codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00

Author	SHA1	Message	Date
Ian Lynagh	e610573411	Merge pull request #16078 from igfoo/igfoo/exprs_changes Kotlin 2: Accept more changes	2024-04-02 12:19:17 +01:00
Ian Lynagh	e5999f76b0	Merge pull request #16079 from igfoo/igfoo/del Kotlin 2: Accept some more location changes	2024-04-02 12:18:58 +01:00
github-actions[bot]	55987d9c1f	Add changed framework coverage reports	2024-04-02 00:16:19 +00:00
github-actions[bot]	8e61c6625b	Post-release preparation for codeql-cli-2.17.0	2024-04-01 15:27:42 +00:00
github-actions[bot]	ec97d9a304	Release preparation for version 2.17.0	2024-04-01 13:46:57 +00:00
Owen Mansel-Chan	fdafaa2ff4	Change note: update numbers of models added	2024-04-01 14:04:01 +01:00
Owen Mansel-Chan	e3fb40a842	Adjust change note	2024-04-01 14:03:53 +01:00
Owen Mansel-Chan	a5979e209a	Add change note	2024-04-01 14:03:47 +01:00
Owen Mansel-Chan	fa614df3f4	Tests fixed by model for `CharBuffer.wrap(char[])`	2024-04-01 14:03:42 +01:00
Owen Mansel-Chan	2d24fe011b	Accept that lots of sinks are now summaries as well	2024-04-01 14:03:36 +01:00
Owen Mansel-Chan	9067a337b0	Test fixed by model for `BasicAttributes(String, Object)`	2024-04-01 14:03:30 +01:00
Owen Mansel-Chan	776c9d9eb2	Accept changes to top jdk apis test	2024-04-01 14:03:23 +01:00
Owen Mansel-Chan	52e6ea30e7	Accept more capture summary models This line is added because `FileOutputStream`'s constructor is now modeled as propagating taint, not just as a sink. \| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];ReturnValue;taint;df-generated \|	2024-04-01 14:03:00 +01:00
Owen Mansel-Chan	919436efbb	Remove df-gen models we have deliberately modeled Manual models always take precedence over generated models, so there is no point in keeping the generated models. These manual models were deliberately written to take precedence over the corresponding df-gen models.	2024-04-01 13:59:36 +01:00
Jami	d889e3cf98	Merge pull request #14854 from jcogs33/jcogs33/unsafe-url-forward-promotion Java: Promote Unsafe URL Forward query from experimental	2024-03-29 16:34:06 -04:00
Jami	2f8c4df309	docs wording updates Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2024-03-28 16:15:05 -04:00
Ian Lynagh	3acdc73f22	Kotlin 2: Accept some more location changes	2024-03-28 16:15:37 +00:00
Ian Lynagh	568fba6940	Kotlin 2: Accept some more test changes	2024-03-28 15:28:36 +00:00
Ian Lynagh	0fdc71bf57	Kotlin 2: Accept a test change For if(r != null) { val r2: Rectangle = r in Kotlin 2 mode, there is no IMPLICIT_NOTNULL check in Kotlin 2 mode: then: BLOCK type=kotlin.Unit origin=null VAR name:r2 type:java.awt.Rectangle [val] - TYPE_OP type=java.awt.Rectangle origin=IMPLICIT_NOTNULL typeOperand=java.awt.Rectangle - GET_VAR 'val r: @[FlexibleNullability] java.awt.Rectangle? [val] declared in <root>.foo' type=@[FlexibleNullability] java.awt.Rectangle? origin=null + GET_VAR 'val r: @[FlexibleNullability] java.awt.Rectangle? [val] declared in <root>.foo' type=@[FlexibleNullability] java.awt.Rectangle? origin=null VAR name:height type:kotlin.Int [val] GET_FIELD 'FIELD IR_EXTERNAL_JAVA_DECLARATION_STUB name:height type:kotlin.Int visibility:public' type=kotlin.Int origin=null receiver: GET_VAR 'val r2: java.awt.Rectangle [val] declared in <root>.foo' type=java.awt.Rectangle origin=null	2024-03-28 15:23:27 +00:00
Ian Lynagh	96723b1a8f	Kotlin 2: Accept some loc changes	2024-03-28 15:11:19 +00:00
Ian Lynagh	24c4c3e068	Kotlin 2: Accept a test change With: open class Root {} class Subclass1: Root() {} fun typeTests(x: Root, y: Subclass1) { val y1: Subclass1 = if (x is Subclass1) { x } else { y } } we now get a slightly different AST, which means we no longer need to insert a StmtExpr: BRANCH if: TYPE_OP type=kotlin.Boolean origin=INSTANCEOF typeOperand=<root>.Subclass1 GET_VAR 'x: <root>.Root declared in <root>.typeTests' type=<root>.Root origin=null - then: TYPE_OP type=<root>.Subclass1 origin=IMPLICIT_CAST typeOperand=<root>.Subclass1 - BLOCK type=<root>.Root origin=null + then: BLOCK type=<root>.Subclass1 origin=null + TYPE_OP type=<root>.Subclass1 origin=IMPLICIT_CAST typeOperand=<root>.Subclass1 GET_VAR 'x: <root>.Root declared in <root>.typeTests' type=<root>.Root origin=null	2024-03-28 15:07:30 +00:00
