hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,579 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.2
Commit Graph

4256 Commits

Author SHA1 Message Date
Dave Bartolomeo
22e030584c Revert "Release preparation for version 2.20.1" 2025-01-07 12:14:27 -05:00
Owen Mansel-Chan
7688f46650 Add change note 2025-01-07 17:08:23 +00:00
Owen Mansel-Chan
5959a736ac Only recommend GCM, and tighten wording 2025-01-07 16:55:10 +00:00
Owen Mansel-Chan
9cc614ac2d Allow jax-rs path annotation inheritance 2025-01-07 16:44:12 +00:00
github-actions[bot]
a121c5a5d0 Release preparation for version 2.20.1 2025-01-06 18:20:22 +00:00
Tom Hvitved
1b31c90d26 Implement FlowSummaryImpl stubs 2025-01-06 13:26:51 +01:00
Ian Lynagh
78b277b46f Java/Kotlin: Add a changenote for CODEQL_PATH_TRANSFORMER support. 2025-01-03 16:02:36 +00:00
Jonas Jensen
2b1c70c33b Java: Diff-informed PolynomialReDoS.ql 
This and other queries would also benefit from making `RegexFlow`
diff-informed. That will come later.
 2024-12-20 13:01:09 +01:00
Jonas Jensen
5bebae9abf Java: Diff-informed ImproperIntentVerification.ql 2024-12-20 13:01:07 +01:00
Jonas Jensen
e799bff744 Java: Diff-informed TaintedPermissionsCheck.ql 2024-12-20 13:01:06 +01:00
Jonas Jensen
011d667f06 Java: Diff-informed PredictableSeed.ql 2024-12-20 13:01:05 +01:00
Jonas Jensen
a928a0d2b5 Java: Diff-informed BrokenCryptoAlgorithm.ql 2024-12-20 13:01:04 +01:00
Jonas Jensen
fea260bd55 Java: Diff-informed UnsafeHostnameVerification.ql 
This commit also adds a test case that would fail under `codeql test run
--check-diff-informed` if not for the override of
`getASelectedSourceLocation`. There was no existing such test since all
the existing tests used anonymous classes whose location was on the same
line as the source.
 2024-12-20 12:58:59 +01:00
Jonas Jensen
8224ef6929 Java: Diff-informed InsecureTrustManager.ql 2024-12-20 11:22:58 +01:00
Jonas Jensen
eac1a4c002 Java: Diff-informed SqlTainted.ql 2024-12-20 11:22:57 +01:00
Jonas Jensen
2561cec80c Java: Diff-informed CommandLineQuery 2024-12-20 11:22:56 +01:00
Michael Nebel
aaf0cd5dee Merge pull request #17968 from michaelnebel/java/movetestutils 
Move test utilities to the query pack.
 2024-12-16 13:41:30 +01:00
Michael Nebel
0bfc1b6ea8 Also move the postprocessing queries to the library pack. 2024-12-12 15:03:03 +01:00
Michael Nebel
941b0abbf6 Move modules to the library packs. 2024-12-12 15:03:01 +01:00
Owen Mansel-Chan
8703e21f62 Merge pull request #17996 from owen-mc/java/lightweight-IR-layer-classes 
Java: Make separate classes for different control flow node kinds
 2024-12-12 13:36:54 +00:00
Owen Mansel-Chan
8e11789186 Restore asStmt, asExpr and asCall to Node 
It doesn't really make sense to define them in terms of dispatch.
 2024-12-12 12:30:01 +00:00
Owen Mansel-Chan
066db766ef Merge pull request #18153 from owen-mc/java/resttemplate-getforobject 
Java: add SSRF sink model for the third parameter of `RestTemplate.getForObject`
 2024-12-11 16:37:35 +00:00
Jami
538dee81b6 Merge pull request #18214 from jcogs33/jcogs33/java/file-getname-path-sanitizer 
Java: add File.getName as a path injection sanitizer
 2024-12-11 10:18:02 -05:00
Owen Mansel-Chan
1420bce36a Move import statement in SpringWebClient.qll 2024-12-11 14:19:24 +00:00
Owen Mansel-Chan
aaa4361120 Rearrange member predicates in ControlFlow::Node 
Put all the ones which might need to be overrridden by subclasses
together for ease of reading.
