codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Tony Torralba	e2918d55b5	Move tests back from internal repo	2021-06-16 10:09:44 +02:00
Anders Schack-Mulligen	96da85449d	Merge pull request #5823 from atorralba/promote-jexl-injection Java: Promote JEXL Injection query from experimental	2021-06-07 10:03:12 +02:00
Anders Schack-Mulligen	f73960da8f	Merge pull request #5788 from Marcono1234/marcono1234/stmt-toString Java: Override toString() for statements	2021-06-04 12:41:03 +02:00
Marcono1234	e0a45507f8	Java: Adjust toString() for statements	2021-06-03 16:27:36 +02:00
Marcono1234	7e778bc008	Java: Override toString() for statements Additionally remove redundant QLDoc which is inherited anyways.	2021-06-03 16:27:35 +02:00
Anders Schack-Mulligen	bd9e3d0fa9	Merge pull request #5751 from aschackmull/java/collection-flow Java: Convert all collection and array steps from taint flow to value flow.	2021-06-03 15:29:14 +02:00
Tony Torralba	56a429a5f9	Merge branch 'main' into promote-jexl-injection	2021-06-03 11:10:56 +02:00
Tony Torralba	34a8383c1a	Unused import	2021-06-03 10:22:53 +02:00
Anders Schack-Mulligen	8e6dd51f50	Merge pull request #5868 from Marcono1234/marcono1234/ignore-not-closing-char-array-closeable Java: Ignore char array based closeables for CloseReader.ql and CloseWriter.ql	2021-06-02 15:00:59 +02:00
Tony Torralba	d476459727	Use InlineExpectationsTest	2021-06-02 12:15:26 +02:00
Tony Torralba	59e6e1ffac	Moved from experimental	2021-06-02 09:58:30 +02:00
Anders Schack-Mulligen	43d1b0ab27	Java: Update qltests.	2021-06-01 11:47:52 +02:00
Alvaro Muñoz	735e4e4b7b	update failing tests	2021-05-28 15:13:18 +02:00
Tony Torralba	7dbdba28cc	Consider search methods with unsafe SearchControls	2021-05-21 15:21:04 +02:00
Tony Torralba	c1e71b60b4	Use InlineExpectationsTest	2021-05-20 12:00:11 +02:00
Tony Torralba	1351516e9a	Moved JNDI injection related files from experimental to standard	2021-05-19 11:32:51 +02:00
Tony Torralba	e58746508d	Merge branch 'main' into atorralba/promote-ognl-injection	2021-05-19 10:41:08 +02:00
Tony Torralba	34a55e77ef	Add missing subtype test	2021-05-18 09:38:35 +02:00
Tony Torralba	bc2370ae1d	Use InlineExpectationsTest for tests	2021-05-17 15:58:33 +02:00
Tony Torralba	3e4ccaf9a8	Move from experimental to standard	2021-05-17 10:41:54 +02:00
haby0	60fc607449	Modify ql	2021-05-14 18:17:05 +08:00
Tony Torralba	db732918af	Add taint step for setExpression	2021-05-13 15:01:36 +02:00
Tony Torralba	09b40601a7	Consider ExpressionAccessor	2021-05-12 12:32:38 +02:00
Anders Schack-Mulligen	a247ae4357	Merge pull request #5843 from JLLeitschuh/feat/JLL/improve_kryo_support [Java] Fix Kryo FP & Kryo 5 Support	2021-05-12 09:52:24 +02:00
haby0	12f47bcf24	Add UnsafeDeserialization	2021-05-12 12:37:16 +08:00
Marcono1234	8969da7775	Java: Improve not closing resource query; add tests	2021-05-11 19:32:02 +02:00
Tony Torralba	8754c85a57	Use InlineExpectationsTest	2021-05-11 16:23:12 +02:00
Tony Torralba	fc03b92e11	Moved from experimental to standard	2021-05-11 15:42:13 +02:00
Tony Torralba	d99b5bfc66	Reuse previous tests from experimental	2021-05-10 11:17:20 +02:00
Tony Torralba	c70503142f	Require JS enabled even when cross-origin access is enabled in the webviews	2021-05-10 09:45:59 +02:00
Tony Torralba	6884edf52a	Merge branch 'main' into atorralba/promote-unsafe-android-webview-fetch	2021-05-07 16:31:55 +02:00
luchua-bc	fc7d340a89	Query to detect hard-coded Azure credentials	2021-05-07 13:16:41 +00:00
Tony Torralba	dcee1daa31	Mark spurious test results	2021-05-07 13:17:04 +02:00
Tony Torralba	e78e5b9ee4	Merge branch 'main' into promote-jexl-injection	2021-05-07 12:36:49 +02:00
Tony Torralba	b37b15cea4	Re-structure imports, add some new comments to tests	2021-05-07 12:33:51 +02:00
Tony Torralba	2a501956b3	Mark a MISSING test result as suggested in code review	2021-05-07 11:17:51 +02:00
Tony Torralba	b69261727d	Add a new test for	2021-05-06 13:26:25 +02:00
Tony Torralba	1f1f85aeb5	Add change note and fix some QLDocs	2021-05-06 13:13:23 +02:00
Tony Torralba	f1fab854c4	Fix tests for XXE, introduced a dependency with jaxen	2021-05-06 12:11:55 +02:00
Tony Torralba	84504a88e4	Fix tests by adding AndroidManifest.xml	2021-05-06 10:55:56 +02:00
Tony Torralba	76468559ba	Add safe example for dom4j	2021-05-06 10:17:25 +02:00
Tony Torralba	926fedb7fb	Update java/ql/test/query-tests/security/CWE-643/XPathInjectionTest.java Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>	2021-05-06 09:18:50 +02:00
Tony Torralba	00a7576679	Rename XPath Injection test file	2021-05-06 09:18:50 +02:00
Tony Torralba	8af7f4a484	New sinks and test cases	2021-05-06 09:18:49 +02:00
Tony Torralba	ccb3ea4453	Fix XPath Injection tests classpath	2021-05-06 09:18:49 +02:00
Tony Torralba	26c3ff2cee	Move from experimental to standard	2021-05-06 09:18:49 +02:00
Tony Torralba	a706046a19	Reestructured test	2021-05-06 09:17:53 +02:00
Jonathan Leitschuh	67e9f06304	[Java] Fix Kryo FP & Kryo 5 Support Closes #4992	2021-05-05 17:38:34 -04:00
Tony Torralba	03ce8d689f	Refactored to use CSV sink model	2021-05-05 16:34:30 +02:00
Tony Torralba	9b78cee37a	Add tests	2021-05-05 11:59:57 +02:00

... 21 22 23 24 25 ...

1299 Commits