hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-16 07:54:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
69,354 Commits 1,680 Branches 158 Tags
0dfdee775b336ebb31e862f648db273a22ee4a48
Commit Graph

554 Commits

Author SHA1 Message Date
Chris Smowton
95e504a5ff Merge branch 'main' into am0o0-java-PathInjection 2024-08-05 11:41:25 +01:00
am0o0
4169cfac9f use the current slf4j stubs instead of new one 2024-08-03 14:12:18 +02:00
am0o0
ee9f134828 update current springframework core stub and use this instead of creating a new stubs 2024-08-02 01:00:34 +02:00
am0o0
af43178602 move slf4j to a separate dir 2024-08-02 00:35:20 +02:00
am0o0
1551cf0093 move java/ql/test/experimental/stubs/org-springframework-6.1.4/org/reactivestreams into a separate dir 2024-08-02 00:06:02 +02:00
Anders Schack-Mulligen
377301a55a Merge pull request #17108 from aschackmull/dataflow/flowthrough-provenance 
Dataflow: Propagate provenance correctly for flow-through wrappers.
 2024-08-01 09:35:56 +02:00
Owen Mansel-Chan
6280ed2a6b Merge pull request #13555 from am0o0/amammad-java-bombs 
Java: Decompression Bombs
 2024-07-31 14:55:28 +01:00
Anders Schack-Mulligen
9724516c84 C#/Go/Java/Python/Ruby: Accept qltest .expected changes. 2024-07-31 14:45:10 +02:00
Jami Cogswell
2db07bdbf3 Java: add missing models to experimental expected files 2024-07-30 12:13:18 -04:00
am0o0
591b1b4f07 use $ SPURIOUS: instead of "this test gives a FP" 2024-07-30 17:53:23 +02:00
am0o0
9662950405 add comments for FPs 2024-07-30 13:24:46 +02:00
am0o0
4dc1a10f71 update tests for zip4j, add aditional flow steps for zip4j, remove BombTypeInputStream class since we don't need it anymore, add a predicate which was for testing porpose and was junk 2024-07-29 18:10:04 +02:00
Jami Cogswell
0a382bf0cf Java: use post-process provenance pretty-printing in experimental/query-tests 2024-07-28 18:13:20 -04:00
am0o0
c8749ff82e Merge branch 'amammad-java-bombs' of https://github.com/am0o0/codeql into amammad-java-bombs 2024-07-28 12:15:23 +02:00
am0o0
209fa1a10a update tests 2024-07-28 12:15:07 +02:00
am0o0
7689db7d42 change apache commons sink 2024-07-28 12:09:33 +02:00
am0o0
1b97804f45 update tests 2024-07-28 11:45:48 +02:00
Ed Minnix
ad4bca9975 Fix provenance in tests 2024-07-18 18:18:24 -04:00
Owen Mansel-Chan
9a66e66d66 Merge branch 'main' into amammad-java-bombs 2024-07-18 21:28:23 +01:00
Jami Cogswell
f90df85722 Java: update provenance numbers in tests again 2024-07-16 11:55:46 -04:00
Anders Schack-Mulligen
37d78249e7 Java: Update provenance ids. 2024-07-16 11:11:54 +02:00
am0o0
d8e2d355df categorize the new stubs 2024-07-13 17:25:38 +02:00
am0o0
1d1c476674 update tests and use TaintFlowTestArgString 
add stubs
add missed sink models
 2024-07-13 16:58:51 +02:00
Chris Smowton
1cb9f6370f Use hasTaintFlow marker 2024-07-13 13:09:43 +02:00
Chris Smowton
059a1389c6 Run TaintedPath query on experimental tests 2024-07-13 13:09:26 +02:00
Chris Smowton
4e9a528df9 Move experimental tests 2024-07-13 13:09:08 +02:00
am0o0
025aa77e79 add the snappy missed sink 2024-07-13 11:15:45 +02:00
am0o0
3868b386f3 update inline tests 2024-07-13 10:47:42 +02:00
am0o0
0165696a1e update tests 2024-07-13 10:33:35 +02:00
am0o0
c824aa4e45 delete pom.xml 2024-07-13 10:21:53 +02:00
Jami Cogswell
6b497da15f Java: fix line number changes in tests 2024-07-11 15:33:09 -04:00
am0o0
dd4bce8e30 finilize tests 2024-07-09 19:48:58 +02:00
am0o0
fe1103d997 add stubs, upgrade test to inline test, update test files 2024-07-04 15:25:36 +02:00
am0o0
7df59ffe6c update tests, is not completed yet :) 2024-07-01 18:22:27 +02:00
Jami Cogswell
be565288f2 Java: update more test cases due to shifted alert provenance line numbers 2024-06-27 22:08:38 -04:00
Mauro Baluda
a464a8e48e @mbaluda 
Update provenance in test expectations
 2024-06-11 15:15:50 +02:00
Mauro Baluda
bb5ef3ccd9 Update provenance in test expectations 2024-06-10 19:57:37 +02:00
Tony Torralba
292395b80e Update test expectations 2024-06-04 10:35:16 +02:00
Anders Schack-Mulligen
15a7c3faeb Java: Accept qltest .expected file changes. 2024-05-22 15:42:40 +02:00
Anders Schack-Mulligen
a650499a9c Java: Accept qltest .expected file changes (interesting). 2024-05-22 15:42:12 +02:00
Anders Schack-Mulligen
a74cf6501a Java: update qltest expected files. 2024-05-22 11:13:06 +02:00
Rasmus Wriedt Larsen
2451a6d3f6 Accept .expected changes 2024-05-21 14:47:42 +02:00
am0o0
02b0b402d6 remove useless predicate 
add missed FlowState
 2024-05-12 19:29:37 +02:00
am0o0
484923e706 update test files 2024-05-12 18:21:17 +02:00
Am
9946e07f36 Merge branch 'github:main' into amammad-java-bombs 2024-05-12 13:17:02 +02:00
Anders Schack-Mulligen
f85ff9defc Java: Update expected output (interesting). 2024-04-12 09:20:28 +02:00
Anders Schack-Mulligen
c2f5731e8d Java: Update expected output (uninteresting). 2024-04-12 09:20:26 +02:00
Jami Cogswell
a8eb1d10f6 Java: remove experimental tests 2024-03-17 22:35:27 -04:00
Anders Schack-Mulligen
e9e445b2ba Java: Add empty provenance column to expected files. 2024-02-09 11:32:00 +01:00
Tony Torralba
e2bf9ea2eb Consider File.exists() et al a path-injection sink 2024-01-30 14:51:36 +01:00