hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,823 Commits 1,672 Branches 157 Tags
2bbd37f9aba3a2756fdca9966a12a0d80e4a3aa9
Commit Graph

8141 Commits

Author SHA1 Message Date
retanoj
2bbd37f9ab change code snippet to or condition 2022-12-06 19:27:29 +08:00
retanoj
de652e1e27 expected 2022-12-06 18:09:48 +08:00
retanoj
fb8559f03a tiny fix function name 2022-12-06 18:03:00 +08:00
retanoj
82d0551215 Merge branch 'main' into MybatisSqli 2022-12-06 17:19:30 +08:00
retanoj
d2140eb4b1 MyBatisAnnotationSqlInjection no @Param case 2022-12-06 17:07:49 +08:00
Tom Hvitved
b5e2e1e469 Merge pull request #11564 from hvitved/dataflow/parameter-position-consistency-checks 
Data flow: Add consistency checks for parameter positions
 2022-12-06 09:33:36 +01:00
Michael Nebel
cd5c0bec33 Merge pull request #11527 from michaelnebel/java/regeneratemodels 
Java/C#: Delete old model generator scripts and update Java model re-generator script.
 2022-12-06 09:24:13 +01:00
Chris Smowton
8897f5bccc Merge pull request #11552 from smowton/smowton/fix/kotlin-toplevel-internal-names 
Kotlin: Don't add name mangling to top-level internal functions
 2022-12-05 15:36:52 +00:00
Tom Hvitved
52f3a48638 Data flow: Sync files 2022-12-05 12:57:27 +01:00
Tom Hvitved
faca4b5b56 Merge pull request #11461 from hvitved/ruby/unique-hash-splat-param 
Ruby: At most one hash-splat `ParameterNode` per callable
 2022-12-05 11:53:28 +01:00
Michael Nebel
a9ba964be4 Java: Update the Java model re-generate script. 2022-12-05 11:39:44 +01:00
Michael Nebel
243b94b54a Java/C#: Delete old model generator scripts and rename the new ones. 2022-12-05 11:39:44 +01:00
Chris Smowton
ff4baf096f Don't add name mangling to top-level internal functions 
Turns out kotlinc only adds this sort of name mangling to class member functions
 2022-12-02 20:16:19 +00:00
Jami
edfcc0cd6d Merge pull request #11487 from jcogs33/jcogs33/supportedexternalapis-telemetry-query 
Java/C#: add SupportedExternalApis telemetry query
 2022-12-02 13:27:51 -05:00
Michael Nebel
bb716ddb80 Merge pull request #11499 from michaelnebel/java/kotlinstd 
Kotlin: Migrate standard library models to data extensions.
 2022-12-02 14:44:50 +01:00
Chris Smowton
fef03a0806 Merge pull request #11540 from github/smowton/fix/path-injection-example-syntax-error 
Java: fix syntax error in path-injection example fix
 2022-12-02 11:47:53 +00:00
Michael Nebel
309807796c Java: Deprecate ModelCsv classes. 2022-12-02 12:20:22 +01:00
Michael Nebel
b80829a3a0 Java/Kotlin: Cleanup files needed for inline models. 2022-12-02 12:20:22 +01:00
Michael Nebel
f5069ffc1f Kotlin: Remove the inlined models. 2022-12-02 12:20:22 +01:00
Michael Nebel
42411fd455 Java/Kotlin: Allow dashes in callable names (the Kotlin standard library contains methods with dashes). 2022-12-02 12:20:22 +01:00
Michael Nebel
d9e4aafe3a Kotlin: Add Kotlin standard library models as Data extensions. 2022-12-02 12:20:22 +01:00
Michael Nebel
fb670325d8 Java/C#: Add query for aiding the conversion of existing negative models. 2022-12-02 12:18:50 +01:00
Michael Nebel
95e65347ca Merge pull request #11455 from michaelnebel/java/flowtestcaseextensions 
Java: Update the flow test case generator to produce data extensions.
