hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,258 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.3
Commit Graph

4111 Commits

Author SHA1 Message Date
Michael Nebel
0a931aa69f Java: Add change note. 2024-10-21 15:19:38 +02:00
Michael Nebel
9a44eec04c Java: Add manual models for FileReader (they would also have disappeared if models were re-generated without using mixed mode). 2024-10-21 15:19:37 +02:00
Michael Nebel
b356c3cd48 Java: Manually model ZipFile (due to CWE-522 compression bombs test failure). 2024-10-21 15:19:36 +02:00
Michael Nebel
f7b38a8955 Java: Add some less precise models for BasicAttributes to get the models to work with search sink and re-generate SDK models. 2024-10-21 15:19:34 +02:00
Michael Nebel
3b6f39931b Java: Re-add generated (mixed) summaries and neutrals for the Java SDK 17. 2024-10-21 15:19:28 +02:00
Michael Nebel
f50734f0ee Java: Delete all generated Java JDK models. 2024-10-21 15:19:27 +02:00
Chris Smowton
5ba37bd7a3 Rename change note 2024-10-21 09:36:07 +01:00
Chris Smowton
241f951db1 Add change-note for Java buildless packaging its required Maven plugin 2024-10-18 17:43:18 +01:00
Rasmus Lerchedahl Petersen
22d621c625 shared: add locations to typetracking nodes 2024-10-16 15:16:18 +02:00
Anders Schack-Mulligen
c20f12fa6c Add qldoc. 2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen
8b99154a00 Java: Add support for speculative taint flow. 2024-10-16 14:35:19 +02:00
Anders Schack-Mulligen
c80627a3d3 Dataflow: add plumbing for adding provenance to state-steps. 2024-10-16 14:35:18 +02:00
github-actions[bot]
079ab77a38 Post-release preparation for codeql-cli-2.19.2 2024-10-15 12:16:59 +00:00
github-actions[bot]
255f55cf1a Release preparation for version 2.19.2 2024-10-15 10:29:25 +00:00
Owen Mansel-Chan
927b402a3a Merge pull request #17668 from igfoo/igfoo/typo 
Java: Typo in a comment
 2024-10-06 13:22:08 +01:00
Ian Lynagh
d24bdbb4e4 Java: Typo in a comment 2024-10-04 17:34:39 +01:00
Tom Hvitved
2832318711 Java: Account for top-level res folders in AndroidLayoutXmlFile 2024-10-04 08:35:28 +02:00
Anders Schack-Mulligen
6081ba5902 Merge pull request #17604 from aschackmull/java/neutral-overrides 
Java/C#: Add overrides to the interpretation of neutral MaD models.
 2024-10-01 14:55:54 +02:00
github-actions[bot]
e97878ed63 Post-release preparation for codeql-cli-2.19.1 2024-09-30 19:49:00 +00:00
github-actions[bot]
455c8c5953 Release preparation for version 2.19.1 2024-09-30 17:59:48 +00:00
Anders Schack-Mulligen
222ae6ad2d Java: Add a neutral for Comparable.compareTo 2024-09-30 15:51:48 +02:00
Anders Schack-Mulligen
fcb677e84d Java: Add a neutral for Collection.remove. 2024-09-30 15:46:43 +02:00
Anders Schack-Mulligen
38818f3cd2 Java: Adjust Set.clear model to apply to overrides. 2024-09-30 15:46:42 +02:00
Anders Schack-Mulligen
0459d136d3 Java: Remove neutral model for Object.toString. 2024-09-30 15:17:21 +02:00
Anders Schack-Mulligen
1f95fa10fb Java: Fix comment re. neutrals and WithoutElement. 
The remove methods should not have been in this section, as they're
plain neutrals.
 2024-09-30 15:08:56 +02:00
Anders Schack-Mulligen
ec0bd4494c Java: Add overrides to the interpretation of neutral MaD models. 2024-09-30 13:11:49 +02:00
Anders Schack-Mulligen
a017f92b78 Merge pull request #17579 from aschackmull/java/type-sanitizers 
Java: Add more type-based sanitizers.
