hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

13556 Commits

Author SHA1 Message Date
Kasper Svendsen
6e92d7e247 Java: Add entity discard predicates 2025-06-24 10:38:06 +02:00
Kasper Svendsen
b6e56f26c7 Java: Add manual overlay annotations 2025-06-24 10:38:05 +02:00
Kasper Svendsen
81b677a2d9 rename overlay[caller] to overlay[caller?] 2025-06-24 10:25:07 +02:00
Kasper Svendsen
c207cfdeb7 Overlay: Add overlay annotations to Java & shared libraries 2025-06-24 10:25:06 +02:00
Tamas Vajk
60e726bdf2 Java: Add java/javautilconcurrentscheduledthreadpoolexecutor query for zero thread pool size 2025-06-23 12:52:45 +02:00
Michael Nebel
a17078b6be Java: Remove java/deprecated-call from the Code Quality suite. 2025-06-23 11:14:02 +02:00
Owen Mansel-Chan
cdd6245b98 Merge pull request #19799 from owen-mc/java/quality-tags 
Java: Tag quality queries with `quality` and sub-category
 2025-06-19 16:43:02 +01:00
Nora Dimitrijević
f577c08f4d Merge pull request #19795 from d10c/d10c/java/diff-informed-2 
Java: mass enable diff-informed data flow + `none()` overrides
 2025-06-19 13:48:53 +02:00
Owen Mansel-Chan
7a50298492 Update query suite test expectation 2025-06-18 16:47:42 +01:00
Owen Mansel-Chan
b8a694c9fe Address review comments 2025-06-18 16:43:40 +01:00
Owen Mansel-Chan
d3eb4f8eb6 Remove query with hard-coded threshold 2025-06-18 16:43:33 +01:00
Owen Mansel-Chan
9cfa6fe59c Update expected quality queries 2025-06-18 16:43:32 +01:00
Owen Mansel-Chan
72a6280482 Add change note 2025-06-18 16:43:30 +01:00
Owen Mansel-Chan
97dceb3a1c Tag with quality and sub-category 2025-06-18 16:43:29 +01:00
Nicolas Will
16c6411cf2 Merge pull request #19705 from bdrodes/pawel_signatures_conversion 
Quantum: Add OpenSSL signature models
 2025-06-18 15:32:15 +02:00
Chris Smowton
4a14d3581b Merge pull request #19496 from smowton/smowton/admin/cleanup-kotlin-versions 
Kotlin: clean up alternate-version code now that v1.5.x support is dropped
 2025-06-18 13:51:16 +01:00
Tamas Vajk
e6a9ff08a3 Adjust query-suite integration test expected files 2025-06-18 13:10:34 +02:00
Tamas Vajk
40274dcd69 Add code-quality-extended query suites 2025-06-18 13:10:34 +02:00
Nora Dimitrijević
aa5dd7bb4e Java: mass enable diff-informed data flow + none() overrides 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on github#18346 and github/codeql-patch#88
 2025-06-17 14:05:36 +02:00
REDMOND\brodes
2b6a8321fd Crypto: Update JCA model to account for Model.qll changes. 2025-06-16 12:53:48 -04:00
Anders Schack-Mulligen
8838104d6a Merge pull request #19733 from aschackmull/java/assert-cfg 
Java: Update the CFG for assert statements to make them proper guards.
 2025-06-13 14:52:57 +02:00
Anders Schack-Mulligen
6131c680f6 Update java/ql/lib/semmle/code/java/ControlFlowGraph.qll 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2025-06-13 14:07:46 +02:00
Owen Mansel-Chan
538a5af1d1 Merge pull request #19738 from owen-mc/pr/felickz/19530 
Set CWE-134 from 9.3 to 7.3 CVSS score for memory safe languages (#2)
 2025-06-12 10:27:28 +01:00
Anders Schack-Mulligen
d0d47808e9 Java: Add change note. 2025-06-12 11:03:49 +02:00
Ana Scolari
a07ce30d30 Update java-code-scanning.qls.expected 
removing line once this query precision is changed to Medium
 2025-06-11 15:27:20 -07:00
Chad Bentz
0135cf661f Attempt to edit swift change notes for CI failure 2025-06-11 21:49:26 +01:00
Ana Scolari
b84f9d6c3c Update java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-06-11 08:55:45 -07:00
Ana Scolari
f915984b01 Update java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-06-11 08:55:34 -07:00
Anders Schack-Mulligen
f27e310ba3 Java: Adjust references. 2025-06-11 15:53:02 +02:00
Anders Schack-Mulligen
b3bb71f2e2 Java: Update the CFG for assert statements to make them proper guards. 2025-06-11 15:38:29 +02:00
Ana Scolari
510bbac0e4 Create 2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md 2025-06-10 16:17:32 -07:00
Ana Scolari
857b51be58 Update ExecUnescaped.ql - causing FPs with hard coded strings 
This query is generating False positives with hard coded strings declared within the function - issue reported by customer. We had a discussion on code_scanning channel on 6/5/25 and the team agreed upon reducing its precision to Medium.
 2025-06-10 16:06:22 -07:00
Lindsay Simpkins
f96a250ffc fix qhelp files 2025-06-09 18:37:16 -04:00
github-actions[bot]
21463a9653 Post-release preparation for codeql-cli-2.22.0 2025-06-09 18:50:20 +00:00
github-actions[bot]
88ba02edf8 Release preparation for version 2.22.0 2025-06-09 18:14:51 +00:00
Chad Bentz
371a50e6c4 Merge branch 'main' into cwe-134 2025-06-09 11:22:40 -04:00
Chuan-kai Lin
631502e129 Merge branch 'main' into cklin/rc-3.18-mergeback 2025-06-09 07:19:40 -07:00
Chad Bentz
53a6133e6f Add change-notes for csharp/java/swift 2025-06-06 12:23:59 -04:00
Chad Bentz
77e49f1f90 Merge branch 'main' into cwe-134 2025-06-06 11:16:10 -04:00
Nicolas Will
5a822462ad Merge branch 'main' into openssl_keyagreement_instances_and_consumers 2025-06-02 16:54:22 +02:00
REDMOND\brodes
f5d24c5a7b Crypto: Fix UnknownKeyAgreementType to OthernKeyAgreementType for JCA. 2025-06-02 10:11:53 -04:00
github-actions[bot]
d2c6875eac Post-release preparation for codeql-cli-2.21.4 2025-05-27 18:16:21 +00:00
github-actions[bot]
bfb91e95e3 Release preparation for version 2.21.4 2025-05-27 17:22:05 +00:00
Anders Schack-Mulligen
62000319fe Rangeanalysis: Simplify Guards integration. 2025-05-23 13:39:53 +02:00
Anders Schack-Mulligen
1d30103559 SSA: Distinguish between has and controls branch edge. 2025-05-23 09:56:22 +02:00
Owen Mansel-Chan
663c83d8c6 Merge pull request #19556 from owen-mc/java/pr/19512 
Java: Fix SpringRequestMappingMethod URL Extraction #2
 2025-05-22 15:08:31 +01:00
Owen Mansel-Chan
79453cc103 Add test showing correct usage 2025-05-22 14:30:32 +01:00
Owen Mansel-Chan
476ada13db Improve QLDoc for SpringRequestMappingMethod.getAValue 2025-05-22 14:22:28 +01:00
Owen Mansel-Chan
45475c5c1d Add change note 2025-05-22 12:29:31 +01:00
Owen Mansel-Chan
59d4f039d8 Deprecate SpringRequestMappingMethod.getValue (which didn't work) 2025-05-22 12:29:29 +01:00