hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,000 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.3
Commit Graph

4304 Commits

Author SHA1 Message Date
Ed Minnix
e9ca4a25d4 Update to new MethodCall name 2023-12-11 11:18:39 -05:00
Ed Minnix
a1e9564cc5 Add more sources 2023-12-11 11:18:39 -05:00
Ed Minnix
b8b2de2f3c Remove use of crypto-parameter sink kind 2023-12-11 11:18:39 -05:00
Ed Minnix
646254c9b2 Add credentials sinks from SensitiveApi 2023-12-11 11:18:39 -05:00
Ed Minnix
057a74d914 Remove unnused class 2023-12-11 11:18:39 -05:00
Ed Minnix
ba3c38c226 Restrict addCookie to specific interface 2023-12-11 11:18:38 -05:00
Ed Minnix
dc3e4cd928 Refactored method accesses to the RandomDataSource library 2023-12-11 11:18:38 -05:00
Ed Minnix
ce7690b53f Make imports private 2023-12-11 11:18:38 -05:00
Edward Minnix III
bc0655573f Simplifications 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-12-11 11:18:38 -05:00
Ed Minnix
0313f39229 Cryptographic sinks 2023-12-11 11:18:38 -05:00
Ed Minnix
b713efb711 Add ThreadLocalRandom.current as another source 2023-12-11 11:18:38 -05:00
Ed Minnix
bf0123d6ae Add org.apache.commons.lang.RandomStringUtils as a source 2023-12-11 11:18:38 -05:00
Ed Minnix
e69ff7b601 Move to library and add docs 2023-12-11 11:18:38 -05:00
Tom Hvitved
f9dbf676a6 Java: Use FlowSummaryImpl from dataflow pack 2023-12-10 11:25:45 +01:00
Ed Minnix
1526da5929 Deprecation change note 2023-12-08 10:50:04 -05:00
Ed Minnix
aebbc7d4ab Add private imports to prevent compile warnings 2023-12-08 10:42:11 -05:00
Ed Minnix
1b8f3f3450 Deprecate or remove imports of dataflow library copies 2023-12-08 10:42:10 -05:00
Anders Schack-Mulligen
0618568cdc Merge pull request #15045 from aschackmull/java/fix-cp 
Java: Fix accidental cartesian product.
 2023-12-08 15:43:01 +01:00
Anders Schack-Mulligen
64eb4ff753 Merge pull request #14983 from aschackmull/dataflow/deprecate-old-api 
Data Flow: Deprecate old data flow api.
 2023-12-08 14:27:25 +01:00
Anders Schack-Mulligen
7ee3068fe7 Java: Fix accidental cartesian product. 2023-12-08 13:27:05 +01:00
github-actions[bot]
92af5f5386 Post-release preparation for codeql-cli-2.15.4 2023-12-06 22:59:22 +00:00
github-actions[bot]
c04457e9e7 Release preparation for version 2.15.4 2023-12-06 21:11:50 +00:00
Ian Lynagh
fc11a87882 Kotlin: Fix dataflow with Array.set wrappers 2023-12-06 12:19:46 +00:00
Ian Lynagh
2c625e34b5 Merge pull request #15008 from igfoo/igfoo/kot-arr-taint 
Kotlin: Track taint through Array.get/set
 2023-12-05 18:30:21 +00:00
Ian Lynagh
8ea155ef24 Kotlin: Add changenote 2023-12-05 14:48:02 +00:00
Ian Lynagh
babf1d6648 Kotlin: Track Kotlin's Array.set when tracking taint 2023-12-05 14:42:45 +00:00
Ian Lynagh
821b4c727e Kotlin: Add Array.get(_) support to taint tracking 2023-12-05 14:41:32 +00:00
Jami
651653998c Merge pull request #14913 from jcogs33/jcogs33/unsafe-url-forward_path-inj-related_cve-2019-3799 
Java: add Spring models
 2023-12-04 10:18:50 -05:00
Chris Smowton
97266c252e Remove mention of TSP 2023-12-04 12:36:04 +00:00
Chris Smowton
6d5a493e2d Add change note 2023-12-04 11:48:51 +00:00
Anders Schack-Mulligen
67f0529cda Dataflow: Sync. 2023-12-04 12:36:57 +01:00
Anders Schack-Mulligen
fd920b8585 Java: Deprecate old data flow api. 2023-12-04 12:36:57 +01:00
Chris Smowton
aa8f798853 Move condition into isNonFallThroughPredecessor 2023-11-30 11:24:07 +00:00
Chris Smowton
94819e37c4 More StmtParent -> SwitchBlock 2023-11-30 11:24:07 +00:00
Chris Smowton
e93fe8d614 Update change note 2023-11-30 11:24:07 +00:00
Chris Smowton
53ca8e5fe9 autoformat 2023-11-30 11:24:07 +00:00
Chris Smowton
633b92da62 Introduce and use SwitchBlock instead of StmtParent for switch-statement-or-expression 2023-11-30 11:24:07 +00:00
Chris Smowton
e50a0eee59 Remove duplicate of expr exception propagation logic 2023-11-30 11:24:07 +00:00
Chris Smowton
6f3bff19cc Expose getFirstPatternCase, not getPatternCase/2 2023-11-30 11:24:07 +00:00
Chris Smowton
40464ed1f9 Eliminate duplicate predicate 2023-11-30 11:24:07 +00:00
Chris Smowton
3971817c92 Fix: ensure is a switch block 2023-11-30 11:24:07 +00:00
Chris Smowton
b1cea1d91e autoformat 2023-11-30 11:24:07 +00:00
Chris Smowton
561f06a4bd Remove unused predicate 2023-11-30 11:24:06 +00:00
Chris Smowton
e9603f0aba Factor out isNonFallThroughPredecessor 2023-11-30 11:24:06 +00:00
Chris Smowton
84ec453a80 Explicitly rule out switchCaseControls for PatternCase 2023-11-30 11:24:06 +00:00
Chris Smowton
77b1721542 Move TypeTestGuard's logic into Guard.appliesTypeTest 2023-11-30 11:24:06 +00:00
Chris Smowton
b33dc38a65 Fix hasBranchEdge for switch exprs with an internal CFG and incoming edges from a passing case guard 2023-11-30 11:24:06 +00:00
Chris Smowton
9b5b496462 Avoid quadratic switch case intermediate 2023-11-30 11:24:06 +00:00
Chris Smowton
d1e16ada4c Tidy up pattern case CFG logic 2023-11-30 11:24:06 +00:00
Chris Smowton
beb827b1d0 Remove unused predicate 2023-11-30 11:24:06 +00:00