hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,989 Commits 1,693 Branches 161 Tags
160f3b43128b760ccb14aa4a4b2a053d3edc8a49
Commit Graph

1343 Commits

Author SHA1 Message Date
Joe Farebrother
160f3b4312 Remove ArrayElement from sink specifications 2021-07-01 14:41:39 +01:00
Joe Farebrother
1a06c132be Use ArrayElement of to handle arargs case in SpringJdbc.qll 2021-07-01 14:38:20 +01:00
Joe Farebrother
29f82fc81f Use ArrayElementOf in Android sinks 2021-07-01 14:38:19 +01:00
Joe Farebrother
95d8018a43 Include overrides for SQLiteQueryBuilder sinks 2021-07-01 14:38:19 +01:00
Joe Farebrother
0d4f8aedb8 Use Argument ranges in CSV rows 2021-07-01 14:38:19 +01:00
Joe Farebrother
7926d16844 Convert SQL sinks to CSV format 2021-07-01 14:38:19 +01:00
Anders Schack-Mulligen
cda5c22f6e Merge pull request #5590 from github/sauyon/java-spring-errors 
Add models for Spring validation.Errors
 2021-07-01 14:29:49 +02:00
Anders Schack-Mulligen
37f8794d01 Merge pull request #6165 from edoardopirovano/fix-regression 
Performance: Improve join order in data flow library
 2021-07-01 14:13:18 +02:00
Anders Schack-Mulligen
d8b017e6c0 Merge pull request #6036 from atorralba/atorralba/spring-beans 
Java: Flow summaries for Spring's Bean Properties classes
 2021-06-30 15:41:24 +02:00
Anders Schack-Mulligen
f03d460e95 Java: Fix bad join-order. 2021-06-30 13:42:45 +02:00
Tony Torralba
0bb9e464b2 Merge branch 'main' into atorralba/spring-beans 2021-06-30 12:55:10 +02:00
Tony Torralba
9d64cadb50 Adapt tests after applying changes from code review 2021-06-30 10:02:03 +02:00
Tony Torralba
b64b8ecec2 Apply suggestions from code review 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2021-06-30 09:52:22 +02:00
Sauyon Lee
52d1901d6e Adjust validation models to reflect array parameters 2021-06-29 12:01:24 -07:00
Edoardo Pirovano
8354f66c29 Performance: Improve join order in data flow library 2021-06-29 18:23:22 +01:00
Sauyon Lee
b76f761e56 Import springvalidation in ExternalFlow.qll 2021-06-29 05:51:58 -07:00
Sauyon Lee
92f1c51653 fixup! Add models for Spring validation.Errors 
Rename SpringErrors to SpringValidation
 2021-06-29 05:51:36 -07:00
Sauyon Lee
534ab86900 Add models for Spring validation.Errors 2021-06-29 05:51:21 -07:00
Anders Schack-Mulligen
ad8bef5177 Update java/ql/src/semmle/code/java/frameworks/spring/SpringUtil.qll 2021-06-29 14:08:48 +02:00
Chris Smowton
9551321592 Fix LinkedMultiValueMap models and make tests more realistic 2021-06-29 12:40:57 +01:00
Chris Smowton
d6c4325c13 Import SpringUtil from ExternalFlow.qll 2021-06-29 12:18:30 +01:00
Chris Smowton
3d270bbc50 Drop models for stringifying functions 
Per default stringification isn't taint-propagating in Java
 2021-06-29 12:01:08 +01:00
Chris Smowton
0441098b18 Amend models of MultiValueMap.addAll overloads 2021-06-29 11:58:46 +01:00
Chris Smowton
b202110285 Drop redundant model that can be inherited from java.util.Iterator 2021-06-29 11:47:22 +01:00
Chris Smowton
f67e9ae1cc Drop tests for protected inner classes 2021-06-29 11:45:59 +01:00
Chris Smowton
5769f4718f Add missing CollectionUtils model 2021-06-29 11:44:29 +01:00
Chris Smowton
659478cc39 Remove model for protected class 
Can't be accessed outside the org.springframework.util package.
 2021-06-29 11:40:19 +01:00
Chris Smowton
f7a4614f56 Add missing tests for AntPathMatcher's protected methods; fix models accordingly 2021-06-29 11:35:25 +01:00
Chris Smowton
dec0123751 Autoformat 2021-06-29 09:52:24 +01:00
Sauyon Lee
4012076c90 fixup! Model spring util 
Apply review comments
 2021-06-28 10:52:58 -07:00
Sauyon Lee
92ebb63b1f Model Spring AntPath utils 2021-06-28 08:26:38 -07:00
Sauyon Lee
c4e9b1fd8e Model Spring util 2021-06-28 08:26:37 -07:00
Tony Torralba
8112d723e0 Merge branch 'main' into atorralba/spring-beans 2021-06-28 17:02:31 +02:00
Tony Torralba
393b95cbbe Remove 'magic' from tests 2021-06-28 17:01:34 +02:00
Chris Smowton
def4a23af2 Merge pull request #4879 from intrigus-lgtm/java/improve-trustmanager 
Java: Add/improve insecure trustmanager query
 2021-06-25 18:15:55 +01:00
Anders Schack-Mulligen
a79356e316 Apply suggestions from code review 2021-06-25 16:47:26 +02:00
intrigus
dc0b06a735 Java: Factor out SecurityFlag library. 2021-06-25 16:47:24 +02:00
Owen Mansel-Chan
bad32716e8 Import Apache Collections models in ExternalFlow 2021-06-25 14:51:09 +01:00
Owen Mansel-Chan
eb469c0811 Duplicate models for old package name 
The package name was org.apache.commons.collection until release 4.0.
 2021-06-25 11:17:09 +01:00
Owen Mansel-Chan
224fd343f3 Fix models (addressing PR review comments) 2021-06-25 11:17:03 +01:00
Owen Mansel-Chan
e78d56e7e9 Model MapUtils class and keyvalue package 2021-06-25 11:17:02 +01:00
Owen Mansel-Chan
213f5d6a37 Model and use isEmpty from Apache Collections 2021-06-25 11:17:01 +01:00
Owen Mansel-Chan
492f6ebc7c Model isNotEmpty from Apache Commons Collections 2021-06-25 11:17:00 +01:00
Anders Schack-Mulligen
2d24387e9e Merge pull request #6149 from edoardopirovano/fix-java-regression 
Performance: Fix bad join order in Java dataflow library
 2021-06-25 10:42:05 +02:00
Anders Schack-Mulligen
95ad8b55fe Merge pull request #6107 from aschackmull/dataflow/implicit-reads 
Dataflow: Add support for implicit reads
 2021-06-24 15:38:35 +02:00
Anders Schack-Mulligen
cd0efbe7ce Dataflow: Sync. 2021-06-24 14:19:17 +02:00
Anders Schack-Mulligen
1c1d11a4a4 DataFlow: Address review comments. 2021-06-24 14:18:45 +02:00
Anders Schack-Mulligen
1e511c0a9e Merge pull request #6137 from smowton/smowton/feature/java-util-optional 
Java: Model java.util.Optional
 2021-06-24 13:21:36 +02:00
Edoardo Pirovano
0909c9ff22 Performance: Fix bad join order in dataflow library 2021-06-24 08:24:17 +01:00
Chris Smowton
74feaf2893 Adapt to static methods and nested types returning unbound declaring types 
Previously these returned raw declaring types instead
 2021-06-23 16:03:18 +01:00