hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-22 10:52:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
62,052 Commits 1,685 Branches 158 Tags
16e53d3972ca9bdbb124c7e2a40cbbea93605565
Commit Graph

4998 Commits

Author SHA1 Message Date
Tom Hvitved
c8b4a215bc Merge pull request #14573 from hvitved/flow-summary-impl-param 
Move `FlowSummaryImpl.qll` to `dataflow` pack
 2023-12-14 12:24:15 +01:00
Jeroen Ketema
99e65df6ce Merge remote-tracking branch 'upstream/rc/3.12' into mb12 2023-12-13 15:43:39 +01:00
Tony Torralba
27be5ba14b Merge pull request #15073 from atorralba/atorralba/java/remove-invalid-ognl-sinks 
Java: Remove invalid OGNL sinks
 2023-12-12 16:52:31 +01:00
Tony Torralba
103110f9c2 Java: Remove invalid OGNL sinks 
Fixes #15053
 2023-12-12 13:39:51 +01:00
Edward Minnix III
06eef93f89 Docs review suggestions 2023-12-11 11:18:40 -05:00
Edward Minnix III
ce20c4ae03 Docs review suggestions 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-12-11 11:18:40 -05:00
Ed Minnix
3ca039bc8f Rename to InsecureRandomness 2023-12-11 11:18:40 -05:00
Edward Minnix III
4678302edb Update query metadata 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-12-11 11:18:39 -05:00
Ed Minnix
4bdf2b5e18 Bump change note date 2023-12-11 11:18:39 -05:00
Ed Minnix
14fdfa4428 Add new sink kind and change note 2023-12-11 11:18:38 -05:00
Ed Minnix
e69ff7b601 Move to library and add docs 2023-12-11 11:18:38 -05:00
Ed Minnix
9f986ca527 Add Weak Randomness Query 2023-12-11 11:18:38 -05:00
Tom Hvitved
f9dbf676a6 Java: Use FlowSummaryImpl from dataflow pack 2023-12-10 11:25:45 +01:00
Ed Minnix
1b8f3f3450 Deprecate or remove imports of dataflow library copies 2023-12-08 10:42:10 -05:00
github-actions[bot]
92af5f5386 Post-release preparation for codeql-cli-2.15.4 2023-12-06 22:59:22 +00:00
github-actions[bot]
c04457e9e7 Release preparation for version 2.15.4 2023-12-06 21:11:50 +00:00
Tony Torralba
649dc9d1d4 Merge pull request #14993 from github/shati-patel/fix-cwe-tags 
Update inconsistent CWE tags
 2023-12-04 14:30:32 +01:00
Shati Patel
6284781a9b Update inconsistent CWE tags 
Most tags use the "external/cwe/cwe-xxx" format, except for these few queries. Updating them for consistency.
 2023-12-04 11:52:31 +00:00
Chris Smowton
ad713a7a93 Java: report any extracted file as successfully extracted 2023-12-01 22:35:00 +00:00
Chris Smowton
bbc0f29f16 Restrict getCheckedType to unrestricted records, introduce getSyntacticCheckedType and use that where appropriate 2023-11-30 11:24:05 +00:00
Chris Smowton
d2ff1baff0 Replace getDefaultOrNullDefaultCase with getDefaultCase 2023-11-30 11:24:03 +00:00
Chris Smowton
88d9caff8c Unused local query: exclude mandatory declarations 2023-11-30 11:24:02 +00:00
Chris Smowton
91774099fa Write-only container query: account for implicitly-initialised variables 2023-11-30 11:24:01 +00:00
Chris Smowton
bb6e04456a Boxed variable query: account for implicit-init variables 2023-11-30 11:24:01 +00:00
Chris Smowton
9035ba1f30 Fix isImplicitInit; use it in empty-container query 2023-11-30 11:24:01 +00:00
Chris Smowton
54a89d6fef Handle 'case null, default:' 2023-11-30 11:23:59 +00:00
Chris Smowton
9a450b09be Account for pattern-cases in more places 2023-11-30 11:23:59 +00:00
Arthur Baars
db180d9872 Merge pull request #14823 from github/post-release-prep/codeql-cli-2.15.3 
Post-release preparation for codeql-cli-2.15.3
 2023-11-19 12:13:42 +01:00
github-actions[bot]
bad499e360 Post-release preparation for codeql-cli-2.15.3 2023-11-17 14:35:41 +00:00
Max Schaefer
ca334021ad Merge pull request #14793 from github/max-schaefer/tainted-path-qhelp 
Java: Improve QHelp for `java/path-injection` to mention less disruptive fixes.
 2023-11-16 14:09:55 +00:00
github-actions[bot]
6ec9b95072 Release preparation for version 2.15.3 2023-11-16 13:07:16 +00:00
Max Schaefer
a5e7ef424e Revert "Add additional example." 
This reverts commit 947b094387.
 2023-11-16 11:54:16 +00:00
Max Schaefer
143e1680bd Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-11-16 11:42:35 +00:00
Max Schaefer
947b094387 Add additional example. 2023-11-16 10:06:19 +00:00
Max Schaefer
009d58034f Address suggestions from review. 2023-11-16 10:05:54 +00:00
Max Schaefer
a46a7fadb2 Java: Improve QHelp for java/path-injection to mention less disruptive fixes. 2023-11-15 11:25:13 +00:00
Tony Torralba
5442cdb49c Merge pull request #14610 from atorralba/atorralba/java/jms-deserialization 
Java: Add JMS sink to java/unsafe-deserialization
 2023-11-08 09:10:20 +01:00
Geoffrey White
e8a466a02c Update dead link. 2023-11-07 09:26:07 +00:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Tony Torralba
7af3d239ab Java: Add JMS sink to java/unsafe-deserialization 2023-10-26 16:46:19 +02:00
Chris Smowton
06238dd5f6 Improve reflective class names 2023-10-24 13:29:32 +01:00
Chris Smowton
e8c9708282 Autoformat 2023-10-24 11:06:19 +01:00
Chris Smowton
ac38d4c9c6 Mass rename L/RValue -> VarWrite/Read 2023-10-24 10:58:29 +01:00
Chris Smowton
59a49eef0b Add aliases for public, importable renamed classes and predicates. 
Also rename and aliases a couple of uses of Access noted along the way.
 2023-10-24 10:54:35 +01:00
Chris Smowton
f552a15aae Mass-rename MethodAccess -> MethodCall 2023-10-24 10:30:26 +01:00
Ian Lynagh
b89088737a Merge pull request #14551 from igfoo/igfoo/loc 
Java/Kotlin: Reshuffle our LoC queries
 2023-10-23 11:50:03 +01:00
Ian Lynagh
26634a3266 Java/Kotlin: Add a changenote for the lines-of-code changes 2023-10-20 13:04:39 +01:00
Ian Lynagh
d816035da6 Java/Kotlin: Tweak LoC message 2023-10-20 13:02:11 +01:00
Ian Lynagh
13a9e83e6a Java/Kotlin: Reshuffle our LoC queries 
There's now a single lines-of-code query that gives the total number of
lines of code over both languages.

Per-language LoC queries are now just summaries.
 2023-10-20 12:43:41 +01:00