hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

5817 Commits

Author SHA1 Message Date
Michael Nebel
5b89bd23c7 Java: Deprecate the content of SqlTaintedLocalQuery and remove the local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
b68abab12a Java: Deprecate the content of ResponseSplittingLocalQuery and remove local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
d05c5e3d94 Java: Deprecate the content of NumericCastTaintedLocalQuery, remove the local query variant and update the non-local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
301a6cc191 Java: Deprecate the content of ImproperValidationOrArray and remove local query variants. 2024-05-01 13:07:21 +02:00
Michael Nebel
acd0fa4b7b Java: Deprecate the content of ExternallyControlledFormatStringLocalQuery and remove the externally controlled format string local query variant. 2024-05-01 13:07:21 +02:00
Michael Nebel
85a4dd0325 Java: Deprecate the local content of CommandLineQuery and remove the exec tainted local query variant. 2024-05-01 13:07:20 +02:00
Michael Nebel
072f19008a Java: Deprecate the content of ArithmeticTaintedLocalQuery and remove the arithmetic tainted local query variant. 2024-05-01 08:59:51 +02:00
Michael Nebel
93988e5834 Java: Deprecate the content of XxeLocalQuery and remove the Xxe local query variant. 2024-05-01 08:59:50 +02:00
Michael Nebel
e0c2a43780 Java: Deprecate the content of XssLocalQuery and remove the Xss local query variant. 2024-05-01 08:59:50 +02:00
github-actions[bot]
99928b82ed Post-release preparation for codeql-cli-2.17.2 2024-04-30 12:15:35 +00:00
github-actions[bot]
5228d94d42 Release preparation for version 2.17.2 2024-04-30 10:25:51 +00:00
Michael Nebel
9db32f4d26 Java: Identify more APIs as supported in the telemetry queries (as QL defined sinks). 2024-04-26 12:39:46 +02:00
Michael Nebel
acb2bbb2a3 Java: Identify more APIs as supported in the telemetry queries (as QL defined sources). 2024-04-26 12:39:46 +02:00
github-actions[bot]
622e176a16 Post-release preparation for codeql-cli-2.17.1 2024-04-16 14:21:32 +00:00
github-actions[bot]
9bfe4ea90a Release preparation for version 2.17.1 2024-04-15 17:34:47 +00:00
Anders Schack-Mulligen
2925e45434 Java/Dataflow: Propagate MaD-id/model-id to PathGraph. 2024-04-12 09:19:51 +02:00
Dave Bartolomeo
996f535f0b Merge pull request #16103 from github/dbartol/javadoc-record 
Allow `@param` tags to apply to record parameters
 2024-04-09 14:21:45 -04:00
erik-krogh
8cb6598f50 fixing that I put a type on the wrong thing in the alert-message 2024-04-08 20:51:19 +02:00
erik-krogh
018b066b95 autoformat 2024-04-08 07:15:33 +02:00
erik-krogh
ca4f667053 add fallback if I can't easily determine the variable 2024-04-08 07:14:48 +02:00
erik-krogh
8b220cc1b3 also get the variable for array accesses 2024-04-08 07:14:48 +02:00
erik-krogh
795b767b6e add link to the source variable in the alert-message for java/implicit-cast-in-compound-assignment 2024-04-08 07:14:48 +02:00
Dave Bartolomeo
ce98353d22 Allow @param tags to apply to record parameters 2024-04-02 15:15:11 -04:00
github-actions[bot]
8e61c6625b Post-release preparation for codeql-cli-2.17.0 2024-04-01 15:27:42 +00:00
github-actions[bot]
ec97d9a304 Release preparation for version 2.17.0 2024-04-01 13:46:57 +00:00
Jami
d889e3cf98 Merge pull request #14854 from jcogs33/jcogs33/unsafe-url-forward-promotion 
Java: Promote Unsafe URL Forward query from experimental
 2024-03-29 16:34:06 -04:00
Jami
2f8c4df309 docs wording updates 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-03-28 16:15:05 -04:00
Ian Lynagh
5dcd635403 Merge pull request #15961 from igfoo/igfoo/MissingEnumInSwitch 
Java: Limit the amount of results that MissingEnumInSwitch produces per switch
 2024-03-28 11:13:45 +00:00
Ian Lynagh
fda3c92612 Java: Add a changenote for the MissingEnumInSwitch change 2024-03-27 15:12:55 +00:00
Ian Lynagh
59ae6dd5f5 Java: Add a couple of Oxford commas 2024-03-27 15:07:58 +00:00
Henry Mercer
0646744928 Merge branch 'main' into henrymercer/merge-back-rc-3.13 2024-03-26 12:59:12 +00:00
github-actions[bot]
f67b5f9158 Post-release preparation for codeql-cli-2.16.6 2024-03-25 18:17:15 +00:00
github-actions[bot]
71ab804274 Release preparation for version 2.16.6 2024-03-25 16:58:08 +00:00
Owen Mansel-Chan
f2db9ce312 Merge pull request #16028 from owen-mc/java/sensitive-log-whitelist-tokenimage 
Java: whitelist variable name `tokenImage` for `java/sensitive-log` as it's used in code generated by JavaCC
 2024-03-25 10:02:19 +00:00
Owen Mansel-Chan
ac6c4add14 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-03-24 20:20:37 +00:00
Owen Mansel-Chan
821f399193 Add change note 2024-03-23 23:51:52 +00:00
Arthur Baars
c219b1a3c7 Merge pull request #16013 from github/rc/3.13 
Merge rc/3.13 into main
 2024-03-21 16:04:58 +01:00
Henry Mercer
4e3a6e2140 Merge pull request #15874 from github/henrymercer/mark-loc-as-telemetry 
Show lines of code data in debug mode only
 2024-03-21 12:20:09 +00:00
Michael Nebel
6619be3137 Merge pull request #15940 from michaelnebel/csharp/sourcesinktests 
C#: Source- and sink tests.
 2024-03-21 08:12:16 +01:00
Henry Mercer
a76832f4e0 Mark LOC queries as debug instead 2024-03-20 21:18:55 +00:00
Dave Bartolomeo
311ba8ea1b Merge from main to resolve conflicts 2024-03-19 10:41:31 -04:00
Michael Nebel
70c6744944 Java/Go/Swift: Sync changes. 2024-03-19 14:20:43 +01:00
Ian Lynagh
60b5e49905 Java: Limit the amount of results that MissingEnumInSwitch produces per switch 
The tool status page warns:
    An analysis file contained multiple alerts that included more related
    locations than our allowed limit of 100.
    These alerts correspond to the rule java/missing-case-in-switch.
    Only 100 locations were stored for these alerts.
 2024-03-18 15:56:21 +00:00
github-actions[bot]
aebe9f6992 Post-release preparation for codeql-cli-2.16.5 2024-03-18 12:16:26 +00:00
github-actions[bot]
0a6243d07b Release preparation for version 2.16.5 2024-03-18 10:14:07 +00:00
Jami Cogswell
658fffeac1 Java: remove experimental files 2024-03-17 22:03:59 -04:00
erik-krogh
ef8368cfc4 fix typo 2024-03-13 22:37:13 +01:00
Jami Cogswell
d9772c1880 Java: update change note 2024-03-13 16:28:43 -04:00
Jami Cogswell
c8ec301793 Java: add change note 2024-03-13 16:28:42 -04:00
Jami Cogswell
c331393cfd Java: update qhelp 2024-03-13 16:28:41 -04:00