hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
55,201 Commits 1,673 Branches 157 Tags
06b02eb3ceebd9f238b2d1da23e3d79e11ee32b0
Commit Graph

4710 Commits

Author SHA1 Message Date
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Andrew Eisenberg
6ba8f9eb36 Merge pull request #13314 from github/aeisenberg/adds-to-pack 
Fix `addsTo.pack` references
 2023-05-30 08:30:16 -07:00
Andrew Eisenberg
2d81e30d81 Fix addsTo.pack references 
This change is a prerequisite for a CLI change where there will be
strict testing of the `addsTo.pack` values. It must resolve to a pack
reference that is a transitive dependency of the current query's pack.
 2023-05-29 13:45:41 -07:00
Tony Torralba
6386ef3b96 Further perf improvements 2023-05-29 09:58:52 +02:00
Tony Torralba
4dfc9b13cd Java: Fix performance issue in the stub generator 2023-05-26 12:44:53 +02:00
github-actions[bot]
d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Erik Krogh Kristensen
50cb5ea184 Merge pull request #13164 from erik-krogh/polyQhelp 
ReDoS: add another example to the qhelp in poly-redos, showing how to just limit the length of the input
 2023-05-23 09:25:15 +02:00
github-actions[bot]
7aa23cf11d Release preparation for version 2.13.3 2023-05-22 20:47:00 +00:00
erik-krogh
710b309142 apply suggestions from doc review 2023-05-21 22:18:48 +02:00
erik-krogh
10bf17c33e Merge branch 'main' into polyQhelp 2023-05-21 22:17:06 +02:00
Tony Torralba
b58eb3a92c Java: Add TemplateEngine.createTemplate as a groovy injection sink 2023-05-19 17:45:47 +02:00
Tony Torralba
1b06bf132c Merge pull request #12932 from atorralba/atorralba/java/promote-xxe-experimental-sinks 
Java: Promote experimental XXE sinks
 2023-05-17 17:39:31 +02:00
Stephan Brandauer
a5ef738bb0 add extra parameters in query-messages 2023-05-17 08:37:18 +00:00
erik-krogh
480e71fd69 avoid contractions 2023-05-17 08:42:45 +02:00
Stephan Brandauer
2cd8a879a5 use asParameter().getName() instead of toString() 
Co-authored-by: Taus <tausbn@github.com>
 2023-05-16 17:28:02 +02:00
Stephan Brandauer
9845887452 automodel java fix: export method name as 'name' metadata parameter; export parameter name as 'parameterName' parameter 2023-05-16 15:07:14 +00:00
Tony Torralba
770099f210 Merge branch 'main' into atorralba/java/promote-xxe-experimental-sinks 2023-05-16 09:49:34 +02:00
Tony Torralba
7d79d87d48 Add XPath.evaluate as XXE sink 2023-05-15 17:39:35 +02:00
erik-krogh
83ca1495e0 trim the whitespace in the poly-redos examples 2023-05-15 16:47:24 +02:00
erik-krogh
d989359656 add another example to the qhelp in poly-redos, showing how to just limit the length of the input 2023-05-15 16:47:02 +02:00
Kasper Svendsen
d40cd0f275 Java: Make implicit this receivers explicit 2023-05-12 12:47:21 +02:00
Stephan Brandauer
510febf46d Merge pull request #12830 from github/kaeluka/parameter-candidate-extraction 
Java: Automodel Framework Mode Extraction Queries
 2023-05-11 18:00:55 +02:00
Stephan Brandauer
c31ad01579 squash ql-for-ql warnings 2023-05-11 16:18:52 +02:00
Tony Torralba
c17b0e809f Apply suggestions from code review 2023-05-11 14:53:56 +02:00
Anders Schack-Mulligen
587ee53917 Java: Fix ExternalApi.jarContainer(). 2023-05-11 14:09:27 +02:00
Stephan Brandauer
e15610cfcd use ascii dash 2023-05-11 11:32:05 +02:00
Stephan Brandauer
f3d096cf37 update DollarAtString class to use hasLocationInfo instead of getURL 2023-05-10 15:02:22 +02:00
Stephan Brandauer
79f2beca2a ql-for-ql 2023-05-10 14:04:29 +02:00
Stephan Brandauer
cd388264d3 use new DollarAtString class to return metadata using notation 2023-05-10 13:44:50 +02:00
Stephan Brandauer
6be11d93bd document FrameworkCandidatesImpl 2023-05-10 12:03:32 +02:00
Stephan Brandauer
d2d884b007 special case for Argument[this] 2023-05-10 11:53:40 +02:00
Stephan Brandauer
7ae6a992b6 fix code compilation error after main branch breaking change 2023-05-10 11:29:49 +02:00
Stephan Brandauer
9ed3c248ad Merge branch 'main' into kaeluka/parameter-candidate-extraction 2023-05-10 11:26:49 +02:00
Stephan Brandauer
1e5c9e8a58 simplify by using hasQualifiedName 2023-05-10 10:49:27 +02:00
Stephan Brandauer
f43edb8046 rename query files to make framework mode explicit 2023-05-10 10:30:58 +02:00
Stephan Brandauer
170e895593 use newtype for related location type 2023-05-10 10:28:14 +02:00
Stephan Brandauer
5dab1b2a3b leftover renaming label->kind 2023-05-10 10:01:39 +02:00
Stephan Brandauer
1f60fd6d58 use specialized getAParameter predicate, instead of getParameter(_) 2023-05-10 10:01:04 +02:00
Stephan Brandauer
91ae61b744 more documentation 2023-05-10 09:42:22 +02:00
Stephan Brandauer
46741c6e42 rename kind -> label 2023-05-10 09:34:13 +02:00
Stephan Brandauer
85f519b7b4 documentation updates from review comments 2023-05-10 09:33:37 +02:00
Stephan Brandauer
94cb82e553 remove TestFileCharacteristic as it's redundant 2023-05-10 09:06:11 +02:00
Stephan Brandauer
d7aca9e909 use comma separator in concatenation 2023-05-10 08:57:27 +02:00
Kasper Svendsen
0de6e4138f Merge pull request #13037 from kaspersv/kaspersv/java-enable-implicit-this-warnings 
Java: Enable implicit this receiver warnings
 2023-05-09 10:24:31 +02:00
Kasper Svendsen
b0714904c0 Java: Enable implicit this receiver warnings 2023-05-09 08:25:40 +02:00
Michael Nebel
8435c31213 C#/Java: Update model converter queries to handle kind information. 2023-05-08 16:19:00 +02:00
Michael Nebel
d103a57141 Java: Adjust the model generator to produce kinds. 2023-05-08 16:18:59 +02:00
Edward Minnix III
2d5b35067e Merge pull request #12721 from egregius313/egregius313/java/move-configurations-to-libraries 
Java: Move more dataflow configurations to `*Query.qll` files
 2023-05-04 20:14:22 -04:00
Jami
3c74c8bbe0 Merge pull request #13019 from jcogs33/jcogs33/url-open-stream-updates 
Java: switch `url-open-stream` sink models to `experimentalSinkModel`
 2023-05-04 15:07:44 -04:00
Stephan Brandauer
62ab91c14a fix ql-for-ql warning 2023-05-04 17:48:50 +02:00