codeql

mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00

Author	SHA1	Message	Date
Ian Lynagh	0076d8aac1	Java: Add up/downgrade scripts	2023-06-20 10:59:13 +01:00
Ian Lynagh	81142f51fb	Kotlin: Handle IrSyntheticBodyKind.ENUM_ENTRIES Generated by Kotlin 1.9 for some of our tests.	2023-06-20 10:59:04 +01:00
github-actions[bot]	6da5ec8196	Add changed framework coverage reports	2023-06-20 00:15:43 +00:00
aegilops	23bf8470ce	Removed .md and made class change	2023-06-19 17:29:17 +01:00
Jeroen Ketema	9c774ac97f	Merge pull request #13426 from jketema/inline-3 Update inline flow tests to use parameterized module	2023-06-19 17:39:29 +02:00
Jean Helie	423336310c	Merge pull request #13480 from github/jhelie/clean-up-mad-kinds-use Java: clean up mad kinds use	2023-06-19 16:21:20 +02:00
Tony Torralba	c62689022e	Merge pull request #13256 from atorralba/atorralba/java/stapler-models Java: Model the Stapler framework	2023-06-19 15:27:19 +02:00
Tony Torralba	00fe8adc09	Fix name clash	2023-06-19 15:04:33 +02:00
Tony Torralba	5cb451b040	Merge pull request #13475 from atorralba/atorralba/many/zipslip-docs-update C#/Go/Java/JS/Python/Ruby: Update the description and qhelp of the Zipslip query	2023-06-19 14:33:44 +02:00
Ian Lynagh	64e591a823	Merge pull request #13482 from igfoo/igfoo/conc Kotlin: Avoid another cause of ConcurrentModificationException with 1.9	2023-06-19 12:57:25 +01:00
Ian Lynagh	ec73f28d09	Merge pull request #13479 from igfoo/igfoo/ENUM_ENTRIES Kotlin: Handle IrSyntheticBodyKind.ENUM_ENTRIES	2023-06-19 12:57:10 +01:00
aegilops	8c9ccab9c9	Autoformat	2023-06-19 11:53:53 +01:00
Paul Hodgkinson	72d9d4736e	Merge branch 'main' into java/experimental/command-injection	2023-06-19 11:51:45 +01:00
aegilops	2112d73a6a	Autoformat	2023-06-19 11:50:54 +01:00
aegilops	1a108fb1c9	Changed to for constant string	2023-06-19 11:46:08 +01:00
aegilops	7c235e3786	Fixed linting issues. Will not fix instanceof, that is necessary	2023-06-19 11:41:23 +01:00
Ian Lynagh	ca5bc6f224	Java: Add up/downgrade scripts	2023-06-19 10:36:29 +01:00
Ian Lynagh	1f538cced3	Kotlin: Handle IrSyntheticBodyKind.ENUM_ENTRIES Generated by Kotlin 1.9 for some of our tests.	2023-06-19 10:36:29 +01:00
Jeroen Ketema	bc42308bd3	Java: fix formatting	2023-06-19 10:31:49 +02:00
Jeroen Ketema	6a84e6cbfd	Add the merged `PathGraph` to all copies of the `InlineFlowTest` library	2023-06-19 10:28:10 +02:00
Tony Torralba	8f6d2ed2f9	Adjust ZipSlip query description according to review suggestions.	2023-06-19 10:27:41 +02:00
Tony Torralba	3c4d938cf1	Apply code review suggestions. Co-authored-by: Asger F <asgerf@github.com>	2023-06-19 10:20:19 +02:00
Tony Torralba	433fc680ec	Apply suggestions from code review Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>	2023-06-19 10:17:40 +02:00
aegilops	8c73fbeabe	Formatted	2023-06-16 17:33:21 +01:00
aegilops	55eeb00309	Added experimental tag	2023-06-16 17:27:01 +01:00
aegilops	b6c35dd88c	Added experimental version of Java Command Injection query, to be more sensitive to unusual code constructs	2023-06-16 17:12:53 +01:00
