14033 Commits

Author	SHA1	Message	Date
Nora Dimitrijević	7f33f57c9b	Java: convert UrlForward test to .qlref	2025-06-24 16:42:19 +02:00
Nora Dimitrijević	bf1a699982	Java: convert CWE-522 tests to .qlref	2025-06-24 16:42:17 +02:00
Nora Dimitrijević	4412335223	Java: convert UnsafeDeserialization test to .qlref	2025-06-24 16:42:14 +02:00
Nora Dimitrijević	c4b0955045	Java: convert WebviewDebuggingEnabled test to .qlref	2025-06-24 16:42:12 +02:00
Nora Dimitrijević	192f45ed2b	Java: convert FragmentInjection test to .qlref	2025-06-24 16:42:10 +02:00
Nora Dimitrijević	2b19cbcd7e	Java: convert UnsafeContentUriResolution test to .qlref	2025-06-24 16:42:08 +02:00
Nora Dimitrijević	28694276e2	Java: convert MissingJWTSignatureCheck test to .qlref	2025-06-24 16:42:06 +02:00
Nora Dimitrijević	85c2f72892	Java: convert InsecureRandomness test to .qlref	2025-06-24 16:42:04 +02:00
Nora Dimitrijević	288a938814	Java: convert InsufficientKeySize test to .qlref	2025-06-24 16:42:02 +02:00
Nora Dimitrijević	993b261b63	Java: convert InsecureTrustManager test to .qlref	2025-06-24 16:42:00 +02:00
Nora Dimitrijević	b736e3733c	Java: convert IntentUriPermissionManipulation test to .qlref	2025-06-24 16:41:58 +02:00
Nora Dimitrijević	c77875d834	Java: convert TemplateInjection test to .qlref	2025-06-24 16:41:56 +02:00
Nora Dimitrijević	b8c7bd29c3	Java: convert SpelInjection test to .qlref	2025-06-24 16:41:54 +02:00
Nora Dimitrijević	2a837b208b	Java: convert MvelInjection test to .qlref	2025-06-24 16:41:52 +02:00
Nora Dimitrijević	1b61cb660a	Java: convert JexlInjection test to .qlref	2025-06-24 16:41:50 +02:00
Nora Dimitrijević	1cc91e964d	Java: convert GroovyInjection test to .qlref	2025-06-24 16:41:48 +02:00
Nora Dimitrijević	8e53da285f	Java: convert XSS test to .qlref	2025-06-24 16:41:46 +02:00
Nora Dimitrijević	199eabdd20	Java: convert XsltInjection test to .qlref ... Also, split off into separate directory from JndiInjectionTest because their $Alerts were interfering with each other.	2025-06-24 16:41:43 +02:00
Nora Dimitrijević	3f9e0fee81	Java: convert JndiInjection test to .qlref	2025-06-24 16:41:41 +02:00
Nora Dimitrijević	e1ddce8456	Java: convert PartialPathTraversalFromRemote test to .qlref	2025-06-24 16:41:39 +02:00
Nora Dimitrijević	588efe4b2b	Java: Convert TaintedPath test to .qlref	2025-06-24 16:41:35 +02:00
github-actions[bot]	6972c7a872	Post-release preparation for codeql-cli-2.22.1	2025-06-24 12:55:14 +00:00
github-actions[bot]	3e074b2425	Release preparation for version 2.22.1	2025-06-24 08:55:31 +00:00
Kasper Svendsen	0ee6a78a4a	Java: Allow methods with empty bodies for overlay	2025-06-24 10:38:07 +02:00
Kasper Svendsen	6e92d7e247	Java: Add entity discard predicates	2025-06-24 10:38:06 +02:00
Kasper Svendsen	b6e56f26c7	Java: Add manual overlay annotations	2025-06-24 10:38:05 +02:00
Kasper Svendsen	81b677a2d9	rename overlay[caller] to overlay[caller?]	2025-06-24 10:25:07 +02:00
Kasper Svendsen	c207cfdeb7	Overlay: Add overlay annotations to Java & shared libraries	2025-06-24 10:25:06 +02:00
