hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,130 Commits 1,673 Branches 157 Tags
0c6ace350fd8c17afdba1a1fc957d75a143d0c4e
Commit Graph

7279 Commits

Author SHA1 Message Date
Tony Torralba
0c6ace350f Update java/ql/src/Security/CWE/CWE-295/AndroidMissingCertificatePinning.ql 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-12-19 16:24:39 +01:00
Tony Torralba
484a16ce1b Update java/ql/src/Security/CWE/CWE-295/AndroidMissingCertificatePinning.ql 2022-12-19 12:10:32 +01:00
Tony Torralba
a880fecc8b Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-12-19 11:56:36 +01:00
Joe Farebrother
12dc11aa18 Add qldoc 2022-12-09 15:07:49 +00:00
Joe Farebrother
8de5efb28f Add SetDefaultConnectionFactoryMethod class 2022-12-09 13:41:18 +00:00
Joe Farebrother
0dea5daffe Change import for consistency, fix some typos 2022-12-09 13:41:18 +00:00
Joe Farebrother
2be68b2f1d Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-12-09 13:41:18 +00:00
Joe Farebrother
a14ebb7c03 Fixes 2022-12-09 13:41:18 +00:00
Joe Farebrother
fae4043008 Add change note 2022-12-09 13:41:18 +00:00
Joe Farebrother
603c1c1693 Add the domain used to the alert message 2022-12-09 13:41:18 +00:00
Joe Farebrother
ceb253e6d1 Add qhelp 2022-12-09 13:41:18 +00:00
Joe Farebrother
749ecab6b1 Add security severity 2022-12-09 13:41:18 +00:00
Joe Farebrother
0d6a376a36 Add test cases for TrustManager case 2022-12-09 13:41:18 +00:00
Joe Farebrother
c8aca06190 Implement pinning through a TrustManager 
+ Fix that the query was accidentally placed in experimental
 2022-12-09 13:41:18 +00:00
Joe Farebrother
4afecf575e Generate more stubs for okhttp and fix tests. 
Some generated stubs needed to be manually corrected.
 2022-12-09 13:41:17 +00:00
Joe Farebrother
bb402c497b Fix typo in dir name 2022-12-09 13:41:17 +00:00
Joe Farebrother
53c4ada883 Add okhttp tests 2022-12-09 13:41:17 +00:00
Joe Farebrother
c32dc1e674 Implement okhttp support 2022-12-09 13:41:17 +00:00
Joe Farebrother
da7032d3d6 Add qldoc 2022-12-09 13:41:17 +00:00
Joe Farebrother
ea3db5d429 Add test cases 2022-12-09 13:41:17 +00:00
Joe Farebrother
c3da3a9aef Add a bit of additional context to the alert message; fix issue with finding the config file 2022-12-09 13:41:17 +00:00
Joe Farebrother
17348fbd32 Add android certificate pinning query 2022-12-09 13:41:17 +00:00
Tamas Vajk
6bcfdfca88 Adjust getExtensionReceiverParameterIndex predicate name and change note 2022-12-09 10:29:52 +01:00
Tamas Vajk
e410e2744b Add change note 2022-12-09 10:29:52 +01:00
Tamas Vajk
ce5509a080 Kotlin: Adjust MaD argument shifting for $default method 2022-12-09 10:29:52 +01:00
Tamas Vajk
243c311b3d Accept unit test changes 2022-12-09 10:29:52 +01:00
Tamas Vajk
81c35c8b27 Adjust PathSanitizer to use fixed $default extension method functionality 2022-12-09 10:29:52 +01:00
Tamas Vajk
f646938d91 Revert "Kotlin: Adjust ExtensionReceiverAccess.toString to not return hard coded this value" 
This reverts commit 9649a8f64aa47d860d3ce2d005a939df75ee0e41.
 2022-12-09 10:29:52 +01:00
Tamas Vajk
ac5219fc7a Kotlin: Adjust ExtensionReceiverAccess.toString to not return hard coded this value 2022-12-09 10:29:52 +01:00
Tamas Vajk
d93dce0fa9 Kotlin: Fix extension and dispatch parameter order in $default functions 2022-12-09 10:29:51 +01:00
Tamas Vajk
6457e059f5 Kotlin: Fix extraction of $default extension functions 2022-12-09 10:26:44 +01:00
Tamas Vajk
43f23801f5 Kotlin: Add test for extension $default functions 2022-12-09 10:26:44 +01:00
Chris Smowton
cddb5c5e2d Merge pull request #11616 from smowton/smowton/fix/callable-modality-abstraction 
Kotlin: extract callable modality
 2022-12-09 08:07:57 +00:00
Chris Smowton
1d209d1bcd Accept modifiers test changes 2022-12-08 22:52:40 +00:00
Henry Mercer
d196704a2d Merge pull request #11574 from github/henrymercer/check-query-ids 
Add a PR check to ensure query IDs are unique
 2022-12-08 15:31:26 +00:00
Chris Smowton
d0a2c1c9b6 Accept test changes 2022-12-08 14:44:43 +00:00
Chris Smowton
85ee4e6ca1 Merge pull request #11578 from retanoj/MybatisSqli 
Java: Add MyBatis Sql Injection no @Param case
 2022-12-08 13:53:44 +00:00
Henry Mercer
3036b15af2 Merge branch 'main' into henrymercer/check-query-ids 2022-12-08 13:05:46 +00:00
Chris Smowton
0d2474bd55 Autoformat 2022-12-08 11:30:53 +00:00
Chris Smowton
49bc524fd0 Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main 2022-12-08 11:12:30 +00:00
retanoj
0edfc6e01e greedy matching 2022-12-08 09:23:24 +08:00
Chris Smowton
9f9a51685b Merge pull request #11510 from smowton/smowton/fix/kotlin-populate-source-class-files 
Kotlin: stub trap .class files when extracting a class from Kotlin source
 2022-12-07 14:33:42 +00:00
Edward Minnix III
170c9af9e8 Merge pull request #11238 from egregius313/egregius313/webview-setjavascriptenabled 
Java: Query for detecting enabling Javascript in Android WebSettings
 2022-12-07 09:31:58 -05:00
retanoj
9cfeaeb18e Merge branch 'main' into MybatisSqli 2022-12-07 21:19:08 +08:00
Jami
5e694b5983 Merge pull request #11192 from jcogs33/jcogs33/share-key-sizes 
Share encryption key sizes between Java and Python
 2022-12-07 08:08:24 -05:00
Chris Smowton
c526020fd4 Note TODO re: re-enabling suspend function Java interop testing 2022-12-07 11:51:48 +00:00
Chris Smowton
ecbb96ffc1 Remove no-longer-needed diagnostic expectations 2022-12-07 11:50:41 +00:00
Tony Torralba
cabce5fb36 Merge pull request #11549 from mbaluda/mbaluda/insecure-cookie 
Java: Support interprocedural setting of cookie security
 2022-12-07 12:14:46 +01:00
Tony Torralba
321a2f5a73 Merge pull request #11550 from atorralba/atorralba/kotlin/adapt-path-sanitizer 
Kotlin: Adapt PathSanitizer
 2022-12-07 12:08:00 +01:00
Tony Torralba
6dcc0cc188 Further simplification 2022-12-07 10:50:23 +01:00