 2024-12-11 10:34:18 +00:00
Owen Mansel-Chan
79f4f78fc2 Make separate classes for control flow node kinds 
This puts all the logic of a particular control flow node kind into one
place and makes it easier to add new kinds.
 2024-12-11 10:34:16 +00:00
Owen Mansel-Chan
3f5886ef7a Accept another review suggestion 2024-12-10 15:26:17 +00:00
Owen Mansel-Chan
2da9bfb1a6 Finish renaming getCFGNode to getCfgNode 2024-12-10 15:26:16 +00:00
Owen Mansel-Chan
274281f61e Apply all suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-12-10 15:26:14 +00:00
Owen Mansel-Chan
d06dfe0ca3 Add change note 2024-12-10 15:26:13 +00:00
Owen Mansel-Chan
0f3dd6d8f1 Java: IPA the CFG 2024-12-10 15:26:11 +00:00
Jami Cogswell
214da9e9ad Java: add change note 2024-12-06 19:59:40 -05:00
Owen Mansel-Chan
347fd575a2 Refactor to avoid duplicated logic 2024-12-05 11:15:43 +00:00
Owen Mansel-Chan
b20b7c7572 Remove escaped "{" and "}" before counting placeholders 2024-12-05 10:43:13 +00:00
Anders Schack-Mulligen
4bf63fedc9 Merge pull request #18179 from aschackmull/dataflow/accesspath-notypes 
Dataflow: Remove tracked types from Access Paths, track tainted object type, and tweak type pruning.
 2024-12-05 09:58:36 +01:00
Jami Cogswell
121780c55a Java: add File.getName as a path injection sanitizer 2024-12-04 18:57:51 -05:00
github-actions[bot]
cf71a1525b Post-release preparation for codeql-cli-2.20.0 2024-12-04 18:36:17 +00:00
github-actions[bot]
96564b7128 Release preparation for version 2.20.0 2024-12-04 16:01:14 +00:00
Henry Mercer
963f084d87 Merge branch 'main' into henrymercer/merge-back-rc-3.16 2024-12-04 13:39:10 +00:00
Anders Schack-Mulligen
03fdceb0fd Merge pull request #18191 from aschackmull/dataflow/remove-deprecated-lib 
Dataflow: Delete the old configuration-class based api.
 2024-12-04 11:31:46 +01:00
Owen Mansel-Chan
5351f5b69d Update wording of alert (accepting review suggestion) 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-12-04 10:31:14 +00:00
Anders Schack-Mulligen
5042753b29 C#/Java: Add change notes. 2024-12-04 10:20:43 +01:00
Owen Mansel-Chan
95116eec51 Update recommendations 2024-12-04 00:42:23 +00:00
Anders Schack-Mulligen
b12a1c078c Java: Delete deprecated extension points referencing deleted api. 2024-12-03 20:08:44 +01:00
Anders Schack-Mulligen
cca27e4c77 Add change notes for all languages. 2024-12-03 19:42:33 +01:00
Anders Schack-Mulligen
2c0baff76a Java: Delete deprecated data flow api. 2024-12-03 14:13:03 +01:00
Tom Hvitved
fbeb6f3940 Shared: Move shared logic into FlowSummaryImpl.qll 2024-12-03 09:11:11 +01:00
Owen Mansel-Chan
5c99c8cc37 Improve suggestion for ECB 2024-11-29 14:05:07 +00:00
Owen Mansel-Chan
09240e46f2 Refactor: use concat instead of hand-written version 
This changes the order of the algorithms in the regex, but I don't think
that makes any difference.
 2024-11-29 11:54:29 +00:00
Owen Mansel-Chan
e6409e159f Give reason why crypto algorithm is insecure 2024-11-29 11:54:27 +00:00