hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 05:01:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,087 Commits 1,690 Branches 160 Tags
2edeeaac0ec55dfd04e33740f736d5207153839d
Commit Graph

5702 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
99343c4606 Merge pull request #9582 from igfoo/igfoo/tidy 
Java: Remove some redundant string concatenations, and a double space
 2022-06-17 09:02:05 +02:00
Ian Lynagh
5ba672f035 NonSerializableField: Accept test output changes 2022-06-16 17:34:56 +01:00
Ian Lynagh
e7bc2ca423 Java: Remove some redundant string concatenations 2022-06-16 16:38:17 +01:00
Ian Lynagh
13ddc4a988 Java: Remove a double space from an alert message 2022-06-16 16:35:09 +01:00
Anders Schack-Mulligen
6518a01ded Dataflow: Sync. 2022-06-16 11:25:28 +02:00
Anders Schack-Mulligen
33deff9bae Java: Deprecate BarrierGuard class. 2022-06-16 11:25:28 +02:00
Ian Lynagh
5280cf4e91 CaptureSinkModels.ql: Fix typo 2022-06-15 20:19:15 +01:00
Chris Smowton
2d57d3aa78 Implement array type variance lowering 
Kotlin permits introducing a `? extends ...` wildcard against an Array even though the class is final, so long as its argument itself can be extended (i.e. isn't final or is another array type satisfying this condition).

Contravariant arrays get lowered to Object[], and are subject to automatic `extends` wildcard introduction, unless their element type was already Any.
 2022-06-15 18:36:56 +01:00
github-actions[bot]
1ed70d51d7 Post-release preparation for codeql-cli-2.9.4 2022-06-15 13:25:20 +00:00
Chris Smowton
90e8d4e1de Name trap files after jvmnames 
This should lead to better Java/Kotlin correspondence since the Java extractor will naturally name trap files for JVM names, and avoids a specific bug (tested) where MapsKt.iterator's two overloads (one taking `Map` and one `MutableMap`) are JvmName'd differently since their Java-lowered signatures would be identical. Without this change only
one of the iterator overloads would get extracted leaving the other one a dangling reference.
 2022-06-15 11:55:58 +01:00
Chris Smowton
483281e00f Merge pull request #9554 from smowton/smowton/fix/rename-removeat 
Kotlin: Add more Kotlin <-> Java special method name mappings
 2022-06-15 10:44:26 +01:00
Michael Nebel
9175421fa2 C#/Java: Update some QL Doc comments to comply with the standard and remove some redundant imports. 2022-06-15 11:32:54 +02:00
Michael Nebel
f810858ae4 Java: Manual rewrite of the ExternalLibraryUsage query to limit the number of returned results. 2022-06-15 11:10:05 +02:00
Michael Nebel
b9b4aedd03 Java: Rewrite most telemetry queries to restrict the number of produced results. 2022-06-15 10:59:12 +02:00
Anders Schack-Mulligen
c4782871d4 Merge pull request #9294 from aschackmull/java/barrierguard-parammod 
Java: Add support for BarrierGuards as parameterised modules.
 2022-06-15 10:56:48 +02:00
Michael Nebel
e6e2427154 Java: Add parameterized module for restricting the number of returned results in telemetry queries. 2022-06-15 10:48:44 +02:00
github-actions[bot]
104ac05f49 Release preparation for version 2.9.4 2022-06-15 08:22:38 +00:00
Chris Smowton
efbe264f93 Accept toInt/intValue and similar test changes 2022-06-14 21:44:54 +01:00
Chris Smowton
d390dc0316 Map java.lang.Number methods to their Java equivalents 2022-06-14 21:44:54 +01:00
Chris Smowton
d3fa4951f6 Accept test changes renaming removeAt(int) -> remove(int) 2022-06-14 21:44:54 +01:00
Chris Smowton
837bef60fe Add java.lang.Enum ordinal and name accessors to special-cased JVM names 
Kotlin represents these as read-only properties with unusual getter names.
 2022-06-14 21:44:54 +01:00
Chris Smowton
d151bf632c Kotlin: Rewrite MutableList.removeAt(int) -> remove(int) 
The Kotlin authors changed this to avoid a clash on List<Int>, but we must reverse the renaming so the Kotlin and Java views of the same class file extract alike.
