hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-09 17:16:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
72,495 Commits 1,706 Branches 162 Tags
08859be07bfcf2e297b7baeee5ca216c097e79e2
Commit Graph

394 Commits

Author SHA1 Message Date
Jami Cogswell
05b6700607 Java: add SHA384 to list of secure algorithms 2024-11-25 09:27:53 -05:00
Arthur Baars
c2b342f1a0 Merge pull request #18084 from github/aibaars/java-sha3 
Java: add SHA3 family to list of secure crypto algorithms
 2024-11-25 15:07:43 +01:00
Jami
f0045692a7 Merge pull request #17869 from jcogs33/jcogs33/improve-weak-crypto 
Java: Improve weak crypto query
 2024-11-24 12:04:00 -05:00
Arthur Baars
c6eaed343d Java: add SHA3 family to list of secure crypto algorithms 2024-11-22 19:03:00 +01:00
github-actions[bot]
cc7b724123 Release preparation for version 2.19.3 2024-11-04 16:37:28 +00:00
Jami Cogswell
459d16824e Java: weak crypto: do not report weak hash algorithms 2024-11-03 18:22:06 -05:00
github-actions[bot]
255f55cf1a Release preparation for version 2.19.2 2024-10-15 10:29:25 +00:00
github-actions[bot]
455c8c5953 Release preparation for version 2.19.1 2024-09-30 17:59:48 +00:00
Mauro Baluda
5ae51f0b56 Address review 2024-09-18 19:28:03 +02:00
github-actions[bot]
acdafd9646 Release preparation for version 2.19.0 2024-09-16 10:56:10 +00:00
github-actions[bot]
91537cdf9a Release preparation for version 2.18.4 2024-09-09 16:08:48 +00:00
github-actions[bot]
17cd9624fb Release preparation for version 2.18.3 2024-08-21 17:13:52 +00:00
github-actions[bot]
019da8c287 Release preparation for version 2.18.2 2024-08-07 14:02:38 +00:00
Alexander Eyers-Taylor
46577b585e Revert "Release preparation for version 2.18.2" 2024-08-07 14:24:37 +01:00
github-actions[bot]
c14ba0e4bd Release preparation for version 2.18.2 2024-08-06 12:46:15 +00:00
Anders Schack-Mulligen
4d023f14a6 Merge pull request #17075 from RobbingDaHood/17052-second-try-do-not-expose-error-message 
Java: 17052 Second try: do not expose error message
 2024-08-02 12:44:27 +02:00
Owen Mansel-Chan
8901b1fd14 Merge pull request #17100 from owen-mc/java/sensitive-log/ignore-tokenizer 
Java: whitelist variable names containing "tokenizer" for `java/sensitive-log`
 2024-07-31 12:16:03 +01:00
Owen Mansel-Chan
1cb5f35c56 Add change note 2024-07-30 16:29:38 +01:00
Owen Mansel-Chan
44b6309e07 Add change note 2024-07-30 15:44:00 +01:00
RobbingDaHood
1cb58922a2 Minor changes to formulations for java/error-message-exposure 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2024-07-29 16:48:15 +02:00
Daniel Winther Petersen
1c1ba7734f Now alerts about exposing exception.getMessage() in servlet responses are split out of java/stack-trace-exposure into its own alert java/error-message-exposure because this is a better fit. 2024-07-25 18:12:45 +02:00
Owen Mansel-Chan
4c8da54b64 Merge pull request #17036 from chmodxxx/sbaddou/fix 
Java: Move SensitiveLoggerConfig source to extensible format
 2024-07-23 14:55:26 +01:00
Salah Baddou
092de640fe add change-notes 2024-07-23 11:04:56 +01:00
github-actions[bot]
368bcb684a Release preparation for version 2.18.1 2024-07-22 21:30:50 +00:00
Chuan-kai Lin
23320b6e5e Revert "Release preparation for version 2.18.1" 2024-07-22 13:22:49 -07:00
github-actions[bot]
55935fc123 Release preparation for version 2.18.1 2024-07-22 14:56:15 +00:00
Owen Mansel-Chan
e2356d9820 Merge pull request #16914 from owen-mc/java/android-app-detection 
Java: Improve Android app detection
 2024-07-16 21:52:43 +01:00
github-actions[bot]
b0d6778652 Release preparation for version 2.18.0 2024-07-08 09:10:51 +00:00
Owen Mansel-Chan
de5fc4e609 Add change notes 2024-07-07 00:24:27 +01:00
Arthur Baars
b12b33c8f9 Merge remote-tracking branch 'upstream/main' into 'rc/3.14' 2024-06-28 19:50:35 +02:00
github-actions[bot]
e32a587078 Release preparation for version 2.17.6 2024-06-24 14:33:10 +00:00
Michael Nebel
5686efd25c Update java/ql/src/change-notes/2024-06-17-tainted-permissions-check.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-06-17 16:47:22 +02:00
Michael Nebel
c3862660e4 Java: Add change note. 2024-06-17 11:07:29 +02:00
Mathias Vorreiter Pedersen
67b327a0f7 Merge pull request #16725 from MathiasVP/rc-3.14-mergeback 
Mergeback from `rc/3.14`
 2024-06-11 17:37:40 +01:00
Mathias Vorreiter Pedersen
3351b9547d Merge branch 'rc/3.14' into rc-3.14-mergeback 2024-06-11 16:21:08 +01:00
Mauro Baluda
e9dba59f11 Merge branch 'main' into main 2024-06-10 19:57:00 +02:00
github-actions[bot]
877bfa2468 Release preparation for version 2.17.5 2024-06-10 13:40:39 +00:00
Mauro Baluda
71505f4003 Added more org.apache.commons.io.FileUtils-related sinks to the path injection query. 2024-06-10 11:29:51 +02:00
Rakshith Gopalakrishna
798a736d16 fix: update changelog 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-06-04 11:20:05 -07:00
Rakshith Gopala krishna
0f63f0dda2 docs: add changenote 2024-06-04 11:20:05 -07:00
Tony Torralba
f16dd8c010 Apply code review suggestions. 2024-06-04 10:35:11 +02:00
Tony Torralba
f84c2a842d Java: Add more File-related sinks for path-injection 2024-06-04 10:35:07 +02:00
Mauro Baluda
48fc44baff Add release notes 2024-05-30 23:21:12 +02:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Dave Bartolomeo
f498e05099 Merge branch 'main' into dbartol/v1 2024-05-23 14:37:28 -04:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Arthur Baars
5c4eb3c943 Java: add change note 2024-05-23 13:06:01 +00:00
Anders Schack-Mulligen
7828cb8f5a Java: Add change note. 2024-05-22 10:27:33 +02:00
Michael Nebel
b1329fd806 Merge pull request #16362 from michaelnebel/java/removelocalqueries 
Java: Remove local query variants.
 2024-05-16 14:34:04 +02:00
github-actions[bot]
100166fa53 Release preparation for version 2.17.3 2024-05-14 19:23:18 +00:00