hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,579 Commits 1,672 Branches 157 Tags
codeql-cli-2.21.2
Commit Graph

4256 Commits

Author SHA1 Message Date
Jami Cogswell
b99a1d2cd9 update sink and tests 2022-11-08 15:29:33 -05:00
Jami Cogswell
695d6f0e4e move files to regexp directory 2022-11-08 15:29:33 -05:00
Jami Cogswell
5402001362 remove original sanitizer 2022-11-08 15:29:33 -05:00
Jami Cogswell
be548c13e1 switch sink to use csv models 2022-11-08 15:29:33 -05:00
Jami Cogswell
5dcd3b2c0f clean up files 2022-11-08 15:29:33 -05:00
Jami Cogswell
32f7348d30 update help file 2022-11-08 15:29:33 -05:00
Jami Cogswell
eb30e8fe9e move Pattern.quote and Pattern.LITERAL models to Regex.qll 2022-11-08 15:29:33 -05:00
Jami Cogswell
81ad10bab5 update sink names 2022-11-08 15:29:33 -05:00
Jami Cogswell
5b089bbb9c split sanitizer into three 2022-11-08 15:29:33 -05:00
Jami Cogswell
91491d9a7b refactor into more classes; add more test cases; add LITERAL sanitizer 2022-11-08 15:29:33 -05:00
Jami Cogswell
50d638d1b6 create RegexInjection.qll file 2022-11-08 15:29:33 -05:00
Jami Cogswell
f6f26fe6c5 refactor code; add change note 2022-11-08 15:29:33 -05:00
Jami Cogswell
037a05cd66 add classes for Pattern, Matcher, and RegExUtils 2022-11-08 15:29:33 -05:00
Jami Cogswell
6545cff0ef add Pattern.quote sanitizer 2022-11-08 15:29:33 -05:00
Jami Cogswell
833c5edf06 move to .qll file and switch to InlineExpectations tests 2022-11-08 15:29:32 -05:00
Rasmus Wriedt Larsen
4895daba85 DataFlow: Add read/store stepIsLocal consistency checks 2022-11-08 13:32:49 +01:00
Tony Torralba
ef967b6a21 Merge pull request #10890 from atorralba/atorralba/android-startactivities-summaries 
Java: Add flow summaries for startActivities
 2022-11-07 18:06:30 +01:00
Erik Krogh Kristensen
d67235b3c1 Merge pull request #11071 from erik-krogh/fixCanon 
ReDoS: fix canonicalization in NfaUtils
 2022-11-07 14:10:50 +01:00
Tamás Vajk
830be92f1d Merge pull request #11089 from tamasvajk/kotlin-enum-ctor-call 
Kotlin: Extract missing arguments of enum constructor calls
 2022-11-07 12:55:27 +01:00
Anders Schack-Mulligen
99ca28ea9b Merge pull request #10886 from aschackmull/dataflow/joinorders 
Dataflow: Fix a couple of join-orders.
 2022-11-07 11:05:29 +01:00
Tamas Vajk
4e8d8a4de1 Add compilerGeneratedReason for enum constructor call arguments 2022-11-07 10:07:05 +01:00
github-actions[bot]
fca754bddd Post-release preparation for codeql-cli-2.11.3 2022-11-05 14:30:48 +00:00
github-actions[bot]
508327235a Release preparation for version 2.11.3 2022-11-04 20:16:23 +00:00
Anders Schack-Mulligen
a1dba82360 Dataflow: Sync. 2022-11-04 12:41:55 +01:00
Anders Schack-Mulligen
828d187198 Dataflow: Fix a couple of join-orders. 2022-11-04 12:41:55 +01:00
Tom Hvitved
587e6739d9 Merge pull request #11060 from hvitved/dataflow/path-node-reach-charpred 
Data flow: Restrict public `PathNode`s to those that may reach a sink
 2022-11-04 10:17:09 +01:00
Anders Schack-Mulligen
331b8c0144 Merge pull request #10904 from aschackmull/java/joinorders 
Java: Fix some join-orders.
 2022-11-04 09:24:31 +01:00
Michael Nebel
3c8fb0520e C#: Sync files. 2022-11-04 08:20:53 +01:00
Tom Hvitved
d3488da0c2 Data flow: Sync files 2022-11-03 15:52:30 +01:00
erik-krogh
c15f63ce62 sync files 2022-11-01 21:35:27 +01:00
Jami Cogswell
f40eefce57 use CompileTimeConstantExpr instead of StringLiteral 2022-10-27 17:11:07 -04:00
Jami Cogswell
65f7474110 simplify algorithm.matches 2022-10-27 16:44:03 -04:00
Jeroen Ketema
1d7efd8e82 Merge pull request #10905 from jsoref/spelling-code-scanning-product 
Spelling code scanning product
 2022-10-27 12:55:37 +02:00
Jami Cogswell
1bfdfc954b shorten class/predicate names 2022-10-26 16:30:14 -04:00
Tamas Vajk
9cc7a30a75 Kotlin: do not report on unused object extension parameters 2022-10-26 15:06:51 +02:00
Jami Cogswell
1e80fa118c add modules 2022-10-25 18:26:00 -04:00
Tamas Vajk
eaa04b72f1 Apply code review findings 2022-10-25 13:49:54 +02:00
Tamas Vajk
78c23c2657 Kotlin: Exclude constructs in serialization constructors from java/evaluation-to-constant 2022-10-25 13:49:54 +02:00
Chris Smowton
b9f4856d47 Merge pull request #10876 from smowton/smowton/feature/kotlin-default-method-auto-mad 
Java models-as-data: infer Kotlin $default models from that of its parent function
 2022-10-25 11:58:54 +01:00
Jami Cogswell
1a1245343d remove getNodeIntValue 2022-10-24 17:09:24 -04:00
Jami Cogswell
c742a09def remove AlgoSpec class 2022-10-24 16:15:18 -04:00
Jami Cogswell
d569f93e78 update getAlgoSpec 2022-10-24 16:05:57 -04:00
Jami Cogswell
09829d7f7a simplify instanceof usage 2022-10-24 15:49:41 -04:00
Jami Cogswell
8bc0a64863 remove KeyGenInitMethodAccess class 2022-10-24 15:42:36 -04:00
Jami Cogswell
eb69b98dff remove separators 2022-10-24 15:28:31 -04:00
Jami Cogswell
2ee23f004e update qldoc for AlgorithmParameterSpec 2022-10-24 15:22:33 -04:00
Jami Cogswell
4c8e0a7648 update qldoc of JavaSecurityKeyPairGenerator and JavaSecurityAlgoParamGenerator 2022-10-24 15:05:05 -04:00
Chris Smowton
7a0bded2ac Kotlin: support argument-range specifications for $default methods 2022-10-24 19:31:03 +01:00
Chris Smowton
5e28e5a170 Merge pull request #10909 from smowton/smowton/fix/kotlin-varargs-dataflow 
Kotlin: Fix varargs dataflow, and varargs default handling
 2022-10-21 13:32:34 +01:00
Chris Smowton
1fe9e8457f Kotlin: Fix varargs dataflow, and varargs default handling 
Dataflow requires accounting for the fact that the varargs parameter isn't necessarily last in the parameter list in a couple more places. Default handling just requires that if the only null parameter is the varargs argument, and it has no default value, then no $default method is required-- the caller is expected to simply pass nothing (at QL
/ source level) or an empty array (at JVM level).
 2022-10-21 11:14:41 +01:00