codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Author	SHA1	Message	Date
Michael Nebel	f2f9944a1c	Merge pull request #12931 from michaelnebel/neutralkinds Java/C#: Introduce kind for neutrals.	2023-05-09 08:42:38 +02:00
Edward Minnix III	05b1bd881e	Merge pull request #12852 from egregius313/egregius313/java/webgoat/model-jwsheader Java: Model `io.jsonwebtoken.SigningKeyResolverAdapter` and `io.jsonwebtoken.JwsHeader`	2023-05-08 10:57:34 -04:00
Michael Nebel	7858da66e3	C#/Java: Add change note.	2023-05-08 16:18:59 +02:00
Edward Minnix III	2d5b35067e	Merge pull request #12721 from egregius313/egregius313/java/move-configurations-to-libraries Java: Move more dataflow configurations to `*Query.qll` files	2023-05-04 20:14:22 -04:00
Ed Minnix	62cbcdb30c	Add change note	2023-05-04 16:52:40 -04:00
Ed Minnix	3100e98513	Add missing change notes and update date	2023-05-04 10:25:17 -04:00
Ed Minnix	c319ee4c0d	Add TempDirLocalInformationDisclosureQuery	2023-05-04 10:25:16 -04:00
Ed Minnix	b087cf9a0a	Add Arithmetic query libraries	2023-05-04 10:25:16 -04:00
Ed Minnix	77ee80fd81	Add missing change notes	2023-05-04 10:25:16 -04:00
Ed Minnix	24b00bac11	Add UnsafeHostnameVerificationQuery	2023-05-04 10:25:16 -04:00
Ed Minnix	e4f47ece43	Add ResponseSplittingLocalQuery	2023-05-04 10:15:00 -04:00
Ed Minnix	91b3533035	Add SqlTaintedLocalQuery	2023-05-04 10:14:59 -04:00
Ed Minnix	a0f7575b34	Add StackTraceExposureQuery	2023-05-04 10:14:59 -04:00
Ed Minnix	aff299eafd	Add ExecTaintedLocal	2023-05-04 10:14:59 -04:00
Ed Minnix	b39d5088de	Add InsecureCookieQuery	2023-05-04 10:14:59 -04:00
Ed Minnix	0249187282	Add ExternallyControlledFormatStringLocalQuery.qll	2023-05-04 10:14:59 -04:00
Ed Minnix	cc22a7d4b4	Add XssLocalQuery	2023-05-04 10:14:59 -04:00
Ed Minnix	c2b6a3f4e0	Add XPathInjectionQuery	2023-05-04 10:14:59 -04:00
Ed Minnix	c15ce27957	Add SqlConcatenatedQuery	2023-05-04 10:14:59 -04:00
Ed Minnix	1af6d5f7b3	Add TaintedPermissionsCheckQuery	2023-05-04 10:14:59 -04:00
Jami Cogswell	2e683b3dd2	Java: add change note	2023-05-03 10:43:50 -04:00
Tony Torralba	ec44aa2597	Add change note	2023-05-02 15:31:20 +02:00
github-actions[bot]	3bd29171fb	Release preparation for version 2.13.1	2023-04-28 12:14:35 +00:00
Tony Torralba	389e8c4fe8	Add review suggestions	2023-04-26 10:08:16 +02:00
Tony Torralba	d54c444606	Add change note	2023-04-26 10:07:49 +02:00
Tony Torralba	e3d93c3581	Fix FileCopyUtils models	2023-04-24 15:07:19 +02:00
Tony Torralba	62f5a5dcd5	Merge pull request #10707 from atorralba/atorralba/log-injection-sanitizers Java: Add line break sanitizers to java/log-injection	2023-04-19 08:20:04 +02:00
Alex Ford	924ce250dd	Merge pull request #12847 from github/post-release-prep/codeql-cli-2.13.0 Post-release preparation for codeql-cli-2.13.0	2023-04-18 14:40:40 +01:00
Tony Torralba	ba49386e6c	Merge pull request #12806 from GeekMasher/main Java: Add missing write-file models for Java IO / NIO	2023-04-18 11:15:53 +02:00
Jami	a149c41baf	Merge pull request #12155 from jcogs33/jcogs33/add-heuristic-ssrf-models Java: add ssrf models discovered with heuristics	2023-04-17 15:45:48 -04:00
Jami Cogswell	25786f61be	Java: minorAnalysis in change note	2023-04-17 13:48:04 -04:00
Mathew Payne	44c1b48f94	Merge branch 'main' into main	2023-04-17 12:40:23 +01:00
Mathew Payne	c77cdcf4c3	Removed the OutputStream models	2023-04-17 11:38:28 +00:00
Tony Torralba	e167d3ce00	Add line break sanitizers	2023-04-17 09:33:44 +02:00
Jeroen Ketema	0c7346707b	Fix minor issues with change notes	2023-04-14 15:37:04 +02:00
github-actions[bot]	075d063370	Release preparation for version 2.13.0	2023-04-14 13:31:30 +00:00
Edward Minnix III	77b67cbf2e	Fix typo Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-04-13 23:06:16 -04:00
Ed Minnix	ea54ea47b1	Deprecate `sensitiveResultReceiver`	2023-04-13 23:06:16 -04:00
Jami Cogswell	6890434d63	Java: add change note	2023-04-13 09:15:02 -04:00
Alex Ford	8c46bfd051	Merge pull request #12816 from github/rc/3.9 Merge `rc/3.9` into `main`	2023-04-13 12:35:41 +01:00
Tony Torralba	4c6df3fdb9	Merge pull request #12813 from atorralba/atorralba/java/sensitive-expr-fix-and-tests Java: Add tests for SensitiveActions and fix getCommonSensitiveInfoRegex	2023-04-13 13:13:37 +02:00
Tony Torralba	d7feaf4098	Merge pull request #12685 from atorralba/atorralba/java/command-injection-mad Java: Add command-injection sink kind and refactor command injection queries	2023-04-13 11:38:14 +02:00
Tony Torralba	4f2ffccc20	Improve change note	2023-04-13 11:14:57 +02:00
Tony Torralba	99b0624e8b	Add change note	2023-04-13 10:35:59 +02:00
Mathew Payne	ffec22a5d2	Add change log notes	2023-04-12 14:48:28 +00:00
Jami	b7c7449b08	Merge pull request #12739 from jcogs33/jcogs33/add-one-more-top500-model Java: add summary model for `UnsupportedOperationException(String)` constructor	2023-04-11 08:25:36 -04:00
Tony Torralba	944bdfde45	Apply suggestions from code review	2023-04-11 09:47:47 +02:00
Stephan Brandauer	cb8506d51a	Update MaD Declarations after Triage	2023-04-11 09:25:39 +02:00
Jami Cogswell	6a103f5070	Java: add change note	2023-04-06 10:22:03 -04:00
Tony Torralba	8686036346	Update java/ql/lib/change-notes/2023-03-31-new-models.md	2023-04-06 15:25:33 +02:00

... 7 8 9 10 11 ...

752 Commits