codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Author	SHA1	Message	Date
github-actions[bot]	92af5f5386	Post-release preparation for codeql-cli-2.15.4	2023-12-06 22:59:22 +00:00
github-actions[bot]	c04457e9e7	Release preparation for version 2.15.4	2023-12-06 21:11:50 +00:00
Tony Torralba	649dc9d1d4	Merge pull request #14993 from github/shati-patel/fix-cwe-tags Update inconsistent CWE tags	2023-12-04 14:30:32 +01:00
Shati Patel	6284781a9b	Update inconsistent CWE tags Most tags use the "external/cwe/cwe-xxx" format, except for these few queries. Updating them for consistency.	2023-12-04 11:52:31 +00:00
Chris Smowton	ad713a7a93	Java: report any extracted file as successfully extracted	2023-12-01 22:35:00 +00:00
Chris Smowton	bbc0f29f16	Restrict getCheckedType to unrestricted records, introduce getSyntacticCheckedType and use that where appropriate	2023-11-30 11:24:05 +00:00
Chris Smowton	d2ff1baff0	Replace getDefaultOrNullDefaultCase with getDefaultCase	2023-11-30 11:24:03 +00:00
Chris Smowton	88d9caff8c	Unused local query: exclude mandatory declarations	2023-11-30 11:24:02 +00:00
Chris Smowton	91774099fa	Write-only container query: account for implicitly-initialised variables	2023-11-30 11:24:01 +00:00
Chris Smowton	bb6e04456a	Boxed variable query: account for implicit-init variables	2023-11-30 11:24:01 +00:00
Chris Smowton	9035ba1f30	Fix isImplicitInit; use it in empty-container query	2023-11-30 11:24:01 +00:00
Chris Smowton	54a89d6fef	Handle 'case null, default:'	2023-11-30 11:23:59 +00:00
Chris Smowton	9a450b09be	Account for pattern-cases in more places	2023-11-30 11:23:59 +00:00
masterofnow	57d897d40f	Merge branch 'main' into LoadClassNoSignatureCheck	2023-11-30 10:05:00 +08:00
amammad	97eb7b7b72	update example to include more logical vulnerable pattern, add documentations for ql classes	2023-11-22 09:27:55 +01:00
Arthur Baars	db180d9872	Merge pull request #14823 from github/post-release-prep/codeql-cli-2.15.3 Post-release preparation for codeql-cli-2.15.3	2023-11-19 12:13:42 +01:00
masterofnow	2952d8f65a	Updated query to cover broader detection.	2023-11-18 18:52:47 +08:00
github-actions[bot]	bad499e360	Post-release preparation for codeql-cli-2.15.3	2023-11-17 14:35:41 +00:00
Max Schaefer	ca334021ad	Merge pull request #14793 from github/max-schaefer/tainted-path-qhelp Java: Improve QHelp for `java/path-injection` to mention less disruptive fixes.	2023-11-16 14:09:55 +00:00
github-actions[bot]	6ec9b95072	Release preparation for version 2.15.3	2023-11-16 13:07:16 +00:00
Max Schaefer	a5e7ef424e	Revert "Add additional example." This reverts commit `947b094387`.	2023-11-16 11:54:16 +00:00
Max Schaefer	143e1680bd	Apply suggestions from code review Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2023-11-16 11:42:35 +00:00
Max Schaefer	947b094387	Add additional example.	2023-11-16 10:06:19 +00:00
Max Schaefer	009d58034f	Address suggestions from review.	2023-11-16 10:05:54 +00:00
Max Schaefer	a46a7fadb2	Java: Improve QHelp for `java/path-injection` to mention less disruptive fixes.	2023-11-15 11:25:13 +00:00
masterofnow	532f6a5b0c	Removed @kind path-problem in comment. Added text message in select.	2023-11-13 08:27:07 +08:00
masterofnow	20592352d0	Updated text in LoadClassNoSignatureCheck.qhelp	2023-11-12 20:48:49 +08:00
masterofnow	fd66f47d82	Added LoadClassNoSignatureCheck.ql	2023-11-12 20:27:49 +08:00
Tony Torralba	5442cdb49c	Merge pull request #14610 from atorralba/atorralba/java/jms-deserialization Java: Add JMS sink to java/unsafe-deserialization	2023-11-08 09:10:20 +01:00
Geoffrey White	e8a466a02c	Update dead link.	2023-11-07 09:26:07 +00:00
github-actions[bot]	2b939fdf08	Post-release preparation for codeql-cli-2.15.2	2023-10-30 16:06:51 +00:00
github-actions[bot]	4641990021	Release preparation for version 2.15.2	2023-10-30 11:05:53 +00:00
Tony Torralba	7af3d239ab	Java: Add JMS sink to java/unsafe-deserialization	2023-10-26 16:46:19 +02:00
Chris Smowton	06238dd5f6	Improve reflective class names	2023-10-24 13:29:32 +01:00
Chris Smowton	e8c9708282	Autoformat	2023-10-24 11:06:19 +01:00
Chris Smowton	ac38d4c9c6	Mass rename L/RValue -> VarWrite/Read	2023-10-24 10:58:29 +01:00
Chris Smowton	59a49eef0b	Add aliases for public, importable renamed classes and predicates. Also rename and aliases a couple of uses of Access noted along the way.	2023-10-24 10:54:35 +01:00
Chris Smowton	f552a15aae	Mass-rename MethodAccess -> MethodCall	2023-10-24 10:30:26 +01:00
Ian Lynagh	b89088737a	Merge pull request #14551 from igfoo/igfoo/loc Java/Kotlin: Reshuffle our LoC queries	2023-10-23 11:50:03 +01:00
Ian Lynagh	26634a3266	Java/Kotlin: Add a changenote for the lines-of-code changes	2023-10-20 13:04:39 +01:00
Ian Lynagh	d816035da6	Java/Kotlin: Tweak LoC message	2023-10-20 13:02:11 +01:00
Ian Lynagh	13a9e83e6a	Java/Kotlin: Reshuffle our LoC queries There's now a single lines-of-code query that gives the total number of lines of code over both languages. Per-language LoC queries are now just summaries.	2023-10-20 12:43:41 +01:00
Dave Bartolomeo	712f7758cf	Merge branch 'main' into post-release-prep/codeql-cli-2.15.1	2023-10-19 12:14:07 -04:00
Tony Torralba	da44b13fd4	Merge pull request #14515 from atorralba/atorralba/java/spring-csrf-improv Java: Improve java/spring-disabled-csrf-protection	2023-10-18 17:49:10 +02:00
github-actions[bot]	8dcd8b9e5b	Post-release preparation for codeql-cli-2.15.1	2023-10-17 20:24:00 +00:00
github-actions[bot]	3b3c036626	Release preparation for version 2.15.1	2023-10-16 17:49:39 +00:00
Tony Torralba	d08ee76b16	Java: Improve java/spring-disabled-csrf-protection	2023-10-16 16:01:14 +02:00
Tony Torralba	ae8e237f2c	Merge pull request #14494 from atorralba/atorralba/remove-library Java/C/C#: Remove library annotations	2023-10-16 09:01:40 +02:00
Owen Mansel-Chan	53561008a1	Merge pull request #14445 from owen-mc/go/automated-mad-coverage-report Go: automated mad coverage report	2023-10-15 21:49:47 +01:00
amammad	7fcf39277d	modularize	2023-10-14 12:04:25 +02:00

... 8 9 10 11 12 ...

5453 Commits