3186 Commits

Author	SHA1	Message	Date
Jami	c9258effb6	Merge pull request #11572 from jcogs33/jcogs33/model-top-jdk-apis ... Java: model top 100 JDK APIs	2022-12-20 09:13:53 -05:00
Tony Torralba	149cae9603	Merge pull request #10971 from joefarebrother/android-certificate-pinning ... Java: Add Android missing certificate pinning query (CWE-295)	2022-12-20 11:03:16 +01:00
Tony Torralba	3e7a819fe7	Simplification	2022-12-20 09:42:25 +01:00
Jeroen Ketema	edc768b43b	Merge pull request #11707 from smowton/smowton/fix/java-empty-multiline-comment ... Java: handle printing an empty comment (/**/); add relevant tests	2022-12-20 08:07:42 +01:00
Edward Minnix III	39a7c7bb12	Merge pull request #11282 from egregius313/egregiu313/webview-addjavascriptinterface ... Java: Query for detecting addJavascriptInterface method calls	2022-12-19 11:28:45 -05:00
Chris Smowton	2ca56e0c1e	Java: handle printing an empty comment (/**/); add relevant tests	2022-12-19 14:12:09 +01:00
erik-krogh	ba7321ac5c	add qldoc to RegExpCharEscape	2022-12-18 17:23:45 +01:00
erik-krogh	26c5480ee6	share {js,rb}/regex/missing-regexp-anchor	2022-12-18 17:23:41 +01:00
erik-krogh	f67d0bc8c0	put the shared HostnameRegexp code in the shared regex pack	2022-12-17 17:26:18 +01:00
Jami	ff652f7dee	Merge branch 'main' into jcogs33/model-top-jdk-apis	2022-12-16 15:32:50 -05:00
Tom Hvitved	e45edcc159	Merge pull request #11674 from hvitved/dataflow/param-context ... Data flow: Track callable in flow-through pruning	2022-12-16 09:25:15 +01:00
Jami Cogswell	f01ee9e4c2	Java: remove PR-merging comment	2022-12-15 22:56:15 -05:00
Jami	fd63348549	Merge pull request #11585 from jcogs33/jcogs33/mad-metrics-query ... Java: add MaD metrics query	2022-12-15 19:26:51 -05:00
Tom Hvitved	f8571dd0b6	Data flow: Work around functionality-induced misoptimization	2022-12-15 15:29:14 +01:00
Tom Hvitved	6eda042229	Data flow: Sync files	2022-12-15 15:29:13 +01:00
Michael Nebel	0f038ee93a	Java: Remove deprecated ModelCsv classes.	2022-12-15 15:22:44 +01:00
Michael Nebel	a67e02df21	Merge pull request #11691 from michaelnebel/renameextensibles ... C#/Java: Rename externalflow extensible predicates	2022-12-15 11:05:22 +01:00
Jami Cogswell	46b8fbc4c9	Java: update remaining models, resolve merge conflict	2022-12-15 00:33:06 -05:00
Jami	359e49044f	Merge branch 'main' into jcogs33/mad-metrics-query	2022-12-14 15:33:29 -05:00
Anders Schack-Mulligen	598b4c38b7	Merge pull request #11619 from aschackmull/java/typetrack-lambda ... Java: Switch DispatchFlow to typetracking.	2022-12-14 14:08:29 +01:00
Michael Nebel	b45d079a01	Java: Move and rename externalflow related extensible predicates.	2022-12-14 13:43:34 +01:00
Tom Hvitved	25b2d11368	Merge pull request #11635 from hvitved/dataflow/approx-content ... Data flow: Introduce `ApproxContent` in a new pruning stage between stages 2 and 3	2022-12-14 12:56:50 +01:00
Tamás Vajk	a6d227d52e	Merge pull request #11599 from igfoo/igfoo/diags ... Java/Kotlin: Update the diagnostic severity documentation	2022-12-14 10:13:30 +01:00
