hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,267 Commits 1,672 Branches 157 Tags
codeql-cli-2.21.1
Commit Graph

4248 Commits

Author SHA1 Message Date
Ed Minnix
3826b9be6c Re-add allowImplicitRead 2023-04-13 23:06:16 -04:00
Ed Minnix
74b71ff7e3 Replace allowImplicitRead with default implementation 2023-04-13 23:06:16 -04:00
Ed Minnix
ea54ea47b1 Deprecate sensitiveResultReceiver 2023-04-13 23:06:16 -04:00
Ed Minnix
cd661f1d9f Refactor SensitiveResultReceiver 2023-04-13 23:06:16 -04:00
Ed Minnix
735a7383c6 Refactor HardcodedCredentialsSourceCall 2023-04-13 23:06:16 -04:00
Alex Eyers-Taylor
c6a482819a Bump all qlpacks major versions 2023-04-13 19:15:27 +01:00
Jami Cogswell
108b7a38aa Java: update provenance to hq-manual 2023-04-13 10:24:24 -04:00
Jami Cogswell
4f9c51a02b Java: update provenance to hq-manual now that 12595 is merged 2023-04-13 10:11:31 -04:00
Jami Cogswell
523feabaa2 Java: switch Netty setUri method from summary to sink; resolve conflicts 2023-04-13 09:16:18 -04:00
Jami Cogswell
6890434d63 Java: add change note 2023-04-13 09:15:02 -04:00
Jami Cogswell
d85bcacf84 Java: update some models, undo temp edits; resolve conflicts 2023-04-13 09:14:52 -04:00
Jami Cogswell
540b8391dc Java: add more tests 2023-04-13 09:12:55 -04:00
Jami Cogswell
99320857af Java: change model to summary and update comments 2023-04-13 09:12:55 -04:00
Jami Cogswell
8a6ff95035 Java: remove neutral which will be added in a different PR 2023-04-13 09:12:54 -04:00
Jami Cogswell
4daaf783e1 Java: remove cache ones for now 2023-04-13 09:12:54 -04:00
Jami Cogswell
cd7b79f62b Java: add tests for org.apache.hc.client5.http.fluent 2023-04-13 09:12:54 -04:00
Jami Cogswell
a9595647c4 Java: fix typo 2023-04-13 09:12:54 -04:00
Jami Cogswell
33afcd75f1 Java: add subtype-related comments, update some empty-string signatures 2023-04-13 09:12:54 -04:00
Jami Cogswell
e89df255e3 Java: add subtype-related comments on org.apache.hc.client5.http.async.methods models 2023-04-13 09:12:54 -04:00
Jami Cogswell
4ab184fc7d Java: switch HttpHost from sink to summary; resolve conflicts 2023-04-13 09:12:54 -04:00
Jami Cogswell
4ed101fa26 Java: remove some comments 2023-04-13 09:12:54 -04:00
Jami Cogswell
a991f87728 Java: add some host sinks 2023-04-13 09:12:54 -04:00
Jami Cogswell
68fe486c05 Java: remove typo FP, boolean arg is not a sink 2023-04-13 09:12:54 -04:00
Jami Cogswell
60dab3d779 Java: add models from client version 4; resolve conflicts 2023-04-13 09:12:42 -04:00
Jami Cogswell
68391acc98 Java: add models from core version 4; resolve conflict 2023-04-13 09:06:28 -04:00
Jami Cogswell
de4cfc3239 Java: remove typo sink, this api is covered by the model for org.apache.http.client.methods.HttpRequestBase.setURI instead 2023-04-13 09:06:28 -04:00
Jami Cogswell
a3976305ca Java: add initial ssrf heuristic models for apache httpcomponents version 5 2023-04-13 09:06:28 -04:00
Michael Nebel
52bc43b22b Merge pull request #12595 from michaelnebel/enhanceprovenance 
Java/C# : Enhance provenance.
 2023-04-13 14:27:53 +02:00
Alex Ford
8c46bfd051 Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Tony Torralba
4c6df3fdb9 Merge pull request #12813 from atorralba/atorralba/java/sensitive-expr-fix-and-tests 
Java: Add tests for SensitiveActions and fix getCommonSensitiveInfoRegex
 2023-04-13 13:13:37 +02:00
Tony Torralba
d7feaf4098 Merge pull request #12685 from atorralba/atorralba/java/command-injection-mad 
Java: Add command-injection sink kind and refactor command injection queries
 2023-04-13 11:38:14 +02:00
Tony Torralba
4f2ffccc20 Improve change note 2023-04-13 11:14:57 +02:00
Tony Torralba
99b0624e8b Add change note 2023-04-13 10:35:59 +02:00
Tony Torralba
485709a133 Fix getCommonSensitiveInfoRegex 2023-04-13 10:33:03 +02:00
Michael Nebel
169d8d5cf9 Java: All ai-generated models have been manually verified. 2023-04-13 09:21:06 +02:00
Michael Nebel
6593991c13 Java/C#: Update generated models to have provenance df-generated. 2023-04-13 09:21:05 +02:00
Michael Nebel
03482e5e59 Java/C#: Update the internal documentation. 2023-04-13 09:21:05 +02:00
Michael Nebel
54e55e2262 Java: Introduce more provenance values. 2023-04-13 09:21:04 +02:00
Michael Nebel
efc0650b86 Java: Set the provenance default to manual. 2023-04-13 09:21:04 +02:00
Mathew Payne
824ff8ad88 Add function signature to model 2023-04-12 14:54:06 +00:00
Mathew Payne
ffec22a5d2 Add change log notes 2023-04-12 14:48:28 +00:00
Mathew Payne
d0529bba2b Add missing models for Java IO 
- java.io.OutputStream
- java.nio.file.Files
 2023-04-12 14:43:11 +00:00
Chris Smowton
7eefa43f5a Rename and document viableArgParamSpecific to make clear it is a temporary hook. 2023-04-12 14:33:46 +01:00
Chris Smowton
4d8ca3d759 Add dataflow callback to filter out receiver argument flow to Golang interface dispatch candidates. 
Other langauges stub the callback.
 2023-04-12 14:19:06 +01:00
Jami
b7c7449b08 Merge pull request #12739 from jcogs33/jcogs33/add-one-more-top500-model 
Java: add summary model for `UnsupportedOperationException(String)` constructor
 2023-04-11 08:25:36 -04:00
Tony Torralba
944bdfde45 Apply suggestions from code review 2023-04-11 09:47:47 +02:00
Stephan Brandauer
cb8506d51a Update MaD Declarations after Triage 2023-04-11 09:25:39 +02:00
Jami Cogswell
6a103f5070 Java: add change note 2023-04-06 10:22:03 -04:00
Jami Cogswell
6b695434b7 Java: add yml model for UnsupportedOperationException; resolve conflict 2023-04-06 10:19:19 -04:00
Tony Torralba
8686036346 Update java/ql/lib/change-notes/2023-03-31-new-models.md 2023-04-06 15:25:33 +02:00