codeql

mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00

Author	SHA1	Message	Date
Stephan Brandauer	da87d82d08	Java: fix a comment	2023-08-01 09:18:58 +02:00
Stephan Brandauer	be629b27ed	Java: Automodel package private test case	2023-08-01 09:18:57 +02:00
Stephan Brandauer	f5c4155d63	Java: Automodel tests: update after merging #13818	2023-08-01 09:18:57 +02:00
Stephan Brandauer	44b8ec642e	Java: merge framework mode tests into one	2023-08-01 09:18:57 +02:00
Stephan Brandauer	8cc367c45e	Java: merge application mode tests into one	2023-08-01 09:18:57 +02:00
Stephan Brandauer	37b6b46dbf	Java: update extraction query tests after merging PR #13747	2023-08-01 09:18:57 +02:00
Stephan Brandauer	50603102d1	Java: tests for automodel application mode, test that local calls are not candidates	2023-08-01 09:18:57 +02:00
Stephan Brandauer	457604e37e	Java: tests for automodel framework mode negative example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	938a7a788f	Java: tests for automodel application mode negative example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	abed936556	Java: tests for automodel framework mode positive example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	1bc222ec40	Java: tests for automodel application mode positive example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	2e89a11949	Java: tests for automodel application mode candidate extraction	2023-08-01 09:18:56 +02:00
Stephan Brandauer	18fe587e75	Java: tests for automodel framework mode candidate extraction	2023-08-01 09:18:56 +02:00
github-actions[bot]	b547ae7c2f	Add changed framework coverage reports	2023-08-01 00:18:36 +00:00
Paul Hodgkinson	3bc7cf6ac7	Merge branch 'main' into java/experimental/command-injection	2023-07-31 19:14:55 +01:00
Anders Schack-Mulligen	e87b8ba3d7	Java: Make the barrier in java/potentially-weak-cryptographic-algorithm less restrictive.	2023-07-31 14:28:53 +02:00
Tony Torralba	5488abc512	Merge pull request #13850 from atorralba/atorralba/java/unimportant-generated-models Java: Remove superfluous generated models	2023-07-31 11:25:03 +02:00
Tony Torralba	2cbb7ed296	Java: Add XXE sinks for MDHT	2023-07-31 11:13:17 +02:00
Tony Torralba	41f1315da9	Merge pull request #13772 from atorralba/atorralba/java/inputstream-wrapper-read-step Java: Add taint steps for InputStream wrappers	2023-07-31 11:12:43 +02:00
Tony Torralba	3bd4d34a47	Java: Remove superfluous generated models	2023-07-31 09:48:03 +02:00
Ian Lynagh	01a512b677	Kotlin: Pass on a parentId	2023-07-28 17:46:05 +01:00
Ian Lynagh	e8f4aee1cf	Kotlin: Remove some redundant braces	2023-07-28 17:02:24 +01:00
Stephan Brandauer	40eab180cc	Merge pull request #13823 from github/kaeluka/support-argument-this-in-frameworkmode-metadata-extraction Java: Support Argument[this] and parameters of bodiless interface methods in framework mode metadata extraction	2023-07-28 17:38:39 +02:00
Tony Torralba	08cba7dc5f	Merge pull request #13713 from pwntester/java/struts2_source_taint_inheriting [Java] Implement field taint inheritance for Struts2 unmarshalled objects	2023-07-28 16:46:27 +02:00
Owen Mansel-Chan	a020189895	Merge pull request #13822 from owen-mc/dataflow/mergepathgraph3-signature-fix Dataflow: MergePathGraph3 signature fix	2023-07-28 15:15:43 +01:00
Tony Torralba	2dff0ce5b4	Merge pull request #13712 from pwntester/java/new_struts2_models [Java] New models for Struts2 framework	2023-07-28 14:31:25 +02:00
Stephan Brandauer	8bf960bd44	Java: fix QL-for-QL alert	2023-07-28 14:28:47 +02:00
Stephan Brandauer	021eedfdf1	Java: format	2023-07-28 14:26:34 +02:00
Stephan Brandauer	82fd0e45aa	Java: support Argument[this] in NotAModelApiParameter	2023-07-28 14:04:53 +02:00
Stephan Brandauer	a9d2f43538	Java: use a newtype for framework mode candidates	2023-07-28 13:51:25 +02:00
Stephan Brandauer	8ed773b240	Java: Framework mode extraction now uses a custom class for endpoints, so we can support both Argument[this] and interface-method parameters	2023-07-28 12:56:39 +02:00
Stephan Brandauer	09c64e8fee	Java: Support Argument[this] in framework mode metadata extraction	2023-07-28 12:55:26 +02:00
Ian Lynagh	499bd970d3	Merge pull request #13412 from igfoo/igfoo/json_escape Kotlin: Tweak our JSON escaping	2023-07-28 11:13:51 +01:00
Alvaro Muñoz	c3a2ae2943	Account for public fields/setters	2023-07-28 12:12:07 +02:00
Tony Torralba	c239a4399c	Changed Struts2ActionSupportClassFieldReadSource to be a FieldValueNode instead of a field read	2023-07-27 10:39:06 +02:00
Alvaro Muñoz	97a4230d5d	add change note	2023-07-27 10:39:06 +02:00
Alvaro Muñoz	f3fc56294e	implement field taint inheritance for Struts2 unmarshalled objects	2023-07-27 10:39:06 +02:00
Tony Torralba	9d6bc76dc0	Merge pull request #13817 from atorralba/atorralba/java/non-static-fieldvaluenode-step Java: Allow flow out of FieldValueNodes for non-static fields	2023-07-27 09:14:04 +02:00
Owen Mansel-Chan	9b2b58a823	Sync files	2023-07-26 21:48:10 +01:00
Chris Smowton	c69a9ea032	Merge pull request #13793 from github/post-release-prep/codeql-cli-2.14.1 Post-release preparation for codeql-cli-2.14.1	2023-07-26 17:22:05 +01:00
Tony Torralba	8685242c16	Add tests	2023-07-26 14:13:43 +02:00
Stephan Brandauer	24cdc962c2	Merge pull request #13818 from github/kaeluka/fix-erroneous-endpoints-that-are-sinks-and-summary-neutrals Java: Automodel Fix, Prevent Some Erroneous Endpoints	2023-07-26 12:45:29 +02:00
Tony Torralba	602eb43109	Update partial flow test expectations	2023-07-26 09:32:13 +02:00
Ian Lynagh	532552a7ac	Merge pull request #13751 from igfoo/igfoo/getCompilationInfo Java: Improve the diagnostics consistency query	2023-07-25 16:54:17 +01:00
Stephan Brandauer	08f5774d13	Java: Automodel extraction fix for application mode	2023-07-25 17:11:07 +02:00
Stephan Brandauer	698b8d3c5c	Java: Automodel extraction fix; previously, we treated endpoints that were marked as sinks, as well as summary-neutrals as 'erroneous'	2023-07-25 16:52:27 +02:00
Tony Torralba	b8b38e4bbe	Java: Allow flow out of FieldValueNodes for non-static fields	2023-07-25 15:37:41 +02:00
Tony Torralba	c9fc5a54c7	Remove generated sinks and sources	2023-07-25 14:42:32 +02:00
Stephan Brandauer	2582b084f6	Merge pull request #13747 from github/tausbn/exclude-qualifier-argument-for-existing-models Java: Exclude qualifier argument for existing models	2023-07-24 16:26:33 +02:00
Stephan Brandauer	13027a1094	Java: review suggestions from @atorralba	2023-07-24 14:09:10 +02:00

... 72 73 74 75 76 ...

13803 Commits