hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,907 Commits 1,671 Branches 157 Tags
codeql-cli-2.8.2
Commit Graph

4548 Commits

Author SHA1 Message Date
Tony Torralba
9f616e7cbe Refactor to use FlowState 
Remove the auxiliary DataFlow configuration
 2022-01-14 12:24:35 +01:00
Benjamin Muskalla
a4429d01a3 Add tests for writer models 2022-01-14 11:12:35 +01:00
Benjamin Muskalla
37ca6a5e41 Model Appenable and Writer 
This allows us to track taint carried through all kind of writers.
 2022-01-14 11:12:35 +01:00
Tony Torralba
df95317a58 Fix tests after stub change 2022-01-14 10:33:21 +01:00
Tony Torralba
6f06be9419 Update change note 2022-01-14 10:33:19 +01:00
Tony Torralba
bd4abf4fd0 Additional Notification models 2022-01-14 10:32:38 +01:00
Tony Torralba
a9757fbc83 Setting null Components is not a sanitizer 2022-01-14 10:32:37 +01:00
Tony Torralba
a59a4024a5 Update stubs 2022-01-14 10:32:36 +01:00
Tony Torralba
66794665f3 Remove unneeded implicit read step 2022-01-14 10:32:36 +01:00
Tony Torralba
a0a914466c Rewording 2022-01-14 10:32:33 +01:00
Tony Torralba
9c12c5f8b8 Remove duplicated models 2022-01-14 10:32:01 +01:00
Tony Torralba
f963887c58 Change test to avoid collision with SensitiveCommunication.ql 2022-01-14 10:32:01 +01:00
Tony Torralba
48acff9262 Remove unneeded code 2022-01-14 10:32:00 +01:00
Tony Torralba
9e3594fcf1 Added more sinks 2022-01-14 10:32:00 +01:00
Tony Torralba
1e3e48132c Rewording 2022-01-14 10:31:59 +01:00
Tony Torralba
47c851efaf Consider more startService methods 2022-01-14 10:31:59 +01:00
Tony Torralba
12059a8a50 Update models to use synthetic fields 2022-01-14 10:31:58 +01:00
Tony Torralba
d49e52fb73 Add support for PendingIntents in Notifications 2022-01-14 10:31:58 +01:00
Tony Torralba
c73e4ebc48 Remove models after rebase 2022-01-14 10:31:58 +01:00
Tony Torralba
7f85dae63b Add support for implicit field read flows 2022-01-14 10:31:57 +01:00
Tony Torralba
e58a8587db Add support for Slices 2022-01-14 10:31:56 +01:00
Tony Torralba
d43242d09e Added tests 2022-01-14 10:31:56 +01:00
Tony Torralba
d0077b8c12 Added query ImplicitPendingIntents 2022-01-14 10:31:53 +01:00
Tony Torralba
8f73772955 Merge pull request #7595 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-01-14 09:32:13 +01:00
Anders Schack-Mulligen
0b24af901d Merge pull request #7349 from aschackmull/dataflow/state 
Dataflow: Add support for flow state
 2022-01-14 09:12:38 +01:00
github-actions[bot]
685336fa23 Add changed framework coverage reports 2022-01-14 00:10:33 +00:00
Andrew Eisenberg
4ffd8c62ac Merge pull request #7579 from github/aeisenberg/changenote-upgrades-removal 
Changenotes: Add changenotes for upgrades refactoring
 2022-01-13 09:09:06 -08:00
Owen Mansel-Chan
83a25698bb Allow adding inputs and outputs needing reference 2022-01-13 15:09:17 +00:00
Tony Torralba
b6886b8e43 Move code to qll file 2022-01-13 15:28:57 +01:00
Tony Torralba
81feaaec02 Refactor PathMatchGuard 2022-01-13 15:24:41 +01:00
Anders Schack-Mulligen
c44cf29992 Merge pull request #7587 from owen-mc/add-default-taint-sanitizer-guard 
Dataflow: Add default taint sanitizer guard
 2022-01-13 14:44:55 +01:00
Tony Torralba
cd9a485c47 Refactor NullOrEmptyCheckGuard 2022-01-13 14:44:08 +01:00
Anders Schack-Mulligen
61490e74d8 Merge pull request #7561 from aschackmull/java/misc-perf 
Java: A few perf fixes for getASupertype*().
 2022-01-13 14:43:28 +01:00
Anders Schack-Mulligen
f7cf327e71 Dataflow: Sync 2022-01-13 13:28:43 +01:00
Anders Schack-Mulligen
a34c981209 Dataflow: Address comments. 2022-01-13 13:28:24 +01:00
Anders Schack-Mulligen
69973dadb3 Merge pull request #7548 from zbazztian/spring-taint-summaries 
Java: Add Spring and Apache Common Langs taint flow steps
 2022-01-13 13:00:41 +01:00
Owen Mansel-Chan
7e42ccfbf1 Don't cache defaultTaintSanitizerGuard for java 2022-01-13 11:36:20 +00:00
Sebastian Bauersfeld
a6e4f29560 Java: Use the interface instead of the abstract class 2022-01-13 14:13:36 +07:00
Sebastian Bauersfeld
69f329ffec Java: Add test cases for AbstractMessageSource.getMessage() methods 2022-01-13 14:13:27 +07:00
Sebastian Bauersfeld
39b6678b7d Java: Add test case for StringEscapeUtils.escapeJson() taint step. 2022-01-13 11:18:37 +07:00
github-actions[bot]
625836a3be Add changed framework coverage reports 2022-01-13 00:11:30 +00:00
Andrew Eisenberg
e435a3e9c3 Changenotes: Add changenotes for upgrades refactoring 2022-01-12 11:36:31 -08:00
Owen Mansel-Chan
c112980b81 Sync TaintTrackingImpl.qll 
Done automatically using sync-files.py
 2022-01-12 14:44:55 +00:00
Owen Mansel-Chan
9ec3d7787c Add option for default taint sanitizer guard 
This allows languages to specify A sanitizer guard in all
global taint flow configurations but not in local taint.
 2022-01-12 14:44:55 +00:00
github-actions[bot]
8a2d92badc Post-release preparation for codeql-cli-2.7.5 2022-01-12 13:28:43 +00:00
Tamás Vajk
9065a7f320 Merge pull request #7573 from tamasvajk/fix/java-field-decl-tostr 
Java: Fix toString on field declarations with single field
 2022-01-12 13:03:16 +01:00
Tony Torralba
c2105e506b Added test cases 2022-01-12 11:06:58 +01:00
Alvaro Muñoz Sanchez
715d372572 Add models for AbstractStringBuilder.substring,subsequence,getChars 2022-01-12 10:54:27 +01:00
Tamas Vajk
b9e0310aa2 Java: Fix toString on field declarations with single field 2022-01-12 09:22:16 +01:00
luchua-bc
263dbd33f6 Optimize the query 2022-01-12 02:33:17 +00:00