hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,207 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.5
Commit Graph

4170 Commits

Author SHA1 Message Date
Chris Smowton
ede17585a6 Amend NewClassExpr description 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-24 12:51:42 +01:00
Chris Smowton
e3edea2a5f Apply simple suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2023-10-24 12:51:03 +01:00
Chris Smowton
efb63aada3 Add change note 2023-10-24 11:45:41 +01:00
Chris Smowton
3627eb2bcf Add missing qldoc 2023-10-24 11:15:08 +01:00
Chris Smowton
e8c9708282 Autoformat 2023-10-24 11:06:19 +01:00
Chris Smowton
09e83d1173 Fix isEnclosingMethodAccess wrapper 2023-10-24 11:03:57 +01:00
Chris Smowton
ac38d4c9c6 Mass rename L/RValue -> VarWrite/Read 2023-10-24 10:58:29 +01:00
Chris Smowton
59a49eef0b Add aliases for public, importable renamed classes and predicates. 
Also rename and aliases a couple of uses of Access noted along the way.
 2023-10-24 10:54:35 +01:00
Chris Smowton
f552a15aae Mass-rename MethodAccess -> MethodCall 2023-10-24 10:30:26 +01:00
Chris Smowton
a10731c591 Java: introduce more-intuitive names for ClassInstanceExpr, L/RValue and MethodAccess. 2023-10-24 09:38:49 +01:00
Tony Torralba
cd10dc8a27 Java: Added up to date models for Spring's ResponseEntity 2023-10-23 16:06:11 +02:00
Dave Bartolomeo
910b2a98f1 Merge remote-tracking branch 'origin/main' into dbartol/threat-models 2023-10-19 17:07:38 -04:00
Dave Bartolomeo
bd7de83aab Use extension packs for threat models 2023-10-19 17:07:26 -04:00
Dave Bartolomeo
712f7758cf Merge branch 'main' into post-release-prep/codeql-cli-2.15.1 2023-10-19 12:14:07 -04:00
Tony Torralba
da44b13fd4 Merge pull request #14515 from atorralba/atorralba/java/spring-csrf-improv 
Java: Improve java/spring-disabled-csrf-protection
 2023-10-18 17:49:10 +02:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
Edward Minnix III
15afc3ed64 Merge pull request #14491 from egregius313/egregius313/java/mad/convert-iv 
Java: Refactor `java/static-initialization-vector` to use Models as Data
 2023-10-17 13:15:45 -04:00
Ed Minnix
8ed5bfb27d Remove reference to DataFlow2 2023-10-17 10:59:36 -04:00
Stephan Brandauer
9d719aa44e Merge pull request #13444 from github/java/update-mad-decls-after-triage-2023-06-13T14-50-57 
Java: Update MaD Declarations after Triage
 2023-10-17 13:54:10 +02:00
Tony Torralba
96d6e8e3f2 Update change note 2023-10-17 11:57:53 +02:00
Tony Torralba
3cd06b0026 More review suggestions 2023-10-17 11:54:32 +02:00
Tony Torralba
62a9ffd277 Apply suggestions from code review 2023-10-17 11:51:55 +02:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Edward Minnix III
21bea38ec8 Merge pull request #14472 from egregius313/egregius313/sync-local-and-remote-queries 
Java: Synchronize `*Local` versions of queries with their remote counterpart
 2023-10-16 10:31:40 -04:00
Ed Minnix
c65d407937 Remove old DataFlow2 import 2023-10-16 10:30:00 -04:00
Tony Torralba
d08ee76b16 Java: Improve java/spring-disabled-csrf-protection 2023-10-16 16:01:14 +02:00
Ed Minnix
3356261031 Static IV refactor to MaD 2023-10-13 12:50:49 -04:00
Tony Torralba
0cea3f8531 Remove library annotations 2023-10-13 12:46:56 +02:00
Ed Minnix
31c04b50f7 Change note 2023-10-12 09:58:09 -04:00
Ed Minnix
4eeaf84133 Sync NumericCastTaintedQuery 2023-10-12 09:58:08 -04:00
Ed Minnix
ec84f072eb Sync ArithmeticTaintedLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix
da933fb77a Sync ExternallyControlledFormatStringLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix
f1886320e5 Sync ImproperValidationOfArrayIndexLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix
69531b9f7c Sync ResponseSplittingLocalQuery 2023-10-12 09:58:08 -04:00
Ed Minnix
ef282955fd Sync SqlTaintedLocalQuery with SqlInjectionQuery 2023-10-12 09:58:08 -04:00
Ed Minnix
e4f567979a Sync XSS Local 2023-10-12 09:58:08 -04:00
Henry Mercer
1a370bfbbe Merge pull request #14443 from github/post-release-prep/codeql-cli-2.15.0 
Post-release preparation for codeql-cli-2.15.0
 2023-10-11 17:39:04 +01:00
github-actions[bot]
ae6af17c74 Post-release preparation for codeql-cli-2.15.0 2023-10-11 14:19:20 +00:00
Michael Nebel
5c44f8bbad Merge pull request #14370 from michaelnebel/java/enablethreatmodels 
Java: Enable threat models for most Java queries.
 2023-10-10 09:25:47 +02:00
Erik Krogh Kristensen
4489e2bf28 Merge pull request #14403 from erik-krogh/dDEps 
All: delete outdated deprecations
 2023-10-09 21:04:55 +02:00
Michael Nebel
cf3a62d201 Java: Address review comments. 2023-10-09 13:06:59 +02:00
Anders Schack-Mulligen
4a0ab4a050 Merge pull request #14402 from Marcono1234/marcono1234/MemberRefExpr-getReceiverExpr 
Java: Add predicate `MemberRefExpr::getReceiverExpr`
 2023-10-09 13:01:36 +02:00
erik-krogh
a7ab9fd93b add change-notes 2023-10-09 09:43:06 +02:00
erik-krogh
e3e8f3d7c4 Java: delete various outdated deprecations 2023-10-09 09:14:54 +02:00
erik-krogh
0d992a3d1f delete old deprecated aliases of various regex libraries 2023-10-09 09:14:54 +02:00
erik-krogh
4bc4e0845d delete the deprecated isBarrierGuard predicate from the shared dataflow library, and its uses 2023-10-07 21:48:49 +02:00
Marcono1234
f3e5045259 Java: Add predicate MemberRefExpr::getReceiverExpr 2023-10-07 14:53:07 +02:00
Marcono1234
2c0dcd3a2d Java: Adjust ClassInstanceExpr type argument predicates docs 
The type arguments which these predicates have as result are for the
type of the created instance.

Previously the documentation said "provided to the constructor", which
is misleading / incorrect. Type arguments provided to the constructor
are specified directly after the `new` keyword:
```
class C {
    <T> C() {
    }
}

new <String> C();
```

And those are not part of the results of these predicates.
 2023-10-07 03:43:58 +02:00
Michael Nebel
fb10af9042 Jave: Remove the local threat model from the default configuration. 2023-10-06 14:58:48 +02:00
Cornelius Riemenschneider
d3a1dbc0c7 Merge pull request #14381 from github/criemen/add-bazel-dbschemes 
Add skeleton bazel files for accessing the dbschemes.
 2023-10-05 16:53:45 +02:00