hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
55,148 Commits 1,672 Branches 157 Tags
282ee08ba9cf62db0b9fd911699bbedf4096ccb4
Commit Graph

9708 Commits

Author SHA1 Message Date
Tony Torralba
282ee08ba9 Java: Fix GsonDeserializableField 2023-05-31 13:26:35 +02:00
Taus
b39a5a64af Merge pull request #13317 from github/java/update-mad-decls-after-triage-2023-05-30T14-11-29 
Java: Update MaD Declarations after Triage
 2023-05-31 11:40:49 +02:00
Tony Torralba
482bb94ad9 Merge pull request #13179 from pwntester/java_gson 
[Java] Add basic support for Google's Gson library
 2023-05-31 11:16:19 +02:00
Tony Torralba
fe26aca238 Remove non-ASCII character 2023-05-31 09:25:37 +02:00
Tony Torralba
6f302a43ea Merge pull request #13297 from atorralba/atorralba/java/playmvc-models 
Java: Add models for the Play Framework
 2023-05-31 09:02:17 +02:00
Michael Nebel
2266e28583 Merge pull request #13262 from michaelnebel/flowsummary/refactorgetcomponentstack 
C#: Re-factor getComponent.
 2023-05-31 08:22:44 +02:00
Tony Torralba
70138448c3 Visibility 2023-05-30 17:54:59 +02:00
Tony Torralba
0151a728f8 Add change note 2023-05-30 17:53:03 +02:00
Tony Torralba
d3d67f0fb0 Add tests & stubs 2023-05-30 17:52:00 +02:00
Tony Torralba
977263a126 Use container flow for more precision 2023-05-30 17:51:41 +02:00
Tony Torralba
54e011188d Formatting 2023-05-30 17:50:50 +02:00
Andrew Eisenberg
6ba8f9eb36 Merge pull request #13314 from github/aeisenberg/adds-to-pack 
Fix `addsTo.pack` references
 2023-05-30 08:30:16 -07:00
Taus
00e4c455b5 Update MaD Declarations after Triage 2023-05-30 16:11:30 +02:00
Andrew Eisenberg
2d81e30d81 Fix addsTo.pack references 
This change is a prerequisite for a CLI change where there will be
strict testing of the `addsTo.pack` values. It must resolve to a pack
reference that is a transitive dependency of the current query's pack.
 2023-05-29 13:45:41 -07:00
Tony Torralba
6386ef3b96 Further perf improvements 2023-05-29 09:58:52 +02:00
Tony Torralba
4dfc9b13cd Java: Fix performance issue in the stub generator 2023-05-26 12:44:53 +02:00
Tony Torralba
8e16a0d144 Add tests and stubs for the summaries 2023-05-26 12:43:58 +02:00
Michael Nebel
915042a881 Minor cleanup and sync files. 2023-05-26 12:25:00 +02:00
Michael Nebel
b7a8660375 Java: Re-factor getComponent. 2023-05-26 12:24:59 +02:00
Tony Torralba
903fdb0cb8 Java: Add models for the Play Framework 2023-05-26 10:23:43 +02:00
github-actions[bot]
5be4f6e58b Add changed framework coverage reports 2023-05-25 00:16:11 +00:00
Tony Torralba
7d0b02e267 Merge pull request #13248 from atorralba/atorralba/java/nio-files-copy-models-fix 
Java: Tweak java.nio.file.Files.copy models
 2023-05-24 10:55:15 +02:00
Edward Minnix III
52340802bb Merge pull request #13097 from egregius313/egregius313/java/webgoat/ssrf-regex-fix 
Java: Add constraint to `HostnameSanitizingPrefix` to prevent false negatives in SSRF queries
 2023-05-23 10:50:43 -04:00
Tony Torralba
6f012d51c0 Merge pull request #13091 from atorralba/atorralba/java/inputstreamwrapper-transitive 
Java: Make inputStreamWrapper consider supertypes transitively
 2023-05-23 13:28:17 +02:00
Tony Torralba
5c5f910130 Add change note 2023-05-23 10:31:28 +02:00
Tony Torralba
654bb00946 Java: Tweak java.nio.files.Files.copy models 2023-05-23 10:27:19 +02:00
Tony Torralba
0ff90df497 Merge pull request #13245 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2023-05-23 09:38:01 +02:00
Erik Krogh Kristensen
50cb5ea184 Merge pull request #13164 from erik-krogh/polyQhelp 
ReDoS: add another example to the qhelp in poly-redos, showing how to just limit the length of the input
 2023-05-23 09:25:15 +02:00
github-actions[bot]
abcece88f5 Add changed framework coverage reports 2023-05-23 00:16:20 +00:00
Ed Minnix
2d69f81d85 Add change note 2023-05-22 15:57:15 -04:00
Ed Minnix
43966ebaeb Change regex used in HostnameSanitizingPrefix 2023-05-22 15:57:15 -04:00
Ed Minnix
774baead60 Add test case based on missing result 2023-05-22 15:57:15 -04:00
Tony Torralba
183915410d Add change note 2023-05-22 15:01:25 +02:00
erik-krogh
710b309142 apply suggestions from doc review 2023-05-21 22:18:48 +02:00
erik-krogh
10bf17c33e Merge branch 'main' into polyQhelp 2023-05-21 22:17:06 +02:00
Tony Torralba
b58eb3a92c Java: Add TemplateEngine.createTemplate as a groovy injection sink 2023-05-19 17:45:47 +02:00
github-actions[bot]
66f2579437 Add changed framework coverage reports 2023-05-19 00:15:25 +00:00
Tony Torralba
a8afa4785e Merge pull request #13140 from atorralba/atorralba/java/spring-jdbc-namedparam-models 
Java: Add SQLi sinks for Spring JDBC
 2023-05-18 14:49:28 +02:00
Alvaro Muñoz
bf3fb09dfd Apply suggestions from code review 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-05-18 12:39:41 +02:00
Tony Torralba
2c54996499 Apply @jcogs33's suggestions from code review 2023-05-18 08:51:19 +02:00
Tony Torralba
1b06bf132c Merge pull request #12932 from atorralba/atorralba/java/promote-xxe-experimental-sinks 
Java: Promote experimental XXE sinks
 2023-05-17 17:39:31 +02:00
Alvaro Muñoz
b235b1cbb9 improve yaml models 2023-05-17 16:40:28 +02:00
Alvaro Muñoz
7baf244ac6 remove test predicate 2023-05-17 16:18:46 +02:00
Alvaro Muñoz
8cd85a5676 add flow support for unmarshaled object fields 2023-05-17 16:16:30 +02:00
Stephan Brandauer
7c02a9b6ea Merge pull request #13185 from github/fix-automodel-extraction-parameterName 
Java: Automodel Extraction Parameter Name Fix
 2023-05-17 12:16:44 +02:00
Stephan Brandauer
a5ef738bb0 add extra parameters in query-messages 2023-05-17 08:37:18 +00:00
erik-krogh
480e71fd69 avoid contractions 2023-05-17 08:42:45 +02:00
Michael B. Gale
2d80302108 Use empty toolchains.xml for java-version-too-old 2023-05-16 16:54:19 +01:00
Stephan Brandauer
2cd8a879a5 use asParameter().getName() instead of toString() 
Co-authored-by: Taus <tausbn@github.com>
 2023-05-16 17:28:02 +02:00
Stephan Brandauer
9845887452 automodel java fix: export method name as 'name' metadata parameter; export parameter name as 'parameterName' parameter 2023-05-16 15:07:14 +00:00