 2022-06-14 21:44:54 +01:00
Joe Farebrother
f46dd8cc85 Fix misspellings 2022-06-14 15:34:08 +01:00
Joe Farebrother
a6736a99e4 Apply doc review suggestions - 
fix typos and capitilisation; reword description.
 2022-06-14 14:56:24 +01:00
Joe Farebrother
c71586e1f8 Remove checks for dynamically registered recievers 2022-06-14 14:56:24 +01:00
Joe Farebrother
320c671b73 Adress reveiw comments - make use of existing ql libraries 2022-06-14 14:56:24 +01:00
Joe Farebrother
9d048e78af Apply suggestions from code review - fix typos/style, make things private 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-06-14 14:56:23 +01:00
Joe Farebrother
d88d216388 Add change note 2022-06-14 14:56:23 +01:00
Joe Farebrother
2fc142f41f Add security severity 2022-06-14 14:56:23 +01:00
Joe Farebrother
8e2e8cc77f Add qhelp 2022-06-14 14:56:22 +01:00
Joe Farebrother
4aed1a1e23 Add test cases; fix handling of recievers declared through xml 2022-06-14 14:56:22 +01:00
Joe Farebrother
87f26bf033 Fix typos 2022-06-14 14:56:22 +01:00
Joe Farebrother
1959f49165 Add Improper Intent Verification query 2022-06-14 14:56:21 +01:00
Rasmus Wriedt Larsen
50196d099b Inline Expectation Tests: sync 2022-06-03 11:39:57 +02:00
Chris Smowton
3d63cec1e8 Autoformat 2022-06-02 14:45:28 +01:00
Chris Smowton
ebb52adba6 Kotlin: add test for Java and Kotlin both extending Map.Entry 2022-06-02 13:30:39 +01:00
Anders Schack-Mulligen
4e6e595b3a Java: Add qldoc. 2022-06-02 13:30:27 +02:00
Anders Schack-Mulligen
9f42ca8d14 Update java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-06-02 12:00:37 +02:00
Anders Schack-Mulligen
002c456989 Update java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-06-02 12:00:09 +02:00
Chris Smowton
c1592cb1dc Accept test changes 2022-06-02 10:31:35 +01:00
Anders Schack-Mulligen
9abd2259d3 Merge pull request #9381 from aschackmull/redos/perf 
ReDoS: Improve performance in ExponentialBackTracking.qll.
 2022-06-01 10:39:28 +02:00
Anders Schack-Mulligen
4f3751dfea Merge pull request #9316 from hvitved/dataflow/edges-get-a-successor-consistency 
Data flow: Make `PathGraph::edges/2` and `PathNode::getASuccessor/1` consistent
 2022-06-01 10:38:25 +02:00
Michael Nebel
9cc10e4511 Merge pull request #9257 from michaelnebel/java/mad-commons-io-sha 
Java: Update commons-io SHA for model regeneration and update models.
 2022-06-01 09:46:30 +02:00
Nick Rolfe
f417c12c5e Merge pull request #9332 from github/post-release-prep/codeql-cli-2.9.3 
Post-release preparation for codeql-cli-2.9.3
 2022-05-31 16:17:50 +01:00
Tamás Vajk
7f5dcfaf0f Merge pull request #9379 from tamasvajk/kotlin-android-specific-return-types 
Kotlin: Change return type of Android specific `ConcurrentHashMap.keySet`
 2022-05-31 14:00:36 +02:00
github-actions[bot]
ed2f3409bc Post-release preparation for codeql-cli-2.9.3 2022-05-31 09:54:55 +00:00
Anders Schack-Mulligen
9212886767 Merge pull request #9286 from aschackmull/java/perf-customnullguard 
Java: Improve customNullGuard performance.
 2022-05-31 11:36:01 +02:00
Anders Schack-Mulligen
e016feeb5c ReDoS: Improve performance in ExponentialBackTracking.qll. 2022-05-31 11:04:03 +02:00
Tamas Vajk
89ffefd45e Kotlin: Change return type of Android specific ConcurrentHashMap.keySet 2022-05-30 23:45:38 +02:00
Chris Smowton
1708719fdf Merge pull request #9343 from smowton/smowton/fix/align-kotlin-java-generic-types 
Kotlin: extract methods defined on collections types with their Java signatures
 2022-05-30 17:52:58 +01:00