hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

13803 Commits

Author SHA1 Message Date
Jami Cogswell
55be2e5b67 Java: update url-redirect sink kind to url-redirection 2023-05-31 15:49:06 -04:00
Jami Cogswell
d24d8b1626 Java: update sql sink kind to sql-injection 2023-05-31 15:49:06 -04:00
Ian Lynagh
82578af349 Kotlin: Use @files for compiler arguments 
Avoids problems with large line lengths.
 2023-05-31 19:43:45 +01:00
Ian Lynagh
a13678c35c Kotlin: Update expected test output 2023-05-31 19:43:45 +01:00
Ian Lynagh
0090429d53 Kotlin: Support 1.9.0 2023-05-31 19:43:45 +01:00
Arthur Baars
c211b704f3 Merge pull request #13272 from github/post-release-prep/codeql-cli-2.13.3 
Post-release preparation for codeql-cli-2.13.3
 2023-05-31 15:33:12 +02:00
Stephan Brandauer
5de56db3af Java: QlDoc for isKnownKind 2023-05-31 14:13:14 +02:00
Stephan Brandauer
03051dde7f Java: spelling 2023-05-31 14:13:14 +02:00
Taus
ea5c36491b Java: Improve documentation of sampling strategy 2023-05-31 11:39:54 +00:00
Stephan Brandauer
5a9d09c49e Java: docs update 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2023-05-31 13:36:58 +02:00
Tony Torralba
282ee08ba9 Java: Fix GsonDeserializableField 2023-05-31 13:26:35 +02:00
Stephan Brandauer
12ea5e0e90 Java: fix sanitizer bug 2023-05-31 11:53:02 +02:00
Stephan Brandauer
86559317d7 Java: update comments 2023-05-31 11:52:26 +02:00
Taus
b39a5a64af Merge pull request #13317 from github/java/update-mad-decls-after-triage-2023-05-30T14-11-29 
Java: Update MaD Declarations after Triage
 2023-05-31 11:40:49 +02:00
Tony Torralba
482bb94ad9 Merge pull request #13179 from pwntester/java_gson 
[Java] Add basic support for Google's Gson library
 2023-05-31 11:16:19 +02:00
Stephan Brandauer
96bae2d5ec Java: avoid downcasting to DollarAtString 2023-05-31 10:41:52 +02:00
Tony Torralba
fe26aca238 Remove non-ASCII character 2023-05-31 09:25:37 +02:00
Tony Torralba
6f302a43ea Merge pull request #13297 from atorralba/atorralba/java/playmvc-models 
Java: Add models for the Play Framework
 2023-05-31 09:02:17 +02:00
Michael Nebel
2266e28583 Merge pull request #13262 from michaelnebel/flowsummary/refactorgetcomponentstack 
C#: Re-factor getComponent.
 2023-05-31 08:22:44 +02:00
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Tony Torralba
70138448c3 Visibility 2023-05-30 17:54:59 +02:00
Tony Torralba
0151a728f8 Add change note 2023-05-30 17:53:03 +02:00
Tony Torralba
d3d67f0fb0 Add tests & stubs 2023-05-30 17:52:00 +02:00
Tony Torralba
977263a126 Use container flow for more precision 2023-05-30 17:51:41 +02:00
Tony Torralba
54e011188d Formatting 2023-05-30 17:50:50 +02:00
Andrew Eisenberg
6ba8f9eb36 Merge pull request #13314 from github/aeisenberg/adds-to-pack 
Fix `addsTo.pack` references
 2023-05-30 08:30:16 -07:00
Taus
00e4c455b5 Update MaD Declarations after Triage 2023-05-30 16:11:30 +02:00
Taus
73aa790cdd Java: Improve sampling strategy 
Instead of the "random" sampling used before (which could -- in rare circumstances -- end up sampling fewer points than we want) we now sample an equally distributed set of points.
 2023-05-30 11:22:26 +00:00
Stephan Brandauer
d4b964c849 add support for sanitizers 2023-05-30 10:25:52 +02:00
Andrew Eisenberg
2d81e30d81 Fix addsTo.pack references 
This change is a prerequisite for a CLI change where there will be
strict testing of the `addsTo.pack` values. It must resolve to a pack
reference that is a transitive dependency of the current query's pack.
 2023-05-29 13:45:41 -07:00
Tony Torralba
6386ef3b96 Further perf improvements 2023-05-29 09:58:52 +02:00
Jami Cogswell
24fc4ba2d4 Java: add tests 2023-05-26 18:55:13 -04:00
Jami Cogswell
f255b6acb8 Java: fix typos 2023-05-26 18:55:13 -04:00
Jami Cogswell
7e6913af62 Java: update provenance to 'hq-manual' 2023-05-26 18:55:13 -04:00
Jami Cogswell
60b07083c3 Java: add 'sink' kind 2023-05-26 18:55:13 -04:00
Jami Cogswell
65dd7eb8e7 Java: add neutral models discovered with path-inj and ssrf heuristics 2023-05-26 18:55:13 -04:00
Taus
227c5fab40 Java: Get location ordering without toString 2023-05-26 14:52:08 +00:00
Stephan Brandauer
efe539eb32 Java: better sampling of negative examples 2023-05-26 14:15:32 +02:00
Stephan Brandauer
a89378d86d Java: add extra known frameworks and sample negative samples to manage sarif file sizes 2023-05-26 13:20:04 +02:00
Tony Torralba
4dfc9b13cd Java: Fix performance issue in the stub generator 2023-05-26 12:44:53 +02:00
Tony Torralba
8e16a0d144 Add tests and stubs for the summaries 2023-05-26 12:43:58 +02:00
Michael Nebel
915042a881 Minor cleanup and sync files. 2023-05-26 12:25:00 +02:00
Michael Nebel
b7a8660375 Java: Re-factor getComponent. 2023-05-26 12:24:59 +02:00
Tony Torralba
903fdb0cb8 Java: Add models for the Play Framework 2023-05-26 10:23:43 +02:00
Stephan Brandauer
5ca2221097 remove some of the biggest frameworks from application mode consideration 2023-05-25 17:06:02 +02:00
Stephan Brandauer
db77c6b9a3 Java: mark functional expressions as likely not sinks 2023-05-25 16:39:27 +02:00
Stephan Brandauer
76d731a61d improve CannotBeTaintedCharacteristic 2023-05-25 16:28:07 +02:00
Stephan Brandauer
9a041243ff Java: fine-tune characteristics 2023-05-25 14:16:32 +02:00
Stephan Brandauer
f224a40dec Java: use containing call as call context, not argument 2023-05-25 14:16:23 +02:00
Stephan Brandauer
33fdb0fc52 Java: remove superfluous characteristic 2023-05-25 14:16:23 +02:00