codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00

Author	SHA1	Message	Date
Michael Nebel	b61f515af2	Jave: Make support for query specific models.	2022-11-28 12:30:35 +01:00
Michael Nebel	805430983c	Java: Convert commons-io to data extensions.	2022-11-28 12:30:35 +01:00
Michael Nebel	b3a3b676ba	Java: Remove manual models from QL code.	2022-11-28 12:30:34 +01:00
Michael Nebel	0abeb831c7	Java: Move summaryModel predicate, which constructs a CSV row to the testcode where it is used.	2022-11-28 12:30:34 +01:00
Michael Nebel	663d091776	Java: Invert dependencies and use the extensible predicates.	2022-11-28 12:30:34 +01:00
Michael Nebel	8e25cac653	Java: Add extensible predicates.	2022-11-28 12:30:34 +01:00
Michael Nebel	7b6f202f23	Java: Renaming.	2022-11-28 12:30:34 +01:00
Michael Nebel	a8ee878356	Java: Add bi-directional import of FragmentInjection.	2022-11-28 12:30:33 +01:00
Michael Nebel	663112576a	Java: Update commons-io models.	2022-11-28 12:30:33 +01:00
Tom Hvitved	cde05e1190	Data flow: Sync files	2022-11-28 12:11:38 +01:00
Ian Lynagh	a423f5f695	Kotlin: Enable java/misnamed-type query We used to get alerts for the class around a local function, a lambda, or a function reference, which we give name "". Now those are marked as compiler-generated, and the query ignores compiler-generated types.	2022-11-25 17:11:40 +00:00
Alexander Eyers-Taylor	3c7f7511be	Merge pull request #11418 from alexet/alexet/mockito-class-rename Java: Add new Mockito runner class location.	2022-11-24 17:49:31 +00:00
alexet	e24e3bf13f	Java: Add new Mockito runner class location.	2022-11-24 16:43:57 +00:00
Erik Krogh Kristensen	03737543d4	Merge pull request #11403 from erik-krogh/additional ReDoS: add missing additional keywords	2022-11-24 15:53:51 +01:00
Anders Schack-Mulligen	f2897f5bfc	Merge pull request #11392 from aschackmull/java/adjust-mad-dispatch-priority Java: Adjust the prioritisation between MaD and source dispatch.	2022-11-24 13:10:48 +01:00
Erik Krogh Kristensen	1eec067474	Merge pull request #11294 from erik-krogh/fileDoc QL: improve the "this block-comment should have been a QLDoc"-query	2022-11-23 22:23:36 +01:00
erik-krogh	95f35196e4	add missing additional keywords	2022-11-23 20:45:51 +01:00
Anders Schack-Mulligen	807f87e01f	Java: Adjust the prioritisation between MaD and source dispatch.	2022-11-23 12:56:32 +01:00
Tony Torralba	92ee0aa7ae	Merge pull request #11367 from atorralba/atorralba/java/add-bitwise-implicit-intents Java: Consider taint through bitwise operations on PendingIntent flags	2022-11-22 17:08:52 +01:00
Erik Krogh Kristensen	b2267c0e49	Merge pull request #11343 from erik-krogh/redundantAssignment QL: add redundant-assignment query	2022-11-22 13:03:14 +01:00
Tony Torralba	43f4dd8bc4	Consider taint through bitwise operations on PendingIntent flags	2022-11-22 11:39:30 +01:00
Jami	8a73675483	Merge pull request #11070 from jcogs33/java-regex-injection Java: Promote regex injection query from experimental	2022-11-21 15:04:26 -05:00
erik-krogh	64707f4f7b	remove redundant assignments	2022-11-21 17:45:05 +01:00
Tony Torralba	e28f1ffe18	Merge pull request #11346 from atorralba/atorralba/java/fix-path-models Java: Fix a couple of taint models for `java.nio.file.Path(s)`	2022-11-21 16:57:00 +01:00
Tony Torralba	57656d0a7e	Fix a couple of java.nio.file.Path(s) MaD rows	2022-11-21 15:14:02 +01:00
Tony Torralba	2809c3a77c	Handle disabled Maven repositories	2022-11-21 10:11:57 +01:00
Tom Hvitved	99e70e9a50	Data flow: Sync files	2022-11-20 10:19:23 +01:00
erik-krogh	a4e5d752e1	Java: delete old deprecations	2022-11-17 22:12:50 +01:00
Joe Farebrother	d6c5132f39	Merge pull request #10684 from joefarebrother/android-keyboard-cache Java: Add query for Sensitive Keyboard Cache	2022-11-16 15:27:44 +00:00
Tamás Vajk	a3ff83595a	Merge pull request #11300 from tamasvajk/kotlin-useless-param-2 Kotlin: Exclude .kt files from useless parameter query	2022-11-16 16:22:27 +01:00
Tamas Vajk	48c37a2c0f	Exclude .kt files from useless parameter query	2022-11-16 14:51:49 +01:00
erik-krogh	7331363618	Java: convert some block-comments that could be QLDoc to QLDoc	2022-11-16 13:40:15 +01:00
Anders Schack-Mulligen	94bca4399a	Merge pull request #11183 from aschackmull/dataflow/groupflow Dataflow: Introduce support for src/sink grouping in path results.	2022-11-16 12:59:01 +01:00
Joe Farebrother	7ae41ff165	Invert the xml logic to be consistent with the dataflow logic	2022-11-16 10:54:14 +00:00
Joe Farebrother	6d465aaf52	Apply code review suggestions	2022-11-16 10:54:14 +00:00
Joe Farebrother	63f715e650	fix implicit this	2022-11-16 10:54:14 +00:00
Joe Farebrother	dd4e1d0ac3	Add tests and fix issues	2022-11-16 10:54:14 +00:00
Joe Farebrother	10a3b3bd14	Cover cases in which input type is set via code	2022-11-16 10:54:14 +00:00
Joe Farebrother	359d703ded	More precise layout xml handling	2022-11-16 10:54:13 +00:00
Joe Farebrother	f48b57c95a	Apply review suggestions	2022-11-16 10:54:13 +00:00
Joe Farebrother	c085c1f3ad	Fix typos	2022-11-16 10:54:13 +00:00
Joe Farebrother	0bce1894ae	Remove redundant import	2022-11-16 10:54:13 +00:00
Joe Farebrother	706858e211	Add test cases; fix the regex used	2022-11-16 10:54:13 +00:00
Joe Farebrother	85fe226256	Add sensitive keyboard cache query	2022-11-16 10:54:13 +00:00
erik-krogh	c029048306	port the Java regex/redos queries to use the shared pack	2022-11-14 21:29:41 +01:00
erik-krogh	d5b066636f	use namespace in `PrintAst.qll` to avoid conflict with `Top`	2022-11-14 21:29:41 +01:00
erik-krogh	b737bdbca0	add a Java implementation of `RegexTreeViewSig`	2022-11-14 21:29:41 +01:00
erik-krogh	20254dfc08	move existing regex-tree into a module	2022-11-14 21:29:41 +01:00
Ed Minnix	73d6360eee	Java: add setAllowFileAccess to CrossOriginAccessMethod in WebView.qll Local file access is enabled using the `WebSettings#setAllowFileAccess` method.	2022-11-14 15:07:46 -05:00
Ian Lynagh	3afd895d41	Merge pull request #11217 from igfoo/igfoo/kotlin_version_rec Java/Kotlin: Write Kotlin version information to the database	2022-11-14 10:55:46 +00:00

... 30 31 32 33 34 ...

3173 Commits