hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

13513 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
80a799df01 Merge pull request #13735 from aschackmull/dataflow/forcehighprecision-fix 
Dataflow: Fix forceHighPrecision for length-2 prefixes.
 2023-07-14 11:42:35 +02:00
github-actions[bot]
b675a1e2fe Add changed framework coverage reports 2023-07-14 00:19:14 +00:00
Tony Torralba
cafc67e3be Merge pull request #13714 from pwntester/java/langs3_improvements 
[Java] Add missing commons lang3 model for ToStringBuilder.reflectionToString
 2023-07-13 14:45:33 +02:00
Anders Schack-Mulligen
a0e96594d8 Merge pull request #13736 from aschackmull/dataflow/remove-superfluous-module-members 
C#/Java/Ruby: Remove superfluous module members.
 2023-07-13 13:59:31 +02:00
Anders Schack-Mulligen
91de43f918 C#/Java/Ruby: Remove superfluous module members. 2023-07-13 11:38:35 +02:00
Stephan Brandauer
4391799b7e Merge pull request #13403 from github/java/update-mad-decls-after-triage-2023-06-08T08-51-47 
Java: Update MaD Declarations after Triage
 2023-07-13 11:15:41 +02:00
Anders Schack-Mulligen
58cd16565f Dataflow: Fix forceHighPrecision for length-2 prefixes. 2023-07-13 10:55:39 +02:00
Anders Schack-Mulligen
d46b2a32ae Dataflow: Improve debug printing. 2023-07-13 10:55:39 +02:00
Tony Torralba
7204c30025 Update 2023-07-12-apache-commons-lang3-tostringbuilder.md 2023-07-13 09:38:33 +02:00
Ed Minnix
63299688d5 Add change notes for default implementations of isBarrier and isAdditionalFlowStep 2023-07-12 15:21:16 -04:00
Ed Minnix
1cd8922ab5 Java: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:24 -04:00
Ed Minnix
1835b40f7b Java: Add default impl to StateConfigSig::isBarrier/2 2023-07-12 15:06:24 -04:00
Ian Lynagh
fe24cc1900 Merge pull request #13718 from igfoo/igfoo/file_classes 
Kotlin: Improve file class support
 2023-07-12 15:42:16 +01:00
Taus
49194a2af7 Java: Limit the number of samples extracted in application mode 
Uses the same trick as for the negative examples, this time with a limit of 7
candidates for each endpoint signature.

As this duplicates some of the logic used in another query, it may be worthwhile
to consider extracting this into a shared parameterized module.
 2023-07-12 15:13:10 +02:00
Ian Lynagh
af5cd7cf4f Merge pull request #13723 from igfoo/igfoo/kotlin-1.9.0 
Kotlin: Run CI with 1.9.0
 2023-07-12 12:24:04 +01:00
Ian Lynagh
75c835c9d2 Add missing "a" to a qldoc comment 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2023-07-12 11:24:42 +01:00
Alvaro Muñoz
0247278bad add change note 2023-07-12 11:03:24 +02:00
Alvaro Muñoz
07e25e36b3 Merge branch 'java/langs3_improvements' of https://github.com/pwntester/codeql into java/langs3_improvements 2023-07-12 11:00:04 +02:00
Alvaro Muñoz
46e326e106 add change note 2023-07-12 10:59:56 +02:00
Tony Torralba
c54e93f005 Merge pull request #13705 from atorralba/atorralba/java/android-unsafe-fetch-apply 
Java: Add support for Kotlin's `apply` to java/android/unsafe-android-wevbiew-fetch
 2023-07-12 09:45:54 +02:00
Alvaro Muñoz
51f7031416 Update java/ql/lib/ext/org.apache.commons.lang3.builder.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-07-12 09:06:05 +02:00
Ian Lynagh
b83f0275e3 Kotlin: Accept test changes for Kotlin 1.9.0 2023-07-11 17:37:24 +01:00
Ian Lynagh
470e033090 Kotlin: Restrict a test's results to those in the test directory 2023-07-11 17:37:23 +01:00
Ian Lynagh
6dedd9286c Kotlin: Record "file class" info from the compiler 
We were making file classes when the parent was a file, but not when it
was a class marked as one.
