codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00

Author	SHA1	Message	Date
Ian Lynagh	1e62b485a5	Merge pull request #8241 from igfoo/igfoo/stats4 Java: Update stats and make some performance tweaks	2022-02-28 12:58:06 +00:00
Ian Lynagh	0bf1370cd5	Java: Autoformat QL	2022-02-25 19:08:08 +00:00
Asger Feldthaus	f1bfb31403	Shared: fix typo in a comment	2022-02-23 14:13:41 +01:00
Asger Feldthaus	efec348eb3	Java: use AccessPathSyntax library	2022-02-23 14:13:40 +01:00
Asger Feldthaus	5cab737ef1	Shared: sync AccessPathSyntax.qll	2022-02-23 14:13:40 +01:00
Ian Lynagh	7ce9b160d0	Java: Performance tweaks	2022-02-21 17:05:00 +00:00
Asger Feldthaus	7848fcec80	Shared: sync AccessPathSyntax.qll	2022-02-21 08:21:53 +01:00
Asger Feldthaus	55ac5cb012	Shared: auto format	2022-02-21 08:21:53 +01:00
Asger Feldthaus	4985fbb526	Shared: update getSummaryCsv and related test output	2022-02-21 08:21:53 +01:00
Asger Feldthaus	dcc523a2b7	Shared: auto format	2022-02-21 08:21:53 +01:00
Asger Feldthaus	d911e0abf8	Shared: use getToken instead of getLastToken	2022-02-21 08:21:52 +01:00
Asger Feldthaus	c4304a980d	Shared: add explicit this	2022-02-21 08:21:52 +01:00
Asger Feldthaus	dc6a13242b	Shared: update comment in AccessPathSyntax.qll	2022-02-21 08:21:52 +01:00
Asger Feldthaus	be63cf7049	Shared: fix qldoc and move getRawToken to top-level	2022-02-21 08:21:52 +01:00
Asger Feldthaus	affdbe9955	Java: remove support for legacy syntax	2022-02-21 08:16:55 +01:00
Asger Feldthaus	a121b73181	Java: update CSV rows to dot-separated syntax	2022-02-21 08:16:55 +01:00
Asger Feldthaus	753c557dbe	Java: use AccessPathSyntax.qll to parse input/output summary specs	2022-02-21 08:16:54 +01:00
Tony Torralba	5f0ab522f3	Merge pull request #7988 from Marcono1234/marcono1234/sealed-types-predicates Java: Add predicates for sealed classes	2022-02-15 15:11:56 +01:00
Marcono1234	a496b1d1a1	Java: Add predicates for sealed classes	2022-02-14 21:04:38 +01:00
Jonathan Leitschuh	df716cbaa0	Revert changes to MethodAccessSystemGetProperty	2022-02-04 17:10:25 -05:00
Jonathan Leitschuh	3a15678b1e	Java: CWE-200: Temp directory local information disclosure vulnerability	2022-02-04 17:10:23 -05:00
Tom Hvitved	6bb71f051b	Merge pull request #7791 from hvitved/dataflow/inline-local-flow-star Data flow: Inline `local(Expr\|Instruction)?(Flow\|Taint)`	2022-02-03 09:02:43 +01:00
Arthur Baars	6acf49d4da	Merge pull request #7814 from aibaars/fix-ql-alerts Ruby: fix all QL-QL alerts	2022-02-02 18:25:38 +01:00
Tony Torralba	4f13bf8941	Merge pull request #6492 from atorralba/atorralba/android-cleartext-storage-database Java: Create new query Cleartext storage of sensitive information in Android databases	2022-02-02 16:23:05 +01:00
Tony Torralba	54e8ea56e8	Apply suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2022-02-02 15:44:26 +01:00
Arthur Baars	33b97f3e0c	Update synchronized files	2022-02-02 13:30:45 +01:00
