hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,734 Commits 1,672 Branches 157 Tags
codeql-cli-2.21.0
Commit Graph

4076 Commits

Author SHA1 Message Date
Ian Lynagh
7863bc2c99 Kotlin: Accept test output 2022-11-28 12:14:36 +00:00
Michael Nebel
43a63d6373 Java: Convert all models to data extensions in testcases. 2022-11-28 12:30:36 +01:00
Michael Nebel
805430983c Java: Convert commons-io to data extensions. 2022-11-28 12:30:35 +01:00
Michael Nebel
7b6f202f23 Java: Renaming. 2022-11-28 12:30:34 +01:00
Michael Nebel
abe4d99e12 Java: Make some rudimentary tooling for testing the flow test case generator script. 2022-11-28 09:07:40 +01:00
Ian Lynagh
a423f5f695 Kotlin: Enable java/misnamed-type query 
We used to get alerts for the class around a local function, a lambda,
or a function reference, which we give name "". Now those are marked as
compiler-generated, and the query ignores compiler-generated types.
 2022-11-25 17:11:40 +00:00
Chris Smowton
32847c125a Accept more test changes due to variable locations changing 
There is also one non-location change: kotlin.Byte (and likely other primitives) now have real equals and toString overrides, which matches their native source and documentation; before they appeared to have fake overrides.
 2022-11-25 10:47:48 +00:00
Chris Smowton
8ec681e61c Kotlin: bump default CI version to 1.7.20 
A bunch of test expectations change because 7f531d8426 means that we now see (a) local variable declarations with source locations covering only their identifier, not the whole statement, and (b) more SYNTHETIC_OFFSET values for the parts of a destructuring assignment
or initialiser, which show up as file.kt:0:0:0:0 in DbLocation form.
 2022-11-25 10:19:26 +00:00
Tony Torralba
adf905d838 Merge pull request #11368 from ka1n4t/main 
Java: Add binding between annotation and sink-param in MyBatis SQL Injection query
 2022-11-24 14:34:57 +01:00
Tony Torralba
4bbc1dc734 Update test expectations 2022-11-24 12:34:48 +01:00
Tony Torralba
443d0f50c1 Apply suggestions from code review 2022-11-24 11:10:07 +01:00
ka1n4t
d113fb23c8 Add test case for PR-11368 2022-11-23 11:05:58 +08:00
Tony Torralba
43f4dd8bc4 Consider taint through bitwise operations on PendingIntent flags 2022-11-22 11:39:30 +01:00
Jami
8a73675483 Merge pull request #11070 from jcogs33/java-regex-injection 
Java: Promote regex injection query from experimental
 2022-11-21 15:04:26 -05:00
Tony Torralba
e28f1ffe18 Merge pull request #11346 from atorralba/atorralba/java/fix-path-models 
Java: Fix a couple of taint models for `java.nio.file.Path(s)`
 2022-11-21 16:57:00 +01:00
Tony Torralba
57656d0a7e Fix a couple of java.nio.file.Path(s) MaD rows 2022-11-21 15:14:02 +01:00
Tony Torralba
2809c3a77c Handle disabled Maven repositories 2022-11-21 10:11:57 +01:00
Chris Smowton
cf34dbd276 Kotlin: format string literals like the Java annotaton extractor 
Java's regular strings are formatted as they appear in source, but we don't easily have this information available in Kotlin. During annotation extraction however it guesses a source rendering because the source is not necessarily available. By formatting to match the annotation extractor, we prepare to ensure consistency with a Java database
when extracting annotations as seen by Kotlin.
