hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,991 Commits 1,672 Branches 157 Tags
codeql-cli-2.7.4
Commit Graph

4119 Commits

Author SHA1 Message Date
Chris Smowton
f67e9ae1cc Drop tests for protected inner classes 2021-06-29 11:45:59 +01:00
Chris Smowton
5769f4718f Add missing CollectionUtils model 2021-06-29 11:44:29 +01:00
Chris Smowton
659478cc39 Remove model for protected class 
Can't be accessed outside the org.springframework.util package.
 2021-06-29 11:40:19 +01:00
Chris Smowton
f7a4614f56 Add missing tests for AntPathMatcher's protected methods; fix models accordingly 2021-06-29 11:35:25 +01:00
Chris Smowton
dec0123751 Autoformat 2021-06-29 09:52:24 +01:00
Anders Schack-Mulligen
89cea5cc1a Merge pull request #6178 from github/yo-h/java-sealed-classes 
Java: add `permits` relation to dbscheme (sealed classes)
 2021-06-29 10:43:37 +02:00
Anders Schack-Mulligen
53823e4a36 Merge pull request #6179 from github/yo-h/java-frameworks-jakarta 
Java: add `jakarta.*` package to known frameworks
 2021-06-29 09:38:55 +02:00
yo-h
3c3ecb33a1 Java: add jakarta.* package to known frameworks 2021-06-28 21:49:45 -04:00
yo-h
aa19fe606d Java: add dbscheme stats for permits relation 2021-06-28 21:18:25 -04:00
github-actions[bot]
991404aefb Add changed framework coverage reports 2021-06-29 00:10:00 +00:00
yo-h
1f6996002a Java: add permits relation to dbscheme (sealed classes) 2021-06-28 19:48:39 -04:00
Chris Smowton
dd70f2c87e Add spurious results now found in JaxXSS.java 2021-06-28 19:24:19 +01:00
Chris Smowton
768a8e78dd Fixup JaxRs.ql to cope with stubbed MediaType file 
In a real-world situation this type would be defined in an imported jar, but since here it is defined in a stub the getADeclaredContentType routine can see it is defined as an empty string in the stubbed implementation. Filter these out so the test more closely resembles the real situation.
 2021-06-28 19:24:19 +01:00
Chris Smowton
8eaffaff35 Fix test mistakes 2021-06-28 19:24:19 +01:00
Chris Smowton
6b3bc42ef2 Add JAX-RS XSS tests 2021-06-28 19:24:18 +01:00
Chris Smowton
b3c186c513 Convert XSS test to inline expectations 2021-06-28 19:24:18 +01:00
Sauyon Lee
240058be28 fixup! Fix tests for Spring util 
Apply review comments
 2021-06-28 10:53:00 -07:00
Sauyon Lee
4012076c90 fixup! Model spring util 
Apply review comments
 2021-06-28 10:52:58 -07:00
Sauyon Lee
bddc88c010 Add stubs for Spring util tests 2021-06-28 08:26:40 -07:00
Sauyon Lee
60db9e1851 Rename springframework-5.2.3 to 5.3.8 2021-06-28 08:26:39 -07:00
Sauyon Lee
fb0e6bfb42 Fix tests for Spring util 2021-06-28 08:26:39 -07:00
Sauyon Lee
739b142209 Generate tests for Spring util 2021-06-28 08:26:38 -07:00
Sauyon Lee
92ebb63b1f Model Spring AntPath utils 2021-06-28 08:26:38 -07:00
Sauyon Lee
c4e9b1fd8e Model Spring util 2021-06-28 08:26:37 -07:00
Tony Torralba
8112d723e0 Merge branch 'main' into atorralba/spring-beans 2021-06-28 17:02:31 +02:00
Tony Torralba
393b95cbbe Remove 'magic' from tests 2021-06-28 17:01:34 +02:00
Chris Smowton
3d69868297 Change ID and description of cloned query 
This should be cleaned up more effectively soon, but this suffices to fix the clashing-id problem.
 2021-06-28 12:18:59 +01:00
Chris Smowton
8aa9cd52b5 Merge pull request #5811 from mogwailabs/insecureJmxRmiServerEnvironment 
Java: Add query - insecure environment configuration during JMX/RMI server init
 2021-06-25 22:09:20 +01:00
Timo Mueller
e5fa5325b5 Auto formatting .ql file 2021-06-25 22:31:29 +02:00
Chris Smowton
def4a23af2 Merge pull request #4879 from intrigus-lgtm/java/improve-trustmanager 
Java: Add/improve insecure trustmanager query
 2021-06-25 18:15:55 +01:00
intrigus
5aa711a956 Accept test changes. 2021-06-25 17:04:36 +02:00
Anders Schack-Mulligen
a79356e316 Apply suggestions from code review 2021-06-25 16:47:26 +02:00
intrigus
be57aeccf2 Remove change-note. 2021-06-25 16:47:26 +02:00
intrigus
5106aec319 Fix test location. 2021-06-25 16:47:25 +02:00
intrigus
36575bb26f Move back to experimental......... 2021-06-25 16:47:25 +02:00
intrigus
fe923facc8 Java: Move comments to separate lines. 
Move comments to separate lines to improve
the rendering in the finished query help.
 2021-06-25 16:47:25 +02:00
intrigus-lgtm
f527df73d5 Apply suggestions from code review. 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2021-06-25 16:47:25 +02:00
intrigus
f0d4b1d2b0 Java: Add change-note. 2021-06-25 16:47:25 +02:00
intrigus
6bfdf8d148 Java: Fix qhelp errors. 2021-06-25 16:47:24 +02:00
intrigus
dc0b06a735 Java: Factor out SecurityFlag library. 2021-06-25 16:47:24 +02:00
intrigus-lgtm
51fdcf86c8 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-06-25 16:47:24 +02:00
intrigus
6f217d37da Java: Apply suggestions from review. 2021-06-25 16:47:24 +02:00
intrigus
4a00670b68 Java: Reduce long comment. 2021-06-25 16:47:24 +02:00
intrigus
45cec3df1c Java: Use this consistently in QL classes. 2021-06-25 16:47:24 +02:00
intrigus
0c1ce74135 Java: Switch from tabs to spaces. 2021-06-25 16:47:24 +02:00
intrigus
281e0859d1 Java: Accept test changes. 2021-06-25 16:47:23 +02:00
intrigus
6413af4fbe Java: Expand tests. 2021-06-25 16:47:23 +02:00
intrigus
484533c659 Java: Flag "intentionally" unsafe methods in tests. 
Previously intentionally unsafe methods such as `disableCertificate`
would be ignored by this query. But now they will also be flagged
as it is hard to guess intentions...
Adjust the tests to account for this change.
 2021-06-25 16:47:23 +02:00
intrigus
7023793af4 Java: Fix compilation errors in test. 2021-06-25 16:47:23 +02:00
intrigus
6d09db6fd6 Java: Explicitly list custom flow steps. 2021-06-25 16:47:23 +02:00