codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00

Author	SHA1	Message	Date
Paolo Tranquilli	4b205ff96d	Apply suggestions from code review Co-authored-by: Cornelius Riemenschneider <cornelius@github.com>	2024-04-09 14:44:44 +02:00
Owen Mansel-Chan	ae8240a695	Delete models for JDK internal packages	2024-04-09 13:23:03 +01:00
Paolo Tranquilli	11729aaf6e	Kotlin: add licensing links about kotlin dependencies	2024-04-09 13:55:30 +02:00
Paolo Tranquilli	4a4bd16eab	Java/Kotlin: prepare for internal bazel packaging	2024-04-09 13:27:27 +02:00
erik-krogh	8cb6598f50	fixing that I put a type on the wrong thing in the alert-message	2024-04-08 20:51:19 +02:00
Jami	5792f7b770	Merge branch 'main' into jcogs33/unsafe-url-forward-promotion-resource-and-file-methods	2024-04-08 10:26:42 -04:00
Paolo Tranquilli	a970c2d11c	Kotlin: move empty zip from git to internal bazel repo rule	2024-04-08 14:37:53 +02:00
Paolo Tranquilli	e963b84a5a	Kotlin: fix error in building extractor from internal repo	2024-04-08 14:03:15 +02:00
erik-krogh	018b066b95	autoformat	2024-04-08 07:15:33 +02:00
erik-krogh	ca4f667053	add fallback if I can't easily determine the variable	2024-04-08 07:14:48 +02:00
erik-krogh	8b220cc1b3	also get the variable for array accesses	2024-04-08 07:14:48 +02:00
erik-krogh	795b767b6e	add link to the source variable in the alert-message for java/implicit-cast-in-compound-assignment	2024-04-08 07:14:48 +02:00
Mathias Vorreiter Pedersen	2256c4c008	Merge pull request #15728 from MathiasVP/shared-typeflow-library Java/Shared: Refactor `TypeFlow.qll` into a shared library	2024-04-05 16:24:17 +01:00
Mathias Vorreiter Pedersen	1775bdee5f	Java: Remove redundant qualifiers.	2024-04-05 12:52:04 +01:00
Mathias Vorreiter Pedersen	26cf8df8d6	Update java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-04-05 12:50:26 +01:00
Mathias Vorreiter Pedersen	3f63d3a865	Update java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-04-05 12:49:40 +01:00
Mathias Vorreiter Pedersen	1acbb84444	Shared/Java: Make the 'isNull' interface slightly prettier.	2024-04-05 11:58:43 +01:00
Owen Mansel-Chan	e10333bf2b	Merge pull request #14919 from github/java/jdk-model-autogeneration Java: add dataflow-generated models for JDK17	2024-04-04 21:12:55 +01:00
Paolo Tranquilli	7aefd22e34	Kotlin: tweak `BUILD.bazel` file, add documentation	2024-04-04 17:32:23 +02:00
Paolo Tranquilli	44f3c0289a	Kotlin: revert accidental modification of `kotlin_plugin_versions.py`	2024-04-04 17:31:40 +02:00
Paolo Tranquilli	cbdb1ebb5a	Merge branch 'main' into redsun82/kotlin	2024-04-04 16:56:07 +02:00
Dave Bartolomeo	2336e14627	Remove expectation of spurious diagnostic	2024-04-04 10:31:05 -04:00
Paolo Tranquilli	3a0a219ce7	Kotlin: remove obsolete 1.4.32 version	2024-04-04 15:49:37 +02:00
Paolo Tranquilli	5d6baea174	Kotlin: add aliases for default versions	2024-04-04 15:34:48 +02:00
Paolo Tranquilli	55ff7109fa	Kotlin: support embeddable build in bazel	2024-04-04 12:53:14 +02:00
Paolo Tranquilli	47ff1c1ee6	Kotlin: working standalone extractor built with bazel	2024-04-04 10:23:26 +02:00
Paolo Tranquilli	c242466d31	Kotlin: first support for Kotlin extractor build	2024-04-03 16:30:57 +02:00
Tom Hvitved	1dc13cc169	Merge pull request #15923 from hvitved/shared-xml-impl Properly shared `XML.qll` implementation	2024-04-03 11:39:50 +02:00
Paolo Tranquilli	341816c280	Kotlin: add dependencies as lazy LFS files	2024-04-03 08:35:34 +02:00
Paolo Tranquilli	0da4130bb9	Bazel: add LFS rules	2024-04-03 08:35:19 +02:00
Dave Bartolomeo	ce98353d22	Allow `@param` tags to apply to record parameters	2024-04-02 15:15:11 -04:00
Michael Nebel	c378d6a661	Merge pull request #16027 from github/workflow/coverage/update Update CSV framework coverage reports	2024-04-02 14:08:09 +02:00
Ian Lynagh	e610573411	Merge pull request #16078 from igfoo/igfoo/exprs_changes Kotlin 2: Accept more changes	2024-04-02 12:19:17 +01:00
Ian Lynagh	e5999f76b0	Merge pull request #16079 from igfoo/igfoo/del Kotlin 2: Accept some more location changes	2024-04-02 12:18:58 +01:00
github-actions[bot]	55987d9c1f	Add changed framework coverage reports	2024-04-02 00:16:19 +00:00
github-actions[bot]	8e61c6625b	Post-release preparation for codeql-cli-2.17.0	2024-04-01 15:27:42 +00:00
github-actions[bot]	ec97d9a304	Release preparation for version 2.17.0	2024-04-01 13:46:57 +00:00
Owen Mansel-Chan	fdafaa2ff4	Change note: update numbers of models added	2024-04-01 14:04:01 +01:00
Owen Mansel-Chan	e3fb40a842	Adjust change note	2024-04-01 14:03:53 +01:00
Owen Mansel-Chan	a5979e209a	Add change note	2024-04-01 14:03:47 +01:00
Owen Mansel-Chan	fa614df3f4	Tests fixed by model for `CharBuffer.wrap(char[])`	2024-04-01 14:03:42 +01:00
Owen Mansel-Chan	2d24fe011b	Accept that lots of sinks are now summaries as well	2024-04-01 14:03:36 +01:00
Owen Mansel-Chan	9067a337b0	Test fixed by model for `BasicAttributes(String, Object)`	2024-04-01 14:03:30 +01:00
Owen Mansel-Chan	776c9d9eb2	Accept changes to top jdk apis test	2024-04-01 14:03:23 +01:00
Owen Mansel-Chan	52e6ea30e7	Accept more capture summary models This line is added because `FileOutputStream`'s constructor is now modeled as propagating taint, not just as a sink. \| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];ReturnValue;taint;df-generated \|	2024-04-01 14:03:00 +01:00
Owen Mansel-Chan	919436efbb	Remove df-gen models we have deliberately modeled Manual models always take precedence over generated models, so there is no point in keeping the generated models. These manual models were deliberately written to take precedence over the corresponding df-gen models.	2024-04-01 13:59:36 +01:00
Jami	d889e3cf98	Merge pull request #14854 from jcogs33/jcogs33/unsafe-url-forward-promotion Java: Promote Unsafe URL Forward query from experimental	2024-03-29 16:34:06 -04:00
Jami	2f8c4df309	docs wording updates Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2024-03-28 16:15:05 -04:00
Ian Lynagh	3acdc73f22	Kotlin 2: Accept some more location changes	2024-03-28 16:15:37 +00:00
Ian Lynagh	568fba6940	Kotlin 2: Accept some more test changes	2024-03-28 15:28:36 +00:00

... 23 24 25 26 27 ...

13017 Commits