hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,267 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.1
Commit Graph

4248 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
34b9791e46 Rangeanalysis: Remove superfluous ignoreSsaReadCopy. 2023-10-31 15:32:25 +01:00
Anders Schack-Mulligen
322e6c91be Rangeanalysis: Remove superfluous specificSsaRead. 2023-10-31 15:30:36 +01:00
Anders Schack-Mulligen
8b6c940e76 Rangeanalysis: Remove superfluous ignoreSsaReadAssignment. 2023-10-31 15:28:37 +01:00
Anders Schack-Mulligen
6d6f89e71e Rangeanalysis: Remove superfluous ignoreSsaReadArithmeticExpr. 2023-10-31 15:25:28 +01:00
Anders Schack-Mulligen
a39a94ca8e Rangeanalysis: Switch to shared ssaRead predicate. 2023-10-31 15:23:05 +01:00
Anders Schack-Mulligen
19644a8f07 Rangeanalysis: Implement shared ssaRead predicate 2023-10-31 15:07:11 +01:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
Tony Torralba
45cf50c2af Apply JMS sink only when there isn't an implementation available 2023-10-30 15:56:24 +01:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Dave Bartolomeo
b18a6d5e0b Merge pull request #14582 from github/dbartol/threat-models-2 
Java: Threat model implementation with priorities.
 2023-10-27 09:33:53 -04:00
Anders Schack-Mulligen
9769953669 Java: Split the different layers of virtual dispatch into separate cached stages. 2023-10-27 09:40:20 +02:00
Dave Bartolomeo
d2afb20f3f Merge remote-tracking branch 'origin/main' into dbartol/threat-models-2 2023-10-26 14:05:40 -04:00
Mathias Vorreiter Pedersen
30ecb4b0c8 Merge pull request #14588 from aschackmull/shared/rangeanalysis 
C++/Java: Share core range analysis
 2023-10-26 16:32:46 +01:00
Tony Torralba
7af3d239ab Java: Add JMS sink to java/unsafe-deserialization 2023-10-26 16:46:19 +02:00
Chris Smowton
8198898d73 Merge pull request #14583 from smowton/smowton/admin/really-deprecate-old-java-names 
Java: Deprecate MethodAccess and SuperMethodAccess
 2023-10-26 10:25:05 +01:00
Anders Schack-Mulligen
ec58b209e3 Merge pull request #14584 from Marcono1234/kotlin-Literal-getLiteral 
Kotlin: Mention `Literal::getLiteral()` difference from source code
 2023-10-26 10:03:57 +02:00
Chris Smowton
29d57d82b7 Deprecate MethodAccess and SuperMethodAccess 2023-10-25 22:26:38 +01:00
Ed Minnix
9d90c24006 Refactor to using MethodCall instead of MethodAccess 2023-10-25 14:31:56 -04:00
Ed Minnix
f288ddc3d5 Add signature back to trilead ssh2 model 2023-10-25 14:31:56 -04:00
Ed Minnix
d923784ae4 Add signatures to models 2023-10-25 14:31:56 -04:00
Ed Minnix
90c63ab6b0 Remove additional net.schmizz.sshj models 2023-10-25 14:31:56 -04:00
Edward Minnix III
2fb4dfeb90 TrustType should be nested in sun.security.pkcs11.Secmod models 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-10-25 14:31:55 -04:00
Ed Minnix
665b140a8a Make SaltAndParams be nested 2023-10-25 14:31:55 -04:00
Edward Minnix III
700201556c Remove extra model 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-10-25 14:31:55 -04:00
Ed Minnix
58dae6d1c6 Set provenance of models from otherApiCallableCredentialParam to manual and remove extra models 2023-10-25 14:31:55 -04:00
Edward Minnix III
2a91743477 Re-add IvParameterSpec constructor to otherApiCallableCredentialParam 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-10-25 14:31:55 -04:00
Ed Minnix
a28f19c857 Remove initialization vectors from SensitiveApi 2023-10-25 14:31:55 -04:00
Ed Minnix
c689065f83 Experiment: Remove IVs from credentials 2023-10-25 14:31:55 -04:00
Ed Minnix
855d96db66 Remove extra models 2023-10-25 14:31:55 -04:00
Ed Minnix
d85284da55 Update change note file date 2023-10-25 14:31:55 -04:00
Ed Minnix
02c98fae5f Use hq-generated provenance 2023-10-25 14:31:55 -04:00
Ed Minnix
1ad06f3293 Add missing GaloisCounterMode model 2023-10-25 14:31:55 -04:00
Ed Minnix
9c15cf18e8 Refactor deprecated predicates to use new classes 
Modified the predicates in `SensitiveApi` to rely on the new classes
which are using models as data. This allows us to remove the old
predicates containing the pre-MaD versions of the models.
 2023-10-25 14:31:55 -04:00
Ed Minnix
3b0b5e403c Replace crypto-parameter with credentials-key 2023-10-25 14:31:55 -04:00
Ed Minnix
a2bcc97a74 Remove CipherBlockChaining#init 2023-10-25 14:31:55 -04:00
Ed Minnix
743814a234 Delete private methods 2023-10-25 14:31:55 -04:00
Ed Minnix
c2d072e3f8 Remove redundant Cipher init methods 
Remove redundant `init` methods which are overriding `FeedbackCipher`
and `SymmetricCipher`.
 2023-10-25 14:31:54 -04:00
Ed Minnix
22d968fba3 Delete private methods 2023-10-25 14:31:54 -04:00
Ed Minnix
31b069041f Initialization vector models 2023-10-25 14:31:54 -04:00
Ed Minnix
a8eb95a688 Remove redundant engineUnwrap method models 
Most implementations of `engineUnwrap` are overriding the method from
`javax.crypto.CipherSpi`. Therefore, these models can be compressed into
a single model.
 2023-10-25 14:31:54 -04:00
Ed Minnix
64d23d4f9b Delete private methods 2023-10-25 14:31:54 -04:00
Ed Minnix
5b2d226c35 Remove unneeded models 2023-10-25 14:31:54 -04:00
Ed Minnix
1edca19419 Remove redundant KeyStoreSpi models 
`java.security.KeyStoreSpi` is an abstract class. This removes its
subclasses' models, and instead uses model-as-data's capability to use
subclasses.
 2023-10-25 14:31:54 -04:00
Edward Minnix III
72a1289eba Rename class to CredentialsSinkNode to better align with naming convention 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-10-25 14:31:54 -04:00
Ed Minnix
a85df81b67 Rename sink kind to "credentials-username" to match naming convention 2023-10-25 14:31:54 -04:00
Ed Minnix
0612b3795a Rename sink kind to "credentials-password" to match naming convention 2023-10-25 14:31:54 -04:00
Ed Minnix
3ee0fa9bc4 Add deprecation messages 2023-10-25 14:31:54 -04:00
Ed Minnix
b77b3763be Fix com.amazonaws.auth models 2023-10-25 14:31:54 -04:00
Ed Minnix
8eeb861963 ch.ethz.ssh2 fixes 2023-10-25 14:31:54 -04:00
Edward Minnix III
2f53adf2c2 Fix typo 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-10-25 14:31:54 -04:00