hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-14 15:04:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
68,978 Commits 1,680 Branches 158 Tags
123dcc75d1bf1cd342de907b8047eb6d2821e490
Commit Graph

12235 Commits

Author SHA1 Message Date
Owen Mansel-Chan
8901b1fd14 Merge pull request #17100 from owen-mc/java/sensitive-log/ignore-tokenizer 
Java: whitelist variable names containing "tokenizer" for `java/sensitive-log`
 2024-07-31 12:16:03 +01:00
Owen Mansel-Chan
59e22f6cd9 Merge pull request #17101 from owen-mc/java/dead-ref-types-junit-4-5 
Java: Fix FPs in `java/unused-reference-type` for JUnit 4-style tests
 2024-07-31 11:11:35 +01:00
Edward Minnix III
bae0ea5599 Merge pull request #17042 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-30 20:04:23 -04:00
Jami Cogswell
2db07bdbf3 Java: add missing models to experimental expected files 2024-07-30 12:13:18 -04:00
Owen Mansel-Chan
1cb5f35c56 Add change note 2024-07-30 16:29:38 +01:00
Owen Mansel-Chan
cd0af0fc57 Ignore types with methods which have annotations 
The motivation is test classes in JUnit 4 and 5 are currently FPs for this. They have methods with `@Test`, so this should fix the FPs.
 2024-07-30 16:29:35 +01:00
Owen Mansel-Chan
050dcb1370 Add some tests for java/unused-reference-type 2024-07-30 16:29:11 +01:00
Jami
2c8f3a58b3 Merge branch 'main' into jcogs33/java/provenance-postprocess-qltest 2024-07-30 10:53:52 -04:00
Owen Mansel-Chan
44b6309e07 Add change note 2024-07-30 15:44:00 +01:00
Owen Mansel-Chan
e259b25428 Add "tokenizer" to sensitive variable name FPs 2024-07-30 15:38:32 +01:00
Owen Mansel-Chan
0704946324 Factor out matching sensitive variable name FPs 2024-07-30 15:37:54 +01:00
Owen Mansel-Chan
bdff0fdcc5 Add test for "tokenizer" 2024-07-30 15:37:46 +01:00
Owen Mansel-Chan
0d71072f94 Make test more compact 2024-07-30 15:36:59 +01:00
Arthur Baars
0d469536ae Merge pull request #17065 from github/aibaars/proxy-tests 
Java: integration tests with proxy server
 2024-07-30 15:53:45 +02:00
Anders Schack-Mulligen
5073f4f7dd Merge pull request #17096 from aschackmull/java/pp-experimental-models 
Java: Pretty-print experimental models for qltest.
 2024-07-30 13:31:15 +02:00
Anders Schack-Mulligen
da5250d3a7 Java: Pretty-print experimental models for qltest. 2024-07-30 11:43:44 +02:00
github-actions[bot]
d39609254c Add changed framework coverage reports 2024-07-30 00:18:23 +00:00
Ian Lynagh
1530037eae Merge pull request #17071 from igfoo/igfoo/dep_env 
Java/Kotlin: Remove support for deprecated SOURCE_ARCHIVE and TRAP_FOLDER
 2024-07-29 14:55:50 +01:00
Jami Cogswell
bab89c46b6 Java: use post-process provenance pretty-printing in library-tests 2024-07-28 18:13:58 -04:00
Jami Cogswell
0a382bf0cf Java: use post-process provenance pretty-printing in experimental/query-tests 2024-07-28 18:13:20 -04:00
Jami Cogswell
c70d39539e Java: use post-process provenance pretty-printing in query-tests 2024-07-28 18:12:17 -04:00
Jami
0ba5a74f6a Merge pull request #17074 from jcogs33/jcogs33/java/fix-regex-use-comments 
Java: fix comments about use of sink kind `regex-use`
 2024-07-26 08:57:39 -04:00
Arthur Baars
b34b589005 Merge branch 'main' into aibaars/proxy-tests 2024-07-26 09:24:54 +02:00
Owen Mansel-Chan
c051d33cc7 Merge branch 'main' into dataflow/provenance-postprocess-qltest 2024-07-26 08:04:05 +01:00
Jami
91f5f086fb Merge pull request #17025 from jcogs33/jcogs33/java/adjust-url-syntheticfield 
Java: add TaintInheritingContent for URL synthetic fields
 2024-07-25 12:11:39 -04:00
Arthur Baars
9d6260b334 Copy os.environment 
Prevents cryptic "OSError: [WinError 10106] The requested service provider could not be loaded or initialized" error from Python subprocess call
 2024-07-25 17:59:11 +02:00
Jami Cogswell
eea3e82cca Java: fix 'regex-use' comments 2024-07-25 10:39:03 -04:00
Anders Schack-Mulligen
c693f03462 Merge pull request #17070 from aschackmull/dataflow/pptype-refactor 
Dataflow: Replace `ppReprType` with `DataFlowType.toString`.
