hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,672 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

11714 Commits

Author SHA1 Message Date
Joe Farebrother
639c42c9e9 Fix qhelp errors and ql-for-ql errors 2023-01-12 11:44:39 +00:00
Joe Farebrother
f52db7f9a3 Add qhelp 2023-01-12 11:44:39 +00:00
Joe Farebrother
a88759283a Fix typo in qldoc 2023-01-12 11:44:39 +00:00
Joe Farebrother
7e7b5b4488 Improve test case 2023-01-12 11:44:39 +00:00
Joe Farebrother
8449dabefe Add qldoc 2023-01-12 11:44:39 +00:00
Joe Farebrother
de565f9ccc Add test and fix a bug 2023-01-12 11:44:39 +00:00
Joe Farebrother
b96edb9c64 Add Sensitive Result Receiver query 2023-01-12 11:44:39 +00:00
Michael Nebel
18a815ca8b Merge pull request #11721 from michaelnebel/csharpjava/refactorprovenance 
C#/Java: Re-factor provenance related predicates.
 2023-01-12 10:50:31 +01:00
Jami Cogswell
fd593fd4f0 Java: undo changes to tests that were affected by numeric-flow summary models 2023-01-11 22:34:19 -05:00
Jami Cogswell
ce74c9d959 Java: Date models as neutral 2023-01-11 22:15:41 -05:00
Jami Cogswell
6bb865ad05 Java: make numeric flow models neutral 2023-01-11 18:04:43 -05:00
Jami Cogswell
0c7ffb0554 Java: update System.getProperty model 2023-01-11 12:04:22 -05:00
Pierre
c3116b3f0f Merge branch 'main' into turbo/experimental/combined 2023-01-11 18:02:55 +01:00
Jami Cogswell
2a99af0e6d Java: remove summary model for String.endsWith 2023-01-11 10:58:46 -05:00
Jami Cogswell
99ee6c95a1 Java: remove models for Consumer.accept and Collectors.toMap 2023-01-11 10:44:38 -05:00
Jami Cogswell
ac064ac2a7 Java: remove model for Collectors.joining 2023-01-11 10:30:49 -05:00
Michael Nebel
7e4f7a0c17 C#: Address review comments and sync files. 2023-01-11 16:29:24 +01:00
Michael Nebel
8112058a0a Java: Adapt TopJdpApi library to the re-factor. 2023-01-11 16:20:55 +01:00
Michael Nebel
6a047d6916 Java: Re-factor provenance related predicates for summarized callable. 2023-01-11 16:20:55 +01:00
Michael Nebel
ea173f9516 Sync files. 2023-01-11 16:20:55 +01:00
Michael Nebel
11ca3f49f6 C#/Java: Adjust imports after moving files. 2023-01-11 13:13:33 +01:00
Michael Nebel
787b4743ee C#/Java: Rename the directories containing the model generator and tests. 2023-01-11 13:13:33 +01:00
Michael Nebel
178fd0e9e1 C#/Java: Remove all dashes in mode-generator. 2023-01-11 13:13:33 +01:00
Jami Cogswell
181a711f04 Java: switch Collectors.joining model from neutral to summary 2023-01-10 21:06:03 -05:00
Jami Cogswell
faae811be7 Java: try simplification of paramsString and paramsStringPart 2023-01-10 13:35:52 -05:00
Jami Cogswell
65aa064838 Java: update paramsString qldoc 2023-01-10 13:33:47 -05:00
Edward Minnix III
ce06df3152 Merge pull request #11628 from egregius313/egregius313/android-webview-addjavascriptinterface-dataflow 
Java: Add parameters of methods annotated @JavascriptInterface as remote flow sources
 2023-01-10 12:41:52 -05:00
Florin Coada
4c1c12dd70 suggestions in list format 2023-01-10 11:18:56 -05:00
Jonathan Leitschuh
1d7881e03f Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2023-01-10 11:18:56 -05:00
Tony Torralba
b7364f5428 Update UnsafeDeserialization.qhelp 
Move the table under <recommendation>, minor fixes.
 2023-01-10 11:18:56 -05:00
Jonathan Leitschuh
3fa11c21c3 [Java] Document fixes for deserialization vulnerabilities by framework 
Related https://github.com/github/codeql/issues/11603
 2023-01-10 11:18:56 -05:00
Ian Lynagh
3367da82c4 Kotlin: Accept test changes 
We get better locations with Kotlin 1.8.0.
 2023-01-10 14:41:30 +00:00
Ian Lynagh
b7eb521fa0 Kotlin: Fix custom_plugin test for Kotlin 1.8.0 2023-01-10 14:41:30 +00:00
Ian Lynagh
c71ea80029 Kotlin: Accept test changes 
We now get better locations, with Kotlin 1.8.0.
 2023-01-10 14:41:30 +00:00
Ian Lynagh
b51c3aae85 Kotlin: Logs test: Allow for -Beta versions etc when parsing the logs 2023-01-10 14:41:29 +00:00
Ian Lynagh
6fbda1a9f0 Kotlin: Accept test changes with 1.8 2023-01-10 14:41:29 +00:00
Tony Torralba
32471d326e Java: Remove omittable exists variables 2023-01-10 13:37:19 +01:00
Tony Torralba
da90ae0e8f Update java/ql/lib/semmle/code/java/dataflow/FlowSources.qll 2023-01-10 11:18:53 +01:00
Michael Nebel
16cd148961 Merge pull request #11711 from michaelnebel/externalflowcleanup 
C#/Java: Delete deprecated ModelCsv classes and related predicates.
 2023-01-10 10:22:50 +01:00
Ed Minnix
293a203756 Move JavascriptInterfaceMethod to WebView.qll 2023-01-09 15:10:23 -05:00
Ed Minnix
909b1d70d9 Rename files to say "Allow" instead of "Permit" 2023-01-09 10:11:03 -05:00
Ed Minnix
c723df3ca7 Fix alert message in expected file 2023-01-09 10:08:19 -05:00
Ed Minnix
f626d4794a Change wording from "permit" to "allow" in id and name 2023-01-09 10:03:12 -05:00
Ed Minnix
972b4629c8 Fix typo in change note 2023-01-09 10:01:38 -05:00
Ed Minnix
64668883a4 Add good example to documentation 2023-01-09 09:59:38 -05:00
Ed Minnix
2ec73c50f9 Mention WebView in alert message 2023-01-09 09:55:09 -05:00
Chris Smowton
e9bbb5d7fa Merge pull request #11730 from smowton/smowton/admin/improve-sql-unescaped-docs 
Java: improve naming and description of SqlUnescaped.ql
 2023-01-09 12:50:27 +00:00
yoff
c01ce955ba Merge pull request #11778 from yoff/shared/inline-tests 
Shared: Inline test expectations
 2023-01-09 13:21:18 +01:00
Chris Smowton
2e26fb1171 Merge pull request #11819 from smowton/smowton/admin/port-java-autobuilder-tests 
Add Java autobuilder integration tests
 2023-01-09 12:17:39 +00:00
Chris Smowton
efe23c1da7 Note that alerts should not be re-raised 2023-01-09 10:56:13 +00:00