hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,860 Commits 1,672 Branches 157 Tags
27fc14236fa19e7a4918f73ae065d30e53e48608
Commit Graph

8911 Commits

Author SHA1 Message Date
Tony Torralba
27fc14236f Add change note 2023-03-20 10:48:56 +01:00
Tony Torralba
bff8bbfe33 Apply suggestions from code review 2023-03-20 10:43:46 +01:00
Stephan Brandauer
8f565f5023 Update MaD Declarations after Triage 2023-03-17 16:01:36 +01:00
Ian Lynagh
b8fb4b9b0f Merge pull request #12521 from igfoo/igfoo/printast_sig 
Java: PrintAst: Improve the ranking of callables
 2023-03-17 11:43:40 +00:00
Ian Lynagh
f9bb0df6a2 Kotlin: Update expected PrintAst output 2023-03-16 15:20:07 +00:00
Ian Lynagh
13c2ef8c20 Java: PrintAst: Improve the ranking or callables 
We now look not only at how many parameters each callable has, but what
its full signature is. This allows us to give a consistent order to
    Test(Throwable) { ... }
    Test(String) { ... }
 2023-03-16 15:20:07 +00:00
Michael Nebel
2e86bbd6cd Java: Introduce helper predicate to avoid empty predicate in IPA branch. 2023-03-16 14:11:53 +01:00
Tom Hvitved
9f798902bd Data flow: Add consistency check for DataFlowCall::getEnclosingCallable 2023-03-16 08:40:53 +01:00
Henry Mercer
720eed398b Merge pull request #12523 from github/henrymercer/polish-diagnostics 
Polish diagnostic messages
 2023-03-15 15:06:52 +00:00
Anders Schack-Mulligen
bc9942eb75 Merge pull request #12530 from aschackmull/java/refactor-dataflow-queries-3 
Java: Refactor more dataflow queries to the new API (take 3)
 2023-03-15 14:57:29 +01:00
Anders Schack-Mulligen
6408d7cbbe Java: Refactor RsaWithoutOaep. 2023-03-15 10:37:54 +01:00
Anders Schack-Mulligen
b3b5c2c767 Java: Refactor UnsafeContentUriResolution. 2023-03-15 10:32:58 +01:00
Anders Schack-Mulligen
4b814ec71c Java: Refactor SensitiveCommunication.ql. 2023-03-15 10:32:35 +01:00
Anders Schack-Mulligen
ca8e013618 Java: Refactor FragmentInjection. 2023-03-15 10:23:21 +01:00
Anders Schack-Mulligen
5bd530f570 Java: Refactor IntentUriPermissionManipulation. 2023-03-15 10:13:28 +01:00
Anders Schack-Mulligen
b14b95cd79 Java: Refactor LogInjection 2023-03-15 10:10:02 +01:00
Anders Schack-Mulligen
abf3abdc65 Java: Delete DataFlowForOnActivityResult. 2023-03-15 09:47:21 +01:00
Anders Schack-Mulligen
bea7c43584 Java: Delete DataFlowForSerializability 2023-03-15 09:42:02 +01:00
Anders Schack-Mulligen
e8a7139020 Merge pull request #12476 from aschackmull/java/refactor-dataflow-queries-2 
Java: Refactor more dataflow queries to the new API
 2023-03-15 09:40:32 +01:00
Arthur Baars
fbe9823a42 Merge branch 'main' into henrymercer/polish-diagnostics 2023-03-14 23:42:33 +01:00
Henry Mercer
6fbc8261f2 Java: Add a full stop 2023-03-14 17:03:42 +00:00
Henry Mercer
770924455e Java: Use Dotcom help links 2023-03-14 17:00:48 +00:00
Henry Mercer
ce96f009b7 Java: Capitalise HTTPS 2023-03-14 16:58:24 +00:00
Henry Mercer
819e0dfbf0 Java: Use "relevant" instead of "suspicious" 2023-03-14 16:54:14 +00:00
Henry Mercer
110cb64b7a Java: Avoid reference to other diagnostics 2023-03-14 16:52:58 +00:00
Henry Mercer
4c329b7b62 Java: Remove "please" in diagnostics 
Per review from docs team
 2023-03-14 16:46:06 +00:00
Anders Schack-Mulligen
30163e4f60 Merge pull request #12515 from aschackmull/java/neutral-dispatch 
Java: Remove low-confidence dispatch to known neutrals.
