hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,161 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.6
Commit Graph

1290 Commits

Author SHA1 Message Date
Nora Dimitrijević
7f05b72e10 Java: convert OgnlInjection test to .qlref 2025-06-24 16:42:30 +02:00
Nora Dimitrijević
cadfd0dcaa Java: convert RsaWithoutOaep test to .qlref 2025-06-24 16:42:28 +02:00
Nora Dimitrijević
b7e47e2cf3 Java: convert PolynomialReDoS and RegexInjection tests to .qlref 
Leaves ReDoS.ql unmodified since it's not a dataflow query; just moves it to its own directory.
 2025-06-24 16:42:26 +02:00
Nora Dimitrijević
f5c7ef6ab4 Java: convert XPathInjection test to .qlref 2025-06-24 16:42:23 +02:00
Nora Dimitrijević
162b1c51a9 Java: convert XXE test to .qlref 2025-06-24 16:42:21 +02:00
Nora Dimitrijević
7f33f57c9b Java: convert UrlForward test to .qlref 2025-06-24 16:42:19 +02:00
Nora Dimitrijević
bf1a699982 Java: convert CWE-522 tests to .qlref 2025-06-24 16:42:17 +02:00
Nora Dimitrijević
4412335223 Java: convert UnsafeDeserialization test to .qlref 2025-06-24 16:42:14 +02:00
Nora Dimitrijević
c4b0955045 Java: convert WebviewDebuggingEnabled test to .qlref 2025-06-24 16:42:12 +02:00
Nora Dimitrijević
192f45ed2b Java: convert FragmentInjection test to .qlref 2025-06-24 16:42:10 +02:00
Nora Dimitrijević
2b19cbcd7e Java: convert UnsafeContentUriResolution test to .qlref 2025-06-24 16:42:08 +02:00
Nora Dimitrijević
28694276e2 Java: convert MissingJWTSignatureCheck test to .qlref 2025-06-24 16:42:06 +02:00
Nora Dimitrijević
85c2f72892 Java: convert InsecureRandomness test to .qlref 2025-06-24 16:42:04 +02:00
Nora Dimitrijević
288a938814 Java: convert InsufficientKeySize test to .qlref 2025-06-24 16:42:02 +02:00
Nora Dimitrijević
993b261b63 Java: convert InsecureTrustManager test to .qlref 2025-06-24 16:42:00 +02:00
Nora Dimitrijević
b736e3733c Java: convert IntentUriPermissionManipulation test to .qlref 2025-06-24 16:41:58 +02:00
Nora Dimitrijević
c77875d834 Java: convert TemplateInjection test to .qlref 2025-06-24 16:41:56 +02:00
Nora Dimitrijević
b8c7bd29c3 Java: convert SpelInjection test to .qlref 2025-06-24 16:41:54 +02:00
Nora Dimitrijević
2a837b208b Java: convert MvelInjection test to .qlref 2025-06-24 16:41:52 +02:00
Nora Dimitrijević
1b61cb660a Java: convert JexlInjection test to .qlref 2025-06-24 16:41:50 +02:00
Nora Dimitrijević
1cc91e964d Java: convert GroovyInjection test to .qlref 2025-06-24 16:41:48 +02:00
Nora Dimitrijević
8e53da285f Java: convert XSS test to .qlref 2025-06-24 16:41:46 +02:00
Nora Dimitrijević
199eabdd20 Java: convert XsltInjection test to .qlref 
Also, split off into separate directory from JndiInjectionTest because their $Alerts were interfering with each other.
 2025-06-24 16:41:43 +02:00
Nora Dimitrijević
3f9e0fee81 Java: convert JndiInjection test to .qlref 2025-06-24 16:41:41 +02:00
Nora Dimitrijević
e1ddce8456 Java: convert PartialPathTraversalFromRemote test to .qlref 2025-06-24 16:41:39 +02:00
Nora Dimitrijević
588efe4b2b Java: Convert TaintedPath test to .qlref 2025-06-24 16:41:35 +02:00
Tamas Vajk
60e726bdf2 Java: Add java/javautilconcurrentscheduledthreadpoolexecutor query for zero thread pool size 2025-06-23 12:52:45 +02:00
Owen Mansel-Chan
79453cc103 Add test showing correct usage 2025-05-22 14:30:32 +01:00
Jami
4483a24133 Merge pull request #19075 from jcogs33/jcogs33/java/do-not-use-finalizers 
Java: Add new quality query to detect `finalize` calls
 2025-04-22 14:11:14 -04:00
Jami
72d49f21ee Merge branch 'main' into jcogs33/java/do-not-use-finalizers 2025-04-21 09:57:53 -04:00
Jami
02ded89d84 Merge branch 'main' into jcogs33/java/junit5-missing-nested-annotation 2025-04-21 09:46:49 -04:00
Owen Mansel-Chan
e1c5517de7 Keep COMPLIANT and NON_COMPLIANT comments in test 2025-04-10 12:21:05 +01:00
Owen Mansel-Chan
04ec1d7830 Update test expectations 2025-04-10 12:21:03 +01:00
Owen Mansel-Chan
042fe07494 Adjust alert message 2025-04-10 11:47:19 +01:00
Owen Mansel-Chan
b5b252b10f Convert test to inline expectations 2025-04-10 11:47:15 +01:00
Owen Mansel-Chan
041adcd63a Java: Add initial version of string replaceAll with no regex query 2025-04-10 11:46:59 +01:00
Jami Cogswell
e621f9fd49 Java: update comments in tests 2025-04-01 15:48:52 -04:00
Chris Smowton
3c555fce11 Add basic test for SQL injection vs Jakarta Persistence 2025-04-01 17:13:23 +01:00
Jami
e458aca806 Merge branch 'main' into jcogs33/java/junit5-missing-nested-annotation 2025-03-27 21:31:09 -04:00
Jami Cogswell
ed22a16f32 Java: exclude overloads of finalize 2025-03-27 19:35:46 -04:00
Jami Cogswell
f73eda0c38 Java: add previous-id and change 'use' to 'call' 2025-03-27 19:35:44 -04:00
Jami Cogswell
c689a0e9b7 Java: add more test cases 2025-03-27 19:35:37 -04:00
Jami Cogswell
d9482ae334 Java: update tests to use inline expectations 2025-03-27 19:35:35 -04:00
Jami Cogswell
9a6e241f54 Java: update to only find 'finalize' calls and add 'super.finalize' exclusion 2025-03-27 19:35:34 -04:00
Jami Cogswell
56ea9b6523 Java: move original files 2025-03-27 19:35:32 -04:00
Tamás Vajk
b21968c495 Merge pull request #18947 from tamasvajk/tamasvajk/java_empty_method 
Java: Add new quality query to detect empty methods
 2025-03-26 09:33:47 +01:00
Jami Cogswell
0f002624d6 Java: remove mention of abstract classes from qhelp 2025-03-23 19:51:37 -04:00
Jami Cogswell
35b647839c Java: include RepeatedTest, ParameterizedTest, TestFactory, and TestTemplate when identifying JUnit 5 test methods 2025-03-23 19:49:55 -04:00
Jami Cogswell
4d7bed6181 Java: exclude anonymous, local, and private classes 2025-03-23 19:49:53 -04:00
Jami Cogswell
3e13f0ed41 Java: remove redundant 'non-static' wording and update qhelp 2025-03-23 19:49:41 -04:00