hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,612 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.7
Commit Graph

4033 Commits

Author SHA1 Message Date
Tony Torralba
b58eb3a92c Java: Add TemplateEngine.createTemplate as a groovy injection sink 2023-05-19 17:45:47 +02:00
Tony Torralba
a8afa4785e Merge pull request #13140 from atorralba/atorralba/java/spring-jdbc-namedparam-models 
Java: Add SQLi sinks for Spring JDBC
 2023-05-18 14:49:28 +02:00
Tony Torralba
2c54996499 Apply @jcogs33's suggestions from code review 2023-05-18 08:51:19 +02:00
Tony Torralba
770099f210 Merge branch 'main' into atorralba/java/promote-xxe-experimental-sinks 2023-05-16 09:49:34 +02:00
Tony Torralba
7d79d87d48 Add XPath.evaluate as XXE sink 2023-05-15 17:39:35 +02:00
Kasper Svendsen
d40cd0f275 Java: Make implicit this receivers explicit 2023-05-12 12:47:21 +02:00
Tony Torralba
a48fa652ce Java: Add SQLi sinks for Spring JDBC 2023-05-12 10:57:49 +02:00
Kasper Svendsen
0de6e4138f Merge pull request #13037 from kaspersv/kaspersv/java-enable-implicit-this-warnings 
Java: Enable implicit this receiver warnings
 2023-05-09 10:24:31 +02:00
Michael Nebel
f2f9944a1c Merge pull request #12931 from michaelnebel/neutralkinds 
Java/C#: Introduce kind for neutrals.
 2023-05-09 08:42:38 +02:00
Kasper Svendsen
b0714904c0 Java: Enable implicit this receiver warnings 2023-05-09 08:25:40 +02:00
Edward Minnix III
05b1bd881e Merge pull request #12852 from egregius313/egregius313/java/webgoat/model-jwsheader 
Java: Model `io.jsonwebtoken.SigningKeyResolverAdapter` and `io.jsonwebtoken.JwsHeader`
 2023-05-08 10:57:34 -04:00
Michael Nebel
c30f080ff0 Java: Update expected test out for the model generator. 2023-05-08 16:18:59 +02:00
Ed Minnix
5c10d42915 More test cases for io.jsonwebtoken.SigningKeyResolverAdapter 2023-05-04 16:52:40 -04:00
Ed Minnix
a4fa1ec768 Test case for modeling io.jsonwebtoken.SigningKeyResolverAdapter 2023-05-04 16:52:40 -04:00
Ed Minnix
3d0147765c Add missing methods to jwtk-jjwt stubs 2023-05-04 16:52:40 -04:00
Ed Minnix
5f3c8fef3f Privacy markers and fixed imports 2023-05-04 10:25:17 -04:00
Ed Minnix
c2b6a3f4e0 Add XPathInjectionQuery 2023-05-04 10:14:59 -04:00
Kasper Svendsen
081085e128 Java: Make implicit this receivers explicit 2023-05-03 13:37:35 +02:00
Anders Schack-Mulligen
246d904712 Merge pull request #12948 from aschackmull/dataflow/pathnode-type-tostring 
Dataflow: Add type to PathNode.toString.
 2023-04-27 14:14:10 +02:00
Anders Schack-Mulligen
f685ae1fa7 Java: Update one more expected output. 2023-04-27 12:00:32 +02:00
Anders Schack-Mulligen
8e6038577d Java: Update expected output. 2023-04-26 14:45:40 +02:00
Tony Torralba
5d80f0818c Fix TestModels test expectation 2023-04-26 14:32:28 +02:00
Tony Torralba
fba61d51ed Remove experimental files 2023-04-26 12:24:30 +02:00
Tony Torralba
e54eaed26f Refactor tests to use InlineFlowTest 2023-04-26 12:19:59 +02:00
Tony Torralba
db73e16b70 Add tests 2023-04-26 12:12:10 +02:00
Tony Torralba
2c4246f29a Fix test comments 2023-04-26 10:08:18 +02:00
Tony Torralba
389e8c4fe8 Add review suggestions 2023-04-26 10:08:16 +02:00
Tony Torralba
0650c016f6 Add models for StringJoiner constructor 2023-04-26 10:07:59 +02:00
Tony Torralba
311498841e Add fluent models 
Add tests
 2023-04-26 10:07:27 +02:00
Edward Minnix III
e50f56cc56 Merge pull request #12917 from egregius313/egregius313/java/dataflow/refactor-inline-flow-test 
Java: Refactor `InlineFlowTest` to remove usage of `DataFlow::Configuration` API
 2023-04-25 16:18:56 -04:00
Ed Minnix
d98723c35a Fix naming of OkHttpFlowConfig in test 2023-04-25 10:31:27 -04:00
Jami
cff7f63193 Merge pull request #12838 from jcogs33/jcogs33/add-class-for-callables-interesting-for-modeling 
Java: add class that represents callables that are interesting for MaD models
 2023-04-25 09:28:56 -04:00
Ed Minnix
3af72fa28e Remove legacy code from InlineFlowTest 2023-04-24 17:10:32 -04:00
Ed Minnix
59e59125d6 Refactor tests 2023-04-24 17:10:32 -04:00
Tony Torralba
e3d93c3581 Fix FileCopyUtils models 2023-04-24 15:07:19 +02:00
Jami Cogswell
2ae4b646a0 Java: adjust genVsMan query test cases 2023-04-20 16:19:15 -04:00
Jami Cogswell
fa1a6da60d Java: update genVsMan query test case 2023-04-20 16:19:15 -04:00
Tony Torralba
62f5a5dcd5 Merge pull request #10707 from atorralba/atorralba/log-injection-sanitizers 
Java: Add line break sanitizers to java/log-injection
 2023-04-19 08:20:04 +02:00
Edward Minnix III
09502c60d5 Merge pull request #12812 from egregius313/egregius313/java/dataflow/refactor-tests 
Java: Refactor Test DataFlow configurations to new API
 2023-04-18 10:22:30 -04:00
Tom Hvitved
f6d000eb20 Merge pull request #12805 from hvitved/remove-queries-xml 
Remove all `queries.xml` files
 2023-04-18 10:52:14 +02:00
Ed Minnix
e6a2528c38 Refactor XSS and SpringJDBC tests to lib configurations 2023-04-17 23:48:06 -04:00
Ed Minnix
49521f6de8 Refactor tests which extends Configuration 2023-04-17 23:48:06 -04:00
Ed Minnix
66f971e70d Refactor query tests 2023-04-17 23:48:06 -04:00
Ed Minnix
93bd2a9409 Refactor PathSanitizer test 2023-04-17 23:48:06 -04:00
Ed Minnix
547f00c3d1 Refactor Spring test 2023-04-17 23:48:06 -04:00
Ed Minnix
9631b6545f Refactor Ratpack test 2023-04-17 23:48:06 -04:00
Ed Minnix
e0e5bb131b Refactor RabbitMQ test 2023-04-17 23:48:06 -04:00
Ed Minnix
2579852e90 Refactor jms test 2023-04-17 23:48:06 -04:00
Ed Minnix
6cda285d56 Refactor Guice test 2023-04-17 23:48:06 -04:00
Ed Minnix
8d0e3ac033 Refactor Guava test 2023-04-17 23:48:06 -04:00