 2023-03-14 15:35:05 +01:00
Tom Hvitved
c132891669 Merge pull request #12513 from hvitved/dataflow/lambda-flow-no-expects-content 
Data flow: Exclude `expectsContent` nodes from lambda flow
 2023-03-14 15:28:35 +01:00
Ian Lynagh
32e8b130ad Merge pull request #12501 from tamasvajk/java/javadoc_printast 
Java: Fix printAST to handle javadoc belonging to multiple elements
 2023-03-14 13:42:22 +00:00
Anders Schack-Mulligen
a9d2b936af Java: Add qldoc. 2023-03-14 14:15:15 +01:00
Anders Schack-Mulligen
dbfc256f40 Java: Remove low-confidence dispatch to known neutrals. 2023-03-14 11:34:07 +01:00
Edward Minnix III
de1ecf943e Merge pull request #11915 from egregius313/egregius313/arbitrary-apk-installation 
Java: Arbitrary APK installation
 2023-03-14 06:23:51 -04:00
Tom Hvitved
bdd56f1b6e Data flow: Sync files 2023-03-14 10:01:56 +01:00
github-actions[bot]
2c93ab99d8 Add changed framework coverage reports 2023-03-14 00:15:57 +00:00
Anders Schack-Mulligen
5792b4d363 Merge pull request #12503 from aschackmull/java/qltest-callback-instance-sideeffect 
Java: Add a qltest demonstrating side-effect on a callback instance.
 2023-03-13 17:26:12 +01:00
Ian Lynagh
70b85a3e00 Merge pull request #12431 from igfoo/igfoo/double_interception 
Kotlin: Test double interceptions
 2023-03-13 14:30:49 +00:00
Tamas Vajk
c57fcfb8fb Java: Fix printAST to handle javadoc belonging to multiple elements 2023-03-13 14:26:33 +01:00
Tony Torralba
705691b096 Merge pull request #12446 from github/java/update-mad-decls-after-triage-2023-03-08T14-51-59 
Java: Update MaD Declarations after Triage
 2023-03-13 14:07:59 +01:00
Anders Schack-Mulligen
f54b02edb3 Java: Add a qltest demonstrating side-effect on a callback instance. 2023-03-13 13:22:18 +01:00
Anders Schack-Mulligen
0c95ab2cdc Merge pull request #12474 from hvitved/dataflow/call-back-post-update 
Data flow: Synthesize post-update nodes for callback arguments inside summarized callables
 2023-03-13 13:21:52 +01:00
Ian Lynagh
4fbc747f93 Kotlin: Move kotlin_double_interception test to posix_only 
It's failing on Windows
 2023-03-13 11:57:57 +00:00
Ian Lynagh
fd8f7e071b Kotlin: Tweak double_interception test 2023-03-13 11:57:57 +00:00
Ian Lynagh
fae4a8f37b Kotlin: double interception test: Fix for old python versions 2023-03-13 11:57:57 +00:00
Ian Lynagh
8b6047dfd1 Kotlin: Handle double-interceptions without failing 2023-03-13 11:57:57 +00:00
Ian Lynagh
81e71c4669 Kotlin: Add a test for double niterception 2023-03-13 11:57:57 +00:00
Erik Krogh Kristensen
060c37b6a2 Merge pull request #12345 from erik-krogh/delOldDeps 
delete old deprecations
 2023-03-13 12:48:24 +01:00
Tamas Vajk
e44aca0b33 Java: Add printAST test with javadoc 2023-03-13 12:02:50 +01:00
Anders Schack-Mulligen
7c0e89ffdd Java: Refactor ArithmeticTainted.ql, TempDirLocalInformationDisclosure.ql 2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen
da273269cb Java: Refactor PolynomialReDoS.ql 2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen
c380ecbbbc Data flow: Add change notes. 2023-03-13 11:09:13 +01:00