hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

4181 Commits

Author SHA1 Message Date
Tony Torralba
5db8306fef Stop considering usernames sensitive info 
Require variables to be static to be considered constants
 2022-05-12 11:46:52 +02:00
Chris Smowton
85dc1090fe Merge pull request #9116 from smowton/smowton/feature/accept-conditional-cookie-security 
Java: tolerate `cookie.setSecure(request.isSecure())`
 2022-05-11 21:29:14 +01:00
Ian Lynagh
cfde0a1491 Merge pull request #9109 from igfoo/igfoo/kotlin_merge 
Initial Kotlin support
 2022-05-11 16:16:22 +01:00
Tony Torralba
5be30209c1 Merge pull request #9036 from luchua-bc/java/hardcoded-jwt-key 
Java: CWE-321 Query to detect hardcoded JWT secret keys
 2022-05-11 16:31:34 +02:00
Ian Lynagh
c0a755e061 Merge remote-tracking branch 'upstream/main' into igfoo/kotlin_merge 
Resolving conflicts:
	java/ql/lib/semmle/code/java/Expr.qll
 2022-05-11 14:13:09 +01:00
Anders Schack-Mulligen
9a4d86e9b4 Merge pull request #8571 from Marcono1234/marcono1234/statement-expression 
Java: Add `ValueDiscardingExpr`
 2022-05-11 13:37:24 +02:00
Chris Smowton
c17ef42cc7 Insecure cookie query: accept ServletRequest.isSecure(), and allow more than one possible input to a setSecure(...) call. 2022-05-11 11:59:37 +01:00
Anders Schack-Mulligen
25336df302 Merge pull request #8873 from atorralba/atorralba/android-startactivity-flowstep 
Java: Add flow step from startActivity to getIntent
 2022-05-11 11:08:08 +02:00
Tony Torralba
43b425d0e4 Merge pull request #9002 from atorralba/atorralba/https-urls-improvs 
Java: Add OkHttp and Retrofit models
 2022-05-11 10:48:08 +02:00
Tamas Vajk
4f256d2958 Change LambdaExpr::asMethod to return the big-arity invoke instead of the wrapper 2022-05-10 19:51:31 +01:00
Ian Lynagh
e0053cd471 Kotlin: qlformat a query 2022-05-10 19:51:30 +01:00
Tamas Vajk
749d606f84 Fix expected file of useless null check test 2022-05-10 19:51:30 +01:00
Tamas Vajk
3af8273620 Modify extraction of &&/|| to resugar it from when expression 2022-05-10 19:51:30 +01:00
Tamas Vajk
d33224a058 Add test case for missing CFG successor 2022-05-10 19:51:30 +01:00
Tamas Vajk
b66a3141f6 Extract functions using their name from JvmName annotation 2022-05-10 19:51:30 +01:00
Tamas Vajk
a24753f552 Extract final modifier on local variables 2022-05-10 19:51:30 +01:00
Tamas Vajk
4efb87a7dd Extract enum entry initializers 2022-05-10 19:51:30 +01:00
Tamas Vajk
fc5229a0a5 Extract type access expression for static field access in initializer 2022-05-10 19:51:29 +01:00
Tamas Vajk
c6a75957e9 Fix expected files, fix type access extraction of file level static declarations 2022-05-10 19:51:29 +01:00
Tamas Vajk
1e529b2563 Add missing type access expression for static field accesses 2022-05-10 19:51:29 +01:00
Tamas Vajk
246f228a3b Add static field access test 2022-05-10 19:51:29 +01:00
Tamas Vajk
f43296a157 Extract type access for enum value access 2022-05-10 19:51:29 +01:00
Tamas Vajk
b5c8d29e40 Extract enum field declarations 2022-05-10 19:51:29 +01:00
Tamas Vajk
d6cbcdc847 Extract type access expression for parameter types 2022-05-10 19:51:29 +01:00
Tamas Vajk
f557719fe5 Extract type access expression for function return types 2022-05-10 19:51:29 +01:00
Tamas Vajk
dcac285a99 Add type access tests 2022-05-10 19:51:29 +01:00
Chris Smowton
7ef9420bfd Accept test changes 2022-05-10 19:51:29 +01:00
Chris Smowton
11fed0b4f8 Adjust test expectations 2022-05-10 19:51:29 +01:00
Chris Smowton
f3bd89a5cf Adjust test expectations 2022-05-10 19:51:29 +01:00
Chris Smowton
a317dc4246 Extract field initializers 2022-05-10 19:51:29 +01:00
Chris Smowton
9e8e99f4c3 Add interface-delegate test 2022-05-10 19:51:28 +01:00
Chris Smowton
62f39d7a22 Add test expectation 2022-05-10 19:51:28 +01:00
Chris Smowton
bfe3722018 Extract synthetic coroutine classes 2022-05-10 19:51:28 +01:00
Ian Lynagh
b35b74779a Revert "Fix CFG construction of ExprStmt and StmtExpr" 
This reverts commit db8d718cdbf0bef9cdf246221a921b99d4b22bea.

It broke ql/java/ql/test/library-tests/successors/TestDeclarations
 2022-05-10 19:51:28 +01:00
Ian Lynagh
d2f6871868 Revert "Fix ExprStmt and StmtExpr in Boolean context" 
This reverts commit 8a42837578e1c4361ed25682312ea5497ad0a12e.
 2022-05-10 19:51:28 +01:00
Tamas Vajk
82b937dedd Add query and script to plot CFG from DB 2022-05-10 19:51:28 +01:00
Tamas Vajk
037d66de15 Fix ExprStmt and StmtExpr in Boolean context 2022-05-10 19:51:28 +01:00
Tamas Vajk
8282e57db5 Fix CFG construction of ExprStmt and StmtExpr 2022-05-10 19:51:28 +01:00
Tamas Vajk
81cb81366b Add test case for CFG issue with && in if condition 2022-05-10 19:51:28 +01:00
Tamas Vajk
953c6fdb7b Fix expected test file 2022-05-10 19:51:28 +01:00
Tamas Vajk
47799ae040 Code quality improvements + add dedicated DeadRefTypes test 2022-05-10 19:51:28 +01:00
Tamas Vajk
cdc7ed0e14 Extract container of adapter function as compiler generated 2022-05-10 19:51:28 +01:00
Tamas Vajk
7f94495601 Add test for adapter function 2022-05-10 19:51:28 +01:00
Tamas Vajk
fc66b73e3b Extract override modifier for lambda and reflection-like constructs 2022-05-10 19:51:28 +01:00
Tamas Vajk
505ccbbcf6 Extract override modifier 2022-05-10 19:51:28 +01:00
Tamas Vajk
92de139805 Add override tests 2022-05-10 19:51:27 +01:00
Tamas Vajk
6ab86a1f46 Fix expected test files after 1.6.20 upgrade 2022-05-10 19:51:27 +01:00
Tamas Vajk
4f3e89dd49 Fix expected test file 2022-05-10 19:51:27 +01:00
Tamas Vajk
a1842f9f17 Remove ExtensionMethodAccess and revert all dataflow changes 2022-05-10 19:51:27 +01:00
Tamas Vajk
95cb0149a3 Fix data flow through ExtensionMethodAccess 2022-05-10 19:51:27 +01:00