hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

1079 Commits

Author SHA1 Message Date
Ed Minnix
9ef319f659 Java: setAllowContentAccess query tests 2022-12-31 15:00:28 -05:00
Ed Minnix
7cc53126f3 Java: WebView setAllowContentAccess query test cases 2022-12-31 15:00:28 -05:00
Ed Minnix
a023726c03 Java: add Android stubs to options file for CWE-200 tests 2022-12-31 15:00:28 -05:00
Jami Cogswell
e6331dc2e6 Java: update test case affected by Long.parseLong summary model 2022-12-22 12:57:37 -05:00
Jami Cogswell
997219a280 Java: update test case affected by Class.isAssignableFrom neutral model 2022-12-22 12:54:02 -05:00
Edward Minnix III
b77923f6e6 Merge pull request #11767 from atorralba/atorralba/java/fix-pinning-tests 
Java: Small simplification in Missing Certificate Pinning tests
 2022-12-21 11:21:47 -05:00
Arthur Baars
98c5b81456 Merge pull request #11723 from aibaars/alert-suppression 
CodeQL alert suppression
 2022-12-21 10:59:57 +01:00
Tony Torralba
ab73d13d8b Small simplification 2022-12-21 09:58:13 +01:00
Jami
c9258effb6 Merge pull request #11572 from jcogs33/jcogs33/model-top-jdk-apis 
Java: model top 100 JDK APIs
 2022-12-20 09:13:53 -05:00
Tony Torralba
149cae9603 Merge pull request #10971 from joefarebrother/android-certificate-pinning 
Java: Add Android missing certificate pinning query (CWE-295)
 2022-12-20 11:03:16 +01:00
Tony Torralba
3e7a819fe7 Simplification 2022-12-20 09:42:25 +01:00
Edward Minnix III
39a7c7bb12 Merge pull request #11282 from egregius313/egregiu313/webview-addjavascriptinterface 
Java: Query for detecting addJavascriptInterface method calls
 2022-12-19 11:28:45 -05:00
Arthur Baars
0f313231bc AlertSuppression: add more tests 2022-12-19 16:43:11 +01:00
Arthur Baars
c176606be5 AlertSuppression: allow //lgtm comments to scope over the next line 2022-12-19 16:10:26 +01:00
Jami Cogswell
f933fc75cd Java: update another test affected by Integer.parseInt, and one affected by String.length 2022-12-18 21:46:43 -05:00
Jami Cogswell
f3fc68352e Java: update tests affected by Integer.parseInt model 2022-12-18 19:43:32 -05:00
Jami Cogswell
96a0950048 Java: update test case 2022-12-15 15:49:53 -05:00
Jami Cogswell
028fc29639 Java: group test methods 2022-12-13 11:02:21 -05:00
Jami
93d8a03e73 Merge branch 'main' into jcogs33/mad-metrics-query 2022-12-12 20:31:53 -05:00
Jami Cogswell
3526406db0 Java: add tests 2022-12-12 15:10:55 -05:00
Edward Minnix III
0ebfee8b11 Merge pull request #11241 from egregius313/egregius313/webview-file-access 
Java: Query to detect Android Webview file access
 2022-12-12 11:12:26 -05:00
Joe Farebrother
a14ebb7c03 Fixes 2022-12-09 13:41:18 +00:00
Joe Farebrother
0d6a376a36 Add test cases for TrustManager case 2022-12-09 13:41:18 +00:00
Joe Farebrother
4afecf575e Generate more stubs for okhttp and fix tests. 
Some generated stubs needed to be manually corrected.
 2022-12-09 13:41:17 +00:00
Joe Farebrother
bb402c497b Fix typo in dir name 2022-12-09 13:41:17 +00:00
Joe Farebrother
53c4ada883 Add okhttp tests 2022-12-09 13:41:17 +00:00
Joe Farebrother
ea3db5d429 Add test cases 2022-12-09 13:41:17 +00:00
Edward Minnix III
170c9af9e8 Merge pull request #11238 from egregius313/egregius313/webview-setjavascriptenabled 
Java: Query for detecting enabling Javascript in Android WebSettings
 2022-12-07 09:31:58 -05:00
Tony Torralba
cabce5fb36 Merge pull request #11549 from mbaluda/mbaluda/insecure-cookie 
Java: Support interprocedural setting of cookie security
 2022-12-07 12:14:46 +01:00
Mauro Baluda
04f1fe523a Update Test.java 2022-12-02 18:01:10 +01:00
Jami Cogswell
0e3e849ead add negative summary test for java 2022-12-01 15:49:12 -05:00
Jami Cogswell
94c5d53192 add a couple more tests 2022-11-30 18:51:05 -05:00
Jami Cogswell
7f45e320d8 add tests 2022-11-30 18:07:45 -05:00
Tony Torralba
43f4dd8bc4 Consider taint through bitwise operations on PendingIntent flags 2022-11-22 11:39:30 +01:00
Jami
8a73675483 Merge pull request #11070 from jcogs33/java-regex-injection 
Java: Promote regex injection query from experimental
 2022-11-21 15:04:26 -05:00
Tony Torralba
2809c3a77c Handle disabled Maven repositories 2022-11-21 10:11:57 +01:00
Joe Farebrother
d6c5132f39 Merge pull request #10684 from joefarebrother/android-keyboard-cache 
Java: Add query for Sensitive Keyboard Cache
 2022-11-16 15:27:44 +00:00
Joe Farebrother
dd4e1d0ac3 Add tests and fix issues 2022-11-16 10:54:14 +00:00
Joe Farebrother
359d703ded More precise layout xml handling 2022-11-16 10:54:13 +00:00
Joe Farebrother
706858e211 Add test cases; fix the regex used 2022-11-16 10:54:13 +00:00
Ed Minnix
eb8ef72e47 Java: addJavascriptInterface query test case 2022-11-15 23:28:18 -05:00
Ed Minnix
3b96fefc71 Java: Add Android stubs to options file for CWE-079 test cases 2022-11-15 23:26:49 -05:00
Ed Minnix
10875568ec Java: add negative test cases for WebView file access query 2022-11-15 13:50:31 -05:00
erik-krogh
c029048306 port the Java regex/redos queries to use the shared pack 2022-11-14 21:29:41 +01:00
Ed Minnix
7a0544d80e Java: test files for WebView file access query 2022-11-14 15:11:15 -05:00
Ed Minnix
1132572620 Java: add test cases for setJavaScriptEnabled query 2022-11-14 14:33:12 -05:00
Jami
cfbaf5e53b Merge pull request #10785 from jcogs33/insuff-key-size-globalflow-keysize 
Java: Promote insufficient key size query from experimental
 2022-11-08 18:05:01 -05:00
Jami Cogswell
bada986433 apply review comments 2022-11-08 15:29:33 -05:00
Jami Cogswell
b99a1d2cd9 update sink and tests 2022-11-08 15:29:33 -05:00
Jami Cogswell
0e93e71127 update tests 2022-11-08 15:29:33 -05:00