Edward Minnix III	a85de2b5f4	Merge pull request #10865 from egregius313/egregius313/android-activity-alias ... Java: Add library support for activity-alias elements in AndroidManifest.qll	2022-12-13 11:52:01 -05:00
Jami Cogswell	a33436a39b	Java: update hasProvenance	2022-12-13 11:26:23 -05:00
Tom Hvitved	2a28953e41	Java: Implement ContentApprox	2022-12-13 09:53:01 +01:00
Tom Hvitved	0c2eee2a72	Data flow: Sync files	2022-12-13 09:52:55 +01:00
Jami	93d8a03e73	Merge branch 'main' into jcogs33/mad-metrics-query	2022-12-12 20:31:53 -05:00
Jami Cogswell	5113041623	Java: add isParameterless predicate to Constructor class	2022-12-12 13:28:00 -05:00
Erik Krogh Kristensen	636d5e341c	Merge pull request #11652 from erik-krogh/static-useInstanceOf ... Java/C#/GO: Use instanceof in more places	2022-12-12 17:52:04 +01:00
Jami Cogswell	623068c4b9	Java: add hasProvenance predicate, remove isManuallyGenerated and isBothAutoAndManuallyGenerated	2022-12-12 11:23:46 -05:00
Edward Minnix III	0ebfee8b11	Merge pull request #11241 from egregius313/egregius313/webview-file-access ... Java: Query to detect Android Webview file access	2022-12-12 11:12:26 -05:00
erik-krogh	873d3553cd	Merge branch 'main' into static-useInstanceOf	2022-12-12 15:36:54 +01:00
Chris Smowton	77004f3e15	Merge pull request #11258 from smowton/smowton/feature/kotlin-annotation-extraction ... Kotlin: extract annotations	2022-12-12 09:52:49 +00:00
Michael Nebel	e0f1b38439	Merge pull request #11580 from michaelnebel/renamenegativemodels ... C#/Java: Rename Negative Summary Model to Neutral Model	2022-12-12 07:59:06 +01:00
erik-krogh	8262fbbfb5	Java/C#/GO: Use instanceof in more places	2022-12-11 18:32:19 +01:00
Jami Cogswell	6854845b75	Java: refactor isManuallyGenerated and isBothAutoAndManuallyGenerated	2022-12-09 18:37:50 -05:00
Joe Farebrother	12dc11aa18	Add qldoc	2022-12-09 15:07:49 +00:00
Michael Nebel	4835d14865	Java/C#: Delete the deprecated NeutralModelCsv class.	2022-12-09 15:11:49 +01:00
Michael Nebel	3af00a8f3f	Java: Rename Negative Summary Model to Neutral Model.	2022-12-09 15:04:43 +01:00
Michael Nebel	079d48c42a	Sync files.	2022-12-09 15:04:42 +01:00
Joe Farebrother	8de5efb28f	Add SetDefaultConnectionFactoryMethod class	2022-12-09 13:41:18 +00:00
Joe Farebrother	0dea5daffe	Change import for consistency, fix some typos	2022-12-09 13:41:18 +00:00
Joe Farebrother	2be68b2f1d	Apply suggestions from code review ... Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2022-12-09 13:41:18 +00:00
Joe Farebrother	a14ebb7c03	Fixes	2022-12-09 13:41:18 +00:00
Joe Farebrother	603c1c1693	Add the domain used to the alert message	2022-12-09 13:41:18 +00:00
Joe Farebrother	c8aca06190	Implement pinning through a TrustManager ... + Fix that the query was accidentally placed in experimental	2022-12-09 13:41:18 +00:00
Joe Farebrother	c32dc1e674	Implement okhttp support	2022-12-09 13:41:17 +00:00
Joe Farebrother	da7032d3d6	Add qldoc	2022-12-09 13:41:17 +00:00
Joe Farebrother	c3da3a9aef	Add a bit of additional context to the alert message; fix issue with finding the config file	2022-12-09 13:41:17 +00:00