hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

4531 Commits

Author SHA1 Message Date
Jami Cogswell
33afcd75f1 Java: add subtype-related comments, update some empty-string signatures 2023-04-13 09:12:54 -04:00
Jami Cogswell
e89df255e3 Java: add subtype-related comments on org.apache.hc.client5.http.async.methods models 2023-04-13 09:12:54 -04:00
Jami Cogswell
4ab184fc7d Java: switch HttpHost from sink to summary; resolve conflicts 2023-04-13 09:12:54 -04:00
Jami Cogswell
4ed101fa26 Java: remove some comments 2023-04-13 09:12:54 -04:00
Jami Cogswell
a991f87728 Java: add some host sinks 2023-04-13 09:12:54 -04:00
Jami Cogswell
68fe486c05 Java: remove typo FP, boolean arg is not a sink 2023-04-13 09:12:54 -04:00
Jami Cogswell
60dab3d779 Java: add models from client version 4; resolve conflicts 2023-04-13 09:12:42 -04:00
Jami Cogswell
68391acc98 Java: add models from core version 4; resolve conflict 2023-04-13 09:06:28 -04:00
Jami Cogswell
de4cfc3239 Java: remove typo sink, this api is covered by the model for org.apache.http.client.methods.HttpRequestBase.setURI instead 2023-04-13 09:06:28 -04:00
Jami Cogswell
a3976305ca Java: add initial ssrf heuristic models for apache httpcomponents version 5 2023-04-13 09:06:28 -04:00
Michael Nebel
52bc43b22b Merge pull request #12595 from michaelnebel/enhanceprovenance 
Java/C# : Enhance provenance.
 2023-04-13 14:27:53 +02:00
Alex Ford
8c46bfd051 Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Tony Torralba
4c6df3fdb9 Merge pull request #12813 from atorralba/atorralba/java/sensitive-expr-fix-and-tests 
Java: Add tests for SensitiveActions and fix getCommonSensitiveInfoRegex
 2023-04-13 13:13:37 +02:00
Tony Torralba
d7feaf4098 Merge pull request #12685 from atorralba/atorralba/java/command-injection-mad 
Java: Add command-injection sink kind and refactor command injection queries
 2023-04-13 11:38:14 +02:00
Tony Torralba
4f2ffccc20 Improve change note 2023-04-13 11:14:57 +02:00
Tony Torralba
99b0624e8b Add change note 2023-04-13 10:35:59 +02:00
Tony Torralba
485709a133 Fix getCommonSensitiveInfoRegex 2023-04-13 10:33:03 +02:00
Michael Nebel
169d8d5cf9 Java: All ai-generated models have been manually verified. 2023-04-13 09:21:06 +02:00
Michael Nebel
6593991c13 Java/C#: Update generated models to have provenance df-generated. 2023-04-13 09:21:05 +02:00
Michael Nebel
03482e5e59 Java/C#: Update the internal documentation. 2023-04-13 09:21:05 +02:00
Michael Nebel
54e55e2262 Java: Introduce more provenance values. 2023-04-13 09:21:04 +02:00
Michael Nebel
efc0650b86 Java: Set the provenance default to manual. 2023-04-13 09:21:04 +02:00
Mathew Payne
824ff8ad88 Add function signature to model 2023-04-12 14:54:06 +00:00
Mathew Payne
ffec22a5d2 Add change log notes 2023-04-12 14:48:28 +00:00
Mathew Payne
d0529bba2b Add missing models for Java IO 
- java.io.OutputStream
- java.nio.file.Files
 2023-04-12 14:43:11 +00:00
Chris Smowton
7eefa43f5a Rename and document viableArgParamSpecific to make clear it is a temporary hook. 2023-04-12 14:33:46 +01:00
Chris Smowton
4d8ca3d759 Add dataflow callback to filter out receiver argument flow to Golang interface dispatch candidates. 
Other langauges stub the callback.
 2023-04-12 14:19:06 +01:00
Jami
b7c7449b08 Merge pull request #12739 from jcogs33/jcogs33/add-one-more-top500-model 
Java: add summary model for `UnsupportedOperationException(String)` constructor
 2023-04-11 08:25:36 -04:00
Tony Torralba
944bdfde45 Apply suggestions from code review 2023-04-11 09:47:47 +02:00
Stephan Brandauer
cb8506d51a Update MaD Declarations after Triage 2023-04-11 09:25:39 +02:00
Jami Cogswell
6a103f5070 Java: add change note 2023-04-06 10:22:03 -04:00
Jami Cogswell
6b695434b7 Java: add yml model for UnsupportedOperationException; resolve conflict 2023-04-06 10:19:19 -04:00
Tony Torralba
8686036346 Update java/ql/lib/change-notes/2023-03-31-new-models.md 2023-04-06 15:25:33 +02:00
Tony Torralba
d58d6fe6be Update java/ql/lib/ext/java.net.model.yml 2023-04-06 13:58:13 +02:00
Tony Torralba
cdb3d9ea5a Apply suggestions from code review 2023-04-06 12:23:50 +02:00
Stephan Brandauer
18801b39c6 Update MaD Declarations after Triage 2023-04-06 12:23:50 +02:00
Tony Torralba
3f2840bb1b Remove com.hippo models 2023-04-05 15:32:53 +02:00
Tony Torralba
bced2d692b Apply suggestions from code review 2023-04-05 15:19:21 +02:00
Stephan Brandauer
f87618238f Review suggestions 2023-04-05 15:15:03 +02:00
Stephan Brandauer
edf7ba09e7 try different change note name 2023-04-05 15:15:02 +02:00
Stephan Brandauer
0a5d19fc71 Update MaD Declarations after Triage 2023-04-05 15:15:02 +02:00
github-actions[bot]
ac426b1302 Post-release preparation for codeql-cli-2.12.6 2023-04-04 16:49:26 +00:00
Edward Minnix III
2b9daed26a Merge pull request #12563 from egregius313/egregius313/refactor-java-libs-to-dataflow-modules 
Java: Refactor Java query libraries to use dataflow modules
 2023-03-31 12:38:14 -04:00
Ed Minnix
800411cd81 More replacing of single-predicate classes to predicate 2023-03-31 10:55:17 -04:00
Ian Lynagh
c1a7d7f825 Merge pull request #12646 from igfoo/igfoo/expanded_args 
Java: Store expanded args in the database
 2023-03-31 15:27:02 +01:00
Ian Lynagh
3d85c4f19c Java: Add another change note 2023-03-31 12:46:10 +01:00
Ian Lynagh
04c09a73a9 Java: Add .md extension to changenote file 2023-03-31 12:40:19 +01:00
Ed Minnix
ac218ba08b Replace private classes with one method to predicates 2023-03-30 22:03:05 -04:00
github-actions[bot]
0a3218676c Release preparation for version 2.12.6 2023-03-30 19:25:06 +00:00
Ed Minnix
03078603bf Reinstate private markers on additional predicates 2023-03-30 11:24:33 -04:00