 2022-11-17 17:28:17 +00:00
Chris Smowton
254a5b0928 Merge pull request #11293 from smowton/smowton/admin/exclude-kotlin-metadata-annotation 
Java: Remove no-longer-needed expected diagnostics
 2022-11-17 11:50:21 +00:00
Tamás Vajk
d8b5a04f97 Merge pull request #11291 from tamasvajk/kotlin-confusing-overload 
Kotlin: Add test case for confusing overloading query
 2022-11-17 11:11:33 +01:00
Tamás Vajk
c92989ca04 Merge pull request #11289 from tamasvajk/kotlin-empty-block 
Kotlin: Exclude .kt files from empty block query
 2022-11-17 11:11:25 +01:00
Chris Smowton
659f86cecf Merge pull request #11310 from tamasvajk/kotlin-dead-code 
Kotlin: Exclude .kt files from dead code queries
 2022-11-17 10:10:51 +00:00
Chris Smowton
95fdea8b77 Merge pull request #11308 from tamasvajk/kotlin-non-serializable-field 
Kotlin: Exclude .kt files from non serializable field query
 2022-11-17 10:10:05 +00:00
Chris Smowton
11188304a7 Merge pull request #11306 from tamasvajk/kotlin-equals-missing 
Kotlin: Exclude .kt files from missing `instanceof` in `equals` query
 2022-11-17 10:09:35 +00:00
Tamás Vajk
b70a9d172b Merge pull request #11304 from tamasvajk/kotlin-mut-dep 
Kotlin: Exclude .kt files from mutual dependency query
 2022-11-16 17:02:46 +01:00
Tamás Vajk
ae38d5d8b7 Merge pull request #11303 from tamasvajk/kotlin-one-stmt-line 
Kotlin: Exclude .kt files from one stmt in line query
 2022-11-16 17:02:35 +01:00
Joe Farebrother
d6c5132f39 Merge pull request #10684 from joefarebrother/android-keyboard-cache 
Java: Add query for Sensitive Keyboard Cache
 2022-11-16 15:27:44 +00:00
Tamás Vajk
dfc72edba2 Merge pull request #11302 from tamasvajk/kotlin-ignored-return 
Kotlin: Exclude .kt files from ignored return value query
 2022-11-16 16:23:58 +01:00
Tamás Vajk
ad7c0f9ebc Merge pull request #11301 from tamasvajk/kotlin-naming-ref-type 
Kotlin: Exclude .kt files from misnamed reftype query
 2022-11-16 16:22:40 +01:00
Tamás Vajk
a3ff83595a Merge pull request #11300 from tamasvajk/kotlin-useless-param-2 
Kotlin: Exclude .kt files from useless parameter query
 2022-11-16 16:22:27 +01:00
Tamás Vajk
b4b8649fd6 Merge pull request #11299 from tamasvajk/kotlin-nested-serializable 
Kotlin: Exclude .kt files from serializable inner class query
 2022-11-16 16:22:13 +01:00
Tamas Vajk
8b6bf910ba Kotlin: Exclude .kt files from dead code queries 2022-11-16 16:20:09 +01:00
Tamas Vajk
983851fc60 Kotlin: Add FP test case for dead code queries 2022-11-16 16:18:37 +01:00
Tamas Vajk
7d9ce53080 Kotlin: Exclude .kt files from non serializable field query 2022-11-16 15:30:25 +01:00
Tamas Vajk
a9023d06d0 Kotlin: Add FP test case for non serializable field query 2022-11-16 15:29:24 +01:00
Tamas Vajk
fc614ad4d0 Kotlin: Exclude .kt files from missing instanceof in equals query 2022-11-16 15:24:47 +01:00
Tamas Vajk
b6978128b1 Exclude .kt files from mutual dependency query 2022-11-16 15:16:51 +01:00
Tamas Vajk
63e9ae3b93 Kotlin: Add FP test case for mutual dependency query 2022-11-16 15:16:18 +01:00
Tamas Vajk
c9241cc933 Exclude .kt files from one stmt in line query 2022-11-16 15:11:38 +01:00
Tamas Vajk
0d70b5c776 Kotlin: Add FP test case for one stmt in line query 2022-11-16 15:10:38 +01:00
Tamas Vajk
c42663723f Exclude .kt files from ignored return value query 2022-11-16 15:05:29 +01:00
Tamas Vajk
5f6f72ba8e Kotlin: Add FP test case for ignored return value query 2022-11-16 15:05:07 +01:00
Tamas Vajk
c1be93a34c Exclude .kt files from misnamed reftype query 2022-11-16 14:59:20 +01:00
Tamas Vajk
e547be5e9a Kotlin: Add FP test case for misnamed reftype query 2022-11-16 14:58:36 +01:00
Tamas Vajk
48c37a2c0f Exclude .kt files from useless parameter query 2022-11-16 14:51:49 +01:00
Tamas Vajk
35078738bc Kotlin: Add FP test case for useless parameter query 2022-11-16 14:51:21 +01:00
Chris Smowton
d6a395ba37 Remove non-longer-needed expected diagnostics 2022-11-16 13:49:59 +00:00
Tamas Vajk
7a0e248096 Exclude .kt files from serializable inner class query 2022-11-16 14:46:01 +01:00
Tamas Vajk
782c82a2d3 Kotlin: Add test case for non serializable inner class query 2022-11-16 14:44:48 +01:00
Tamás Vajk
468a6f2a70 Merge pull request #11290 from tamasvajk/kotlin-autoboxing 
Kotlin: Exclude .kt files from autoboxing query
 2022-11-16 13:56:29 +01:00