hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,734 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.4
Commit Graph

4003 Commits

Author SHA1 Message Date
Geoffrey White
369f88beda Java: Fix for multiple parse mode flags. 2023-07-20 11:49:54 +01:00
Geoffrey White
32c10885d4 Java: Add test case. 2023-07-20 11:43:11 +01:00
Anders Schack-Mulligen
ae24d68b5d C/C++/C#/Java/Python/Ruby/Swift: Adjust expected output. 2023-07-19 11:41:15 +02:00
Paul Hodgkinson
c7084b6d8e Merge branch 'main' into java/experimental/command-injection 2023-07-18 11:38:44 +01:00
Ian Lynagh
fe24cc1900 Merge pull request #13718 from igfoo/igfoo/file_classes 
Kotlin: Improve file class support
 2023-07-12 15:42:16 +01:00
Ian Lynagh
af5cd7cf4f Merge pull request #13723 from igfoo/igfoo/kotlin-1.9.0 
Kotlin: Run CI with 1.9.0
 2023-07-12 12:24:04 +01:00
Ian Lynagh
b83f0275e3 Kotlin: Accept test changes for Kotlin 1.9.0 2023-07-11 17:37:24 +01:00
Ian Lynagh
470e033090 Kotlin: Restrict a test's results to those in the test directory 2023-07-11 17:37:23 +01:00
Ian Lynagh
c21797dd3c Kotlin: Add a test for file classes 2023-07-11 13:21:56 +01:00
Tony Torralba
16529cdd18 Add failing test 2023-07-10 17:40:15 +02:00
Tony Torralba
b70e21df4f Merge pull request #13702 from atorralba/atorralba/kotlin/apply 
Kotlin: Support apply
 2023-07-10 17:39:57 +02:00
Tony Torralba
0f18c0227b Kotlin: Support apply 2023-07-10 16:15:27 +02:00
Paul Hodgkinson
bfbb77a796 Merge branch 'main' into java/experimental/command-injection 2023-06-29 09:51:14 +01:00
aegilops
8dbb0a51c0 Rewrote tests to work 2023-06-29 09:47:03 +01:00
aegilops
01798f63f8 Switched to new dataflow and added a test (but it doesn't produce results yet) 2023-06-28 17:14:39 +01:00
Koen Vlaswinkel
51af03d2bc Java: Add tests for names of nested classes 2023-06-28 09:52:25 +02:00
Tony Torralba
a7c2a25cac Merge pull request #12879 from atorralba/atorralba/java/command-injection-mad-sinks 
Java: Convert all command injection sinks to MaD format
 2023-06-27 14:06:45 +02:00
amammad
7354db873a V1 Bombs 2023-06-24 08:57:57 +10:00
Jorge
7d0b880bf7 Merge branch 'main' into jorgectf/deserialization-lookahead 2023-06-23 18:24:39 +02:00
jorgectf
b6e4ba6f9d Add SerialKiller model 2023-06-23 18:19:43 +02:00
Jeroen Ketema
9c774ac97f Merge pull request #13426 from jketema/inline-3 
Update inline flow tests to use parameterized module
 2023-06-19 17:39:29 +02:00
Tony Torralba
c62689022e Merge pull request #13256 from atorralba/atorralba/java/stapler-models 
Java: Model the Stapler framework
 2023-06-19 15:27:19 +02:00
Jeroen Ketema
bc42308bd3 Java: fix formatting 2023-06-19 10:31:49 +02:00
Jeroen Ketema
6a84e6cbfd Add the merged PathGraph to all copies of the InlineFlowTest library 2023-06-19 10:28:10 +02:00
Ian Lynagh
a8acf16088 Kotlin: Remove diags.ql from classes test 
The diags consistency test already handles this for us.
 2023-06-16 12:57:19 +01:00
Jeroen Ketema
742eb8dd12 Java: Rewrite InlineFlowTest as a parameterized module 2023-06-15 10:52:10 +02:00
Tony Torralba
5e3d9d8136 Java: Model the Stapler framework 2023-06-14 12:34:52 +02:00
Tony Torralba
182513a981 Merge pull request #13235 from atorralba/atorralba/java/hudson-models 
