hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,734 Commits 1,672 Branches 157 Tags
codeql-cli-2.21.0
Commit Graph

4076 Commits

Author SHA1 Message Date
Chris Smowton
8d20b9cf52 Use hasLocationInfo to match several Location fields at once 2022-08-19 19:03:17 +01:00
Chris Smowton
678ecffea8 Accept test changes 2022-08-19 18:34:05 +01:00
Chris Smowton
1ea7caf559 Fix join ordering in inline-expectations test 2022-08-19 18:17:22 +01:00
Tony Torralba
794fd976a9 Add androidx Fragment support 2022-08-19 16:32:06 +02:00
Tamas Vajk
1c08ac1d7a Kotlin: Identify data classes during extraction 2022-08-19 14:51:36 +02:00
Sebastian Bauersfeld
f6d42bd3c6 Allow blacklist sanitizers. 2022-08-19 17:33:35 +07:00
Sebastian Bauersfeld
11f527ea5b Fix up query tests. 2022-08-19 17:33:35 +07:00
Sebastian Bauersfeld
354a7fd252 Make taint flow through java.lang.String.(replace|replaceFirst|replaceAll) more permissive. 2022-08-19 17:33:35 +07:00
Sebastian Bauersfeld
5cf320d553 Add corresponding taint steps. 2022-08-19 17:33:35 +07:00
Sebastian Bauersfeld
b0fbe3658d Add java.lang.String taint tests. 2022-08-19 17:33:35 +07:00
Anders Schack-Mulligen
6e495ba6e5 Merge pull request #10068 from aschackmull/java/summarizedcallable-split 
Java: Make synthesized method bodies disjoint from source code.
 2022-08-17 14:13:56 +02:00
Anders Schack-Mulligen
c034a1e268 Java: Fix test. 2022-08-17 12:46:35 +02:00
Anders Schack-Mulligen
857b473503 Java: Delete duplicate tests. 2022-08-17 12:44:42 +02:00
Joe Farebrother
de69827711 Use a full dataflow config rather than local flow 2022-08-17 10:35:48 +01:00
Joe Farebrother
c77b17574a Use CryptoAlgoSpec rather than hadcoding Cipher.getInstance 2022-08-17 10:35:47 +01:00
Joe Farebrother
9ae652dd6a Add tests 2022-08-17 10:35:47 +01:00
Joe Farebrother
a62bb8e115 Add additional test case 2022-08-17 10:35:15 +01:00
Joe Farebrother
f8f21c7ee6 Move static init vector query and tests from experimental to main 2022-08-17 10:35:13 +01:00
Jami
dd23d48ad2 Merge pull request #9939 from jcogs33/android-debug-query-inline-tests 
Java: query to detect android:debuggable attribute enabled
 2022-08-16 10:07:13 -04:00
Erik Krogh Kristensen
f106e064fa Merge pull request #9422 from erik-krogh/refacReDoS 
Refactorizations of the ReDoS libraries
 2022-08-16 09:32:08 +02:00
Jami Cogswell
29acce1e93 remove extraneous unit test 2022-08-15 15:50:00 -04:00
Jami Cogswell
b779f9f935 added casting 2022-08-15 15:50:00 -04:00
Jami Cogswell
6e10fcf519 added predicates in the AndroidManifest library and adjusted tests 2022-08-15 15:50:00 -04:00
Jami Cogswell
af0a663ee8 remove commented-out code in Test.java file 2022-08-15 15:50:00 -04:00
Jami Cogswell
d1a23ad78c updated to getRelativePath with %build% 2022-08-15 15:50:00 -04:00
Jami Cogswell
15df392fd8 updates to InlineExpectationsTest 2022-08-15 15:50:00 -04:00
Jami Cogswell
d8dbdfcd70 rename expected file, add ql file, delete qlref file 2022-08-15 15:50:00 -04:00
Jami Cogswell
fdb437552c clean up android query and tests 2022-08-15 15:49:59 -04:00
Jami Cogswell
cf39cc0909 updates to android debug query 2022-08-15 15:49:59 -04:00
Jami Cogswell
6720dba8e7 draft android debug query 2022-08-15 15:49:59 -04:00
Chris Smowton
774e379eb1 Merge pull request #9742 from smehta23/feat/SM/java_partial_path_traversal_vulnerability 
[JAVA] Partial Path Traversal Vuln Query
 2022-08-15 12:56:16 +01:00
Erik Krogh Kristensen
0adb588fe8 Merge pull request #9712 from erik-krogh/badRange 
JS/RB/PY/Java: add suspicious range query
 2022-08-15 13:55:44 +02:00
Chris Smowton
c40ec728c6 Remove non-ascii char 2022-08-15 12:08:14 +01:00
Chris Smowton
38c0557d90 Adjust test to moved and expanded stubs 2022-08-15 12:08:14 +01:00
Chris Smowton
b62e9dc92c Convert tests to inline expectations and fix one bug revealed doing so 
Specifically Apache sshd defines its sensitive api calls on an inherited interface, and they need to be described that way for us to pick them up.
 2022-08-13 14:02:05 +01:00
Chris Smowton
0a6ccbca45 Add stubs and tests for new hardcoded-credential sinks 2022-08-13 12:39:15 +01:00
erik-krogh
b54f037424 Merge branch 'main' into refacReDoS 2022-08-12 20:28:30 +02:00
Chris Smowton
e9df675f88 Autoformat ql 2022-08-11 09:55:46 +01:00
Anders Schack-Mulligen
74b05d2aa4 Kotlin: Reflection test should not refer to DataFlowPrivate. 2022-08-11 09:48:10 +02:00
Chris Smowton
cc8e9806c4 Merge pull request #10009 from smowton/smowton/java17-options 
Java: Adapt tests as required by JDK17 extractor upgrade
 2022-08-10 18:46:06 +01:00
Chris Smowton
341241cf43 Use SrcFloatingPointLiteral 2022-08-10 17:28:14 +01:00
Anders Schack-Mulligen
cbd6d24b9c Merge pull request #9963 from intrigus-lgtm/java/model-set-properties 
Model `java.util.Properties.setProperty`
 2022-08-10 14:51:00 +02:00
Chris Smowton
8c32758ae5 Merge pull request #9829 from smowton/smowton/fix/kotlin-underscore-parameter-names 
Kotlin: Don't extract a name for a '_' parameter
 2022-08-10 12:28:26 +01:00
Tony Torralba
7f5fe85e2e Merge pull request #9975 from atorralba/atorralba/asynctask-improvs 
Java: Improve AsyncTask data flow support
 2022-08-09 17:10:09 +02:00
Erik Krogh Kristensen
49276b1f38 Merge branch 'main' into refacReDoS 2022-08-09 16:18:46 +02:00
Chris Smowton
1c6642f3fb Format QL 2022-08-09 11:50:54 +01:00
Chris Smowton
80f5b977d6 Use sealed classes released version 2022-08-09 11:50:54 +01:00
yo-h
c46b54b9c2 Java 17: exclude non-source locations in some tests 2022-08-09 11:50:54 +01:00
yo-h
0bf7e075e5 Java 17: adjust expected test output 2022-08-09 11:50:54 +01:00
yo-h
27b699df33 Java: adjust test options for JDK 17 upgrade 2022-08-09 11:50:54 +01:00