hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
44,884 Commits 1,673 Branches 157 Tags
01c2a8cbba765d4fe1750d03fa89d95cc43b7d88
Commit Graph

7494 Commits

Author SHA1 Message Date
Jami
56e3334c6d Merge pull request #10479 from jcogs33/android-service-sources 
Java: add Android service sources
 2022-09-27 12:40:18 -04:00
Jami Cogswell
7e0c61de2c switch to hasName 2022-09-27 10:45:52 -04:00
Tamas Vajk
847a64c03b Kotlin: extract call target even if it's unbound 2022-09-27 15:30:38 +02:00
Tony Torralba
be9509ceb9 Merge pull request #9199 from luchua-bc/java/unsafe-url-forward-dispatch-load 
Java: CWE-552 Query to detect unsafe resource loading in Java Spring applications
 2022-09-27 15:27:51 +02:00
Erik Krogh Kristensen
162edd6883 Merge pull request #10586 from erik-krogh/pyRegFix 
ReDoS: fix RegExpEscape::getValue having multiple results for some escapes
 2022-09-27 14:41:18 +02:00
Tom Hvitved
335e1a8233 Address review comments 2022-09-27 13:36:52 +02:00
Tony Torralba
7ff82bbed3 Update java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll 2022-09-27 13:26:21 +02:00
erik-krogh
7675571daa fix RegExpEscape::getValue having multiple results for some escapes 2022-09-27 13:25:23 +02:00
Tamás Vajk
9358070ae9 Merge pull request #10506 from tamasvajk/kotlin-enum-type-access 
Kotlin: Fix type access expressions in enum constructor calls
 2022-09-27 12:42:30 +02:00
Tamás Vajk
8a6d56a57d Merge pull request #10520 from tamasvajk/kotlin-fix-anonymous-object-comment 
Kotlin: Fix comment extraction for anonymous objects
 2022-09-27 12:42:05 +02:00
Tom Hvitved
45fc62f16b Data flow: Sync files 2022-09-26 20:39:48 +02:00
Anders Schack-Mulligen
1687d08587 Dataflow: Sync. 2022-09-26 16:10:03 +02:00
Anders Schack-Mulligen
17dba00264 Dataflow: Minor visibility cleanup. 2022-09-26 16:09:42 +02:00
Joe Farebrother
af41f2b903 Remove 'here'. 2022-09-26 13:36:14 +01:00
erik-krogh
46b5bf32f9 update alert-messsages of java queries 2022-09-26 12:15:25 +02:00
Marcono1234
c40b6285a2 Java: Adjust ImpossibleJavadocThrows.ql 2022-09-26 12:08:43 +02:00
Anders Schack-Mulligen
f4ef4342c2 Merge pull request #10558 from aschackmull/java/static-init-vector-perf 
Java: Improve performance of StaticInitializationVector.
 2022-09-26 10:50:49 +02:00
Chris Smowton
2a2b939078 Lint 2022-09-25 16:48:10 +01:00
Marcono1234
fd99ae78b3 Java: Rename predicate to getATypeInScope 2022-09-25 14:44:16 +02:00
Chris Smowton
f774467892 Kotlin: annotation properties should be java.lang.Class not KClass 
As documented at https://kotlinlang.org/docs/annotations.html#constructors, annotation properties of type KClass get rewritten when targeting the JVM.
