hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,275 Commits 1,671 Branches 157 Tags
tausbn/python-refine-location-of-flask-request-sources
Commit Graph

12269 Commits

Author SHA1 Message Date
Arthur Baars
0bb7fdccf6 Merge pull request #20347 from github/post-release-prep/codeql-cli-2.23.0 
Post-release preparation for codeql-cli-2.23.0
 2025-09-02 14:14:03 +02:00
Anders Schack-Mulligen
f833fe0e6e Merge pull request #20300 from aschackmull/cfg/successortype 
Shared: Add a shared SuccessorType implementation
 2025-09-02 14:09:35 +02:00
github-actions[bot]
e8a2600a0c Post-release preparation for codeql-cli-2.23.0 2025-09-02 11:46:23 +00:00
github-actions[bot]
0bfa93828b Release preparation for version 2.23.0 2025-09-02 11:09:32 +00:00
Michael Nebel
2a932f0748 Merge pull request #20328 from michaelnebel/java/ql4ql 
Java: Fix some Ql4Ql violations.
 2025-09-02 12:01:16 +02:00
Michael Nebel
a732b36fa8 Update java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2025-09-02 10:39:37 +02:00
Michael Nebel
77113b2e42 Java: Fix some Ql4Ql violations. 2025-09-01 15:04:08 +02:00
Anders Schack-Mulligen
4e70627629 Guards: Use shared SuccessorType. 2025-09-01 13:55:29 +02:00
Anders Schack-Mulligen
144e34c669 Shared: Use shared SuccessorType in shared Cfg and BasicBlock libs. 2025-09-01 13:43:32 +02:00
Anders Schack-Mulligen
4685b4f8a9 Java: Use shared SuccessorType. 2025-09-01 13:00:20 +02:00
Anders Schack-Mulligen
09b2c5abf0 BasicBlock: Replace entryBlock predicate with subclass. 2025-09-01 11:48:44 +02:00
Anders Schack-Mulligen
3821f172df Guards/Java: Use BasicBlock signature in Guards library. 2025-09-01 11:26:36 +02:00
Anders Schack-Mulligen
f459ddc40a Languages: Adapt to api changes. 2025-09-01 11:26:33 +02:00
Anders Schack-Mulligen
bb3abc815f SSA: Update input to use member predicates. 2025-09-01 11:19:48 +02:00
Napalys Klicius
b4d6cb6e5f Merge pull request #20178 from Napalys/java/visible-for-testing-abuse 
Java: Added new query `java/visible-for-testing-abuse`
 2025-08-29 08:38:04 +02:00
Napalys Klicius
6132900e12 Java: add full stops for ql docs 2025-08-29 08:09:03 +02:00
Napalys Klicius
c836104717 Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-08-28 15:01:53 +02:00
Napalys Klicius
d3be456c5c Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-08-28 15:01:43 +02:00
Napalys Klicius
1949d9f8f3 Merge branch 'main' into java/mocking-all-non-private-methods-means-unit-test-is-too-big 2025-08-28 14:22:06 +02:00
Napalys Klicius
970167bc62 Java: moved java/mocking-all-non-private-methods-means-unit-test-is-too-big to a more appropriate location, namely Violation of Best Practice/Testing 2025-08-28 14:20:19 +02:00
Napalys Klicius
ad6ca51ef2 Update java/ql/src/Likely Bugs/Frameworks/JUnit/ExcessivePublicMethodMocking.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-08-28 12:03:56 +02:00
Napalys Klicius
a3aacfb688 Merge pull request #20190 from Napalys/java/jvm-exit-query-promotion 
Java: Enhance `java/jvm-exit` query and add to quality
 2025-08-27 13:23:02 +02:00
Napalys Klicius
b3f90bbdfc Update java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-08-26 13:23:24 +00:00
Napalys Klicius
6c51ba80c7 Update java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2025-08-26 15:19:02 +02:00
Jami
3675e4bb4f Merge branch 'main' into jcogs33/java/insecure-spring-actuator-config-promotion 2025-08-26 08:02:17 -04:00
Napalys Klicius
8017fae297 Java: Simplify mock call location check using getEnclosingCallable 2025-08-26 09:44:00 +00:00
Jeroen Ketema
704ae1a3b1 Java: Update integration test after query removal 2025-08-26 11:19:42 +02:00
Napalys Klicius
1abb8ad54a Java: Use strictcount instead of count for method counting 
Co-authored-by: michaelnebel <michaelnebel@github.com>
 2025-08-26 08:41:33 +00:00
Napalys Klicius
b271f1fcd0 Java: Renamed query java/mocking-all-non-private-methods-means-unit-test-is-too-big to java/excessive-public-method-mocking and changed wording from non-private to public 2025-08-26 08:37:57 +00:00
Anders Schack-Mulligen
4be995dc19 Merge pull request #20267 from aschackmull/java/nullness-fix 
Java: Add more nullness tests and fix a bug causing false negatives.
