hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

5839 Commits

Author SHA1 Message Date
Nicolas Will
b777a22d35 Expand model and specialize newtype relations 2025-02-14 23:43:07 +01:00
Owen Mansel-Chan
dd102c4cea Merge pull request #18645 from fabienpe/main 
Added missing "GOOD" and "BAD" to some examples
 2025-02-13 10:37:39 +00:00
Nicolas Will
874e3b5e06 Modify model to use newtypes, expand modeling 2025-02-12 17:58:15 +01:00
Jami
2a8cc00284 Merge pull request #18288 from jcogs33/jcogs33/csrf-unprotected-request-type 
Java: add CSRF query
 2025-02-11 15:32:56 -05:00
Nicolas Will
4d44755945 Refactor Model and CBOM print queries 2025-02-11 15:37:15 +01:00
Tom Hvitved
75137a0f4c Java: Adopt shared SSA library 2025-02-11 10:06:43 +01:00
Tom Hvitved
614b3cea66 Merge pull request #18697 from hvitved/rust/telemetry 
Rust: Implement database quality telemetry query
 2025-02-07 17:43:23 +01:00
Tom Hvitved
89502d63e5 Rust: Implement database quality telemetry query 2025-02-06 10:46:48 +01:00
Kristen Newbury
efcf7eab0c Add broken crypto query 2025-02-05 17:24:25 -05:00
Kristen Newbury
86e51dad8a Improve JCA aes alg model, add test 2025-02-05 13:39:48 -05:00
Jami Cogswell
dce89c5419 Java: update qhelp to align with other csrf queries 2025-02-05 10:57:47 -05:00
Jami Cogswell
c6a71cd3fd Java: minor qhelp updates 2025-02-05 10:20:57 -05:00
Remco Vermeulen
9894e9ef9f Add CCR suites 2025-02-05 01:58:34 +00:00
Jami Cogswell
0367846333 Java: remove token section from qhelp overview 
discussing tokens is not directly relevant to this query's recommendation and examples
 2025-02-04 13:36:15 -05:00
Jami Cogswell
f438282674 Java: rewrite qhelp overview section; aligns with overview section used by Python and Ruby 2025-02-04 13:21:43 -05:00
Jami Cogswell
283c3b1e44 Java: minor qhelp updates 2025-02-04 12:47:19 -05:00
Kristen Newbury
5f355c7f55 Add first sample JCA encryption model 2025-02-04 11:55:09 -05:00
fabienpe
9a37682851 Moved comment to previous line if resulting in long line 2025-02-04 09:48:34 +00:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00
Jami Cogswell
516df3b4be Java: qhelp wording updates 2025-02-03 14:52:57 -05:00
github-actions[bot]
573e53e454 Release preparation for version 2.20.4 2025-02-03 15:19:35 +00:00
fabienpe
a9f107ce06 Added missing "GOOD" and "BAD" to some examples 2025-01-31 15:47:25 +00:00
Jami Cogswell
0071e1acc2 Java: resolve merge conflict 
remove import no longer needed since contents of MyBatisMapperXML.qll have been moved to MyBatis.qll
 2025-01-30 10:19:21 -05:00
Jami Cogswell
577152e20f Java: minor qhelp update 2025-01-30 10:14:33 -05:00
Jami Cogswell
ead224c7b2 Java: expand qhelp, include Stapler examples 2025-01-30 10:14:29 -05:00
Jami Cogswell
096f6f88b2 Java: precision to medium 2025-01-30 10:14:27 -05:00
Jami Cogswell
27aa9c97a4 Java: add change note 2025-01-30 10:14:07 -05:00
Jami Cogswell
39ccde0c9d Java: add name-based heuristic 2025-01-30 10:13:54 -05:00
Jami Cogswell
0f39011122 Java: add taint-tracking config for execute to exclude FPs from non-update queries like select 2025-01-30 10:13:50 -05:00
Jami Cogswell
df77d4914f Java: initial tests 2025-01-30 10:13:45 -05:00
Jami Cogswell
178b032453 Java: add query 2025-01-30 10:13:43 -05:00
Jami Cogswell
b88731df80 Java: move contents of MyBatisMapperXML.qll in src to MyBatis.qll in lib so importable, and fix experimental files broken by the move 2025-01-30 10:13:27 -05:00
Jami Cogswell
0c6925399d Java: add qhelp 2025-01-30 10:01:39 -05:00
Simon Friis Vindum
e141b4ee95 Merge pull request #18612 from paldepind/shared-model-generation-row 
Shared: Generalize the number of columns in a generated MaD row
 2025-01-29 12:56:07 +01:00
Michael Nebel
ee5416f0b1 Merge pull request #18299 from michaelnebel/java/deprecateexperimental 
Java: Deprecate experimental queries.
 2025-01-29 10:41:25 +01:00
Simon Friis Vindum
70550950d8 Java, C#: Ensure variable is used in all disjuncts 2025-01-29 10:30:26 +01:00
Owen Mansel-Chan
2d76466405 Add change note 2025-01-28 15:35:28 +00:00
Simon Friis Vindum
13e0829d19 Shared: Generalize the number of columns in a generated MaD row 2025-01-28 15:36:09 +01:00
erik-krogh
34f5f61a10 all: use my script to delete outdated deprecations 2025-01-27 22:16:48 +01:00
Michael Nebel
c27b611c76 Java: Deprecate MyBatisMapperXML as it is only used by experimental queries. 2025-01-27 10:22:22 +01:00
Michael Nebel
b552c8aba9 Java: Add change-note. 2025-01-27 10:22:19 +01:00
Michael Nebel
cc48cec1c7 Java: Deprecate experimental model activation. 2025-01-27 10:22:17 +01:00
Michael Nebel
e3997f65ed Java: Deprecate experimental queries. 2025-01-27 10:22:16 +01:00
github-actions[bot]
fbb7f0a0c6 Post-release preparation for codeql-cli-2.20.2 2025-01-20 21:11:14 +00:00
github-actions[bot]
a0512a50f2 Release preparation for version 2.20.2 2025-01-20 21:11:12 +00:00
Chris Smowton
3e10e78c95 Merge pull request #18480 from github/smowton/admin/document-serialization-proxy 
Java: document serialization proxy pattern
 2025-01-14 12:34:01 +00:00
Owen Mansel-Chan
883301938b Merge pull request #18161 from owen-mc/java/weak-crypto-algo-more-informative 
Java: Make `java/weak-cryptographic-algorithm` give  a reason why the algo is insecure
 2025-01-13 23:43:04 +00:00
Chris Smowton
0b62338cda Java: document serialization proxy pattern 
Note I haven't included a reference because I can't find a sufficiently-authoritative source -- only a blog quoting Effective Java seems close to appropriate, and I suspect that's pirated.
 2025-01-13 11:49:36 +00:00
Owen Mansel-Chan
0f8f5d2793 Merge branch 'main' into post-release-prep/codeql-cli-2.20.1 2025-01-08 16:28:23 +00:00
github-actions[bot]
fb20f6ca63 Post-release preparation for codeql-cli-2.20.1 2025-01-07 22:07:40 +00:00