel-Chan
9067a337b0 Test fixed by model for BasicAttributes(String, Object) 2024-04-01 14:03:30 +01:00
Jami
d889e3cf98 Merge pull request #14854 from jcogs33/jcogs33/unsafe-url-forward-promotion 
Java: Promote Unsafe URL Forward query from experimental
 2024-03-29 16:34:06 -04:00
Jami Cogswell
2391fe7d89 Java: use InlineFlowTest instead of InlineExpectationsTest 2024-03-27 08:44:17 -04:00
Owen Mansel-Chan
f4b3bae88b Add test for ParseException use of tokenImage 2024-03-23 23:48:16 +00:00
Owen Mansel-Chan
63a04c056a Add test with tokenImage as used in JavaCC 2024-03-23 21:30:33 +00:00
Jami Cogswell
1b01f26d09 Java: adjust BarrierPrefix to handle prepended chars 2024-03-13 16:28:45 -04:00
Jami Cogswell
5ac453eb38 Java: add spurious test case for StringBuilder.append 2024-03-13 16:28:45 -04:00
Jami Cogswell
04d27f2d65 Java: adjust prefix barriers 2024-03-13 16:28:44 -04:00
Jami Cogswell
e99cea340b Java: update UrlPathBarrier to include FollowsBarrierPrefix 2024-03-13 16:28:44 -04:00
Jami Cogswell
a002674587 Java: clean up comments on test cases 2024-03-13 16:28:44 -04:00
Jami Cogswell
d220b3a298 Java: some updates to test cases 2024-03-13 16:28:43 -04:00
Jami Cogswell
911a61df22 Java: initial update of barrier and test cases to remove FN 2024-03-13 16:28:42 -04:00
Jami Cogswell
e75c96c0f9 Java: combine test cases; add test for StaplerResponse.forward 2024-03-13 16:28:41 -04:00
Jami Cogswell
09bc21dbd3 Java: rename 'UnsafeUrlForward' to 'UrlForward' 2024-03-13 16:28:41 -04:00
Jami Cogswell
915e106ab3 Java: remove path-injection related models and tests for now 2024-03-13 16:28:40 -04:00
Jami Cogswell
35a083ae9e Java: update test cases to use inline expectations 2024-03-13 16:28:40 -04:00
Jami Cogswell
0d38a9625e Java: copy files from experimental 2024-03-13 16:28:39 -04:00
Erik Krogh Kristensen
863e3f79e5 Merge pull request #15731 from erik-krogh/java-url 
Java: More sanitizers for request-forgery
 2024-03-12 19:31:52 +01:00
Owen Mansel-Chan
19ac9e089a Add test 2024-03-03 21:03:41 +00:00