hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

5747 Commits

Author SHA1 Message Date
Owen Mansel-Chan
acfcc6d490 Sort ids in java-code-quality.qls 2025-04-10 12:35:42 +01:00
Owen Mansel-Chan
576f4cf19f Update tags 2025-04-10 12:21:09 +01:00
Owen Mansel-Chan
ad89e7980e Tweak documentation 2025-04-10 12:21:08 +01:00
Owen Mansel-Chan
3ea5cc1b66 Add query to code-quality query suite 2025-04-10 12:21:06 +01:00
Owen Mansel-Chan
626a7d5007 Fix punctuation 2025-04-10 12:21:02 +01:00
Owen Mansel-Chan
c4e56b1ec8 Add quality and cwe tag to query 
CWE-1176: Inefficient CPU Computation
 2025-04-10 12:21:00 +01:00
Owen Mansel-Chan
042fe07494 Adjust alert message 2025-04-10 11:47:19 +01:00
Owen Mansel-Chan
fea3d10b97 Update qhelp 2025-04-10 11:47:18 +01:00
Owen Mansel-Chan
441c79ebdf Use existing class StringReplaceAllCall 2025-04-10 11:47:17 +01:00
Owen Mansel-Chan
ff2947a0e5 Adjust query name 2025-04-10 11:47:14 +01:00
Owen Mansel-Chan
041adcd63a Java: Add initial version of string replaceAll with no regex query 2025-04-10 11:46:59 +01:00
Nicolas Will
b9d0abda63 Move CipherOperation into KeyOperation, refactor 
- KeyOperation and Algorithm now encompasses encryption, decryption, wrapping, unwrapping, signing, and verifying.
- Removed elliptic curve implementation from JCA.qll pending rewrite
- Removed JCAAlgorithmInstance abstraction from JCA.qll
- Cleaned up and removed JCA-specific naming from Model.qll
- Added and clarified documentation
 2025-04-09 21:19:00 +02:00
Tamas Vajk
6abff483da Java: Add explicit filtering for quality queries that should be included in security-and-quality 2025-04-08 16:47:41 +02:00
Tamas Vajk
259a09386e Move query suite selector logic to security-and-quality-suite 2025-04-08 16:47:41 +02:00
Jami Cogswell
798907dc50 Java: remove change note 2025-04-04 14:01:35 -04:00
Jami Cogswell
77eeab33a6 Java: remove change note 2025-04-04 13:57:34 -04:00
Jami Cogswell
fc21abc7e4 Java: update qhelp implementation notes to say 'method declarations' 2025-04-03 16:05:23 -04:00
Jami Cogswell
0380279c39 Java: update qhelp implementation notes for more clarity 2025-04-02 19:43:33 -04:00
Jami Cogswell
05d7b9a19a Java: add reliability tag 2025-04-02 19:11:26 -04:00
Jami Cogswell
6ade97892f Java: update maintainability tag to reliability instead 2025-04-02 19:06:02 -04:00
Jonas Jensen
118abd40c9 Java: add exclude-from-incremental tag to telemetry queries 
In the future, this tag should signal to the action that the queries
should be excluded from incremental scans because they are too slow
and/or produce too many results.

The three queries tagged here rely on global data-flow analysis to find
all XSS sinks. All other metric and diagnostic queries are fast enough
for incrementality.
 2025-04-02 14:19:45 -07:00
Jami Cogswell
1a2c34dd28 Java: update qhelp implementation notes for clarity 2025-04-01 16:24:13 -04:00
Jami
c4b8396333 fix typo in query description 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-04-01 15:52:57 -04:00
github-actions[bot]
10205cb990 Post-release preparation for codeql-cli-2.21.0 2025-04-01 11:30:43 +00:00
Jami Cogswell
416643ce39 Java: update qhelp recommendation and example 2025-03-31 21:09:21 -04:00
github-actions[bot]
84f6564cc0 Release preparation for version 2.21.0 2025-03-31 17:35:15 +00:00
Jami
e458aca806 Merge branch 'main' into jcogs33/java/junit5-missing-nested-annotation 2025-03-27 21:31:09 -04:00
Jami Cogswell
92cdddf604 Java: resolve filename conflict 2025-03-27 21:29:20 -04:00
Jami Cogswell
caf21a8202 Java: update qhelp and add 'performace' tag 2025-03-27 20:20:48 -04:00
Jami Cogswell
3631df03c7 Java: add to code-quality suite 2025-03-27 19:38:10 -04:00
Jami Cogswell
ed22a16f32 Java: exclude overloads of finalize 2025-03-27 19:35:46 -04:00
Jami Cogswell
f73eda0c38 Java: add previous-id and change 'use' to 'call' 2025-03-27 19:35:44 -04:00
Jami Cogswell
2e25498143 Java: add change note 2025-03-27 19:35:42 -04:00
Jami Cogswell
44445dbeb8 Java: minor refactor 2025-03-27 19:35:41 -04:00
Jami Cogswell
dd57d1aec6 Java: add quality tag 2025-03-27 19:35:39 -04:00
Jami Cogswell
9a6e241f54 Java: update to only find 'finalize' calls and add 'super.finalize' exclusion 2025-03-27 19:35:34 -04:00
Jami Cogswell
56ea9b6523 Java: move original files 2025-03-27 19:35:32 -04:00
Tamas Vajk
34e8318797 Rename the CCR query suite to code-quality 2025-03-27 08:36:53 +01:00
Tamás Vajk
b21968c495 Merge pull request #18947 from tamasvajk/tamasvajk/java_empty_method 
Java: Add new quality query to detect empty methods
 2025-03-26 09:33:47 +01:00
Jami
e169c21f8b Apply suggestions from docs review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-03-25 07:19:39 -04:00
Jami Cogswell
b9bf192c09 Java: previous-id property instead of tag, see #19097 2025-03-24 14:37:05 -04:00
Tamás Vajk
a5fd2e923a Improve query documentation 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-03-24 11:03:43 +01:00
Jami Cogswell
0f002624d6 Java: remove mention of abstract classes from qhelp 2025-03-23 19:51:37 -04:00
Jami Cogswell
dca4c58b29 Java: add to ccr/quality suite 2025-03-23 19:51:35 -04:00
Jami Cogswell
37092f4411 Java: add 'testability' and 'frameworks/junit' tags 2025-03-23 19:51:26 -04:00
Jami Cogswell
35b647839c Java: include RepeatedTest, ParameterizedTest, TestFactory, and TestTemplate when identifying JUnit 5 test methods 2025-03-23 19:49:55 -04:00
Jami Cogswell
4d7bed6181 Java: exclude anonymous, local, and private classes 2025-03-23 19:49:53 -04:00
Jami Cogswell
3e13f0ed41 Java: remove redundant 'non-static' wording and update qhelp 2025-03-23 19:49:41 -04:00
Jami Cogswell
640096c822 Java: change note 2025-03-23 19:48:20 -04:00
Jami Cogswell
ed57bc7858 Java: exclude abstract classes 2025-03-23 19:48:18 -04:00