hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

13556 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
6a2edce040 Merge pull request #2205 from rneatherway/java/hamcrest-nullness 
Java: Respect Hamcrest assertThat(X, notNullValue())
 2019-11-14 13:09:56 +01:00
Dave Bartolomeo
e89ecc19e3 Merge pull request #2302 from max-schaefer/test-qlpacks 
Add `qlpack.yml` files for test folders.
 2019-11-13 12:21:19 -07:00
yh-semmle
429c307832 Merge pull request #2304 from aschackmull/java/rangeanalysis-integral-fix 
Java: Fix range analysis bug in integral inequality bounds.
 2019-11-12 16:33:12 -05:00
Anders Schack-Mulligen
7619275c8b Java: Fix range analysis bug in integral inequality bounds. 2019-11-12 17:28:40 +01:00
Anders Schack-Mulligen
8cd6b51763 Java: Add ConditionalExpr to overflow candidate pattern. 2019-11-12 17:27:18 +01:00
Max Schaefer
5b2e32b051 Add qlpack.yml files for test folders. 2019-11-12 15:03:02 +00:00
Anders Schack-Mulligen
e6d0a2eca5 Merge pull request #2215 from yh-semmle/java-remove-obsolete-queries 
Java: remove some obsolete metric queries
 2019-11-12 10:14:55 +01:00
Anders Schack-Mulligen
b0fecbce28 Merge pull request #2230 from yh-semmle/java-move-cwe502-lib 
Java: move `UnsafeDeserialization.qll` to standard library location
 2019-11-11 10:44:52 +01:00
Sauyon Lee
0040c9fb4c Update links to OWASP cheat sheet 2019-11-06 20:21:47 -08:00
Robin Neatherway
7850d67a78 Remove TODO comment 
I've checked Hamcrest versions 1.3, 2.0, 2.1 and 2.2
 2019-11-06 17:47:02 +00:00
yh-semmle
e232f538e9 Java 13: update test options 2019-11-02 16:09:32 -04:00
yh-semmle
e8a65101bc Java 13: add db stats for @yieldstmt 2019-11-02 16:09:32 -04:00
yh-semmle
de0869c216 Java 13: remove superfluous disjunct in JumpStmt.getAPotentialTarget() 2019-11-02 16:09:31 -04:00
yh-semmle
8fb4dbe092 Java 13: account for changes to switch expressions 2019-11-02 16:09:31 -04:00
yh-semmle
9f37237b4a Java 13: add stmt kind @yieldstmt to dbscheme 2019-11-02 16:09:31 -04:00
Robin Neatherway
d3016e5b98 Run autoformatter 2019-10-31 11:21:57 +00:00
yh-semmle
8620b0513e Java: move UnsafeDeserialization.qll to standard library location 2019-10-30 11:18:36 -04:00
Robin Neatherway
96f9a01355 Correct minor compilation errors in test code 2019-10-29 17:52:13 +00:00
Robin Neatherway
84202ff2e1 Java: Respect Hamcrest assertThat(X, notNullValue()) 2019-10-29 17:52:13 +00:00
Anders Schack-Mulligen
d0842fc35d Java/C++/C#: Minor refactor following review comment. 2019-10-28 16:31:22 +01:00
Anders Schack-Mulligen
0ffcf9ce64 Merge pull request #2192 from JLLeitschuh/feature/JLL/http_response_splitting_netty 
Add CWE-113 check for io.netty.handler.codec.http.DefaultHttpHeaders
 2019-10-28 15:01:20 +01:00
Anders Schack-Mulligen
379ef1d2f9 Java: Fix bad magic and join-order. 2019-10-28 10:40:06 +01:00
Jonathan Leitschuh
934eed97df Apply suggestions from code review for netty DefaultHttpHeaders 
Co-Authored-By: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2019-10-25 12:30:16 -04:00
yh-semmle
80fd5b2ada Merge pull request #2175 from aschackmull/java/continue-in-false-loop 
Java: Port C++ query cpp/continue-in-false-loop to Java.
