hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

4033 Commits

Author SHA1 Message Date
Joe Farebrother
de565f9ccc Add test and fix a bug 2023-01-12 11:44:39 +00:00
Jami Cogswell
fd593fd4f0 Java: undo changes to tests that were affected by numeric-flow summary models 2023-01-11 22:34:19 -05:00
Jami Cogswell
6bb865ad05 Java: make numeric flow models neutral 2023-01-11 18:04:43 -05:00
Jami Cogswell
0c7ffb0554 Java: update System.getProperty model 2023-01-11 12:04:22 -05:00
Jami Cogswell
99ee6c95a1 Java: remove models for Consumer.accept and Collectors.toMap 2023-01-11 10:44:38 -05:00
Jami Cogswell
ac064ac2a7 Java: remove model for Collectors.joining 2023-01-11 10:30:49 -05:00
Michael Nebel
8112058a0a Java: Adapt TopJdpApi library to the re-factor. 2023-01-11 16:20:55 +01:00
Michael Nebel
787b4743ee C#/Java: Rename the directories containing the model generator and tests. 2023-01-11 13:13:33 +01:00
Michael Nebel
178fd0e9e1 C#/Java: Remove all dashes in mode-generator. 2023-01-11 13:13:33 +01:00
Jami Cogswell
181a711f04 Java: switch Collectors.joining model from neutral to summary 2023-01-10 21:06:03 -05:00
Edward Minnix III
ce06df3152 Merge pull request #11628 from egregius313/egregius313/android-webview-addjavascriptinterface-dataflow 
Java: Add parameters of methods annotated @JavascriptInterface as remote flow sources
 2023-01-10 12:41:52 -05:00
Ian Lynagh
3367da82c4 Kotlin: Accept test changes 
We get better locations with Kotlin 1.8.0.
 2023-01-10 14:41:30 +00:00
Ian Lynagh
6fbda1a9f0 Kotlin: Accept test changes with 1.8 2023-01-10 14:41:29 +00:00
Tony Torralba
32471d326e Java: Remove omittable exists variables 2023-01-10 13:37:19 +01:00
Ed Minnix
909b1d70d9 Rename files to say "Allow" instead of "Permit" 2023-01-09 10:11:03 -05:00
Ed Minnix
c723df3ca7 Fix alert message in expected file 2023-01-09 10:08:19 -05:00
Chris Smowton
e9bbb5d7fa Merge pull request #11730 from smowton/smowton/admin/improve-sql-unescaped-docs 
Java: improve naming and description of SqlUnescaped.ql
 2023-01-09 12:50:27 +00:00
Chris Smowton
45c732a6f9 Java: improve naming and description of SqlUnescaped.ql 
Since the main thing it's objecting to is concatenation not lack of escaping (in particular it doesn't look for escaping sanitizers), rename and re-describe it accordingly.
 2023-01-09 10:56:13 +00:00
Rasmus Lerchedahl Petersen
c3b3c05cf3 Revert "Merge pull request #37 from erik-krogh/shared/inline-tests" 
This reverts commit 65fe9abcfe, reversing
changes made to 08e9d3391f.
 2023-01-05 09:19:43 +01:00
Rasmus Lerchedahl Petersen
2e46919e10 java: nicer code as suggested by review 2023-01-04 19:50:29 +01:00
Jami Cogswell
5d92792e40 Java: update test case affected by Function.apply model 2023-01-03 16:14:08 -05:00
Ed Minnix
28f555c2b2 Add simple test case for @JavascriptInterface parameter flow 2023-01-03 15:31:40 -05:00
Ed Minnix
f9b8200009 Add stub for android.webkit.JavascriptInterface annoation 2023-01-03 15:31:40 -05:00
Ed Minnix
28ad9d00fb Merge both setAllowContentAccess queries into one query 
Previously, the query to detect whether or not access to `content://`
links was done using two queries.

