hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

4485 Commits

Author SHA1 Message Date
Sebastian Bauersfeld
f651bc3668 Adjust locations of results in JSP files. This is necessary due to known limitations in VSCode which cause locations with zero character indices to be mapped to invalid ranges. This is hopefully a temporary workaround until this problem has been properly addressed. 2021-10-07 12:45:21 +07:00
Chris Smowton
b33daa3d3a Update Intent model tests, and fix models where required 2021-10-06 17:09:47 +01:00
Chris Smowton
4be2347a30 Adapt to use the new shared Intent models 2021-10-06 16:15:18 +01:00
Chris Smowton
91d8b3da23 Sort Intent models 2021-10-06 12:30:40 +01:00
Anders Schack-Mulligen
d0b307ecfb Merge pull request #6103 from atorralba/atorralba/promote-insecure-javamail 
Java: Promote Insecure JavaMail SSL Configuration from experimental
 2021-10-06 09:24:11 +02:00
Chris Smowton
5b13232a9d Merge pull request #6739 from joefarebrother/android-intent-extra 
Java: Model Android Bundle and Intent extras methods
 2021-10-05 15:39:42 +01:00
Anders Schack-Mulligen
9133adac30 Java: Adjust csv validation. 2021-10-05 13:13:28 +02:00
Anders Schack-Mulligen
04892df45a Java: Include stream method overrides. 2021-10-05 13:13:28 +02:00
Anders Schack-Mulligen
af7d633f2f Java: Add Stream::mapMulti* and Stream::toList. 2021-10-05 13:13:28 +02:00
Anders Schack-Mulligen
ef80263106 Java: Add models for java.util.stream. 2021-10-05 13:13:27 +02:00
Anders Schack-Mulligen
5d63a76e25 Merge pull request #6797 from Marcono1234/marcono1234/remove-overwritten-NestedType-isStatic-qldoc 
Java: Remove overwritten `NestedType.isStatic()` QLDoc
 2021-10-05 13:05:53 +02:00
Tony Torralba
a86cbd884e Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-10-05 09:40:22 +02:00
Marcono1234
0bce8234d8 Java: Remove overwritten NestedType.isStatic() QLDoc 
Did not mention nested non-member interfaces and record classes.
The documentation of the overridden `isStatic()` predicate already mentions
that this predicate holds for explicitly and implicitly static elements, so
overwriting it is not necessary and only adds more maintenance work.
 2021-10-04 16:30:57 +02:00
Anders Schack-Mulligen
745ece6e6d Merge pull request #6613 from Marcono1234/marcono1234/literals-test-split 
Java: Split literals tests
 2021-10-04 16:20:08 +02:00
Anders Schack-Mulligen
65a4f36cf8 Merge pull request #6767 from aschackmull/dataflow/callback-postupdate 
Dataflow: Support side-effects for callbacks in summaries.
 2021-10-04 11:13:18 +02:00
Marcono1234
e3fed55945 Java: Add tests for text blocks 2021-10-01 18:16:11 +02:00
Joe Farebrother
5e4498a53a Add more models; fix tests 2021-10-01 16:53:53 +01:00
Marcono1234
924b7320bc Java: Add test for NullLiteral 2021-10-01 17:27:54 +02:00
Anders Schack-Mulligen
6359c44622 Java: Autoformat. 2021-10-01 14:05:47 +02:00
Anders Schack-Mulligen
98f68cb053 Dataflow: Sync. 2021-10-01 13:11:43 +02:00
Anders Schack-Mulligen
d4f1a9602f Dataflow: Force high precision of certain Contents. 2021-10-01 13:03:50 +02:00
Anders Schack-Mulligen
eb26b4a04b Merge pull request #6755 from alexet/alexet/cache-params-string 
Java: Fix more performance issues with future versions of codeql.