 2023-07-11 15:58:42 +01:00
Ian Lynagh
cfd29de677 Kotlin: Add Class.isFileClass() 2023-07-11 15:58:41 +01:00
Ian Lynagh
2162530729 Kotlin: Add an integration test for file classes 2023-07-11 15:58:41 +01:00
Ian Lynagh
a603f21ce1 Kotlin: Use 1.9.0 for CI 2023-07-11 14:10:48 +01:00
Ian Lynagh
c21797dd3c Kotlin: Add a test for file classes 2023-07-11 13:21:56 +01:00
Alvaro Muñoz
e8563e5dfd fix row 2023-07-11 10:47:23 +02:00
Mathias Vorreiter Pedersen
a4c0063ab1 Merge pull request #13679 from MathiasVP/speedup-big-step 
DataFlow: Speed up the big step relation
 2023-07-11 09:44:17 +01:00
Alvaro Muñoz
c2f1fbbf98 Add missing commons lang3 model for ToStringBuilder.reflectionToString 2023-07-11 10:34:17 +02:00
Alvaro Muñoz
047d486509 add new struts2 models 2023-07-11 10:23:26 +02:00
github-actions[bot]
7b8cd77cec Add changed framework coverage reports 2023-07-11 00:19:16 +00:00
Tony Torralba
ce600367df Java: Add support for Kotlin's apply to java/android/unsafe-android-webview-fetch 2023-07-10 17:40:16 +02:00
Tony Torralba
16529cdd18 Add failing test 2023-07-10 17:40:15 +02:00
Tony Torralba
b70e21df4f Merge pull request #13702 from atorralba/atorralba/kotlin/apply 
Kotlin: Support apply
 2023-07-10 17:39:57 +02:00
Tony Torralba
0f18c0227b Kotlin: Support apply 2023-07-10 16:15:27 +02:00
github-actions[bot]
13cf054a9d Post-release preparation for codeql-cli-2.14.0 2023-07-07 14:55:41 +00:00
github-actions[bot]
6484ee106e Release preparation for version 2.14.0 2023-07-07 08:22:14 +00:00
Taus
f666260cd8 Java: Add meta query for metrics gathering 
Exposes the same information as the existing queries through two query
predicates instead. This makes the downstream data gathering a bit more
convenient to implement.
 2023-07-06 16:59:15 +02:00
Taus
36c6c7235c Java: Move instance counting logic into utility library 2023-07-06 16:59:15 +02:00
Dave Bartolomeo
9631e9f2f1 Bump minor version numbers post-GHES 2023-07-06 10:10:01 -04:00
Dave Bartolomeo
2bb9adfbf1 Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10 2023-07-06 10:00:46 -04:00
Mathias Vorreiter Pedersen
83d0dec0fb DataFlow: Sync identical files. 2023-07-06 14:00:00 +01:00
Taus
97610d2cac Java: Add query for counting sink model instances 
Also adds a more sensible ordering to the existing queries.
 2023-07-04 14:24:52 +02:00
Michael Nebel
3cde59e409 Merge pull request #13651 from michaelnebel/telemetrytop100 
Java/C#: Reduce the amount of telemetry being produced.
 2023-07-04 08:33:53 +02:00
Michael Nebel
238f390738 Merge pull request #13452 from michaelnebel/refactorstackprinting 
Re-factor printing of summary component stacks.
 2023-07-04 08:29:10 +02:00
Taus
b7e4bd290d Java: Use an IPA type instead of a string 
While the string representation is useful for quickly modifying queries, it's
a bit clunky when the data needs to be further parsed. Instead, the two queries
now select all of the columns of the sinkmodel separately (which makes it easy
to pull them out of the relevant output later on).
 2023-07-03 23:17:55 +02:00
Michael Nebel
243c592447 Address review comments. 2023-07-03 17:01:08 +02:00
Michael Nebel
23a119b8c2 Java/C#: Reduce the amount of telemetry being produced. 2023-07-03 16:54:07 +02:00