3117 Commits

Author	SHA1	Message	Date
Anders Schack-Mulligen	0c74f21107	Merge pull request #19044 from aschackmull/ssa/useuse-trim ... Ssa: Trim the use-use relation to skip irrelevant nodes	2025-03-28 11:55:34 +01:00
Jami	e458aca806	Merge branch 'main' into jcogs33/java/junit5-missing-nested-annotation	2025-03-27 21:31:09 -04:00
Anders Schack-Mulligen	d5d0274ce7	Java/SSA: Keep proper distinction between cached stages.	2025-03-25 13:43:55 +01:00
Anders Schack-Mulligen	7c82f51381	Java: Skip SSA definition nodes in data flow.	2025-03-25 12:31:01 +01:00
Anders Schack-Mulligen	dc0ca1ac18	Java: Fix TC magic in SystemProperty.	2025-03-24 13:31:23 +01:00
Jami Cogswell	35b647839c	Java: include RepeatedTest, ParameterizedTest, TestFactory, and TestTemplate when identifying JUnit 5 test methods	2025-03-23 19:49:55 -04:00
Jami Cogswell	4d7bed6181	Java: exclude anonymous, local, and private classes	2025-03-23 19:49:53 -04:00
Jami Cogswell	f17e7266cf	Java: refactor QL	2025-03-23 19:48:15 -04:00
Anders Schack-Mulligen	3c6db09039	Java: Cache the other compiletimeconstant value predicates	2025-03-21 15:53:26 +01:00
Anders Schack-Mulligen	e75ed5a085	Java: Merge BaseSSA cached stages.	2025-03-21 15:45:50 +01:00
Anders Schack-Mulligen	33135330fd	Java: Merge cached stages for BasicBlocks.	2025-03-21 15:21:25 +01:00
mc	1f76793863	Merge branch 'main' into tamasvajk/java_empty_method	2025-03-21 10:01:10 +00:00
Tamás Vajk	246c8276e0	Update java/ql/lib/semmle/code/java/UnitTests.qll ... Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>	2025-03-20 09:22:13 +01:00
Jami	2750d1d889	Merge pull request #18646 from jcogs33/jcogs33/java/directory-chars-path-sanitizer ... Java: path sanitizer for `replace`, `replaceAll`, and `matches`	2025-03-18 13:26:01 -04:00
Jami Cogswell	0d2e9ae469	Java: fix 'matches' false branch	2025-03-17 18:48:44 -04:00
Jami Cogswell	49d37c517d	Java: fix replacement char check and add tests	2025-03-17 16:02:13 -04:00
Jami Cogswell	3083360032	Java: remove 'complementary' from qldocs	2025-03-17 15:24:31 -04:00
Jami Cogswell	b9f642f4aa	Java: condense '.' matching	2025-03-17 15:20:14 -04:00
Jami Cogswell	9d6a10b601	Java: rename 'isSingleReplaceAll' and 'isDoubleReplaceOrReplaceAll'	2025-03-17 15:07:10 -04:00
Tamas Vajk	9662b47464	Move likely test method logic to library	2025-03-14 11:36:15 +01:00
Jami	ea9b0462bf	Merge pull request #18793 from jcogs33/jcogs33/java/spring-boot-actuators-promo ... Java: Promote Spring Boot Actuators query from experimental	2025-03-11 14:42:14 -04:00
Jami Cogswell	76433a31f7	Java: generalize sanitizer and add tests	2025-03-10 18:56:01 -04:00
Jami Cogswell	ab3690f666	Java: initial sanitizer	2025-03-10 18:55:56 -04:00
Anders Schack-Mulligen	d075466958	Merge pull request #18941 from aschackmull/ssa/refactor4 ... Ssa: Extend consistency checks and reduce phi read nodes	2025-03-07 15:18:02 +01:00
Anders Schack-Mulligen	3508ca89e6	Java: Restrict SSA reads to the reachable CFG.	2025-03-07 11:13:53 +01:00
