hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,612 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.7
Commit Graph

12911 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
56288eb3d2 Java: Misc performance fixes 2023-03-21 14:26:13 +01:00
Anders Schack-Mulligen
225ed1e220 Java: Autoformat. 2023-03-21 13:35:02 +01:00
Chris Smowton
a865f1666d maven-httpo-repository: add Maven wrapper 
Maven 3.9.1 changes the format of the error message this test is looking for (though it still matches the target regex). Use the Maven wrapper to avoid such sensitivity to the precise version present in the environment.
 2023-03-21 12:19:52 +00:00
Asger F
6d665da4dc Merge pull request #12570 from github/post-release-prep/codeql-cli-2.12.5 
Post-release preparation for codeql-cli-2.12.5
 2023-03-21 13:06:25 +01:00
Stephan Brandauer
0a605638e5 Merge branch 'main' into java/update-mad-decls-after-triage-2023-03-13T13-21-27 2023-03-21 10:56:53 +01:00
Chris Smowton
2876b4aa5d maven-httpo-repository: add Maven wrapper 
Maven 3.9.1 changes the format of the error message this test is looking for (though it still matches the target regex). Use the Maven wrapper to avoid such sensitivity to the precise version present in the environment.
 2023-03-21 09:25:33 +00:00
Tony Torralba
956f991b8d Merge pull request #12603 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-03-21 10:11:51 +01:00
Stephan Brandauer
3134ad859e Merge branch 'main' into java/update-mad-decls-after-triage-2023-03-20T12-45-37 2023-03-21 10:04:00 +01:00
Tony Torralba
1f991807d4 Merge pull request #12366 from github/java/update-mad-decls-after-triage-2023-03-02T12-08-59 
Java: Update MaD Declarations after Triage
 2023-03-21 09:40:03 +01:00
github-actions[bot]
6598cc44ee Add changed framework coverage reports 2023-03-21 00:15:33 +00:00
Ed Minnix
b64ca5dcaa Remove "private" marker from configurations 2023-03-20 12:26:54 -04:00
Ed Minnix
c7816ea180 Conform Config modules to naming convention 2023-03-20 12:26:54 -04:00
Ed Minnix
8856730843 Refactor CWE-614/InsecureCookie 2023-03-20 12:26:54 -04:00
Ed Minnix
de6959c688 Refactor CWE-209/StackTraceExposure 2023-03-20 12:26:54 -04:00
Ed Minnix
73a17536f5 Refactor CWE-129 queries 2023-03-20 12:26:54 -04:00
Ed Minnix
ae57807359 Refactor CWE-089 Sql queries 2023-03-20 12:26:54 -04:00
Ed Minnix
e6e974a752 Refactor CWE-079/SqlConcatenated 2023-03-20 12:26:54 -04:00
Ed Minnix
c1ee2dce61 Refactor CWE-078/ExecTaintedLocal 2023-03-20 12:26:54 -04:00
Edward Minnix III
ac58299d9e Merge pull request #12541 from egregius313/egregius313/refactor-queries-to-new-dataflow-api 
Java: Refactor more queries to the new DataFlow module API
 2023-03-20 12:24:26 -04:00
Tony Torralba
1258812428 Fix Argument[this] 2023-03-20 17:13:44 +01:00
Tony Torralba
f685b93379 Add change note 2023-03-20 17:09:48 +01:00
Tony Torralba
a66b7ed54a Fix incorrect model, add missing model 2023-03-20 17:09:48 +01:00
Stephan Brandauer
0cab45e4b9 update old data to current standard (stream creation arg is a sink) 2023-03-20 17:09:48 +01:00
Stephan Brandauer
8802fbdfe7 Update java/ql/lib/ext/java.nio.file.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-20 17:09:48 +01:00
