hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

1409 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
f6541811d2 Dataflow: Update more tests. 2021-09-07 13:02:20 +02:00
Anders Schack-Mulligen
f30dad7705 Dataflow: Update test expected outputs. 2021-09-07 13:02:20 +02:00
Andrew Eisenberg
bb9911e06f Merge pull request #6605 from aeisenberg/aeisenberg/pack/consistency 2021-09-06 04:40:58 -07:00
Andrew Eisenberg
6a47fcaf1f Packaging: Normalize all qlpack.yml files for all languages 
This commit ensures consistency among all of our qlpacks. Here are the
changes:

1. Ensure only modern references are used (codeql-{lang} is converted to
   codeql/{lang}-all or codeql/{lang}-queries where appropriate).
2. Use consistent version numbers. All languages are at 0.0.2 except
   javascript, which is 0.0.3.
3. Convert all `libraryPathDependencies` to `dependencies` with version
   constraints
4. Dependencies from query packs to other packs are always `"*"` since
   these dependencies are always from source and we should get the
   latest.
5. Dependencies from codeql/{lang}-lib to codeql/{lang}-upgrades must
   be strict since there is a tight connection between the libary
   and its relevant upgrades.
 2021-09-03 11:53:28 -07:00
Chris Smowton
23d7633cd5 Add tests for static and final modifiers relating to record classes 2021-09-03 18:20:16 +01:00
Benjamin Muskalla
51475d2fb0 Merge branch 'main' into thirdpartyapitelemtry 2021-09-03 14:23:31 +02:00
Benjamin Muskalla
ab5c1d6bdd Rework filter to exclude simple constructors 2021-09-03 13:38:01 +02:00
Benjamin Muskalla
9ed14b438e Use readble format for APIs 2021-09-03 11:53:18 +02:00
Benjamin Muskalla
4b02e266fd Fix test as we support explicit collection types 2021-09-03 11:37:39 +02:00
Benjamin Muskalla
ee8958ba03 Fix nodes for local taint test 2021-09-01 15:55:59 +02:00
Benjamin Muskalla
190bf90bc8 Replace stringbuilder step with model 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
7ddf7ff211 Track taint from concatenated string 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
d178fe4e5d Fix failing tests 2021-09-01 15:41:16 +02:00
Benjamin Muskalla
93bc8aa7b2 Fix tests to take trim into account 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
3928ffd30d Support CharSequence#subSequence 2021-09-01 15:41:15 +02:00
Benjamin Muskalla
b7e608abc9 Model string builder APIs 2021-09-01 15:41:14 +02:00
Chris Smowton
7977d9c253 Fix minor mistakes in old Guava models 
Also add tests for the affected functions
 2021-08-31 15:26:09 +01:00
Chris Smowton
7a0555ecb3 Merge pull request #6357 from artem-smotrakov/static-iv 
Java: Static initialization vector
 2021-08-26 13:45:43 +01:00
Fosstars
c80a1da483 Don't consider copyOf() and clone() in ArrayUpdate 2021-08-25 12:11:34 +02:00
Chris Smowton
5a2dfda09e Add test for field initializers 2021-08-24 14:04:45 +01:00
Andrew Eisenberg
8e750f18ad Packaging: Java refactoring 
Split java pack into `codeql/java-all` and `codeql/java-queries`.
 2021-08-19 14:09:35 -07:00
Owen Mansel-Chan
714e126088 Merge pull request #6370 from owen-mc/java/model/apache-collections 
Java: Model more of Apache Commons Collections
 2021-08-19 15:09:06 +01:00
Joe Farebrother
9dc28eb9b5 Merge pull request #6387 from joefarebrother/guava-cache 
Java: Model guava cache package
 2021-08-19 10:53:48 +01:00
Chris Smowton
48818ebd6d Merge pull request #6434 from smowton/smowton/admin/jodd-unsafe-deserialization 
Java: Unsafe deserialization: add support for Jodd JSON library
 2021-08-18 17:26:02 +01:00
Sauyon Lee
17cef3f498 Address review comments 2021-08-17 12:45:47 -07:00
Joe Farebrother
076aeb5d80 Update tests 2021-08-17 16:44:58 +01:00
Benjamin Muskalla
1d3bcdf522 Align tests with new query structure 2021-08-16 21:55:00 +02:00
Owen Mansel-Chan
b23fabe8cb Fix errors from previous PR 2021-08-16 16:11:17 +01:00
Fosstars
4e69081c22 Support multi-dimensional arrays 2021-08-13 20:52:27 +02:00
Sauyon Lee
814004e63d Add tests for html escape functions 2021-08-12 11:20:49 -07:00
Sauyon Lee
9c1d5a70e3 Java: Add test for XSS sanitizer 2021-08-12 11:20:49 -07:00
Sauyon Lee
d86dffbb5d Add tests for Spring web.util 2021-08-12 11:20:48 -07:00
Sauyon Lee
fd0ea15719 Add stubs for Spring web.util tests 2021-08-12 11:20:48 -07:00
Owen Mansel-Chan
1c2476c6a1 Add explanatory comments 2021-08-12 14:51:49 +01:00
Owen Mansel-Chan
fe477ff989 Fix more models based on review comments 2021-08-12 14:51:37 +01:00
Benjamin Muskalla
26ffe6c03d Add tests for telemetry queries 2021-08-11 15:32:09 +02:00
Joe Farebrother
207c753f6f Update model for getAll 2021-08-10 15:05:02 +01:00
Owen Mansel-Chan
2000985509 Remove duplicate test 2021-08-10 11:58:28 +01:00
Owen Mansel-Chan
a55a32f50a Add more missing models 
And corresponding tests
 2021-08-10 11:35:20 +01:00
Owen Mansel-Chan
54fdfe3906 Make helper functions more consistent 2021-08-09 17:18:03 +01:00
Owen Mansel-Chan
2d31bb8d64 Remove toString taint propagation 
We do not do this for other overrides of toString
 2021-08-09 17:18:02 +01:00
Chris Smowton
5ba9347281 Merge pull request #6006 from artem-smotrakov/timing-attacks 
Java: Timing attacks while comparing results of cryptographic operations
 2021-08-09 15:30:47 +01:00
Chris Smowton
171dc26531 Fix test reference and expectations 2021-08-09 13:56:55 +01:00
Owen Mansel-Chan
1997dfbb4a Remove unnecessary casts 2021-08-08 14:03:57 +01:00
Owen Mansel-Chan
f94e467076 Fixes to models and tests 
Running the test generator script again showed many missing tests.
 2021-08-08 14:03:48 +01:00
Owen Mansel-Chan
377403d525 Remove redundant models and corresponding test 
Iterator.next is already modelled
 2021-08-08 13:57:51 +01:00
Owen Mansel-Chan
5d3f10824e Fix erroneous treatment of varargs in models 2021-08-08 13:57:50 +01:00
Owen Mansel-Chan
2ba41df2ba Remove commented line 2021-08-06 07:06:36 +01:00
Owen Mansel-Chan
d1a440a45a Improve helper functions for Put 2021-08-06 07:06:35 +01:00
Owen Mansel-Chan
51a7018afc Add stubs 2021-08-06 07:06:16 +01:00