Tony Torralba
6f1124d7e7
Handle more annotation element value types
2022-10-03 10:31:13 +02:00
Tony Torralba
1ece12efd7
Add annotation element names
2022-10-03 10:31:13 +02:00
Tony Torralba
d4499a10d2
Fix typo
2022-10-03 10:31:13 +02:00
Tony Torralba
ee7507386c
Fix annotation vs interface keyword stubbing
2022-10-03 10:31:13 +02:00
Tony Torralba
eda676df3e
Add support for Annotation types stub generation
2022-10-03 10:31:13 +02:00
Erik Krogh Kristensen
3d00a61dac
Merge pull request #10528 from erik-krogh/java-followMsg
...
Java: Update the alert messages to better follow the style guide
2022-10-03 09:49:47 +02:00
erik-krogh
39ffa558f1
make a few more queries consistent with the other languages
2022-10-02 22:38:25 +02:00
erik-krogh
2f673efc67
autoformat
2022-10-01 13:21:20 +02:00
erik-krogh
129cda00db
get a few more queries in sync with other languages
2022-10-01 11:17:48 +02:00
erik-krogh
acfcc4bfe2
update two more queries to better follow the style-guide
2022-10-01 10:59:59 +02:00
erik-krogh
7d643e41f3
Merge branch 'main' into java-followMsg
2022-10-01 10:48:06 +02:00
Tony Torralba
585cbe2b95
Fix cartesian product
2022-09-30 10:47:22 +02:00
Ed Minnix
2a2878fc7b
Move text into paragraph tag
2022-09-29 16:33:22 -04:00
Ed Minnix
e3c0e6f52a
Remove location link from alert message
...
Follow the style suggestion from the github-code-scanning bot and remove
provider element from alert link
2022-09-29 16:20:48 -04:00
Ed Minnix
f2bda1525a
Revert "Android ContentProvider.openFile does not check mode initital commit"
...
This reverts commit e37f62bb5e
2022-09-29 14:43:18 -04:00
Ed Minnix
e72963986f
Moved Android manifest incomplete permission logic into library
2022-09-29 14:06:18 -04:00
Ed Minnix
dedd29e1b3
Incomplete Android content provider permissions documentation
2022-09-29 14:05:18 -04:00
Anders Schack-Mulligen
b48b5d45ef
Merge pull request #10498 from Marcono1234/marcono1234/compilation-unit-simple-name-type
...
Java: Add `CompilationUnit.getATypeInScope()`
2022-09-28 13:18:29 +02:00
Joe Farebrother
6cb26d5129
Merge pull request #10241 from joefarebrother/android-webview-dubugging
...
Java: Add query for WebView debugging enabled
2022-09-28 10:50:51 +01:00
Tony Torralba
be9509ceb9
Merge pull request #9199 from luchua-bc/java/unsafe-url-forward-dispatch-load
...
Java: CWE-552 Query to detect unsafe resource loading in Java Spring applications
2022-09-27 15:27:51 +02:00
Tony Torralba
7ff82bbed3
Update java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll
2022-09-27 13:26:21 +02:00
Joe Farebrother
af41f2b903
Remove 'here'.
2022-09-26 13:36:14 +01:00
erik-krogh
46b5bf32f9
update alert-messsages of java queries
2022-09-26 12:15:25 +02:00
Marcono1234
c40b6285a2
Java: Adjust ImpossibleJavadocThrows.ql
2022-09-26 12:08:43 +02:00
Marcono1234
fd99ae78b3
Java: Rename predicate to getATypeInScope
2022-09-25 14:44:16 +02:00
github-actions[bot]
6cef0af5df
Post-release preparation for codeql-cli-2.11.0
2022-09-23 21:01:40 +00:00
luchua-bc
8effbff817
Remove unused code and update qldoc
2022-09-23 12:43:39 +00:00
luchua-bc
e33d786745
Add test cases and reduce FPs
2022-09-23 12:31:16 +00:00
luchua-bc
251f67dcf3
Use the new CSV model
2022-09-23 12:31:16 +00:00
luchua-bc
b3572747f0
Simplify test case and minor update to the query
2022-09-23 12:31:15 +00:00
luchua-bc
311c9e4719
Query to detect unsafe resource loading in Java Spring applications
2022-09-23 12:31:15 +00:00
github-actions[bot]
f5cf8cffa3
Release preparation for version 2.11.0
2022-09-22 20:14:12 +00:00
Dave Bartolomeo
cee0e8e137
Merge pull request #10532 from github/henrymercer/3.7-mergeback
...
Final mergeback from `rc/3.7`
2022-09-22 13:42:59 -04:00
Erik Krogh Kristensen
6e6880bbe4
Merge pull request #10486 from erik-krogh/java-unqueryable
...
Java: Delete some unused code
2022-09-22 14:21:39 +02:00
Henry Mercer
f8f99af8b7
Bump the minor version of packs we regularly release
2022-09-22 12:14:19 +01:00
Joe Farebrother
2414239e50
Fix qhelp formatting
2022-09-21 16:36:20 +01:00
Joe Farebrother
ed8ec89497
Reword suggestion on using debug flags
2022-09-21 13:57:31 +01:00
Joe Farebrother
44bd038339
Apply docs suggestions from code review
...
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com >
2022-09-21 13:57:31 +01:00
Joe Farebrother
a6a500ade2
Apply suggestions from code review - doc improvements, simplification
...
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com >
2022-09-21 13:57:31 +01:00
Joe Farebrother
6014a75e0e
Fix qhelp
2022-09-21 13:57:30 +01:00
Joe Farebrother
eed2df0fb3
Fix qhelp & ql-for-ql errors
2022-09-21 13:57:30 +01:00
Joe Farebrother
414e0b20b3
Add change note
2022-09-21 13:57:30 +01:00
Joe Farebrother
f934554143
Add docs + add an additional case
2022-09-21 13:57:29 +01:00
Joe Farebrother
20b2956322
Add webview debugging query
2022-09-21 13:57:28 +01:00
Marcono1234
431aa2cb79
Java: Add CompilationUnit.getATypeAvailableBySimpleName()
...
This predicate is mainly helpful for Javadoc queries and for queries which
check whether the name of an element shadows another type.
2022-09-20 23:15:50 +02:00
Andrew Eisenberg
58e4861b45
Merge branch 'main' into rc/3.7
2022-09-20 12:43:20 -07:00
Tony Torralba
cbb64cc8c1
Merge pull request #10352 from atorralba/atorralba/promote-template-injection
...
Java: Promote Server-side template injection from experimental
2022-09-20 16:11:58 +02:00
Chris Smowton
f826342112
Merge pull request #6246 from Marcono1234/marcono1234/annotation-improvements
...
Java: Improve and add predicates and classes for annotations
2022-09-20 11:48:29 +01:00
erik-krogh
70eced62b6
delete unused predicate that couldn't be imported from outside the folder
2022-09-20 12:40:39 +02:00
Tony Torralba
4af29e6abf
Update java/ql/src/Security/CWE/CWE-094/TemplateInjection.qhelp
...
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com >
2022-09-20 11:48:40 +02:00
