codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Tamas Vajk	813ce7d3f8	Rename query	2025-07-08 11:28:12 +02:00
Tamas Vajk	82fe647a40	Improve alert message	2025-07-08 11:28:11 +02:00
Tamas Vajk	a2d4f58af7	Use inline test expectations	2025-07-08 11:28:10 +02:00
Tamas Vajk	2cd0c64e41	Improve query quality	2025-07-08 11:28:09 +02:00
Tamas Vajk	e0cb1792bd	Java: Add 'Useless serialization member in record class' query	2025-07-08 11:28:09 +02:00
Tom Hvitved	6fdec47e83	Java: Use MaD in log injection test	2025-07-08 10:25:58 +02:00
Jami Cogswell	87ab4d0160	Java: remove java/run-method-called-on-java-lang-thread-directly using existing query java/call-to-thread-run instead	2025-06-29 22:42:31 -04:00
Jami Cogswell	12e7bbbae8	Java: update existing tests to services tests	2025-06-29 22:41:47 -04:00
Jami Cogswell	1172f82a4b	Java: update existing tests to inline expectations	2025-06-29 22:21:41 -04:00
Jami Cogswell	7a2023b863	Java: move original files	2025-06-29 22:13:49 -04:00
Nora Dimitrijević	e0b3a2c5f9	Java: convert ArbitraryApkInstallation test to .qlref	2025-06-26 13:22:05 +02:00
Tamás Vajk	ae36f94d5e	Merge pull request #19844 from tamasvajk/tamasvajk/threadpoolexecutor Java: Add `java/javautilconcurrentscheduledthreadpoolexecutor` query for zero thread pool size	2025-06-26 12:36:09 +02:00
Anders Schack-Mulligen	326f2b0498	Java: Accept qltest change showing FP removal.	2025-06-26 11:03:39 +02:00
Anders Schack-Mulligen	1d4c8197ec	Java: Fix assert CFG by properly tagging the false successor.	2025-06-26 10:18:14 +02:00
Anders Schack-Mulligen	4645856f09	Java: document FP	2025-06-26 07:17:36 +02:00
Anders Schack-Mulligen	42b1b12aa1	Java: Fix qltests	2025-06-26 07:17:34 +02:00
Anders Schack-Mulligen	5c0dcd980d	Java: Switch to the shared Guards library.	2025-06-26 07:17:34 +02:00
Anders Schack-Mulligen	22d5dc999a	Shared: Bugfix for unique value implication.	2025-06-26 07:17:32 +02:00
Anders Schack-Mulligen	a0c849139c	Java: Add guards-logic qltest with inline expectation.	2025-06-26 07:17:28 +02:00
Nora Dimitrijević	690446149a	Java: add CleartextStorageCookie test Given that it's a non-path-problem dataflow query, the InlineExpectationsTest is not as useful.	2025-06-24 18:12:19 +02:00
Nora Dimitrijević	e213e3fc37	Java: convert ImplicitPendingIntents test to .qlref	2025-06-24 16:42:37 +02:00
Nora Dimitrijević	e0311e26c6	Java: convert ImproperIntentVerification test to .qlref It's a non-path query, so the InlineExpectationsTest postprocessor doesn't do anything.	2025-06-24 16:42:35 +02:00
Nora Dimitrijević	aac4f63e9a	Java: convert RequestForgery test to .qlref	2025-06-24 16:42:32 +02:00
Nora Dimitrijević	7f05b72e10	Java: convert OgnlInjection test to .qlref	2025-06-24 16:42:30 +02:00
Nora Dimitrijević	cadfd0dcaa	Java: convert RsaWithoutOaep test to .qlref	2025-06-24 16:42:28 +02:00
Nora Dimitrijević	b7e47e2cf3	Java: convert PolynomialReDoS and RegexInjection tests to .qlref Leaves ReDoS.ql unmodified since it's not a dataflow query; just moves it to its own directory.	2025-06-24 16:42:26 +02:00
Nora Dimitrijević	f5c7ef6ab4	Java: convert XPathInjection test to .qlref	2025-06-24 16:42:23 +02:00
Nora Dimitrijević	162b1c51a9	Java: convert XXE test to .qlref	2025-06-24 16:42:21 +02:00
Nora Dimitrijević	7f33f57c9b	Java: convert UrlForward test to .qlref	2025-06-24 16:42:19 +02:00
Nora Dimitrijević	bf1a699982	Java: convert CWE-522 tests to .qlref	2025-06-24 16:42:17 +02:00
Nora Dimitrijević	4412335223	Java: convert UnsafeDeserialization test to .qlref	2025-06-24 16:42:14 +02:00
Nora Dimitrijević	c4b0955045	Java: convert WebviewDebuggingEnabled test to .qlref	2025-06-24 16:42:12 +02:00
Nora Dimitrijević	192f45ed2b	Java: convert FragmentInjection test to .qlref	2025-06-24 16:42:10 +02:00
Nora Dimitrijević	2b19cbcd7e	Java: convert UnsafeContentUriResolution test to .qlref	2025-06-24 16:42:08 +02:00
Nora Dimitrijević	28694276e2	Java: convert MissingJWTSignatureCheck test to .qlref	2025-06-24 16:42:06 +02:00
Nora Dimitrijević	85c2f72892	Java: convert InsecureRandomness test to .qlref	2025-06-24 16:42:04 +02:00
Nora Dimitrijević	288a938814	Java: convert InsufficientKeySize test to .qlref	2025-06-24 16:42:02 +02:00
Nora Dimitrijević	993b261b63	Java: convert InsecureTrustManager test to .qlref	2025-06-24 16:42:00 +02:00
Nora Dimitrijević	b736e3733c	Java: convert IntentUriPermissionManipulation test to .qlref	2025-06-24 16:41:58 +02:00
Nora Dimitrijević	c77875d834	Java: convert TemplateInjection test to .qlref	2025-06-24 16:41:56 +02:00
Nora Dimitrijević	b8c7bd29c3	Java: convert SpelInjection test to .qlref	2025-06-24 16:41:54 +02:00
Nora Dimitrijević	2a837b208b	Java: convert MvelInjection test to .qlref	2025-06-24 16:41:52 +02:00
Nora Dimitrijević	1b61cb660a	Java: convert JexlInjection test to .qlref	2025-06-24 16:41:50 +02:00
Nora Dimitrijević	1cc91e964d	Java: convert GroovyInjection test to .qlref	2025-06-24 16:41:48 +02:00
Nora Dimitrijević	8e53da285f	Java: convert XSS test to .qlref	2025-06-24 16:41:46 +02:00
Nora Dimitrijević	199eabdd20	Java: convert XsltInjection test to .qlref Also, split off into separate directory from JndiInjectionTest because their $Alerts were interfering with each other.	2025-06-24 16:41:43 +02:00
Nora Dimitrijević	3f9e0fee81	Java: convert JndiInjection test to .qlref	2025-06-24 16:41:41 +02:00
Nora Dimitrijević	e1ddce8456	Java: convert PartialPathTraversalFromRemote test to .qlref	2025-06-24 16:41:39 +02:00
Nora Dimitrijević	588efe4b2b	Java: Convert TaintedPath test to .qlref	2025-06-24 16:41:35 +02:00
Tamas Vajk	60e726bdf2	Java: Add `java/javautilconcurrentscheduledthreadpoolexecutor` query for zero thread pool size	2025-06-23 12:52:45 +02:00

1 2 3 4 5 ...

4265 Commits