1290 Commits

Author	SHA1	Message	Date
Jeroen Ketema	9d573e5544	Consolidate all InlineFlowTest libraries in the dataflow qlpack	2023-08-24 21:38:46 +02:00
Tony Torralba	8c32919381	Merge pull request #13903 from atorralba/atorralba/jaxrs-mad-models ... Java: New models for JAX-RS	2023-08-24 11:43:13 +02:00
Tony Torralba	0f3918af16	Merge pull request #13773 from atorralba/atorralba/java/mdht-xxe-sink ... Java: Add XXE sinks for MDHT	2023-08-23 13:49:49 +02:00
Michael Nebel	699ed107f3	Java: Update SupportedExternalApis expected test output.	2023-08-21 09:59:00 +02:00
Michael Nebel	6deeb36a97	Java: Update the comments in SupportedExternalApis to include the neutral kind and add a sink neutral example.	2023-08-21 09:58:59 +02:00
Edward Minnix III	929090a847	Typos and style fixes ... Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-08-17 13:05:37 -04:00
Ed Minnix	55fae2daaa	Added ESAPI sanitizer	2023-08-17 13:05:37 -04:00
Ed Minnix	97d6e82869	Stubs for org.owasp.esapi	2023-08-17 13:05:37 -04:00
Ed Minnix	f58590c6a9	Trust Boundary Work	2023-08-17 13:05:37 -04:00
Ed Minnix	2aba425464	TrustBoundary test ql file	2023-08-17 13:05:36 -04:00
Anders Starcke Henriksen	56871c77f5	Merge branch 'main' into starcke/automodel-pack	2023-08-17 10:04:44 +02:00
Stephan Brandauer	44a9cf93e0	Merge branch 'main' into kaeluka/add-provenance-to-metadata	2023-08-16 09:31:03 +02:00
Stephan Brandauer	808dc3e8d3	Java: Automodel framework mode: track exact ai- provenance in alreadyAiModeled meta data property	2023-08-16 09:25:03 +02:00
Stephan Brandauer	20254c3d0a	Merge pull request #13886 from github/kaeluka/java-automodel-variadic-args ... Java: automodel application mode: use endpoint class like in framework mode	2023-08-16 08:49:01 +02:00
Michael Nebel	a95aad51bd	Merge pull request #13546 from michaelnebel/java/withoutelement ... Java: Support for With[out]Element for MaD.	2023-08-15 10:03:03 +02:00
Geoffrey White	657642a122	Java: Expose parts of the vquery message in the test.	2023-08-14 14:12:07 +01:00
Stephan Brandauer	551b34e3be	Java: Automodel application mode: include candidates that are useful for regression testing	2023-08-14 11:46:40 +02:00
Stephan Brandauer	1a95a34441	Java: automodel: use the call for call context, rather than the argument	2023-08-14 09:54:44 +02:00
Stephan Brandauer	4107758c8a	Java: automodel extraction: add strings to query selection	2023-08-14 09:49:50 +02:00
Michael Nebel	0ed724eb13	Java: Make a flow summary for Set.clear using WithoutElement and introduce appropriate tests.	2023-08-08 11:10:08 +02:00
Stephan Brandauer	3433437034	Java: automodel application mode: only extract the first argument corresponding to a varargs array	2023-08-07 14:15:17 +02:00
Stephan Brandauer	e1a5eba61b	Java: automodel application mode: refactor varargs endpoint class to rely on normal argument node for nicer extracted examples	2023-08-07 12:18:52 +02:00
Stephan Brandauer	0781cb78e8	Java: automodel application mode: add isVarargsArray metadata value	2023-08-07 12:18:51 +02:00
Stephan Brandauer	5abf7769a7	Java: automodel application mode: use endpoint class like in framework mode	2023-08-07 12:18:51 +02:00
Tony Torralba	fb0102b763	Java: New models for JAX-RS	2023-08-07 11:52:23 +02:00
Anders Starcke Henriksen	e2abd3ff13	Create separate automodel pack.	2023-08-03 13:55:15 +02:00
Michael Nebel	e97a4a1aea	Java: Update telemetry test expected output.	2023-08-01 12:03:44 +02:00
Stephan Brandauer	bc3e78f034	Java: add automodel framework mode test case for newly supported interface-method parameter extraction	2023-08-01 09:18:58 +02:00
Stephan Brandauer	5ad984f22f	Java: update text expectations after merging #13823	2023-08-01 09:18:58 +02:00
Stephan Brandauer	da87d82d08	Java: fix a comment	2023-08-01 09:18:58 +02:00
Stephan Brandauer	be629b27ed	Java: Automodel package private test case	2023-08-01 09:18:57 +02:00
Stephan Brandauer	f5c4155d63	Java: Automodel tests: update after merging #13818	2023-08-01 09:18:57 +02:00
Stephan Brandauer	44b8ec642e	Java: merge framework mode tests into one	2023-08-01 09:18:57 +02:00
Stephan Brandauer	8cc367c45e	Java: merge application mode tests into one	2023-08-01 09:18:57 +02:00
Stephan Brandauer	37b6b46dbf	Java: update extraction query tests after merging PR #13747	2023-08-01 09:18:57 +02:00
Stephan Brandauer	50603102d1	Java: tests for automodel application mode, test that local calls are not candidates	2023-08-01 09:18:57 +02:00
Stephan Brandauer	457604e37e	Java: tests for automodel framework mode negative example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	938a7a788f	Java: tests for automodel application mode negative example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	abed936556	Java: tests for automodel framework mode positive example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	1bc222ec40	Java: tests for automodel application mode positive example extraction	2023-08-01 09:18:57 +02:00
Stephan Brandauer	2e89a11949	Java: tests for automodel application mode candidate extraction	2023-08-01 09:18:56 +02:00
Stephan Brandauer	18fe587e75	Java: tests for automodel framework mode candidate extraction	2023-08-01 09:18:56 +02:00
Tony Torralba	2cbb7ed296	Java: Add XXE sinks for MDHT	2023-07-31 11:13:17 +02:00
Geoffrey White	369f88beda	Java: Fix for multiple parse mode flags.	2023-07-20 11:49:54 +01:00
Geoffrey White	32c10885d4	Java: Add test case.	2023-07-20 11:43:11 +01:00
Anders Schack-Mulligen	ae24d68b5d	C/C++/C#/Java/Python/Ruby/Swift: Adjust expected output.	2023-07-19 11:41:15 +02:00
Tony Torralba	16529cdd18	Add failing test	2023-07-10 17:40:15 +02:00
Koen Vlaswinkel	51af03d2bc	Java: Add tests for names of nested classes	2023-06-28 09:52:25 +02:00
Tony Torralba	a7c2a25cac	Merge pull request #12879 from atorralba/atorralba/java/command-injection-mad-sinks ... Java: Convert all command injection sinks to MaD format	2023-06-27 14:06:45 +02:00
Jorge	7d0b880bf7	Merge branch 'main' into jorgectf/deserialization-lookahead	2023-06-23 18:24:39 +02:00