codeql

mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00

Author	SHA1	Message	Date
Stephan Brandauer	3433437034	Java: automodel application mode: only extract the first argument corresponding to a varargs array	2023-08-07 14:15:17 +02:00
Edward Minnix III	58d8a2d77f	Merge pull request #13899 from egregius313/egregius313/random-nextbytes-typo-fix Java: Fix typo in `StdlibRandomSource::getOutput`	2023-08-07 07:36:44 -04:00
Tom Hvitved	2126ab0dde	Merge pull request #13901 from hvitved/dataflow/refactor Data flow: Refactor shared library	2023-08-07 13:22:53 +02:00
Ian Lynagh	0d97c1c54a	Merge pull request #13837 from igfoo/igfoo/nullFunLabel Kotlin: Pass on a parentId and remove some redundant braces	2023-08-07 12:19:22 +01:00
Michael Nebel	e62ec888c0	Merge pull request #13506 from michaelnebel/java/threatmodels Java: Threat Models	2023-08-07 12:50:01 +02:00
Stephan Brandauer	e1a5eba61b	Java: automodel application mode: refactor varargs endpoint class to rely on normal argument node for nicer extracted examples	2023-08-07 12:18:52 +02:00
Stephan Brandauer	650ff8db87	Java: automodel comments	2023-08-07 12:18:51 +02:00
Stephan Brandauer	0781cb78e8	Java: automodel application mode: add isVarargsArray metadata value	2023-08-07 12:18:51 +02:00
Stephan Brandauer	5abf7769a7	Java: automodel application mode: use endpoint class like in framework mode	2023-08-07 12:18:51 +02:00
Tony Torralba	fb0102b763	Java: New models for JAX-RS	2023-08-07 11:52:23 +02:00
Tom Hvitved	693970f243	Java: Adjust to data flow refactor	2023-08-07 11:35:23 +02:00
Anders Starcke Henriksen	0d78eeb871	Address comments.	2023-08-07 10:47:59 +02:00
Tony Torralba	43b9199734	Java: Improved JaxWsEndpoint::getARemoteMethod	2023-08-07 10:21:58 +02:00
Ed Minnix	23e2eb11dd	Change note	2023-08-07 00:23:58 -04:00
Ed Minnix	fe4eef0bcb	Fix typo, replace `getBytes` with `nextBytes`	2023-08-07 00:16:47 -04:00
Jeroen Ketema	747cd1745a	Update all languages to use the shared taint-tracking library	2023-08-04 22:53:25 +02:00
Jami Cogswell	19622aec49	Java: remove duplicate 'Files.newOutputStream' ai model	2023-08-04 14:06:57 -04:00
Jami Cogswell	e64d581f7a	Java: remove duplicate 'Files.newInputStream' ai model	2023-08-04 14:05:05 -04:00
Jami Cogswell	d2a24dee7f	Java: remove duplicate 'Files.delete' ai model	2023-08-04 14:02:59 -04:00
Jami Cogswell	516831aa41	Java: remove duplicate 'Files.move' ai model	2023-08-04 14:01:27 -04:00
Jami Cogswell	c510d33fbf	Java: remove duplicate 'Files.deleteIfExists' ai model	2023-08-04 13:52:18 -04:00
Mathias Vorreiter Pedersen	abe3a816ce	Merge pull request #13851 from MathiasVP/sink-without-states DataFlow: Support stateless `isSink` in `StateConfigSig`s	2023-08-04 18:01:42 +02:00
Michael Nebel	9c4d77a925	Java: Address review comments.	2023-08-04 13:47:30 +02:00
Michael Nebel	d3eb9c1325	Java: Add release note and address review comments.	2023-08-04 13:36:43 +02:00
Anders Starcke Henriksen	3ef82c1091	Address comments.	2023-08-04 10:22:17 +02:00
Tony Torralba	586c8803c5	Move the sources back the .ql files Otherwise they would both apply at the same time, making both versions of the query identical.	2023-08-04 10:02:56 +02:00
Tony Torralba	e9bad321b6	Apply suggestions from code review	2023-08-04 09:21:45 +02:00
Paul Hodgkinson	fba37aa7c9	Merge branch 'main' into java/experimental/command-injection	2023-08-03 14:12:38 +01:00
aegilops	fc7f8409be	Fix up for code review	2023-08-03 13:50:40 +01:00
aegilops	3658710578	Fixed formatting, committed expected test results	2023-08-03 13:50:40 +01:00
Anders Starcke Henriksen	e2abd3ff13	Create separate automodel pack.	2023-08-03 13:55:15 +02:00
Anders Schack-Mulligen	0ae81eace3	Java: update fixed test	2023-08-03 10:07:00 +02:00
Anders Schack-Mulligen	84316c41a3	Java: Add more qldoc.	2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen	90052a3ca2	Java: Add proper types for capture nodes.	2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen	37455ec29e	Java: Replace ratpack test fix with general heuristic summary.	2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen	c5990311ca	Java: Redesign and reimplement variable capture flow.	2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen	70bef64e2a	Java: Fix ratpack flow.	2023-08-03 10:04:05 +02:00
Anders Schack-Mulligen	a23e77ca58	Java: Disregard heap parameter in any-argument and any-parameter specs.	2023-08-03 10:04:05 +02:00
Anders Schack-Mulligen	9a4de208ef	Java: Fix qltests.	2023-08-03 10:04:05 +02:00
Anders Schack-Mulligen	d1a616a70a	Java: Add proper support for variable capture flow.	2023-08-03 10:04:02 +02:00
Anders Starcke Henriksen	131ae1aae9	Fix name in predicate.	2023-08-03 09:53:40 +02:00
Anders Starcke Henriksen	1c425a5602	Change from package to endpoint.	2023-08-03 09:50:23 +02:00
Anders Starcke Henriksen	9b8d7df370	Add option to filter automodel queries by package.	2023-08-03 09:50:23 +02:00
Mathias Vorreiter Pedersen	3007fdab5e	Sync identical files.	2023-08-02 14:33:33 +02:00
Anders Schack-Mulligen	7bc8bf616f	Merge pull request #13863 from aschackmull/dataflow/pack4 Dataflow: Move the shared library to a properly shared qlpack.	2023-08-02 14:19:49 +02:00
Stephan Brandauer	cb55b10edc	Merge pull request #13788 from github/kaeluka/automodel-telemetry-testing Java: Tests for Automodel Extraction Queries	2023-08-01 15:30:26 +02:00
Anders Schack-Mulligen	405a3a73d1	Java: Remove irrelevant import.	2023-08-01 14:31:30 +02:00
Anders Schack-Mulligen	15da4ee009	Merge pull request #13856 from aschackmull/java/maybebrokencrypto-barrier Java: Make the barrier in java/potentially-weak-cryptographic-algorithm less restrictive	2023-08-01 14:20:44 +02:00
Anders Schack-Mulligen	c34c667e6b	Java: Adjust to use the qlpack data-flow api.	2023-08-01 13:47:09 +02:00
Anders Schack-Mulligen	d7ea60e137	Java: Move data flow lib.	2023-08-01 13:47:08 +02:00

... 55 56 57 58 59 ...

13017 Commits