hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

12735 Commits

Author SHA1 Message Date
Ian Lynagh
0cf309b64e Merge pull request #14369 from igfoo/igfoo/remove_unused 
Kotlin: Remove some unused code
 2023-10-05 13:15:20 +01:00
Chris Smowton
399fab0c6c Merge pull request #14322 from smowton/smowton/admin/add-buildless-diagnostic-expectations 
Add Java buildless diagnostic expectations
 2023-10-05 09:02:02 +01:00
Cornelius Riemenschneider
96edc1d349 Add skeleton bazel files for accessing the dbschemes. 2023-10-05 09:00:38 +02:00
Ian Lynagh
4d3863461e Kotlin: Determine our compression method later 
This way, we already have a logger at the point that we want to log a
warning.
 2023-10-04 18:32:12 +01:00
Ian Lynagh
cc63bb55c2 Kotlin: Change how we handle not supporting Brotli 
This removes the potential for impossible cases.
 2023-10-04 18:32:11 +01:00
Edward Minnix III
8e653d01a8 Merge pull request #14127 from egregius313/egregius313/java/mad/localuserinput 
Java: Convert implementations of `LocalUserInput` to Models-as-Data
 2023-10-04 12:55:44 -04:00
Ed Minnix
e2a14c7616 Add note about results to change note 2023-10-04 11:08:40 -04:00
github-actions[bot]
9fe993bec3 Release preparation for version 2.15.0 2023-10-04 14:15:27 +00:00
Michael Nebel
40e63a63e2 Java: Re-factor most queries and tests to use threat models. 2023-10-04 14:01:58 +02:00
Ian Lynagh
ec3f08037c Kotlin: Remove some unused code 2023-10-04 11:15:47 +01:00
Michael Nebel
f0fb065446 Java: Opt-in the SQL injection query to use threat model flow sources. 2023-10-04 10:51:07 +02:00
Michael Nebel
5fd6dc3b87 Java: Opt-in the XSS query to use threat model flow sources. 2023-10-04 10:48:09 +02:00
Ed Minnix
581d410304 Add change note 2023-10-03 22:29:00 -04:00
Edward Minnix III
a1d3667f1c Refactor Hudson file methods to MaD 2023-10-03 22:28:59 -04:00
Edward Minnix III
3a75c0fde7 Refactor DatabaseInput to MaD 2023-10-03 22:28:59 -04:00
Edward Minnix III
655470f3da Refactor EnvInput to MaD 2023-10-03 22:28:47 -04:00
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Michael Nebel
8224f172b2 Merge pull request #14257 from michaelnebel/java/threatmodelsources 
Java: Introduce a class of dataflow nodes for the threat modeling.
 2023-10-03 16:10:49 +02:00
Ian Lynagh
c365f459fd Merge pull request #14355 from igfoo/igfoo/lang-vers 
Kotlin: Specify language version when compiling for old compilers
 2023-10-03 11:33:23 +01:00
Michael Nebel
fcbd301de8 Java: Address review comments. 2023-10-03 10:36:45 +02:00
Michael Nebel
5b949b19f7 Java: Cleanup threat model taxanomy to align with the EDR. 2023-10-03 09:16:39 +02:00
Michael Nebel
5c700afa27 Java: Add some threat model dataflow tests. 2023-10-03 09:16:39 +02:00
Michael Nebel
537965c0e8 Java: Add some testfiles. 2023-10-03 09:16:39 +02:00
Michael Nebel
2055d5492c Java: Let RemoteFlowSource and LocalUserInput extends SourceNode and fine grain the LocalUserInput threat models. 2023-10-03 09:16:38 +02:00
Michael Nebel
9a112dde66 Java: Introduce a class of dataflow nodes for the threat modeling. 2023-10-03 09:16:38 +02:00
Ian Lynagh
513a39f0b4 Kotlin: Specify language versino when compiling for old compilers 
Otherwise builds with Kotlin 2 won't work with older compilers.
 2023-10-02 18:14:01 +01:00
Ian Lynagh
f3c5c01ec5 Kotlin: Drop support for 1.4.32 
We never claimed to support anything < 1.5.0, and compiling with
-language-version 1.4 fails as it's not meant to support sealed classes.