 2024-09-30 10:07:06 +02:00
Anders Schack-Mulligen
b0ed47c277 Merge pull request #17605 from aschackmull/java/stringbuilder-neutrals 
Java: Add a couple of neutrals
 2024-09-30 10:03:41 +02:00
Anders Schack-Mulligen
fb630d266e Java: Add a couple of neutrals 2024-09-27 15:24:06 +02:00
Anders Schack-Mulligen
2d76752ca0 Java: Add model for CharArrayWriter.toString(). 2024-09-27 11:28:20 +02:00
Rasmus Wriedt Larsen
381ea93ec3 Merge pull request #17424 from RasmusWL/active-threat-model-source 
Go/Java/C#: Rename `ThreatModelFlowSource` to `ActiveThreatModelSource`
 2024-09-26 13:08:17 +02:00
Chris Smowton
76914c40c9 Merge pull request #17591 from github/smowton/admin/java-23-change-note 
Add change note for Java 23 support
 2024-09-26 10:14:21 +01:00
Michael Nebel
dd993c3900 Merge pull request #17509 from michaelnebel/modelgen/parammodule 
C#/Java: Re-factor the model generator to be a parameterized module.
 2024-09-26 10:57:16 +02:00
Chris Smowton
ba5be80814 Typo 2024-09-25 21:32:52 +01:00
Chris Smowton
2c9488e475 Add change note for Java 23 support 2024-09-25 21:32:24 +01:00
Ian Lynagh
a8cad4963e Kotlin: 2.1.0 is supported 2024-09-25 15:23:31 +01:00
Anders Schack-Mulligen
aaecb9bb7a Java: Add more type-based sanitizers. 2024-09-25 10:38:17 +02:00
Ian Lynagh
9b8152a44b Java: Add up/downgrade scripts 2024-09-24 14:06:56 +01:00
Ian Lynagh
76662a6002 Java: Add changenote for deprecation of Field.getSourceDeclaration() and Field.isSourceDeclaration() 2024-09-24 14:06:55 +01:00
Ian Lynagh
bda779a58d Java: Deprecate Field.getSourceDeclaration() and Field.isSourceDeclaration() 
Also follows the removal of the sourceid column of fields.
 2024-09-24 14:06:54 +01:00
Ian Lynagh
300864a38b Java: dbscheme: Remove sourceid column of fields/5 
It was always the same as the id column.
 2024-09-24 14:06:53 +01:00
Chuan-kai Lin
1cd8af54f2 Merge pull request #17190 from github/cklin/diff-informed-java-queries 
Java: add support for alert location restrictions
 2024-09-23 08:39:24 -07:00
Rasmus Wriedt Larsen
63c3a71d95 Merge branch 'main' into active-threat-model-source 2024-09-23 11:18:14 +02:00
Chuan-kai Lin
75ec8ce58e Java: apply query alert restrictions 2024-09-20 07:47:58 -07:00
Anders Schack-Mulligen
3a1e50dcf9 Dataflow: Simplify diff-informed implementation and tweak flag name. 2024-09-20 07:07:10 -07:00
Michael Nebel
2033818e39 Java: Use the shared model generator implementation. 2024-09-19 12:20:51 +02:00
Mauro Baluda
cab35a25a5 Remove duplicate summary for MultipartFile.getInputStream and update .expected file 2024-09-18 20:43:04 +02:00
Mauro Baluda
5ae51f0b56 Address review 2024-09-18 19:28:03 +02:00
Mauro Baluda
cfa14ad5eb Update org.springframework.core.io.model.yml 
Model summary for `getInputStream` methods
 2024-09-18 18:13:29 +02:00
Anders Schack-Mulligen
2837d2551a Merge pull request #17490 from aschackmull/java/capture-in-obinit 
Java: Fix support for variable capture inside object initializers.
 2024-09-18 09:29:01 +02:00