Ian Lynagh	5dcd635403	Merge pull request #15961 from igfoo/igfoo/MissingEnumInSwitch Java: Limit the amount of results that MissingEnumInSwitch produces per switch	2024-03-28 11:13:45 +00:00
Jami Cogswell	e90f55a05f	Java: move change note to lib	2024-03-27 20:56:19 -04:00
Jami Cogswell	e58e5fb825	Java: add change note	2024-03-27 20:51:13 -04:00
Jami Cogswell	b35f318910	Java: update models	2024-03-27 20:39:34 -04:00
Ian Lynagh	b6a1266ade	Java: Accept test changes for MissingEnumInSwitch Oxford commas	2024-03-27 18:48:22 +00:00
Ian Lynagh	fda3c92612	Java: Add a changenote for the MissingEnumInSwitch change	2024-03-27 15:12:55 +00:00
Ian Lynagh	59ae6dd5f5	Java: Add a couple of Oxford commas	2024-03-27 15:07:58 +00:00
Jami Cogswell	40c932a5f9	Java: move UrlForward.qll code to UrlForwardQuery.qll	2024-03-27 10:12:28 -04:00
Jami Cogswell	2391fe7d89	Java: use InlineFlowTest instead of InlineExpectationsTest	2024-03-27 08:44:17 -04:00
Max Schaefer	32ebd4eebb	Automodel: Filter unexploitable types in application mode. We already did this in framework mode.	2024-03-27 12:22:24 +00:00
Arthur Baars	ba89f1b6b1	Merge pull request #15896 from github/aibaars/java-update-output Java: update expected output	2024-03-27 13:19:52 +01:00
Jami Cogswell	121b24ea7c	Java: remove parentheses	2024-03-27 08:16:06 -04:00
Owen Mansel-Chan	311512c768	Remove df-gen models for incidentally modelled APIs Manual models always take precedence over generated models, so there is no point in keeping the generated models. These APIs happened to have been modelled between model generation and merging this PR.	2024-03-27 12:15:08 +00:00
Owen Mansel-Chan	f03a56f7e0	Run generation script The command line was: python3 /Users/owen-mc/workspace/codeql-home/codeql/java/ql/src/utils/modelgenerator/GenerateFlowModel.py /Users/owen-mc/db/java/openjdk17 --with-summaries --with-neutrals	2024-03-27 12:15:00 +00:00
Jami Cogswell	35fbc95cc7	Java: remove redundant line	2024-03-27 08:09:40 -04:00
Ian Lynagh	6cd94cf253	Merge pull request #16059 from igfoo/igfoo/exprs Kotlin 2: Accept more location changes	2024-03-27 11:17:07 +00:00
Tony Torralba	7a0446740b	Update java/ql/lib/ext/java.net.model.yml Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>	2024-03-27 09:09:48 +01:00
Arthur Baars	497325455a	Java: update expected output	2024-03-26 18:40:22 +01:00
Tony Torralba	d786ea90a4	Java: Add more neutrals Adds more neutral models to help the model generator ignore certain callables. Also improves the precision of certain URL models by using synthetic fields so that the parts of a URL are tainted separately.	2024-03-26 17:31:11 +01:00
Ian Lynagh	c5604c97bd	Kotlin 2: Accept more location changes	2024-03-26 14:10:28 +00:00
Henry Mercer	0646744928	Merge branch 'main' into henrymercer/merge-back-rc-3.13	2024-03-26 12:59:12 +00:00
Dave Bartolomeo	c11b8f9d51	Remove unused data extension in test	2024-03-25 19:14:54 -04:00
Dave Bartolomeo	98bf5269a0	Merge pull request #16040 from github/dbartol/qltest-model Use correct model pack name in qltest data extension	2024-03-25 15:29:16 -04:00
github-actions[bot]	f67b5f9158	Post-release preparation for codeql-cli-2.16.6	2024-03-25 18:17:15 +00:00
github-actions[bot]	71ab804274	Release preparation for version 2.16.6	2024-03-25 16:58:08 +00:00
Chris Smowton	dcebcc35b6	Rename getPatternAtIndex	2024-03-25 16:36:38 +00:00
Chris Smowton	568bddc4a9	Add test cases for cases falling directly out of switch blocks	2024-03-25 16:31:40 +00:00
Chris Smowton	17193ac11b	Distinguish record patterns that do or don't declare identifiers	2024-03-25 16:31:40 +00:00
Chris Smowton	a4401963f5	Use getAPattern	2024-03-25 16:31:39 +00:00

... 18 19 20 21 22 ...

12735 Commits