hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

5752 Commits

Author SHA1 Message Date
github-actions[bot]
c04457e9e7 Release preparation for version 2.15.4 2023-12-06 21:11:50 +00:00
Tony Torralba
649dc9d1d4 Merge pull request #14993 from github/shati-patel/fix-cwe-tags 
Update inconsistent CWE tags
 2023-12-04 14:30:32 +01:00
Shati Patel
6284781a9b Update inconsistent CWE tags 
Most tags use the "external/cwe/cwe-xxx" format, except for these few queries. Updating them for consistency.
 2023-12-04 11:52:31 +00:00
Chris Smowton
ad713a7a93 Java: report any extracted file as successfully extracted 2023-12-01 22:35:00 +00:00
Chris Smowton
bbc0f29f16 Restrict getCheckedType to unrestricted records, introduce getSyntacticCheckedType and use that where appropriate 2023-11-30 11:24:05 +00:00
Chris Smowton
d2ff1baff0 Replace getDefaultOrNullDefaultCase with getDefaultCase 2023-11-30 11:24:03 +00:00
Chris Smowton
88d9caff8c Unused local query: exclude mandatory declarations 2023-11-30 11:24:02 +00:00
Chris Smowton
91774099fa Write-only container query: account for implicitly-initialised variables 2023-11-30 11:24:01 +00:00
Chris Smowton
bb6e04456a Boxed variable query: account for implicit-init variables 2023-11-30 11:24:01 +00:00
Chris Smowton
9035ba1f30 Fix isImplicitInit; use it in empty-container query 2023-11-30 11:24:01 +00:00
Chris Smowton
54a89d6fef Handle 'case null, default:' 2023-11-30 11:23:59 +00:00
Chris Smowton
9a450b09be Account for pattern-cases in more places 2023-11-30 11:23:59 +00:00
masterofnow
57d897d40f Merge branch 'main' into LoadClassNoSignatureCheck 2023-11-30 10:05:00 +08:00
amammad
97eb7b7b72 update example to include more logical vulnerable pattern, add documentations for ql classes 2023-11-22 09:27:55 +01:00
Arthur Baars
db180d9872 Merge pull request #14823 from github/post-release-prep/codeql-cli-2.15.3 
Post-release preparation for codeql-cli-2.15.3
 2023-11-19 12:13:42 +01:00
masterofnow
2952d8f65a Updated query to cover broader detection. 2023-11-18 18:52:47 +08:00
github-actions[bot]
bad499e360 Post-release preparation for codeql-cli-2.15.3 2023-11-17 14:35:41 +00:00
Max Schaefer
ca334021ad Merge pull request #14793 from github/max-schaefer/tainted-path-qhelp 
Java: Improve QHelp for `java/path-injection` to mention less disruptive fixes.
 2023-11-16 14:09:55 +00:00
github-actions[bot]
6ec9b95072 Release preparation for version 2.15.3 2023-11-16 13:07:16 +00:00
Max Schaefer
a5e7ef424e Revert "Add additional example." 
This reverts commit 947b094387.
 2023-11-16 11:54:16 +00:00
Max Schaefer
143e1680bd Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-11-16 11:42:35 +00:00
Max Schaefer
947b094387 Add additional example. 2023-11-16 10:06:19 +00:00
Max Schaefer
009d58034f Address suggestions from review. 2023-11-16 10:05:54 +00:00
Max Schaefer
a46a7fadb2 Java: Improve QHelp for java/path-injection to mention less disruptive fixes. 2023-11-15 11:25:13 +00:00
masterofnow
532f6a5b0c Removed @kind path-problem in comment. Added text message in select. 2023-11-13 08:27:07 +08:00
masterofnow
20592352d0 Updated text in LoadClassNoSignatureCheck.qhelp 2023-11-12 20:48:49 +08:00
masterofnow
fd66f47d82 Added LoadClassNoSignatureCheck.ql 2023-11-12 20:27:49 +08:00
Tony Torralba
5442cdb49c Merge pull request #14610 from atorralba/atorralba/java/jms-deserialization 
Java: Add JMS sink to java/unsafe-deserialization
 2023-11-08 09:10:20 +01:00
Geoffrey White
e8a466a02c Update dead link. 2023-11-07 09:26:07 +00:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Tony Torralba
7af3d239ab Java: Add JMS sink to java/unsafe-deserialization 2023-10-26 16:46:19 +02:00
Chris Smowton
06238dd5f6 Improve reflective class names 2023-10-24 13:29:32 +01:00
Chris Smowton
e8c9708282 Autoformat 2023-10-24 11:06:19 +01:00
Chris Smowton
ac38d4c9c6 Mass rename L/RValue -> VarWrite/Read 2023-10-24 10:58:29 +01:00
Chris Smowton
59a49eef0b Add aliases for public, importable renamed classes and predicates. 
Also rename and aliases a couple of uses of Access noted along the way.
 2023-10-24 10:54:35 +01:00
Chris Smowton
f552a15aae Mass-rename MethodAccess -> MethodCall 2023-10-24 10:30:26 +01:00
Ian Lynagh
b89088737a Merge pull request #14551 from igfoo/igfoo/loc 
Java/Kotlin: Reshuffle our LoC queries
 2023-10-23 11:50:03 +01:00
Ian Lynagh
26634a3266 Java/Kotlin: Add a changenote for the lines-of-code changes 2023-10-20 13:04:39 +01:00
Ian Lynagh
d816035da6 Java/Kotlin: Tweak LoC message 2023-10-20 13:02:11 +01:00
Ian Lynagh
13a9e83e6a Java/Kotlin: Reshuffle our LoC queries 
There's now a single lines-of-code query that gives the total number of
lines of code over both languages.

Per-language LoC queries are now just summaries.
 2023-10-20 12:43:41 +01:00
Dave Bartolomeo
712f7758cf Merge branch 'main' into post-release-prep/codeql-cli-2.15.1 2023-10-19 12:14:07 -04:00
Tony Torralba
da44b13fd4 Merge pull request #14515 from atorralba/atorralba/java/spring-csrf-improv 
Java: Improve java/spring-disabled-csrf-protection
 2023-10-18 17:49:10 +02:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Tony Torralba
d08ee76b16 Java: Improve java/spring-disabled-csrf-protection 2023-10-16 16:01:14 +02:00
Tony Torralba
ae8e237f2c Merge pull request #14494 from atorralba/atorralba/remove-library 
Java/C/C#: Remove library annotations
 2023-10-16 09:01:40 +02:00
Owen Mansel-Chan
53561008a1 Merge pull request #14445 from owen-mc/go/automated-mad-coverage-report 
Go: automated mad coverage report
 2023-10-15 21:49:47 +01:00
amammad
7fcf39277d modularize 2023-10-14 12:04:25 +02:00
Tony Torralba
0cea3f8531 Remove library annotations 2023-10-13 12:46:56 +02:00