hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,868 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.4
Commit Graph

13956 Commits

Author SHA1 Message Date
luchua-bc
dc799019d0 Add query for Struts and Spring actions 2021-02-20 03:36:21 +00:00
luchua-bc
3d9ac0d094 Add query for enterprise beans 2021-02-20 02:00:42 +00:00
Anders Schack-Mulligen
dae65f687a Merge pull request #5150 from Marcono1234/marcono1234/conditional-expr-branch 
Java: Add ConditionalExpr.getBranchExpr(boolean)
 2021-02-19 10:12:43 +01:00
Chris Smowton
321df82851 Apply review feedback: comment style, bracketing, and use proper MISSING test annotations 2021-02-18 14:56:52 +00:00
Anders Schack-Mulligen
954e0b9496 Java: Add empty file to test. 2021-02-18 13:10:29 +01:00
Anders Schack-Mulligen
74d35f4f37 Java: Add support for value-preserving steps. 2021-02-18 11:26:15 +01:00
Anders Schack-Mulligen
04eeeda2c9 Java: Add documentation for the final column. 2021-02-18 11:23:49 +01:00
Anders Schack-Mulligen
6f583baa90 Java: More documentation and support for field writes. 2021-02-18 11:18:31 +01:00
haby0
8119fd2ad1 *)add JsonHijacking ql query 2021-02-18 18:11:10 +08:00
luchua-bc
e916ce8b9b Exclude test directories of typical build tools 2021-02-18 00:50:38 +00:00
luchua-bc
5e36eedcb6 Add check for test packages 2021-02-17 18:04:55 +00:00
Jonathan Leitschuh
c43765917f Fix formatting of MavenPom.qll 2021-02-17 11:55:10 -05:00
Francis Alexander
2baf2aa5c1 Apply suggestions from code review - improved sanitizer checks. 
Co-authored-by: Alvaro Muñoz <pwntester@github.com>
 2021-02-17 18:58:32 +05:30
Francis Alexander
40f4e71b86 Merge branch 'main' into cwe-346 2021-02-17 18:55:31 +05:30
Anders Schack-Mulligen
862c41632e Java: Add empty file to test. 2021-02-17 13:23:18 +01:00
Francis Alexander
58971f9f4e Switch qualified name to available CollectionType 2021-02-17 16:01:27 +05:30
Chris Smowton
c700d004e0 Commons Lang/Text StrBuilder: propagate taint from constructors 2021-02-17 09:51:28 +00:00
Chris Smowton
c243e03133 Lang3 StrBuilder: fix typo and coding style 2021-02-17 09:50:56 +00:00
Chris Smowton
10112c50ab Add support for StrBuilder and TextStringBuilder in commons-text 
These are identical to the current deprecated StrBuilder in commons-lang3.
 2021-02-17 09:36:28 +00:00
Chris Smowton
714611f803 Address review feedback 2021-02-17 09:36:21 +00:00
Chris Smowton
a63f18e49d Add models for Commons-Lang's StrBuilder class. These exclude its fluent methods for the time being, which will be added in a forthcoming PR. 2021-02-17 09:36:20 +00:00
Francis Alexander
520ba47293 Sanitizer improvements from code review 2021-02-17 08:35:50 +05:30
Jonathan Leitschuh
a8167c6c9c Add docstring for DeclaredRepository.getUrl 2021-02-16 11:21:19 -05:00
Chris Smowton
a2eeffa9c0 Add support for Apache Commons Lang StringUtils 2021-02-16 14:48:39 +00:00
Chris Smowton
bf03c0f419 Port InlineExpectationsTest for the Java analysis 2021-02-16 14:48:39 +00:00
luchua-bc
e698ee77f7 Update qldoc and test method 2021-02-16 14:11:39 +00:00
Anders Schack-Mulligen
6eafa9d396 Merge pull request #5133 from pwntester/fix_SnakeYaml 
Remove sanitizing condition which does not prevent vulnerability.
 2021-02-16 12:58:47 +01:00
Francis Alexander
8e83de1c05 formatting and grammar corrections from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-02-16 16:13:21 +05:30
Francis Alexander
0f7f465675 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-02-16 15:48:00 +05:30
haby0
2c96e6cf96 Merge remote-tracking branch 'upstream/main' into main 2021-02-16 17:54:01 +08:00
luchua-bc
5ce3af0591 Enhance the query and update qldoc 2021-02-15 21:38:54 +00:00
Francis Alexander
dae6771a19 test file name changes 2021-02-15 23:17:08 +05:30
Francis Alexander
c45be91d6f more filename changes 2021-02-15 23:09:11 +05:30
Francis Alexander
0004efc2ac filename changes 2021-02-15 22:43:39 +05:30
Francis Alexander
f32c77c266 Qldoc and formatting changes 2021-02-15 22:35:58 +05:30
luchua-bc
2f17943abc Update qldoc 2021-02-15 16:58:09 +00:00
haby0
92c00cb741 Update java/ql/src/Security/CWE/CWE-652/XQueryInjection.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-16 00:09:21 +08:00
haby0
f1e44bce4a Update java/ql/src/Security/CWE/CWE-652/XQueryInjection.ql 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-16 00:07:44 +08:00
Jonathan Leitschuh
d82e8216ed Merge branch 'main' into feat/JLL/depricated_bintray_usage 2021-02-15 10:48:28 -05:00
Jonathan Leitschuh
73fba3a3c0 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-02-15 10:01:03 -05:00
luchua-bc
a03e6faf37 Optimize the query and update qldoc 2021-02-15 14:10:17 +00:00
Anders Schack-Mulligen
8f5fe14e52 Merge pull request #5170 from pwntester/ArrayUtils_changeNote 
add change note for new ArrayUtils support
 2021-02-15 15:00:15 +01:00
Alvaro Muñoz
3d3f4ba797 add change note 2021-02-15 14:53:16 +01:00
Alvaro Muñoz
923e1c5e9b add change note for new ArrayUtils support 2021-02-15 14:41:18 +01:00
Anders Schack-Mulligen
b9a479dd31 Merge pull request #5134 from pwntester/ArrayUtils 
Add support for Apache Commons Lang ArrayUtils
 2021-02-15 13:50:01 +01:00
Alvaro Muñoz
00a0b12dad update expected results 2021-02-15 11:23:40 +01:00
Alvaro Muñoz
812884341b Merge branch 'ArrayUtils' of github.com:pwntester/codeql-1 into ArrayUtils 2021-02-15 10:59:49 +01:00
Alvaro Muñoz
504d119749 adjust max parameter number 2021-02-15 10:58:17 +01:00
Alvaro Muñoz
c7072aef16 update A.java test 2021-02-15 10:34:20 +01:00
Anders Schack-Mulligen
7e83a608a2 Merge pull request #4954 from aschackmull/java/member-hasqualifiedname 
Java: Add Member.hasQualifiedName.
 2021-02-15 10:02:13 +01:00