 2022-12-02 12:15:16 +01:00
Chris Smowton
6e98c67869 Java: fix syntax error in path-injection example fix 2022-12-02 10:04:53 +00:00
Michael Nebel
73b171eb2b Update java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.qll 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-12-02 09:47:28 +01:00
Michael Nebel
01307e1255 Update java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-12-02 09:47:14 +01:00
Michael Nebel
c145678323 Java: Address review comments. 2022-12-02 09:46:39 +01:00
Jami Cogswell
0e3e849ead add negative summary test for java 2022-12-01 15:49:12 -05:00
Jami Cogswell
aa633412f4 add change notes 2022-12-01 15:25:45 -05:00
Michael Nebel
cd0d09d806 Java: Refactor to avoid using SummaryModelCsv. 2022-12-01 13:07:31 +01:00
Ian Lynagh
ef8e52a4b0 Merge pull request #11437 from igfoo/igfoo/NonSerializableField 
Kotlin: Enable java/non-serializable-field for Kotlin
 2022-12-01 11:01:15 +00:00
Jami Cogswell
94c5d53192 add a couple more tests 2022-11-30 18:51:05 -05:00
Jami Cogswell
22c4d975ad remove old import 2022-11-30 18:07:45 -05:00
Jami Cogswell
7f45e320d8 add tests 2022-11-30 18:07:45 -05:00
Jami Cogswell
210d8529b6 add query for SupportedExternalApis 2022-11-30 18:07:45 -05:00
Ian Lynagh
cd8c40e063 Kotlin: Enable java/non-serializable-field for Kotlin 
It now ignores compiler-generated classes
 2022-11-30 17:58:43 +00:00
Tom Hvitved
b33f5925bb Data flow: Sync files 2022-11-30 13:39:25 +01:00
Owen Mansel-Chan
635c202ced Use ArgumentPosition instead of int 
This matches what all of the other languages do.
 2022-11-30 11:16:52 +00:00
Owen Mansel-Chan
55c4643b20 Dataflow: Sync. 2022-11-30 11:00:07 +00:00
Owen Mansel-Chan
ce8a20cfd1 Fix variable name (source should be sink) 2022-11-30 10:51:59 +00:00
github-actions[bot]
13f4a0e284 Add changed framework coverage reports 2022-11-30 00:18:26 +00:00
Ian Lynagh
7eaef0cd3d Merge pull request #11436 from igfoo/igfoo/NamingConventionsRefTypes 
Kotlin: Enable java/misnamed-type query
 2022-11-29 18:39:18 +00:00
Ian Lynagh
3b31b50983 Kotlin: Rename compilerGeneratedKind to compilerGeneratedKindOverride 2022-11-29 13:07:47 +00:00
Michael Nebel
d2c458c066 Java/C#: Correction of autogenerated comment(s) produced by the model generator. 2022-11-29 13:05:18 +01:00
Michael Nebel
984124b3b5 Java: Improve flow test case generator to emit a data extensions YAML file and qlpack file if needed. 2022-11-29 12:54:54 +01:00
Michael Nebel
48290c95a7 Java: Update the flow test case generator to emit data extension like model data. 2022-11-29 12:54:54 +01:00
Michael Nebel
9507dc15fd Java: Remove un-needed qlfrag files. 2022-11-29 12:54:54 +01:00
Michael Nebel
bc6f0c1622 Merge pull request #11243 from michaelnebel/java/dataextensions 
Java: Use data extensions for MaD models.
 2022-11-29 12:43:26 +01:00
Tom Hvitved
f3dca95958 Merge pull request #11087 from hvitved/dataflow/summary-ctx 
Data flow: Add summary/return context to pruning stages 2-4
 2022-11-29 10:36:53 +01:00
Ian Lynagh
a32363de79 Kotlin: Avoid giving a single class 2 compiler-generated kinds 2022-11-28 12:14:50 +00:00