Now they can be merged into one query
 2023-01-03 15:17:07 -05:00
Jami Cogswell
21a018e5c5 Java: add summary model and test for File.getName 2023-01-03 13:12:24 -05:00
Ed Minnix
68392aa8d8 Fix test expectations 2022-12-31 15:25:25 -05:00
Ed Minnix
9ef319f659 Java: setAllowContentAccess query tests 2022-12-31 15:00:28 -05:00
Ed Minnix
7cc53126f3 Java: WebView setAllowContentAccess query test cases 2022-12-31 15:00:28 -05:00
Ed Minnix
a023726c03 Java: add Android stubs to options file for CWE-200 tests 2022-12-31 15:00:28 -05:00
Jami Cogswell
673d37cc3d Java: update Math.min test case 2022-12-22 14:36:06 -05:00
Jami Cogswell
a81c54b58c Java: updates to order alphabetically 2022-12-22 13:22:12 -05:00
Jami Cogswell
e6331dc2e6 Java: update test case affected by Long.parseLong summary model 2022-12-22 12:57:37 -05:00
Jami Cogswell
997219a280 Java: update test case affected by Class.isAssignableFrom neutral model 2022-12-22 12:54:02 -05:00
Jami Cogswell
6007827dd3 Java: update test cases 2022-12-22 12:29:57 -05:00
erik-krogh
b3dd50bc36 inline Location into the shared implementation of InlineExpectationsTest 2022-12-22 11:09:43 +01:00
Rasmus Lerchedahl Petersen
4667068017 java: use shared inline tests 
- remove from identical-files
 2022-12-22 10:20:06 +01:00
Jami Cogswell
de5965525f Java: add initial test cases for summary models 2022-12-21 16:19:37 -05:00
Jami Cogswell
c251da799f Java: update TopJdkApis test 2022-12-21 13:19:09 -05:00
Edward Minnix III
b77923f6e6 Merge pull request #11767 from atorralba/atorralba/java/fix-pinning-tests 
Java: Small simplification in Missing Certificate Pinning tests
 2022-12-21 11:21:47 -05:00
Arthur Baars
98c5b81456 Merge pull request #11723 from aibaars/alert-suppression 
CodeQL alert suppression
 2022-12-21 10:59:57 +01:00
Tony Torralba
ab73d13d8b Small simplification 2022-12-21 09:58:13 +01:00
Jami
c9258effb6 Merge pull request #11572 from jcogs33/jcogs33/model-top-jdk-apis 
Java: model top 100 JDK APIs
 2022-12-20 09:13:53 -05:00
Tony Torralba
149cae9603 Merge pull request #10971 from joefarebrother/android-certificate-pinning 
Java: Add Android missing certificate pinning query (CWE-295)
 2022-12-20 11:03:16 +01:00
Tony Torralba
3e7a819fe7 Simplification 2022-12-20 09:42:25 +01:00
Jeroen Ketema
edc768b43b Merge pull request #11707 from smowton/smowton/fix/java-empty-multiline-comment 
Java: handle printing an empty comment (/**/); add relevant tests
 2022-12-20 08:07:42 +01:00
Chris Smowton
ebc0b0c4d6 Merge pull request #11665 from smowton/smowton/admin/revert-kotlin-default-method-type-erasure 
Kotlin: Revert type erasure within $default functions
 2022-12-19 16:33:20 +00:00
Edward Minnix III
39a7c7bb12 Merge pull request #11282 from egregius313/egregiu313/webview-addjavascriptinterface 
Java: Query for detecting addJavascriptInterface method calls
 2022-12-19 11:28:45 -05:00
Arthur Baars
0f313231bc AlertSuppression: add more tests 2022-12-19 16:43:11 +01:00
Arthur Baars
c176606be5 AlertSuppression: allow //lgtm comments to scope over the next line 2022-12-19 16:10:26 +01:00
Jami Cogswell
a8ee633acd Java: apply review suggestions 2022-12-19 09:09:01 -05:00