hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,003 Commits 1,671 Branches 157 Tags
ginsbach/NewOverlayLocalJavaRebase
Commit Graph

13226 Commits

Author SHA1 Message Date
Jami Cogswell
39ccde0c9d Java: add name-based heuristic 2025-01-30 10:13:54 -05:00
Jami Cogswell
286c655264 Java: add class for Stapler web methods that are not default-protected from CSRF 2025-01-30 10:13:52 -05:00
Jami Cogswell
0f39011122 Java: add taint-tracking config for execute to exclude FPs from non-update queries like select 2025-01-30 10:13:50 -05:00
Jami Cogswell
97aaf4c011 Java: handle MyBatis annotations for insert/update/delete 2025-01-30 10:13:48 -05:00
Jami Cogswell
df77d4914f Java: initial tests 2025-01-30 10:13:45 -05:00
Jami Cogswell
178b032453 Java: add query 2025-01-30 10:13:43 -05:00
Jami Cogswell
c553e3132e Java: add CallGraph module for displaying call graph paths 2025-01-30 10:13:41 -05:00
Jami Cogswell
87a8746b22 Java: add a class for methods that update a sql database (found using sql-injection nodes) 2025-01-30 10:13:39 -05:00
Jami Cogswell
43a288070c Java: add a class for PreparedStatement methods that update a database 2025-01-30 10:13:37 -05:00
Jami Cogswell
b88731df80 Java: move contents of MyBatisMapperXML.qll in src to MyBatis.qll in lib so importable, and fix experimental files broken by the move 2025-01-30 10:13:27 -05:00
Jami Cogswell
8e9f21dc52 Java: add a class for MyBatis Mapper methods that update a database 2025-01-30 10:01:43 -05:00
Jami Cogswell
506d668289 Java: add class for Spring request mapping methods that are not default-protected from CSRF 2025-01-30 10:01:41 -05:00
Jami Cogswell
0c6925399d Java: add qhelp 2025-01-30 10:01:39 -05:00
Simon Friis Vindum
e141b4ee95 Merge pull request #18612 from paldepind/shared-model-generation-row 
Shared: Generalize the number of columns in a generated MaD row
 2025-01-29 12:56:07 +01:00
Michael Nebel
ee5416f0b1 Merge pull request #18299 from michaelnebel/java/deprecateexperimental 
Java: Deprecate experimental queries.
 2025-01-29 10:41:25 +01:00
Simon Friis Vindum
70550950d8 Java, C#: Ensure variable is used in all disjuncts 2025-01-29 10:30:26 +01:00
Owen Mansel-Chan
2d76466405 Add change note 2025-01-28 15:35:28 +00:00
Owen Mansel-Chan
0ccf4cecb8 Fix XSS FPs when content type is safe 2025-01-28 15:32:30 +00:00
Simon Friis Vindum
13e0829d19 Shared: Generalize the number of columns in a generated MaD row 2025-01-28 15:36:09 +01:00
erik-krogh
c7fc164680 java: remove the 2 from SafeTransformerFactoryFlow, not that the previous naming conflict has been deleted 2025-01-28 09:13:59 +01:00
erik-krogh
a1afa20d4b add change-notes 2025-01-27 22:43:13 +01:00
erik-krogh
34f5f61a10 all: use my script to delete outdated deprecations 2025-01-27 22:16:48 +01:00
Owen Mansel-Chan
9f3572d15a Reformat inline expectations (space after $) 2025-01-27 14:36:26 +00:00
Owen Mansel-Chan
05fb22e8ff Make test easier to understand 2025-01-27 14:10:19 +00:00
Michael Nebel
98d6353f12 Java: Address review comments. 2025-01-27 11:21:44 +01:00
Michael Nebel
c27b611c76 Java: Deprecate MyBatisMapperXML as it is only used by experimental queries. 2025-01-27 10:22:22 +01:00
Michael Nebel
999f1f21e2 Java: Accept expected test output. 2025-01-27 10:22:20 +01:00
Michael Nebel
b552c8aba9 Java: Add change-note. 2025-01-27 10:22:19 +01:00
Michael Nebel
cc48cec1c7 Java: Deprecate experimental model activation. 2025-01-27 10:22:17 +01:00
Michael Nebel
e3997f65ed Java: Deprecate experimental queries. 2025-01-27 10:22:16 +01:00
Chris Smowton
09fe6091c2 Amend extractor information expectation 2025-01-23 11:33:45 +00:00
Chris Smowton
02edb1b9cb Don't expect logged properties files in source archives 2025-01-23 11:14:20 +00:00
Jonas Jensen
773a98a9eb Merge pull request #18340 from jbj/diff-informed-getASelectedLocation 
Java: make more queries diff-informed with getASelectedLocation
 2025-01-22 14:25:33 +01:00
Anders Schack-Mulligen
5bfd22e60a Merge pull request #18552 from aschackmull/java/xss-regex-perf 
Java: Improve performance of XSS regex.
 2025-01-22 11:28:49 +01:00
Owen Mansel-Chan
b4c8390991 Merge pull request #18137 from owen-mc/java/jax-rs-annotation-inheritance 
Java: Update JAX-RS annotation inheritance
 2025-01-21 15:26:47 +00:00
Anders Schack-Mulligen
0f96e79264 Java: Improve performance of XSS regex. 2025-01-21 14:41:08 +01:00
Jonas Jensen
eacc600b29 Java: annotate a query as not selecting sources 
This is for performance in diff-informed mode but also for avoiding
spurious entries in the code scanning timeline and alert list.
 2025-01-21 12:56:06 +01:00
Owen Mansel-Chan
19df33fb43 Remove another erroneous comment 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2025-01-21 09:25:37 +00:00
Owen Mansel-Chan
6fa18be0cc Fix QLDocs 2025-01-20 22:07:01 +00:00
github-actions[bot]
fbb7f0a0c6 Post-release preparation for codeql-cli-2.20.2 2025-01-20 21:11:14 +00:00
github-actions[bot]
a0512a50f2 Release preparation for version 2.20.2 2025-01-20 21:11:12 +00:00
Nick Rolfe
3e5707154a Merge pull request #18542 from github/nickrolfe/java-stats 
Java: fix stats for databaseMetadata relation
 2025-01-20 17:28:51 +00:00
Nick Rolfe
6b5974a372 Java: fix stats for databaseMetadata relation 2025-01-20 17:02:25 +00:00
Ian Lynagh
66777e6282 Merge pull request #18450 from igfoo/igfoo/kot2.1.20b1 
Kotlin: Add support for 2.1.20-Beta1
 2025-01-20 15:32:19 +00:00
Ian Lynagh
cec503eecd Kotlin: Fix build with 2.1.20-Beta1 2025-01-20 14:31:58 +00:00
Ian Lynagh
4e798b3db4 Kotlin: Add 2.1.20-Beta1 2025-01-20 14:31:57 +00:00
Ian Lynagh
ff328d6c04 Kotlin: Add 2.1.20-Beta1 deps 2025-01-20 14:31:57 +00:00
Nick Rolfe
64f33955b5 Java: add databaseMetadata to dbscheme 2025-01-17 15:18:07 +00:00
Chris Smowton
060161cd5e Add change note 2025-01-14 14:22:27 +00:00
Chris Smowton
5ca7d26cf3 Add test for a JavacTool-based compiler that doesn't use standard JavaFileObjects 2025-01-14 14:22:26 +00:00