 2022-09-25 11:53:50 +01:00
Chris Smowton
9aebe87c67 Merge pull request #10523 from smowton/smowton/admin/jdk18-extractor-test-changes 
Java: Disable Kotlin element of test re: database inconsistency exposed by JDK18 extractor upgrade
 2022-09-24 17:00:10 +01:00
Chris Smowton
60f6772f9e Merge pull request #10542 from github/smowton/fix/kotlin-unit-testing-plugin-version 
Kotlin unit tests: use best plugin version compatible with environment kotlinc
 2022-09-24 16:42:59 +01:00
Jami Cogswell
9b4201f880 update FileService 2022-09-23 22:46:55 -04:00
Jami Cogswell
1e01657577 add onBind to FileService to see if it fixes Java Language Tests failure 2022-09-23 18:59:27 -04:00
Jami Cogswell
9acda05dbd update Service stub 2022-09-23 18:59:27 -04:00
Jami Cogswell
65f3ae9829 clean up files 2022-09-23 18:59:27 -04:00
Jami Cogswell
7e13610d24 minor qldoc update 2022-09-23 18:59:27 -04:00
Jami Cogswell
24b34cd32f add a few more tests, and some clean-up 2022-09-23 18:59:27 -04:00
Jami Cogswell
7a96727c59 add tests 2022-09-23 18:59:27 -04:00
Jami Cogswell
367c31bf17 add change note 2022-09-23 18:59:27 -04:00
Jami Cogswell
decba39c09 add service flow sources 2022-09-23 18:59:27 -04:00
Dave Bartolomeo
3bd456e52d Merge pull request #10565 from github/post-release-prep/codeql-cli-2.11.0 
Post-release preparation for codeql-cli-2.11.0
 2022-09-23 18:13:59 -04:00
github-actions[bot]
6cef0af5df Post-release preparation for codeql-cli-2.11.0 2022-09-23 21:01:40 +00:00
Ian Lynagh
8c13738199 Merge pull request #10556 from igfoo/igfoo/memo 
Kotlin: Simplify trapFilePathForDecl
 2022-09-23 14:59:20 +01:00
luchua-bc
8effbff817 Remove unused code and update qldoc 2022-09-23 12:43:39 +00:00
Tamás Vajk
43ec5dcc9a Merge pull request #10549 from tamasvajk/kotlin-fix-local-class-extraction 
Kotlin: Fix non-nested local class extraction
 2022-09-23 14:40:59 +02:00
Anders Schack-Mulligen
dcc3f9e0a2 Java: Improve performance of StaticInitializationVector. 2022-09-23 14:39:32 +02:00
luchua-bc
e33d786745 Add test cases and reduce FPs 2022-09-23 12:31:16 +00:00
luchua-bc
251f67dcf3 Use the new CSV model 2022-09-23 12:31:16 +00:00
luchua-bc
b3572747f0 Simplify test case and minor update to the query 2022-09-23 12:31:15 +00:00
luchua-bc
311c9e4719 Query to detect unsafe resource loading in Java Spring applications 2022-09-23 12:31:15 +00:00
Ian Lynagh
70dae17d2f Kotlin: Simplify trapFilePathForDecl 2022-09-23 12:41:41 +01:00
Tamas Vajk
d6e31af985 Kotlin: Fix non-nested local class extraction 2022-09-23 11:23:21 +02:00
Tamas Vajk
b4eb4ec837 Kotlin: Add test case for top level local class extraction 2022-09-23 11:19:09 +02:00
Tom Hvitved
8b424d181a Merge pull request #10505 from hvitved/dataflow/viable-impl-in-ctx-consistency 
Data flow: Guard against `viableImplInCallContext` not being a subset of `viableCallable`
 2022-09-23 10:38:48 +02:00
github-actions[bot]
f5cf8cffa3 Release preparation for version 2.11.0 2022-09-22 20:14:12 +00:00
Chris Smowton
3fe1550943 Kotlin unit tests: use best plugin version compatible with environment kotlinc 2022-09-22 21:11:47 +01:00
Chris Smowton
cea90d535d Disable Kotlin element of test library-tests/frameworks/android/widget 
This is disabled for now because Kotlin doesn't extract java.lang.CharSequence.toString, even though that interface redeclares toString, and JDK18 points a call (syntactically to Editable.toString) that previous JDKs pointed at
Object.toString. This produces a database inconsistency that should be fixed Kotlin-side.
 2022-09-22 20:44:37 +01:00
Dave Bartolomeo
cee0e8e137 Merge pull request #10532 from github/henrymercer/3.7-mergeback 
Final mergeback from `rc/3.7`
 2022-09-22 13:42:59 -04:00
Tom Hvitved
ad6b870f94 Data flow: Sync files 2022-09-22 15:01:33 +02:00