 2021-10-01 12:54:53 +02:00
f1v3
168fc4170d Apply suggestions from code review 2021-09-30 14:26:14 +01:00
alexet
447eb23356 Java: Fix for tc magic issue with subtyping. 2021-09-29 16:01:08 +01:00
Joe Farebrother
3ae5f13c3d Generate tests and stubs 2021-09-29 15:44:21 +01:00
Rasmus Wriedt Larsen
987b573709 Fix hasLocationInfo URL reference 
Follow up to https://github.com/github/codeql/pull/5830
 2021-09-29 13:47:58 +02:00
Chris Smowton
413ac4e8f4 Merge pull request #6684 from owen-mc/java/model/apache-collections-subpackages 
Java: model remaining subpackages of Apache Commons Collections
 2021-09-28 12:28:48 +01:00
Anders Schack-Mulligen
e95dc82087 Autoformat. 2021-09-28 13:00:50 +02:00
Tony Torralba
cec6cd0830 Merge pull request #6724 from atorralba/atorralba/android-contentprovider-sources 
Java: Add sources for content providers in Android
 2021-09-28 12:13:54 +02:00
Anders Schack-Mulligen
9a9bbe3123 Dataflow: Support side-effects for callbacks in summaries. 2021-09-28 11:42:38 +02:00
Tony Torralba
46eb27cd01 Don't restrict inputs to be ParameterNodes 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-09-28 11:21:56 +02:00
Anders Schack-Mulligen
fc8b439263 Merge pull request #6740 from aschackmull/java/callback-dispatch 
Java: Add callback dispatch to more anonymous classes.
 2021-09-28 10:49:27 +02:00
Owen Mansel-Chan
342c14887b Fix existing models for MapUtils 2021-09-27 16:24:37 +01:00
Owen Mansel-Chan
f69787afd0 Miscellaneous model fixes 2021-09-27 16:24:30 +01:00
Owen Mansel-Chan
9b12980688 Do not model some protected methods 2021-09-27 16:24:29 +01:00
Owen Mansel-Chan
cb0f82c36e Do not modelled protected static inner classes 2021-09-27 16:24:29 +01:00
Owen Mansel-Chan
3b678bfbc5 Address review comments 2021-09-27 16:24:28 +01:00
Owen Mansel-Chan
e1750adc38 Address problems highlighted by generating tests 2021-09-27 16:24:27 +01:00
Owen Mansel-Chan
fd0fb9483e Model the remaining subpackages in Apache Commons Collections 2021-09-27 16:24:26 +01:00
Owen Mansel-Chan
3d1d491e6b Model java.lang.Object.clone() better for access paths. 
Model value flow for Element, MapKey and MapValue. This assumes
that clone() is a shallow copy.
 2021-09-27 16:24:25 +01:00
Anders Schack-Mulligen
cfa0d46b73 Merge pull request #6097 from atorralba/atorralba/promote-xslt-injection 
Java: Promote XSLT Injection from experimental
 2021-09-27 13:14:57 +02:00
Tony Torralba
d5f675c2dc Fix unbound field 
Add tests for non-exported providers
 2021-09-27 12:58:28 +02:00
Tony Torralba
78c12dc505 Move to lib 2021-09-27 12:04:14 +02:00
Tony Torralba
6967b06dee Decouple XsltInjection.qll to reuse the taint tracking configuration 2021-09-27 11:59:51 +02:00
Tony Torralba
6d9a88d1c8 Move to lib 2021-09-27 11:43:46 +02:00
alexet
49f8f46354 Java: Cache params string computation. 2021-09-24 14:12:26 +01:00
Anders Schack-Mulligen
854f2a046a Java: Add StringLiteral.isTextBlock(). 2021-09-24 13:11:18 +02:00
Tony Torralba
b52a2cd292 Apply code review comments 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-09-23 15:48:15 +02:00
Anders Schack-Mulligen
4841c3037d Java: Add callback dispatch to more anonymous classes. 2021-09-23 14:34:56 +02:00
Joe Farebrother
0919042692 Model Bundle and Intent extra methods 2021-09-23 12:03:45 +01:00