Stephan Brandauer
bc227179c7 Update java/ql/lib/ext/org.geogebra.web.full.main.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-03-20 17:09:48 +01:00
Tony Torralba
bc99a44f3a Apply suggestions from code review 2023-03-20 17:09:48 +01:00
Stephan Brandauer
12bb0d98c0 move toFile back to its original location 2023-03-20 17:09:48 +01:00
Stephan Brandauer
4761c3a328 remove duplicates 2023-03-20 17:09:48 +01:00
Stephan Brandauer
bd21dc9460 remove nonexploitable sinks 2023-03-20 17:09:48 +01:00
Stephan Brandauer
b7ce0c2d96 fix: taint flow of ctor goes to Argument[-1], instead of ReturnValue 2023-03-20 17:09:48 +01:00
Stephan Brandauer
2236db43ec sort the changed MaD declarations 2023-03-20 17:09:46 +01:00
Stephan Brandauer
74e261738f remove predicate 2023-03-20 17:06:40 +01:00
Stephan Brandauer
ec1762e015 Update MaD Declarations after Triage 2023-03-20 17:06:37 +01:00
Tony Torralba
fa60fa0ae2 Merge pull request #12572 from github/java/update-mad-decls-after-triage-2023-03-17T15-01-35 
Java: Update MaD Declarations after Triage
 2023-03-20 17:02:27 +01:00
Anders Schack-Mulligen
3876e4335f Merge pull request #12420 from kaspersv/kaspersv/dataflow-remove-alias-preds 
Dataflow: Remove revFlowAlias and revFlowApAlias predicates
 2023-03-20 16:30:15 +01:00
Michael Nebel
17b3383043 Merge pull request #12556 from michaelnebel/java/argumentthis 
Java: Argument[-1] -> Argument[this]
 2023-03-20 15:59:59 +01:00
Erik Krogh Kristensen
a9d40d39d9 Merge pull request #12550 from erik-krogh/useNumberUtil 
Java/Python: use Number.qll to parse hex numbers in regex parsing
 2023-03-20 15:50:31 +01:00
Stephan Brandauer
39726a54ec fix suggestion 2023-03-20 14:12:46 +01:00
Stephan Brandauer
116108851f Update MaD Declarations after Triage 2023-03-20 13:45:39 +01:00
Kasper Svendsen
1d2f1b6ae6 Address comments 2023-03-20 13:34:14 +01:00
Ed Minnix
83b0d073f0 Fix typo in QLDoc 2023-03-20 08:11:01 -04:00
Ed Minnix
1c661fd3ac Add missing QLDocs 2023-03-20 08:10:07 -04:00
Kasper Svendsen
e0e3a1d621 Dataflow: remove revFlowApAlias trick 2023-03-20 13:04:13 +01:00
Ed Minnix
84fd5f7ee0 Fix naming of ZipSlip configuration 2023-03-20 07:55:23 -04:00
Ian Lynagh
fcf1f6a6f9 Kotlin: Don't use distutils in build script 
We were getting
    DeprecationWarning: The distutils package is deprecated and slated for removal in Python 3.12. Use setuptools or check PEP 632 for potential alternatives
during the build.
 2023-03-20 11:49:54 +00:00
Ed Minnix
60a4a79537 Make the Config module of public Flow modules public 
This is to make things easier for the CodeML/ATM team once these
configurations are moved from `src/` to `lib/`.
 2023-03-20 07:47:55 -04:00
Edward Minnix III
1c06afffe5 Merge pull request #12578 from egregius313/egregius313/conform-dataflow-configs-to-config-naming-convention 
Conform dataflow config modules to follow `*Config` naming convention
 2023-03-20 07:25:10 -04:00
Tony Torralba
27fc14236f Add change note 2023-03-20 10:48:56 +01:00
Tony Torralba
bff8bbfe33 Apply suggestions from code review 2023-03-20 10:43:46 +01:00
Michael Nebel
01ade878ea Java: Update test comments to use this instead of -1. 2023-03-20 10:14:20 +01:00