Tamas Vajk	60e726bdf2	Java: Add java/javautilconcurrentscheduledthreadpoolexecutor query for zero thread pool size	2025-06-23 12:52:45 +02:00
Michael Nebel	a17078b6be	Java: Remove java/deprecated-call from the Code Quality suite.	2025-06-23 11:14:02 +02:00
Owen Mansel-Chan	cdd6245b98	Merge pull request #19799 from owen-mc/java/quality-tags ... Java: Tag quality queries with `quality` and sub-category	2025-06-19 16:43:02 +01:00
Nora Dimitrijević	f577c08f4d	Merge pull request #19795 from d10c/d10c/java/diff-informed-2 ... Java: mass enable diff-informed data flow + `none()` overrides	2025-06-19 13:48:53 +02:00
Owen Mansel-Chan	7a50298492	Update query suite test expectation	2025-06-18 16:47:42 +01:00
Owen Mansel-Chan	b8a694c9fe	Address review comments	2025-06-18 16:43:40 +01:00
Owen Mansel-Chan	d3eb4f8eb6	Remove query with hard-coded threshold	2025-06-18 16:43:33 +01:00
Owen Mansel-Chan	9cfa6fe59c	Update expected quality queries	2025-06-18 16:43:32 +01:00
Owen Mansel-Chan	72a6280482	Add change note	2025-06-18 16:43:30 +01:00
Owen Mansel-Chan	97dceb3a1c	Tag with quality and sub-category	2025-06-18 16:43:29 +01:00
Nicolas Will	16c6411cf2	Merge pull request #19705 from bdrodes/pawel_signatures_conversion ... Quantum: Add OpenSSL signature models	2025-06-18 15:32:15 +02:00
Chris Smowton	4a14d3581b	Merge pull request #19496 from smowton/smowton/admin/cleanup-kotlin-versions ... Kotlin: clean up alternate-version code now that v1.5.x support is dropped	2025-06-18 13:51:16 +01:00
Tamas Vajk	e6a9ff08a3	Adjust query-suite integration test expected files	2025-06-18 13:10:34 +02:00
Tamas Vajk	40274dcd69	Add code-quality-extended query suites	2025-06-18 13:10:34 +02:00
Nora Dimitrijević	aa5dd7bb4e	Java: mass enable diff-informed data flow + none() overrides ... An auto-generated patch that enables diff-informed data flow in the obvious cases. Builds on github#18346 and github/codeql-patch#88	2025-06-17 14:05:36 +02:00
REDMOND\brodes	2b6a8321fd	Crypto: Update JCA model to account for Model.qll changes.	2025-06-16 12:53:48 -04:00
Anders Schack-Mulligen	8838104d6a	Merge pull request #19733 from aschackmull/java/assert-cfg ... Java: Update the CFG for assert statements to make them proper guards.	2025-06-13 14:52:57 +02:00
Anders Schack-Mulligen	6131c680f6	Update java/ql/lib/semmle/code/java/ControlFlowGraph.qll ... Co-authored-by: Tom Hvitved <hvitved@github.com>	2025-06-13 14:07:46 +02:00
Owen Mansel-Chan	538a5af1d1	Merge pull request #19738 from owen-mc/pr/felickz/19530 ... Set CWE-134 from 9.3 to 7.3 CVSS score for memory safe languages (#2)	2025-06-12 10:27:28 +01:00
Anders Schack-Mulligen	d0d47808e9	Java: Add change note.	2025-06-12 11:03:49 +02:00
Ana Scolari	a07ce30d30	Update java-code-scanning.qls.expected ... removing line once this query precision is changed to Medium	2025-06-11 15:27:20 -07:00
Chad Bentz	0135cf661f	Attempt to edit swift change notes for CI failure	2025-06-11 21:49:26 +01:00