hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

12735 Commits

Author SHA1 Message Date
Am
a3b5d2a28d Update java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/DecompressionBomb.qhelp 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-07-13 10:20:43 +02:00
Am
4fbf76008e Update java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/DecompressionBomb.qhelp 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-07-13 10:20:25 +02:00
Owen Mansel-Chan
b7a5252cb0 Refactor inAndroidApplication 2024-07-13 07:35:02 +01:00
Owen Mansel-Chan
8dcef8223f Tweak change note 2024-07-13 07:31:18 +01:00
Jami Cogswell
6b497da15f Java: fix line number changes in tests 2024-07-11 15:33:09 -04:00
Jami Cogswell
ab9a6faaf3 Java: add change note 2024-07-11 15:10:11 -04:00
Jami Cogswell
77a8ba934c Java: add path-injection sink for hudson.FilePath.exists() 2024-07-11 15:03:40 -04:00
Jami Cogswell
744a1a9b72 Java: fix line number changes in tests 2024-07-11 14:07:23 -04:00
Jami Cogswell
5cf05ec863 Java: add change note 2024-07-11 13:40:50 -04:00
Jami Cogswell
4a1497f367 Java: add IOUtils.toByteArray(InputStream) summary 2024-07-11 13:33:08 -04:00
Ian Lynagh
5c97a5f667 Kotlin: Kotlin support is now out of beta, and generally available 2024-07-11 16:11:40 +01:00
Max Schaefer
d5d0cf5d90 Java: Tag java/non-https-url with CWE-345 2024-07-11 13:37:09 +01:00
Ian Lynagh
311799c798 Merge pull request #16899 from igfoo/igfoo/semmle_dist 
Java/Kotlin: Remove legacy $SEMMLE_DIST support
 2024-07-11 12:48:53 +01:00
am0o0
dd4bce8e30 finilize tests 2024-07-09 19:48:58 +02:00
am0o0
7a5838f1a2 MethodAccess => MethodCall 2024-07-09 19:43:22 +02:00
am0o0
e87d2fe922 remove redundent imports 2024-07-09 19:41:06 +02:00
Angela P Wen
80bd361607 Merge pull request #16926 from github/post-release-prep/codeql-cli-2.18.0 
Post-release preparation for codeql-cli-2.18.0
 2024-07-08 16:51:16 +02:00
Owen Mansel-Chan
b83147fa44 Add links on threat models to change note 2024-07-08 15:39:27 +01:00
Owen Mansel-Chan
8241d0b7ef Update QLDoc for ReverseDnsUserInput 2024-07-08 15:33:39 +01:00
github-actions[bot]
ae3aba061b Post-release preparation for codeql-cli-2.18.0 2024-07-08 13:30:13 +00:00
Paolo Tranquilli
a30e7d2cfd Kotlin: add all .kotlin_* in dev to .gitignore 2024-07-08 13:18:56 +02:00
Angela P Wen
dc20b0d19e Merge pull request #16921 from github/release-prep/2.18.0 
Release preparation for version 2.18.0
 2024-07-08 13:12:57 +02:00
Chris Smowton
d9573596c7 Merge pull request #16810 from smowton/smowton/feature/java-low-db-quality-query 
Java: add diagnostic query indicating low database quality
 2024-07-08 12:06:42 +01:00
Paolo Tranquilli
002e1eb730 Kotlin: make wrapper cache downloaded zips 
Also removed the version check step, as a version not existing will give
a 404 any way later on, and that was adding a delay.

The cache is stored in a `.kotlinc_zips` and will be cleaned up by
`--clear`.
 2024-07-08 11:57:07 +02:00
github-actions[bot]
b0d6778652 Release preparation for version 2.18.0 2024-07-08 09:10:51 +00:00
Owen Mansel-Chan
e2a6358048 Update tests so they still work 2024-07-07 00:24:28 +01:00
Owen Mansel-Chan
de5fc4e609 Add change notes 2024-07-07 00:24:27 +01:00
Owen Mansel-Chan
5347770608 Update Android app detection 2024-07-07 00:24:25 +01:00
Owen Mansel-Chan
9c82966022 Move detection of Android app to one place 2024-07-05 23:47:56 +01:00
am0o0
fe1103d997 add stubs, upgrade test to inline test, update test files 2024-07-04 15:25:36 +02:00
Ian Lynagh
ea16f72c6f Java: Add changenote for dropping $SEMMLE_DIST support 2024-07-03 17:12:04 +01:00
Ian Lynagh
3260966e3b Kotlin: Remove unused SEMMLE_DIST 2024-07-03 17:10:41 +01:00
Tom Hvitved
4ae8720930 SSA: Add BasicBlock.{getNode/1,length/0} to the input signature 2024-07-03 11:32:35 +02:00
am0o0
7e5f2e2a48 experimentalSinkModel to sinkModel, remove one path injection sink that already exist before 2024-07-03 08:55:12 +02:00
Michael Nebel
25b20186af Merge pull request #16861 from michaelnebel/modelgen/sourcesinklift 
C#/Java: Do not lift source and sink models.
 2024-07-02 08:50:31 +02:00
am0o0
7df59ffe6c update tests, is not completed yet :) 2024-07-01 18:22:27 +02:00
am0o0
a6833945c1 remove additional taint steps and flow states 2024-07-01 16:07:44 +02:00
am0o0
d31711bd89 merge all ne flow sources into one by extending current abstract class 2024-07-01 15:16:44 +02:00
am0o0
f1324a413a update qlhelp 2024-07-01 15:09:56 +02:00
Arthur Baars
c6d02e4909 Merge pull request #16878 from github/aibaars/merge-3.14 
Merge rc/3.14 into main
 2024-07-01 11:04:57 +02:00
github-actions[bot]
26194eb65f Add changed framework coverage reports 2024-06-30 00:19:16 +00:00
Arthur Baars
b12b33c8f9 Merge remote-tracking branch 'upstream/main' into 'rc/3.14' 2024-06-28 19:50:35 +02:00
Jami
42925b56e3 Merge pull request #15921 from jcogs33/jcogs33/unsafe-url-forward-promotion-resource-and-file-methods 
Java: add models for some resource-related methods
 2024-06-28 08:05:50 -04:00
Jami Cogswell
85a1e1a972 Java: update change note date 2024-06-27 22:11:01 -04:00
Jami Cogswell
be565288f2 Java: update more test cases due to shifted alert provenance line numbers 2024-06-27 22:08:38 -04:00
Jami Cogswell
c73af7f789 Java: update some test cases due to shifted alert provenance line numbers 2024-06-27 21:07:35 -04:00
Michael Nebel
9cb7018215 Java: Update the model generator expected test output. 2024-06-27 11:35:07 +02:00
Michael Nebel
e23ff3e499 Java: Sync files and make language specific implementation. 2024-06-27 11:27:08 +02:00
Michael Nebel
22e9ae2793 Java: Add some source/sink examples where lifting is applied. 2024-06-27 11:15:06 +02:00
Chris Smowton
27e2b00cd7 Add test for database quality diagnostic 2024-06-27 09:57:40 +01:00