hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

13744 Commits

Author SHA1 Message Date
Owen Mansel-Chan
7764fbb664 Change note 2025-07-11 11:05:48 +01:00
Owen Mansel-Chan
8e4bd1a102 Add sink for ObjectInput.readObject to make test pass 2025-07-11 11:05:38 +01:00
Owen Mansel-Chan
34fae324a0 Add test for ObjectInput.readObject 2025-07-11 11:03:47 +01:00
Jonas Jensen
76544f2966 Merge pull request #19943 from asgerf/approximate-related-location 
Support approximate related locations
 2025-07-11 10:16:24 +02:00
Owen Mansel-Chan
006d77ffdd Refactor QL to make type check more concise 2025-07-11 06:13:01 +01:00
Owen Mansel-Chan
c39e5a7d97 Update qhelp: SnakeYaml is safe from version 2.0 2025-07-10 16:54:00 +01:00
Tamás Vajk
1351f57d2b Merge pull request #19998 from tamasvajk/quality/label-in-switch 
Java: Add query to detect non-case labels in switch statements
 2025-07-10 14:13:38 +02:00
Kasper Svendsen
0739c03d03 Overlay: Add discarding of base XML locatables for Java 2025-07-10 12:31:16 +02:00
Kasper Svendsen
d7094a96b5 Overlay: Add discarding of all Java base properties 2025-07-10 12:31:15 +02:00
Tamas Vajk
5edb60ea04 Improve query documentation 2025-07-10 09:43:15 +02:00
Jonas Jensen
5a1246a586 Merge remote-tracking branch 'upstream/main' into approximate-related-location 2025-07-09 10:10:20 +02:00
Tamas Vajk
5f7d746266 Java: Add query to detect non-case labels in switch statements 2025-07-08 14:53:39 +02:00
Tamas Vajk
ccbf7055f1 Adjust query precision 2025-07-08 13:31:08 +02:00
Tamas Vajk
d16570b05e Revert "Adjust query tags" 
This reverts commit 92685e6c2de69898d556706b04e6c562e54b26b8.
 2025-07-08 13:28:26 +02:00
Tamas Vajk
c4def103f7 Improve query documentation 2025-07-08 13:28:26 +02:00
Tamas Vajk
15de398806 Adjust query tags 2025-07-08 13:28:25 +02:00
Tamas Vajk
a0c9c98373 Adjust references in query doc 2025-07-08 13:28:25 +02:00
Tamas Vajk
fd8b37cc28 Exclude Kotlin files 2025-07-08 13:28:24 +02:00
Tamas Vajk
09a2aeead6 Java: Add query to detect special characters in string literals 2025-07-08 13:28:18 +02:00
Tamas Vajk
813ce7d3f8 Rename query 2025-07-08 11:28:12 +02:00
Tamas Vajk
f2805ba80c Improve query help 2025-07-08 11:28:11 +02:00
Tamas Vajk
82fe647a40 Improve alert message 2025-07-08 11:28:11 +02:00
Tamas Vajk
528389af38 Adjust expected file for query suite integration test 2025-07-08 11:28:10 +02:00
Tamas Vajk
a2d4f58af7 Use inline test expectations 2025-07-08 11:28:10 +02:00
Tamas Vajk
2cd0c64e41 Improve query quality 2025-07-08 11:28:09 +02:00
Tamas Vajk
e0cb1792bd Java: Add 'Useless serialization member in record class' query 2025-07-08 11:28:09 +02:00
Tom Hvitved
6fdec47e83 Java: Use MaD in log injection test 2025-07-08 10:25:58 +02:00
github-actions[bot]
24a0ac1223 Post-release preparation for codeql-cli-2.22.2 2025-07-07 18:15:04 +00:00
github-actions[bot]
f12daefabe Release preparation for version 2.22.2 2025-07-07 14:00:26 +00:00
Tamas Vajk
6013c347df Improve query docs for java/java-util-concurrent-scheduledthreadpoolexecutor 2025-07-07 14:22:40 +02:00
Arthur Baars
84e5f2846b Merge branch 'main' into nickrolfe/overlay-deleted-files 2025-07-04 16:19:59 +02:00
Kasper Svendsen
785e0273f2 Merge pull request #19968 from kaspersv/kaspersv/overlay-java-getastrictancestor-caller 
Overlay: Mark `RefType.getAStrictAncestor`` overlay[caller?]`
 2025-07-04 09:38:02 +02:00
Nick Rolfe
a02aabe797 Java: add upgrade scripts for overlayChangedFiles dbscheme addition 2025-07-03 12:44:12 +01:00
Nick Rolfe
72b4e67477 Java/Ruby/Rust/QL: add overlayChangedFiles relation to dbscheme 2025-07-03 12:44:09 +01:00
Kasper Svendsen
dd8af3baf7 Overlay: Mark RefType.getAStrictAncestor overlay[caller?] 2025-07-03 12:23:20 +02:00
Michael Nebel
aefd941135 Java/Javascript: Fix violations. 2025-07-03 11:56:33 +02:00
Asger F
bb45d0632b Merge branch 'main' into approximate-related-location 2025-07-03 10:53:07 +02:00
Kasper Svendsen
649091c0ed Fix java/local-temp-file-or-directory-information-disclosure overlay compilation regression 2025-07-03 10:47:33 +02:00
Kasper Svendsen
425448a10a Fix java/netty-http-request-or-response-splitting overlay compilation regression 2025-07-03 10:47:33 +02:00
Paolo Tranquilli
4d3546f7c9 Java: disable failing maven fetches expectations for now 2025-07-02 17:16:41 +02:00
Asger F
4a2d795076 Shared: Make approximate location filtering the default behaviour 2025-07-02 14:41:02 +02:00
Asger F
82d190f4bf Java: use approximate related sink locations in polynomial redos 2025-07-02 14:40:56 +02:00
Owen Mansel-Chan
811ed3ccde Merge pull request #19892 from owen-mc/fix-markdown-query-help-formatting 
Fix markdown query help formatting
 2025-07-01 12:05:35 +01:00
Michael Nebel
233b54c7fa Merge pull request #19891 from michaelnebel/michaelnebel/freezemoresuites 
Go/Ruby/Python: Freeze quality queries in `security-and-quality`.
 2025-07-01 09:04:19 +02:00
Jami
de09122de3 Merge pull request #19175 from jcogs33/jcogs33/java/call-to-thread-run 
Java: update `java/call-to-thread-run`
 2025-06-30 09:31:08 -04:00
Kasper Svendsen
3d7343273e Merge pull request #19813 from github/kaspersv/overlay-java-discarding 
Overlay: Add manual Java overlay annotations & discard predicates
 2025-06-30 11:17:31 +02:00
Kasper Svendsen
c7194a4012 Overlay: Add missing QLDoc 2025-06-30 08:40:46 +02:00
Jami Cogswell
42904113b4 Java: add qhelp references 2025-06-29 22:50:10 -04:00
Jami Cogswell
87ab4d0160 Java: remove java/run-method-called-on-java-lang-thread-directly 
using existing query java/call-to-thread-run instead
 2025-06-29 22:42:31 -04:00
Jami Cogswell
12e7bbbae8 Java: update existing tests to services tests 2025-06-29 22:41:47 -04:00