hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

5817 Commits

Author SHA1 Message Date
Tony Torralba
01b950f68b Revert "Java: Rename predicate to getATypeInScope" 
This reverts commit fd99ae78b3.
 2022-10-04 10:59:43 +02:00
Tony Torralba
df29e05b9f Revert "Java: Adjust ImpossibleJavadocThrows.ql" 
This reverts commit c40b6285a2.
 2022-10-04 10:59:39 +02:00
Tony Torralba
c1654ce7cc Revert "Java: Fix cartesian product" 2022-10-04 10:56:32 +02:00
Dilan Bhalla
bff2633f8d java guidance: experimental version of exectainted 2022-10-03 11:18:17 -07:00
Ed Minnix
c6f91500f0 Update query description to better describe issue 2022-10-03 13:12:53 -04:00
Ed Minnix
09077935b1 Added query change note 2022-10-03 11:30:43 -04:00
Edward Minnix III
071f082b64 Add mention of content provider in query description 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-10-03 11:21:33 -04:00
Edward Minnix III
2970e8c76a Remove redundant documentation 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2022-10-03 11:21:02 -04:00
Tony Torralba
ba9eb8c73c Fix stub generator 
Add line break after all stubbed annotations to avoid malformed code

See https://github.com/github/codeql/pull/8695\#discussion_r985674245
 2022-10-03 14:43:58 +02:00
Tony Torralba
f860ae8c82 Apply review suggestions 2022-10-03 10:38:35 +02:00
Tony Torralba
0645f62a0d Use monotonicAggregates to avoid non-monotonic recursions 2022-10-03 10:31:14 +02:00
Tony Torralba
66e6f4d25e Use empty string as default value for string annotation values 2022-10-03 10:31:14 +02:00
Tony Torralba
8a3ed6bdcf Apply code review suggestions 2022-10-03 10:31:14 +02:00
Tony Torralba
6f7b7c9efe If an annotation value is an array, order its elements by index 2022-10-03 10:31:14 +02:00
Tony Torralba
6f1124d7e7 Handle more annotation element value types 2022-10-03 10:31:13 +02:00
Tony Torralba
1ece12efd7 Add annotation element names 2022-10-03 10:31:13 +02:00
Tony Torralba
d4499a10d2 Fix typo 2022-10-03 10:31:13 +02:00
Tony Torralba
ee7507386c Fix annotation vs interface keyword stubbing 2022-10-03 10:31:13 +02:00
Tony Torralba
eda676df3e Add support for Annotation types stub generation 2022-10-03 10:31:13 +02:00
Erik Krogh Kristensen
3d00a61dac Merge pull request #10528 from erik-krogh/java-followMsg 
Java: Update the alert messages to better follow the style guide
 2022-10-03 09:49:47 +02:00
erik-krogh
39ffa558f1 make a few more queries consistent with the other languages 2022-10-02 22:38:25 +02:00
erik-krogh
2f673efc67 autoformat 2022-10-01 13:21:20 +02:00
erik-krogh
129cda00db get a few more queries in sync with other languages 2022-10-01 11:17:48 +02:00
erik-krogh
acfcc4bfe2 update two more queries to better follow the style-guide 2022-10-01 10:59:59 +02:00
erik-krogh
7d643e41f3 Merge branch 'main' into java-followMsg 2022-10-01 10:48:06 +02:00
Tony Torralba
585cbe2b95 Fix cartesian product 2022-09-30 10:47:22 +02:00
Ed Minnix
2a2878fc7b Move text into paragraph tag 2022-09-29 16:33:22 -04:00
Ed Minnix
e3c0e6f52a Remove location link from alert message 
Follow the style suggestion from the github-code-scanning bot and remove
provider element from alert link
 2022-09-29 16:20:48 -04:00
Ed Minnix
f2bda1525a Revert "Android ContentProvider.openFile does not check mode initital commit" 
This reverts commit e37f62bb5e.

The MisconfiguedContentProviderUse.ql file provided a sample query which
will be useful in future checks for CVE-2021-41166, but is not needed
for the current manifest-focused check
 2022-09-29 14:43:18 -04:00
Ed Minnix
e72963986f Moved Android manifest incomplete permission logic into library 2022-09-29 14:06:18 -04:00
Ed Minnix
dedd29e1b3 Incomplete Android content provider permissions documentation 2022-09-29 14:05:18 -04:00
Anders Schack-Mulligen
b48b5d45ef Merge pull request #10498 from Marcono1234/marcono1234/compilation-unit-simple-name-type 
Java: Add `CompilationUnit.getATypeInScope()`
 2022-09-28 13:18:29 +02:00
Joe Farebrother
6cb26d5129 Merge pull request #10241 from joefarebrother/android-webview-dubugging 
Java: Add query for WebView debugging enabled
 2022-09-28 10:50:51 +01:00
Tony Torralba
be9509ceb9 Merge pull request #9199 from luchua-bc/java/unsafe-url-forward-dispatch-load 
Java: CWE-552 Query to detect unsafe resource loading in Java Spring applications
 2022-09-27 15:27:51 +02:00
Tony Torralba
7ff82bbed3 Update java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll 2022-09-27 13:26:21 +02:00
Joe Farebrother
af41f2b903 Remove 'here'. 2022-09-26 13:36:14 +01:00
erik-krogh
46b5bf32f9 update alert-messsages of java queries 2022-09-26 12:15:25 +02:00
Marcono1234
c40b6285a2 Java: Adjust ImpossibleJavadocThrows.ql 2022-09-26 12:08:43 +02:00
Marcono1234
fd99ae78b3 Java: Rename predicate to getATypeInScope 2022-09-25 14:44:16 +02:00
github-actions[bot]
6cef0af5df Post-release preparation for codeql-cli-2.11.0 2022-09-23 21:01:40 +00:00
luchua-bc
8effbff817 Remove unused code and update qldoc 2022-09-23 12:43:39 +00:00
luchua-bc
e33d786745 Add test cases and reduce FPs 2022-09-23 12:31:16 +00:00
luchua-bc
251f67dcf3 Use the new CSV model 2022-09-23 12:31:16 +00:00
luchua-bc
b3572747f0 Simplify test case and minor update to the query 2022-09-23 12:31:15 +00:00
luchua-bc
311c9e4719 Query to detect unsafe resource loading in Java Spring applications 2022-09-23 12:31:15 +00:00
github-actions[bot]
f5cf8cffa3 Release preparation for version 2.11.0 2022-09-22 20:14:12 +00:00
Dave Bartolomeo
cee0e8e137 Merge pull request #10532 from github/henrymercer/3.7-mergeback 
Final mergeback from `rc/3.7`
 2022-09-22 13:42:59 -04:00
Erik Krogh Kristensen
6e6880bbe4 Merge pull request #10486 from erik-krogh/java-unqueryable 
Java: Delete some unused code
 2022-09-22 14:21:39 +02:00
Henry Mercer
f8f99af8b7 Bump the minor version of packs we regularly release 2022-09-22 12:14:19 +01:00
Joe Farebrother
2414239e50 Fix qhelp formatting 2022-09-21 16:36:20 +01:00