hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

12735 Commits

Author SHA1 Message Date
Chris Smowton
06238dd5f6 Improve reflective class names 2023-10-24 13:29:32 +01:00
Chris Smowton
011666b48c Fix description and improve predicate name of VarWrite. 2023-10-24 12:59:57 +01:00
Chris Smowton
ede17585a6 Amend NewClassExpr description 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-24 12:51:42 +01:00
Chris Smowton
e3edea2a5f Apply simple suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-24 12:51:03 +01:00
Stephan Brandauer
eb97ce3294 Java: automodel extraction query docs, candidate examples 2023-10-24 13:49:38 +02:00
Chris Smowton
efb63aada3 Add change note 2023-10-24 11:45:41 +01:00
Chris Smowton
3627eb2bcf Add missing qldoc 2023-10-24 11:15:08 +01:00
Chris Smowton
e8c9708282 Autoformat 2023-10-24 11:06:19 +01:00
Chris Smowton
09e83d1173 Fix isEnclosingMethodAccess wrapper 2023-10-24 11:03:57 +01:00
Chris Smowton
ac38d4c9c6 Mass rename L/RValue -> VarWrite/Read 2023-10-24 10:58:29 +01:00
Chris Smowton
59a49eef0b Add aliases for public, importable renamed classes and predicates. 
Also rename and aliases a couple of uses of Access noted along the way.
 2023-10-24 10:54:35 +01:00
Chris Smowton
f552a15aae Mass-rename MethodAccess -> MethodCall 2023-10-24 10:30:26 +01:00
Chris Smowton
a10731c591 Java: introduce more-intuitive names for ClassInstanceExpr, L/RValue and MethodAccess. 2023-10-24 09:38:49 +01:00
Tony Torralba
cd10dc8a27 Java: Added up to date models for Spring's ResponseEntity 2023-10-23 16:06:11 +02:00
Ian Lynagh
b89088737a Merge pull request #14551 from igfoo/igfoo/loc 
Java/Kotlin: Reshuffle our LoC queries
 2023-10-23 11:50:03 +01:00
Stephan Brandauer
319b799f95 Merge pull request #14553 from github/kaeluka/fix-positive-example-query 
Java: Automodel Framework Mode Extraction Bug
 2023-10-23 09:48:49 +02:00
Dave Bartolomeo
76a9b71231 Merge branch 'main' into dbartol/threat-models 2023-10-20 14:05:17 -04:00
Stephan Brandauer
1d7c2f4799 Java: format 2023-10-20 16:37:46 +02:00
Stephan Brandauer
f0c0bbf4c8 remove bug: needless restriction to sink examples in framework mode +examples 2023-10-20 16:34:29 +02:00
Ian Lynagh
26634a3266 Java/Kotlin: Add a changenote for the lines-of-code changes 2023-10-20 13:04:39 +01:00
Ian Lynagh
d816035da6 Java/Kotlin: Tweak LoC message 2023-10-20 13:02:11 +01:00
Ian Lynagh
13a9e83e6a Java/Kotlin: Reshuffle our LoC queries 
There's now a single lines-of-code query that gives the total number of
lines of code over both languages.

Per-language LoC queries are now just summaries.
 2023-10-20 12:43:41 +01:00
Ian Lynagh
a4ef183a2e Merge pull request #14529 from igfoo/igfoo/classid_fqname 
Kotlin: Don't convert back and forth between ClassId and FqName
 2023-10-20 10:28:25 +01:00
Dave Bartolomeo
fb1b41b649 Fix formatting 2023-10-19 17:20:38 -04:00
Dave Bartolomeo
910b2a98f1 Merge remote-tracking branch 'origin/main' into dbartol/threat-models 2023-10-19 17:07:38 -04:00
Dave Bartolomeo
bd7de83aab Use extension packs for threat models 2023-10-19 17:07:26 -04:00
Dave Bartolomeo
712f7758cf Merge branch 'main' into post-release-prep/codeql-cli-2.15.1 2023-10-19 12:14:07 -04:00
github-actions[bot]
065353667f Add changed framework coverage reports 2023-10-19 00:15:51 +00:00
Tony Torralba
da44b13fd4 Merge pull request #14515 from atorralba/atorralba/java/spring-csrf-improv 
Java: Improve java/spring-disabled-csrf-protection
 2023-10-18 17:49:10 +02:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
Chris Smowton
70aa490bbd Merge pull request #14503 from smowton/smowton/admin/adapt-tests-to-jdk21 
Java: Adapt tests to JDK21
 2023-10-17 20:07:47 +01:00
Edward Minnix III
15afc3ed64 Merge pull request #14491 from egregius313/egregius313/java/mad/convert-iv 
Java: Refactor `java/static-initialization-vector` to use Models as Data
 2023-10-17 13:15:45 -04:00
Ian Lynagh
ab891465a4 Kotlin: Don't convert back and forth between ClassId and FqName 
This showed up as a bug in Kotlin 2 mode:

We were starting with the Class Id "java/util/Map.Entry", which we then
converted to the FqName "java.util.Map.Entry", and then back to a
Class Id with ClassId.topLevel. This gave us a Class Id that
referenceClass wasn't able to resolve.

Now we just stick with the Class Id that we started with, and the class
can be resolved by Kotlin 2.
 2023-10-17 17:01:53 +01:00
Ed Minnix
8ed5bfb27d Remove reference to DataFlow2 2023-10-17 10:59:36 -04:00
Stephan Brandauer
9d719aa44e Merge pull request #13444 from github/java/update-mad-decls-after-triage-2023-06-13T14-50-57 
Java: Update MaD Declarations after Triage
 2023-10-17 13:54:10 +02:00
Tony Torralba
96d6e8e3f2 Update change note 2023-10-17 11:57:53 +02:00
Tony Torralba
3cd06b0026 More review suggestions 2023-10-17 11:54:32 +02:00
Tony Torralba
62a9ffd277 Apply suggestions from code review 2023-10-17 11:51:55 +02:00
Tony Torralba
4ecda9cccd Add consistency check exception 2023-10-17 10:18:19 +02:00
Chris Smowton
3145c53a19 Accept test changes for JDK21 2023-10-16 22:00:41 +01:00
Chris Smowton
bd77f572f1 Compile collections test for Java 11 2023-10-16 21:54:09 +01:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Ian Lynagh
0a0ce1f202 Kotlin: Log when we start and finish writing to TRAP files 2023-10-16 16:14:23 +01:00
Edward Minnix III
21bea38ec8 Merge pull request #14472 from egregius313/egregius313/sync-local-and-remote-queries 
Java: Synchronize `*Local` versions of queries with their remote counterpart
 2023-10-16 10:31:40 -04:00
Ed Minnix
c65d407937 Remove old DataFlow2 import 2023-10-16 10:30:00 -04:00
Tony Torralba
d08ee76b16 Java: Improve java/spring-disabled-csrf-protection 2023-10-16 16:01:14 +02:00
Tony Torralba
ae8e237f2c Merge pull request #14494 from atorralba/atorralba/remove-library 
Java/C/C#: Remove library annotations
 2023-10-16 09:01:40 +02:00
Owen Mansel-Chan
53561008a1 Merge pull request #14445 from owen-mc/go/automated-mad-coverage-report 
Go: automated mad coverage report
 2023-10-15 21:49:47 +01:00
amammad
59fb479895 update tests 2023-10-14 12:28:58 +02:00
amammad
e34cc42441 fix a mistake 2023-10-14 12:18:13 +02:00