 2024-07-25 14:30:08 +02:00
Ian Lynagh
225d2915e5 Java/Kotlin: Add changenote for dropping SOURCE_ARCHIVE/TRAP_FOLDER 2024-07-25 12:48:55 +01:00
Ian Lynagh
e4b9335ce0 Kotlin: Remove support for deprecated SOURCE_ARCHIVE and TRAP_FOLDER 2024-07-25 12:46:13 +01:00
Anders Schack-Mulligen
7a48fe1102 Dataflow: Replace ppReprType with DataFlowType.toString. 2024-07-25 13:08:47 +02:00
Arthur Baars
8e7e7c0188 Update exepected output 2024-07-25 10:50:18 +02:00
Arthur Baars
9478139390 Java: buildless: proxy test with gradle 2024-07-25 08:34:11 +02:00
Arthur Baars
5a1adc51c1 Java: buildless: proxy test with maven 2024-07-25 08:32:48 +02:00
Arthur Baars
a35be08d18 Java: buildess proxy tests: add mitm_proxy.py 
A mock implementation of an https man-in-the-middle proxy
 2024-07-25 08:32:02 +02:00
Owen Mansel-Chan
5a39610ba7 Merge pull request #17053 from owen-mc/java/fix/regex-use-sink-kind 
Java: Add comments about use of sink kind `regex-use`
 2024-07-24 21:08:52 +01:00
Jami Cogswell
5854e88f63 Java: add change note 2024-07-24 16:00:38 -04:00
Owen Mansel-Chan
3edeb82d5b Add comment by models using regex-use sink kind 2024-07-23 21:40:45 +01:00
Owen Mansel-Chan
89f958105a Mention regex-use sink kind in QLDoc for regexSinkKindInfo 2024-07-23 21:38:30 +01:00
Owen Mansel-Chan
4c8da54b64 Merge pull request #17036 from chmodxxx/sbaddou/fix 
Java: Move SensitiveLoggerConfig source to extensible format
 2024-07-23 14:55:26 +01:00
Chuan-kai Lin
67dac96e80 Merge pull request #17041 from github/post-release-prep/codeql-cli-2.18.1 
Post-release preparation for codeql-cli-2.18.1
 2024-07-23 06:48:30 -07:00
Salah Baddou
4f80ae2190 Merge branch 'main' into sbaddou/fix 2024-07-23 12:03:13 +01:00
Salah Baddou
092de640fe add change-notes 2024-07-23 11:04:56 +01:00
Owen Mansel-Chan
ff8bb2b1f8 Merge pull request #16760 from owen-mc/java/reverse-dns-separate-threat-model-kind 
Java: make a separate threat model kind for reverse DNS sources
 2024-07-23 10:08:52 +01:00
Anders Schack-Mulligen
b5b9c4d931 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
Java: Make class private
 2024-07-23 10:07:51 +02:00
Anders Schack-Mulligen
bb86a07a93 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
fix typo
 2024-07-23 10:03:07 +02:00
Anders Schack-Mulligen
5912a17ab4 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
Autoformat
 2024-07-23 10:01:49 +02:00
github-actions[bot]
49cc8f8ff8 Post-release preparation for codeql-cli-2.18.1 2024-07-22 22:00:48 +00:00
Chuan-kai Lin
a5fe3f4d9c Minor changelog improvements 2024-07-22 14:34:56 -07:00
github-actions[bot]
368bcb684a Release preparation for version 2.18.1 2024-07-22 21:30:50 +00:00