Java: Add Hudson models
 2023-06-14 12:33:18 +02:00
Anders Schack-Mulligen
1a4fca334f Merge pull request #13273 from aschackmull/dataflow/summarynode-refactor 
Dataflow: Refactor FlowSummaryImpl to synthesize nodes independently from DataFlow::Node.
 2023-06-14 09:38:36 +02:00
Jeroen Ketema
c3ba206b6a Merge pull request #13346 from jketema/inline-2 
Update inline expectation tests to use parameterized module
 2023-06-13 10:10:55 +02:00
Tony Torralba
ffe67689ec Merge branch 'main' into atorralba/java/command-injection-mad-sinks 2023-06-13 09:27:33 +02:00
Anders Schack-Mulligen
eec012d308 Java: Fix test 2023-06-12 13:18:13 +02:00
Jeroen Ketema
49993b023e Java: Rewrite inline expectation tests to use parameterized module 2023-06-09 10:42:17 +02:00
Anders Schack-Mulligen
85d6b44d92 Java: Fix test output. 2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen
95afd551ff Java: Fix qltest 2023-06-09 08:37:36 +02:00
Anders Schack-Mulligen
a0a9d30286 Java: Fix qltests. 2023-06-09 08:37:35 +02:00
Tony Torralba
4608481d7b Java: Fix more problems in the Gson models 
Found during type strengthening work by @aschackmull
 2023-06-08 14:53:09 +02:00
Anders Schack-Mulligen
cc45db7c76 Merge pull request #13394 from atorralba/atorralba/java/fix-gson-jsonarray-models 
Java: Fix Gson's JsonArray.add models
 2023-06-08 11:05:40 +02:00
Tony Torralba
c0135673fa Fix JsonArray.addAll model 
Properly test JsonArray.add(String) and JsonArray.addAll(JsonArray) as well
 2023-06-07 16:18:32 +02:00
Tony Torralba
6d7234f8ed Merge pull request #13225 from atorralba/atorralba/java/path-injection-mad-sinks-2 
Java: Migrate path injection sinks to models-as-data (simplified)
 2023-06-07 14:27:36 +02:00
Tony Torralba
35b4c438ff Fix Gson's JsonArray.add models 
When the type of the argument isn't JsonElement, the summary must be taint flow instead of value flow
 2023-06-07 14:12:20 +02:00
yoff
911835c30e Merge pull request #13392 from yoff/java/test-type-tracking-through-flow-summaries 
java: test type tracking through flow summaries
 2023-06-07 14:10:23 +02:00
Tony Torralba
46b30453e3 Merge pull request #13386 from github/java/update-mad-decls-after-triage-2023-06-06T14-38-29 
Java: Update MaD Declarations after Triage
 2023-06-07 12:33:26 +02:00
Rasmus Lerchedahl Petersen
aec1e4a713 java: address ql alert 2023-06-07 11:40:50 +02:00
Rasmus Lerchedahl Petersen
76e1c6f76f java: test type tracking through flow summaries 2023-06-07 11:18:53 +02:00
Tony Torralba
416d3d587d Accept test changes 
An uncovered test case is now correctly covered
 2023-06-07 10:33:17 +02:00
Tony Torralba
72af634575 Kotlin: Add flow through use and with 2023-06-06 11:22:16 +02:00
Nick Rolfe
6c5c338e6b Merge pull request #13348 from github/nickrolfe/java-location-tostring 
Java: avoid call to `Location.toString()`
 2023-06-06 09:55:42 +01:00
Jeroen Ketema
5f64354a70 Merge pull request #13353 from jketema/expecation 
Fix typo in spelling of expectation
 2023-06-02 12:29:49 +02:00
Tony Torralba
ad2f558002 Add Hudson models 
Includes models-as-data rows, flow sources, and XSS sanitizers.

Tests for models-as-data rows not included.
 2023-06-02 11:06:24 +02:00