 2019-10-24 20:47:59 -04:00
Jonathan Leitschuh
dcbd6e0a11 Add CWE-113 check for io.netty.handler.codec.http.DefaultHttpHeaders 
Closes #2185
 2019-10-24 10:27:40 -04:00
Anders Schack-Mulligen
fe2988ab39 Merge pull request #2152 from yh-semmle/java-alert-suppression-annotations 
Java: support LGTM alert suppression using `@SuppressWarnings` annotations
 2019-10-24 15:04:29 +02:00
Anders Schack-Mulligen
3462624995 Java: Add test. 2019-10-23 16:24:26 +02:00
Henning Makholm
347d97c14c qlpack.json is now qlpack.yml 2019-10-22 17:36:35 +02:00
Anders Schack-Mulligen
da57dbc528 Java: Port C++ query cpp/continue-in-false-loop. 2019-10-22 17:07:57 +02:00
Henning Makholm
fd768a1af6 Add some new-style suite definitions 2019-10-22 15:51:00 +02:00
Anders Schack-Mulligen
c37195b226 Java/C++/C#: Sync. 2019-10-22 11:42:35 +02:00
Anders Schack-Mulligen
2ffbb2ecd6 Java: Refactor dataflow to simplify return flow. 2019-10-22 11:42:35 +02:00
yh-semmle
28720679ad Java: remove some obsolete metric queries 2019-10-19 20:55:46 -04:00
yh-semmle
afcde14403 Merge pull request #2085 from aschackmull/java/overflow-check-fp 
Java: Add another overflow check pattern to UselessComparisonTest.
 2019-10-18 11:01:24 -04:00
yh-semmle
155d14a185 Java: simplify Extents.qll 2019-10-18 09:46:00 -04:00
yh-semmle
4348241f72 Java: simplify java/alert-suppression-annotations 2019-10-18 09:45:49 -04:00
Anders Schack-Mulligen
27b8a46dac Java: Exclude loop conditions from overflow check heuristic. 2019-10-18 11:58:46 +02:00
yh-semmle
1d415b3680 Java: enable java/alert-suppression-annotations in LGTM suite 2019-10-17 22:09:04 -04:00
yh-semmle
ee2c97f147 Java: add extra test for java/alert-suppression-annotations 2019-10-17 22:09:04 -04:00
yh-semmle
62521dca32 Java: account for multiple strings in java/alert-suppression-annotations 2019-10-17 22:09:04 -04:00
yh-semmle
f3a980deb6 Java: clarify predicate name in java/alert-suppression-annotations 2019-10-17 22:09:03 -04:00
yh-semmle
d165ce95f2 Java: tidy QLDoc in Extents.qll 2019-10-17 22:09:03 -04:00
yh-semmle
e3f828c588 Java: refine ranges in java/alert-suppression-annotations 2019-10-17 22:09:03 -04:00
yh-semmle
b2bc8382b0 Java: add alert-suppression query for @SuppressWarnings("lgtm[...]") 2019-10-17 22:09:02 -04:00
Pavel Avgustinov
7fa6c54731 Merge pull request #2119 from hmakholm/pr/qlpacks 
Add qlpack.json files
 2019-10-16 14:27:10 +01:00
yh-semmle
5aced3e432 Merge pull request #2128 from AlexTereshenkov/move-qll-java 
Move qll file to support import from custom QL queries
 2019-10-15 11:39:10 -04:00
Anders Schack-Mulligen
309961d493 Merge pull request #2118 from yh-semmle/java-non-sync-override 
Java: restrict `java/non-sync-override` to immediate overrides
 2019-10-15 16:40:00 +02:00
alexey
715f1ddaca Move qll file to support import from custom QL queries 2019-10-15 14:55:09 +01:00
Tom Hvitved
cae7f9d805 Merge pull request #2099 from aschackmull/java/callcontext-bool-pruning 
Java: Data-flow pruning based on call contexts.
 2019-10-15 09:36:36 +02:00
Anders Schack-Mulligen
2be5c38615 Java: Address comments. 2019-10-14 14:59:14 +02:00