If we build 1.4.32 with -language-version 1.5 using a 2.0 compiler,
then the resulting plugin also fails.
 2023-10-02 17:29:10 +01:00
amammad
863fa364e2 remove CLI sources Library file & unused file system sinks 2023-09-30 20:11:14 +10:00
amammad
bb8063c0f4 remove CLI sources & unused imports 2023-09-30 06:07:44 +10:00
amammad
2ab10262fc V3: better sinks, replace sinks arguments to sinks method accesses 2023-09-30 06:06:34 +10:00
amammad
83cffea1a1 v3 2023-09-30 05:56:39 +10:00
amammad
3e9c3e6987 remove inputStream and its subclasses module which has no impact on query now! 2023-09-30 04:28:37 +10:00
amammad
c1b9310ec2 add comments for modules & remote local sources 2023-09-30 04:28:02 +10:00
Anders Schack-Mulligen
efb49fcd3e Merge pull request #14336 from aschackmull/java/switch-rule-stmt-cfg 
Java: Fix CFG for case rule statements.
 2023-09-29 12:02:48 +02:00
Stephan Brandauer
d7beda79ab Merge pull request #14197 from github/kaeluka/framework-mode-source-candidates 
Java: Framework mode source candidates
 2023-09-28 21:09:54 +02:00
Ian Lynagh
30d7f0cf0a Merge pull request #14334 from igfoo/igfoo/ext-frag 
Kotlin: Handle IrExternalPackageFragment properly for more external entities
 2023-09-28 20:01:52 +01:00
Ian Lynagh
7f5f25c362 Merge pull request #14338 from igfoo/igfoo/dedupe 
Kotlin: Differentiate 2 error messages
 2023-09-28 17:56:53 +01:00
Stephan Brandauer
fdbc553029 Java: Automodel Framework mode: no longer skip non-public methods 2023-09-28 16:17:44 +02:00
Ian Lynagh
e9482fb096 Kotlin: Differentiate 2 error messages 2023-09-28 14:59:21 +01:00
Ian Lynagh
5db283e86a Kotlin: Fix comment 2023-09-28 14:26:02 +01:00
Anders Schack-Mulligen
15e1098791 Java: Add change note. 2023-09-28 14:28:24 +02:00
Anders Schack-Mulligen
94556078f1 Java: Add guards logic for SwitchExpr default cases. 2023-09-28 14:21:04 +02:00
Anders Schack-Mulligen
917a15647e Java: Fix CFG for rule statements. 2023-09-28 14:19:36 +02:00
Anders Schack-Mulligen
922a4e8ddf Java: Add failing test 2023-09-28 14:15:56 +02:00
Ian Lynagh
261ae4ea4d Kotlin: Handle IrExternalPackageFragment properly for more external entities 2023-09-28 12:12:18 +01:00
Asger F
0d96ed8aee Merge pull request #14305 from asgerf/shared/flow-state-inout-barriers 
Shared: add in/out barriers with flow state
 2023-09-28 11:07:23 +02:00
Anders Schack-Mulligen
5feb2f7622 Merge pull request #14321 from aschackmull/shared/filesystem 
All languages: Use shared FileSystem library and minor regex performance improvement.
 2023-09-28 10:51:05 +02:00
Koen Vlaswinkel
10231e99ce Merge pull request #14199 from github/koesie10/add-java-model-editor-queries 
Java: Add VS Code model editor queries
 2023-09-28 10:13:13 +02:00
Anders Schack-Mulligen
653844cc46 Java: Use shared FileSystem library. 2023-09-28 08:58:55 +02:00