hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

5817 Commits

Author SHA1 Message Date
REDMOND\brodes
7b7ed61beb Adding an asymmetric algorithm slice. 2025-04-28 11:34:32 -04:00
REDMOND\brodes
fdd09a4dbf Adding a new means for determining if there is nonce reuse. 2025-04-28 11:34:16 -04:00
github-actions[bot]
2e0699ab2b Post-release preparation for codeql-cli-2.21.2 2025-04-28 14:03:28 +00:00
Nick Rolfe
e3f33f192f Remove erroneously-committed query 2025-04-28 13:55:34 +01:00
Nick Rolfe
ca7f8f21cd Tweak change-note for MaD model generation 2025-04-28 12:50:58 +01:00
github-actions[bot]
625354c46e Release preparation for version 2.21.2 2025-04-28 10:55:22 +00:00
Michael Nebel
32125d2291 C#/Java/Rust: Add change notes. 2025-04-25 15:50:03 +02:00
Michael Nebel
2a0097ea56 C#/Java/Rust: Use Mixed flow from capture summary models queries and adjust other queries to the re-factored implementation. 2025-04-25 15:49:47 +02:00
Jami
4483a24133 Merge pull request #19075 from jcogs33/jcogs33/java/do-not-use-finalizers 
Java: Add new quality query to detect `finalize` calls
 2025-04-22 14:11:14 -04:00
Jami
72d49f21ee Merge branch 'main' into jcogs33/java/do-not-use-finalizers 2025-04-21 09:57:53 -04:00
Jami
02ded89d84 Merge branch 'main' into jcogs33/java/junit5-missing-nested-annotation 2025-04-21 09:46:49 -04:00
Jami
2b9160526a Apply docs review suggestion 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-04-20 21:47:25 -04:00
Nicolas Will
1958c192ec Reimplement EC, MAC, key creation logic + consumer 2025-04-15 23:00:12 -04:00
github-actions[bot]
d78736b1bf Post-release preparation for codeql-cli-2.21.1 2025-04-15 16:33:15 +00:00
github-actions[bot]
b961c5961d Release preparation for version 2.21.1 2025-04-14 09:53:06 +00:00
Mathias Vorreiter Pedersen
11aef7019e Merge pull request #19273 from MathiasVP/prepare-shared-mad-generation-for-cpp 
Shared: Prepare model generation for C++ adoption
 2025-04-11 07:22:56 -07:00
Mathias Vorreiter Pedersen
b6c658767e Java: Fixup MaD input. 2025-04-10 14:01:11 +01:00
Owen Mansel-Chan
acfcc6d490 Sort ids in java-code-quality.qls 2025-04-10 12:35:42 +01:00
Owen Mansel-Chan
576f4cf19f Update tags 2025-04-10 12:21:09 +01:00
Owen Mansel-Chan
ad89e7980e Tweak documentation 2025-04-10 12:21:08 +01:00
Owen Mansel-Chan
3ea5cc1b66 Add query to code-quality query suite 2025-04-10 12:21:06 +01:00
Owen Mansel-Chan
626a7d5007 Fix punctuation 2025-04-10 12:21:02 +01:00
Owen Mansel-Chan
c4e56b1ec8 Add quality and cwe tag to query 
CWE-1176: Inefficient CPU Computation
 2025-04-10 12:21:00 +01:00
Owen Mansel-Chan
042fe07494 Adjust alert message 2025-04-10 11:47:19 +01:00
Owen Mansel-Chan
fea3d10b97 Update qhelp 2025-04-10 11:47:18 +01:00
Owen Mansel-Chan
441c79ebdf Use existing class StringReplaceAllCall 2025-04-10 11:47:17 +01:00
Owen Mansel-Chan
ff2947a0e5 Adjust query name 2025-04-10 11:47:14 +01:00
Owen Mansel-Chan
041adcd63a Java: Add initial version of string replaceAll with no regex query 2025-04-10 11:46:59 +01:00
Nicolas Will
b9d0abda63 Move CipherOperation into KeyOperation, refactor 
- KeyOperation and Algorithm now encompasses encryption, decryption, wrapping, unwrapping, signing, and verifying.
- Removed elliptic curve implementation from JCA.qll pending rewrite
- Removed JCAAlgorithmInstance abstraction from JCA.qll
- Cleaned up and removed JCA-specific naming from Model.qll
- Added and clarified documentation
 2025-04-09 21:19:00 +02:00
Tamas Vajk
6abff483da Java: Add explicit filtering for quality queries that should be included in security-and-quality 2025-04-08 16:47:41 +02:00
Tamas Vajk
259a09386e Move query suite selector logic to security-and-quality-suite 2025-04-08 16:47:41 +02:00
Jami Cogswell
798907dc50 Java: remove change note 2025-04-04 14:01:35 -04:00
Jami Cogswell
77eeab33a6 Java: remove change note 2025-04-04 13:57:34 -04:00
Jami Cogswell
fc21abc7e4 Java: update qhelp implementation notes to say 'method declarations' 2025-04-03 16:05:23 -04:00
Jami Cogswell
0380279c39 Java: update qhelp implementation notes for more clarity 2025-04-02 19:43:33 -04:00
Jami Cogswell
05d7b9a19a Java: add reliability tag 2025-04-02 19:11:26 -04:00
Jami Cogswell
6ade97892f Java: update maintainability tag to reliability instead 2025-04-02 19:06:02 -04:00
Jonas Jensen
118abd40c9 Java: add exclude-from-incremental tag to telemetry queries 
In the future, this tag should signal to the action that the queries
should be excluded from incremental scans because they are too slow
and/or produce too many results.

The three queries tagged here rely on global data-flow analysis to find
all XSS sinks. All other metric and diagnostic queries are fast enough
for incrementality.
 2025-04-02 14:19:45 -07:00
Jami Cogswell
1a2c34dd28 Java: update qhelp implementation notes for clarity 2025-04-01 16:24:13 -04:00
Jami
c4b8396333 fix typo in query description 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-04-01 15:52:57 -04:00
github-actions[bot]
10205cb990 Post-release preparation for codeql-cli-2.21.0 2025-04-01 11:30:43 +00:00
Jami Cogswell
416643ce39 Java: update qhelp recommendation and example 2025-03-31 21:09:21 -04:00
github-actions[bot]
84f6564cc0 Release preparation for version 2.21.0 2025-03-31 17:35:15 +00:00
Jami
e458aca806 Merge branch 'main' into jcogs33/java/junit5-missing-nested-annotation 2025-03-27 21:31:09 -04:00
Jami Cogswell
92cdddf604 Java: resolve filename conflict 2025-03-27 21:29:20 -04:00
Jami Cogswell
caf21a8202 Java: update qhelp and add 'performace' tag 2025-03-27 20:20:48 -04:00
Jami Cogswell
3631df03c7 Java: add to code-quality suite 2025-03-27 19:38:10 -04:00
Jami Cogswell
ed22a16f32 Java: exclude overloads of finalize 2025-03-27 19:35:46 -04:00
Jami Cogswell
f73eda0c38 Java: add previous-id and change 'use' to 'call' 2025-03-27 19:35:44 -04:00
Jami Cogswell
2e25498143 Java: add change note 2025-03-27 19:35:42 -04:00