Tom Hvitved	f2352d8272	Data flow: Inline `local(Expr\|Instruction)?(Flow\|Taint)` Computing a full transitive closure is often bad; by inlining all calls we are providing more context to the QL optimizer.	2022-01-31 14:33:41 +01:00
Tom Hvitved	682163962a	Data flow: Sync files	2022-01-28 13:01:24 +01:00
Alvaro Muñoz Sanchez	c49c7903a8	add java.util.regex models and tests	2022-01-25 10:50:39 +01:00
Tony Torralba	4f4f531dfc	Add missing QLDoc	2022-01-24 15:13:09 +01:00
Tom Hvitved	6efa595478	Merge pull request #7688 from hvitved/dataflow/required-component-stack Data flow: Restructure `RequiredSummaryComponentStack`	2022-01-24 15:10:08 +01:00
Tony Torralba	b59fd4070f	Merge pull request #7136 from atorralba/atorralba/promote-insecure-trustmanager Java: Promote Insecure TrustManager from experimental	2022-01-24 14:05:14 +01:00
Tom Hvitved	64f19637d4	Address review comments	2022-01-24 13:33:18 +01:00
Anders Schack-Mulligen	7af6dc7164	Merge pull request #7702 from atorralba/atorralba/fix-jndi-injection-sinks Java: Remove some JNDI Injection sinks	2022-01-24 10:53:58 +01:00
Anders Schack-Mulligen	b4bf7a1561	Merge pull request #7698 from aschackmull/java/bitwise-assignop-guards Java: Add support for bitwise compound assignments in Guards.	2022-01-24 09:11:53 +01:00
Tony Torralba	78d7e538a5	Remove some JNDI Injection sinks Add tests and stubs	2022-01-21 17:47:15 +01:00
Tony Torralba	4df0f399cd	Move ContentProvider models to the appropriate file	2022-01-21 16:55:43 +01:00
Tony Torralba	4f253590f1	Fix method name in LocalDatabaseOpenMethodAccess	2022-01-21 16:55:43 +01:00
Tony Torralba	5cf664411b	Remove unneeded nonSuspicious values	2022-01-21 16:55:43 +01:00
Tony Torralba	baa1f71a53	Add QLDoc	2022-01-21 16:55:43 +01:00
Tony Torralba	4e4f619ae4	Update java/ql/lib/semmle/code/java/security/CleartextStorageAndroidDatabaseQuery.qll Co-authored-by: Chris Smowton <smowton@github.com>	2022-01-21 16:55:43 +01:00
Tony Torralba	16b61f78e6	Fix QLDocs and the qhelp example	2022-01-21 16:55:42 +01:00
Tony Torralba	f0604e2e84	Added query for Cleartext Storage in Android Database	2022-01-21 16:55:42 +01:00
yoff	a77a6ec864	Merge pull request #7684 from erik-krogh/patches small refactorizations across CodeQL	2022-01-21 15:04:14 +01:00
Anders Schack-Mulligen	5f7ee337cd	Java: Use more set literal syntax.	2022-01-21 13:58:27 +01:00
Anders Schack-Mulligen	41d294229d	Java: Add support for bitwise compound assignments in Guards.	2022-01-21 13:56:07 +01:00
Tony Torralba	1eaa379bb7	Merge pull request #7681 from atorralba/atorralba/improve-android-implicit-intents-query Java: Improvements to the Android query Use of implicit PendingIntents	2022-01-21 13:46:17 +01:00
Erik Krogh Kristensen	f500bccbe4	add explicit this to member call	2022-01-21 11:46:33 +01:00
Erik Krogh Kristensen	ddfc3bc00f	use set literals instead of big disjunctions	2022-01-21 11:46:33 +01:00
Benjamin Muskalla	830c2dc90a	Merge pull request #7603 from bmuskalla/commonsIoModel Java: Replace Commons IO model	2022-01-21 11:42:27 +01:00

... 51 52 53 54 55 ...

3186 Commits