Anders Schack-Mulligen	da579c27fc	Merge pull request #18934 from aschackmull/ssa/refactor5 ... SSA: Replace the Guards interface in the SSA data flow integration.	2025-03-06 15:11:52 +01:00
Lukas Abfalterer	b4c75d832c	Merge branch 'main' into cwe-925	2025-03-05 14:15:07 +01:00
Anders Schack-Mulligen	c6761db2fc	SSA: Replace the Guards interface in the SSA data flow integration.	2025-03-05 13:29:31 +01:00
Lukas Abfalterer	c9b75afc2a	Fix QLL and add change notes with tests	2025-03-05 10:23:35 +01:00
Jami Cogswell	746f022cfa	Java: add 'Spring' prefix to public class names	2025-03-04 10:34:16 -05:00
Anders Schack-Mulligen	9e03b12ba0	C#/Java/Ruby/Rust/SSA: Replace DefinitionExt with SourceVariable in data flow integration predicates.	2025-03-04 12:24:21 +01:00
Alex Eyers-Taylor	5e3ccc0cca	Java: Simplify interpretOutput	2025-02-26 18:20:46 +00:00
Anders Schack-Mulligen	994a8eea39	Merge pull request #18857 from aschackmull/ssa/refactor-df-integr ... Ssa: Refactor the data flow integration module	2025-02-25 15:04:11 +01:00
Anders Schack-Mulligen	2c3b48946d	Merge pull request #18824 from aschackmull/java/basessa ... Java: Switch BaseSSA to use shared SSA lib.	2025-02-25 14:23:46 +01:00
Owen Mansel-Chan	74a249597a	Merge pull request #18607 from owen-mc/java/xss-content-type-sanitizer ... Java: Add XSS Sanitizer for `HttpServletResponse.setContentType` with safe values	2025-02-24 23:39:18 +00:00
Jami Cogswell	6fe7c7a233	Java: some refactoring	2025-02-24 18:33:29 -05:00
Jami Cogswell	9e51b014d2	Java: handle example in Spring docs	2025-02-24 18:27:43 -05:00
Jami Cogswell	b2469ff8ba	Java: add APIs and tests for more recent Spring versions: authorizeHttpRequests, AuthorizeHttpRequestsConfigurer, securityMatcher(s)	2025-02-24 18:26:02 -05:00
Jami Cogswell	8dfb920e05	Java: refactor QL, move code to libraries	2025-02-24 18:24:48 -05:00
Jami Cogswell	8064e8f1f9	Java: convert tests to inline expectations	2025-02-24 18:24:26 -05:00
Anders Schack-Mulligen	db7ec4a781	Java: Remove getDefinitionExt reference	2025-02-24 13:50:08 +01:00
Anders Schack-Mulligen	6932e000c6	Java: Switch BaseSSA to use shared SSA lib.	2025-02-21 08:57:23 +01:00
Anders Schack-Mulligen	1c616d10d4	Merge pull request #18819 from aschackmull/ssa/refactor-phiread3 ... Ssa: Refactor shared SSA in preparation for eliminating phi-read definitions	2025-02-21 08:56:38 +01:00
Anders Schack-Mulligen	5379506464	Java: Use firstUse and adjacentUseUse predicates.	2025-02-19 16:17:22 +01:00
Anders Schack-Mulligen	194afbb7f8	Java: Simplify SSA for variable capture.	2025-02-18 14:01:20 +01:00
Jami	d94dc5aa40	Merge pull request #18504 from jcogs33/jcogs33/java/file-constructor-path-sanitizer ... Java: `File` constructor path sanitizer	2025-02-18 08:00:32 -05:00
Jami Cogswell	9bb5fe837d	Java: address review comments	2025-02-17 15:47:45 -05:00
Jami Cogswell	2bb6a3914b	Java: update tests	2025-02-14 15:16:08 -05:00
Jami Cogswell	c0ebeb9c7b	Java: use AdditionalTaintStep	2025-02-14 13:52:43 -05:00
Jami	2a8cc00284	Merge pull request #18288 from jcogs33/jcogs33/csrf-unprotected-request-type ... Java: add CSRF query	2025-02-11 15:32:56 -05:00