hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

4152 Commits

Author SHA1 Message Date
Joe Farebrother
b112189530 Update docs 2021-10-20 17:09:58 +01:00
Joe Farebrother
224d679722 Add Sticky broadcast sinks 2021-10-20 17:09:57 +01:00
Joe Farebrother
ef7125e21a Simplify sink definitions using local flow 2021-10-20 17:09:57 +01:00
Joe Farebrother
d7c7776495 Add additional models; fix up tests 2021-10-20 17:09:57 +01:00
Joe Farebrother
ae461bcfe4 Switch to inline expectations tests 2021-10-20 17:09:57 +01:00
Joe Farebrother
4012866c6f Allow arbitrary read steps at the sink 2021-10-20 17:09:57 +01:00
Joe Farebrother
bae0da8851 Remove existing get methods 2021-10-20 17:09:57 +01:00
Joe Farebrother
1e8dd7ae40 Use subclasses of context for sinks 2021-10-20 17:09:57 +01:00
Joe Farebrother
143920efca Movee query logic to a qll file 2021-10-20 17:09:57 +01:00
Joe Farebrother
c68a7077d7 Move query and tests out of experimental 2021-10-20 17:09:56 +01:00
Jonathan Leitschuh
cce3aad62e Remove non-ASCII characters from Handler.java 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-20 11:34:59 -04:00
Ian Lynagh
25b5601da9 Java: Add a changenote to RefType -> ClassOrInterface 2021-10-20 12:21:08 +01:00
Ian Lynagh
25fcae1c51 Java: Make some types more specific 
Where we used to use RefType, we now use ClassOrInterface.
 2021-10-20 12:18:20 +01:00
Tom Hvitved
29cdc8a49a Java: Update expected test output after rebase 2021-10-20 12:11:59 +02:00
Tom Hvitved
0bf5238f39 Update QL doc for allowParameterReturnInSelf 2021-10-20 12:08:58 +02:00
Tom Hvitved
dd138b0429 Address review comments 2021-10-20 12:08:58 +02:00
Tom Hvitved
ec5d8ab2db Java: Restrict use-use flow 2021-10-20 12:08:57 +02:00
Tom Hvitved
a1511e13d8 Data flow: Sync files 2021-10-20 12:08:57 +02:00
Ian Lynagh
9fbff1b4c1 Java: Add an upgrade script 2021-10-20 00:34:47 +01:00
Jonathan Leitschuh
d4b18fe6a3 [Java] JDK Collection lambda models 
Adds support for data flow tracking through simple JDK collection
functional APIs.
 - `Iterable::forEach`
 - `Iterator::forEachRemaining`
 - `Map::forEach`

Replaces #5871

Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-19 15:57:58 -04:00
Ian Lynagh
90299033d1 Java: Replace @type with more specific types 2021-10-19 20:23:53 +01:00
Jonathan Leitschuh
584c27a2f8 Move CollectionPassingTest to correct directory 2021-10-19 11:44:12 -04:00
Jonathan Leitschuh
8231907116 Ratpack code cleanup from code review 2021-10-19 11:42:35 -04:00
Chris Smowton
057d0fb7e0 Rewrite query to use shared StringPrefixes library 2021-10-19 14:45:38 +01:00
Chris Smowton
8a4fa0a7e2 Copyedit 2021-10-19 12:50:17 +01:00
haby0
9d9a7abd06 Fix 2021-10-19 12:50:03 +01:00
haby0
283376eb19 Modify the model 2021-10-19 12:49:08 +01:00
haby0
679652e63a Modify Sanitizer 2021-10-19 12:49:08 +01:00
haby0
952b34a163 Eliminate FP 2021-10-19 12:49:08 +01:00
haby0
d0eec1e381 Add CWE-552-UnsafeUrlForward 2021-10-19 12:49:07 +01:00
Chris Smowton
d46b897492 Add explicit this 2021-10-19 11:32:24 +01:00
Chris Smowton
beaa1cffd2 Make import private 2021-10-19 11:28:56 +01:00
Chris Smowton
3bf9abb4ce Avoid ambiguous term 'successor'. 2021-10-19 11:28:56 +01:00
Chris Smowton
0d66cebfba Autoformat 2021-10-19 11:28:56 +01:00
Chris Smowton
3c25301593 Extend documentation 2021-10-19 11:28:55 +01:00
Chris Smowton
d0d17e3b84 Make import private 2021-10-19 11:28:55 +01:00
Chris Smowton
b71920209e Factor out string prefix logic 2021-10-19 11:28:54 +01:00
Anders Schack-Mulligen
90a50e7ca9 Java: Fix bad join-order. 2021-10-19 10:55:52 +02:00
Anders Schack-Mulligen
6508afe824 Merge pull request #6900 from Marcono1234/marcono1234/MemberRefExpr-receiver-type 
Java: Add `MemberRefExpr.getReceiverType()`
 2021-10-19 10:49:15 +02:00
Jonathan Leitschuh
db2892b9ea Resove taint tracking issues from asMultimap 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-18 14:30:46 -04:00
Jonathan Leitschuh
5a2bdc9a0f Jackson taint tracking of elements 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-18 12:21:11 -04:00
Jonathan Leitschuh
8fecc158ff Add support for Map.forEach 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-18 12:21:11 -04:00
Jonathan Leitschuh
23e60e2c52 Add full integration test for Ratpack example 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-18 12:21:11 -04:00
Jonathan Leitschuh
ebbbda70c0 Ratpack tests all passing 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-18 12:21:11 -04:00
Jonathan Leitschuh
fe374f5e9c Ratpack: Add support for Promise::apply 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-18 12:21:10 -04:00
Jonathan Leitschuh
6562ac3680 Ratpack conversion to new lambda model 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-18 12:21:10 -04:00
Jonathan Leitschuh
4f90f0a748 Begin refactoring Ratpack to use functional taint tracking 
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
 2021-10-18 12:21:10 -04:00
Jonathan Leitschuh
6497a61c1d Ratpack: Drop support for flatMap like methods 2021-10-18 12:21:10 -04:00
Jonathan Leitschuh
af90b00e63 Ratpack: Release note and typo fix 2021-10-18 12:21:10 -04:00
Jonathan Leitschuh
901631ceb8 Ratpack Promise add support for apply method 2021-10-18 12:21:10 -04:00