 2025-08-25 09:13:25 +02:00
Anders Schack-Mulligen
891ce62948 Merge pull request #17660 from knewbury01/knewbury01/improve-quality-java-set 
Remove unnecessary query
 2025-08-25 08:37:02 +02:00
Napalys Klicius
38f517ecfa Java: Add lambda-aware test detection to VisibleForTesting query 2025-08-24 10:02:43 +00:00
Napalys Klicius
4149968f33 Java: Remove the hardcoded path filter that excluded CodeQL's own unit tests from the java/visible-for-testing-abuse query. 2025-08-24 09:58:35 +00:00
Jami Cogswell
f0542dd828 Java: add summary to change note 2025-08-22 17:17:51 -04:00
Napalys Klicius
4a693d9b60 Update java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.ql 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2025-08-22 16:09:46 +02:00
Anders Schack-Mulligen
e343fd32d3 Java: Add change note. 2025-08-22 14:29:27 +02:00
Anders Schack-Mulligen
f2352f76c0 Java: Teach guards that exceptions in catch-clauses are non-null. 2025-08-22 10:16:42 +02:00
Anders Schack-Mulligen
02452704b2 Java: Fix bug in nullness 2025-08-22 10:15:22 +02:00
Anders Schack-Mulligen
9fc0793d6a Java: More nullness qltests, including highlight of FN bug. 2025-08-22 10:12:48 +02:00
Anders Schack-Mulligen
1c724372f2 Java: More nullness qltests. 2025-08-22 10:08:17 +02:00
Anders Schack-Mulligen
ba252cb5cf Java: Add a couple of difficult condition correlation tests. 2025-08-22 10:08:00 +02:00
Napalys Klicius
4705ad2e32 Java: Added extra test cases for fields 2025-08-22 09:23:49 +02:00
Napalys Klicius
38b3df07ee Java: Address comments 2025-08-22 09:23:49 +02:00
Napalys Klicius
66f2911497 Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2025-08-22 09:23:49 +02:00
Napalys Klicius
0b172080aa Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-22 09:23:49 +02:00
Napalys Klicius
d20fd5beba Java: updated visible-for-testing-abuse meta data and docs. 2025-08-22 09:23:49 +02:00
Napalys Klicius
ea831a8352 Java: Fix VisibleForTestingAbuse false positives in annotations 2025-08-22 09:23:49 +02:00
Napalys Klicius
eb46e54c43 Java: Refactor VisibleForTestingAbuse query to reduce complexity 2025-08-22 09:23:49 +02:00
Napalys Klicius
225723bfeb Java: Exclude @VisibleForTesting-to-@VisibleForTesting access from VisibleForTestingAbuse alerts 2025-08-22 09:23:49 +02:00
Napalys Klicius
e4042402bc Java: Resolve spurious VisibleForTestingAbuse alerts for inner class access patterns 2025-08-22 09:23:49 +02:00