Ian Lynagh	04a7ff7f76	Merge pull request #13477 from igfoo/igfoo/diags_classes Kotlin: Remove diags.ql from classes test	2023-06-16 17:07:38 +01:00
Ian Lynagh	096e9a4ba4	Kotlin: Avoid another cause of ConcurrentModificationException with 1.9	2023-06-16 17:06:54 +01:00
Jean Helie	baf6b74945	use new sink mad kinds and simplify isKnownKind predicate	2023-06-16 13:58:23 +02:00
Jean Helie	daf2743143	only use neutral models of kind "sink"	2023-06-16 13:58:23 +02:00
Ian Lynagh	a8acf16088	Kotlin: Remove diags.ql from classes test The diags consistency test already handles this for us.	2023-06-16 12:57:19 +01:00
Tony Torralba	c97868f774	Add change notes	2023-06-16 09:01:02 +02:00
Tony Torralba	3e96fe60c5	Go/Java/JS/Python/Ruby: Update the description and qhelp of the ZipSlip query All filesystem operations, not just writes, with paths built from untrusted archive entry names are dangerous	2023-06-16 08:52:44 +02:00
Tony Torralba	1b39faaded	QLDoc correction	2023-06-15 16:20:39 +02:00
Tony Torralba	7cbc13db40	Update java/ql/lib/change-notes/2023-06-08-new-models.md	2023-06-15 15:14:12 +02:00
Tony Torralba	dcd180f3f6	Remove model	2023-06-15 12:00:46 +02:00
Tony Torralba	af240ff533	Apply suggestions from code review	2023-06-15 11:58:53 +02:00
Ian Lynagh	b7e9915151	Merge pull request #13463 from igfoo/igfoo/AccessControlException Kotlin: Remove use of AccessControlException	2023-06-15 10:53:28 +01:00
Jeroen Ketema	742eb8dd12	Java: Rewrite `InlineFlowTest` as a parameterized module	2023-06-15 10:52:10 +02:00
github-actions[bot]	e6160b8e49	Add changed framework coverage reports	2023-06-15 00:18:04 +00:00
Ian Lynagh	0419b6e505	Kotlin: Remove use of AccessControlException We were getting warnings about it being deprecated, and it was all dead code anyway.	2023-06-14 17:45:58 +01:00
Owen Mansel-Chan	3ff6d033d3	Rename to `neverSkipInPathGraph`	2023-06-14 15:29:54 +01:00
Tony Torralba	37a62d3021	Merge pull request #13227 from atorralba/atorralba/java/jenkins-generated-models Java: Add autogenerated models for frameworks related to Jenkins	2023-06-14 15:59:28 +02:00
Owen Mansel-Chan	5f72ce0935	Add stub implementations of flowCheckNodeSpecific	2023-06-14 14:46:35 +01:00
Owen Mansel-Chan	e0f7437d40	Sync dataflow library	2023-06-14 14:29:56 +01:00
Tony Torralba	7c4cdbf0d6	Remove badly generated models	2023-06-14 14:20:16 +02:00
Jami	35591113c2	Merge branch 'main' into jcogs33/shared-sink-kind-validation	2023-06-14 08:06:34 -04:00
Michael Nebel	afec9b05e9	Merge pull request #13147 from michaelnebel/csharp/entityframeworkrefactor C#: Use synthetic global in the EntityFramework code instead of jump steps.	2023-06-14 13:47:56 +02:00
Tony Torralba	5e3d9d8136	Java: Model the Stapler framework	2023-06-14 12:34:52 +02:00
Tony Torralba	182513a981	Merge pull request #13235 from atorralba/atorralba/java/hudson-models Java: Add Hudson models	2023-06-14 12:33:18 +02:00

... 58 59 60 61 62 ...

12911 Commits