hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
67,504 Commits 1,671 Branches 157 Tags
2fe0718e495baccfde6a807116670ffee216b189
Commit Graph

12000 Commits

Author SHA1 Message Date
Paolo Tranquilli
6a9cb90a57 Kotlin: rework header comment 2024-06-04 14:21:58 +02:00
Paolo Tranquilli
99f70a64e9 Kotlin: address review comments 2024-06-04 09:00:35 +02:00
Paolo Tranquilli
d1a2c0fbe4 Merge branch 'main' into redsun82/kotlin 2024-06-04 08:48:52 +02:00
Ian Lynagh
986babb912 Kotlin: Accept 2.0 output for integration tests, and run some in 1.9 mode 2024-06-03 15:26:53 +01:00
Ian Lynagh
2bcf292dd6 Kotlin: Fix custom_plugin test with Kotlin 2.0.0 2024-06-03 15:26:53 +01:00
Ian Lynagh
acdf7df6a4 Kotlin: Fix typo 2024-06-03 15:26:53 +01:00
Ian Lynagh
839258897a Kotlin: Add test for generated throw statements 2024-06-03 15:26:52 +01:00
Ian Lynagh
2d760c7cc7 Kotlin: Tweak comments test 
The top comment now gets owned by the Compilation Unit. We could
explicitly stop this from happening instead, but I think it's
reasonable.
 2024-06-03 15:26:52 +01:00
Ian Lynagh
6224670884 Kotlin: Accept 2.0.0's Kotlin 2 test output 2024-06-03 15:26:51 +01:00
Ian Lynagh
918bee07dd Kotlin: Accept Kotlin 1 test changes 1.9.0 -> 2.0.0 2024-06-03 15:26:51 +01:00
Ian Lynagh
2550e113a0 Kotlin: Set CI to use 2.0.0 release 2024-06-03 15:26:51 +01:00
Paolo Tranquilli
096a31dbef Mark all integration tests as legacy 
This is in preparation for the new integration test framework. Tests
marked thus will be run by the current framework and ignored by the new
one.
 2024-05-31 16:04:50 +02:00
Anders Schack-Mulligen
06ce40c687 Merge pull request #16561 from aschackmull/java/typeflow-effectively-private 
Java: Improve dispatch through TypeFlow of effectively private calls.
 2024-05-31 15:11:18 +02:00
Mauro Baluda
48fc44baff Add release notes 2024-05-30 23:21:12 +02:00
Mauro Baluda
bbe888c2b3 Update SpringCsrfProtection.qll 2024-05-30 23:13:08 +02:00
Mauro Baluda
e2479a7ce2 Disable csrf for ServerHttpSecurity 2024-05-30 23:08:57 +02:00
github-actions[bot]
906b65d09c Post-release preparation for codeql-cli-2.17.4 2024-05-28 18:02:25 +00:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Paolo Tranquilli
821bd1f27b Merge branch 'main' into redsun82/kotlin 2024-05-27 13:17:06 +02:00
Anders Schack-Mulligen
5c635e982e C++/C#/Java: Update expected output. 2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen
5a259843bb Dataflow: Switch call context to a set representation. 2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen
bc8ca1af86 Dataflow: Introduce NodeRegions for use in isUnreachableInCall. 2024-05-27 11:01:51 +02:00
Anders Schack-Mulligen
5a7174dcbb Merge pull request #16500 from aschackmull/java/static-field-side-effect 
Java: Add support for flow through side-effects on static fields.
 2024-05-24 09:19:31 +02:00
Michael Nebel
78d4745722 Merge pull request #16578 from michaelnebel/java/dontliftneutral 
Java: Do not lift neutrals in Model generation.
 2024-05-24 09:19:20 +02:00
Dave Bartolomeo
f498e05099 Merge branch 'main' into dbartol/v1 2024-05-23 14:37:28 -04:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Arthur Baars
b2c64eabd4 Merge pull request #16572 from github/aibaars-patch-2 
Java: include link to `remote source` in TrustBoundaryViolation.ql
 2024-05-23 18:16:11 +02:00
Michael Nebel
9cf0995720 Java: Update test expected output. 2024-05-23 16:33:04 +02:00
Michael Nebel
6f5bdfba65 Java: Do not lift neutrals and only generate for public endpoints. 2024-05-23 16:32:45 +02:00
Arthur Baars
b5b5fef642 Switch source and sink in TrustBoundaryViolation.ql 2024-05-23 15:53:12 +02:00
Arthur Baars
5c4eb3c943 Java: add change note 2024-05-23 13:06:01 +00:00
Michael Nebel
1e54422662 Java: Add neutral implementations. 2024-05-23 15:00:23 +02:00
Anders Schack-Mulligen
4905612905 Merge pull request #16573 from aschackmull/java/dispatch-joinorder 
Java: Fix join-order in viableImplInCallContext.
 2024-05-23 14:48:25 +02:00
Arthur Baars
d540675b9e Update TrustBoundaryViolation.ql 2024-05-23 12:04:47 +00:00
Anders Schack-Mulligen
1bc3f6b0e7 Java: Add change note. 2024-05-23 13:03:06 +02:00
Anders Schack-Mulligen
bf3dbc24de Java: Add support for flow through side-effects on static fields. 2024-05-23 12:57:57 +02:00
Anders Schack-Mulligen
4b3e35ed52 Java: Fix join-order in viableImplInCallContext. 2024-05-23 12:49:57 +02:00
Anders Schack-Mulligen
70d3be0a3a Java: Fix test. 2024-05-23 11:24:11 +02:00
Anders Schack-Mulligen
b519f13600 Java: Add change note. 2024-05-23 10:50:16 +02:00
Anders Schack-Mulligen
527dafa346 Java: Improve dispatch through TypeFlow of effectively private calls. 2024-05-23 10:50:16 +02:00
Anders Schack-Mulligen
f353065d26 Java: Allow overloading for exact model matches. 2024-05-23 10:50:01 +02:00
Anders Schack-Mulligen
0f864081cb Java: Remove source dispatch when there's an exact match from a manual model. 2024-05-23 10:50:00 +02:00
Owen Mansel-Chan
0cc868c742 Merge branch 'main' into workflow/coverage/update 2024-05-23 07:49:02 +01:00
Tony Torralba
d202355b07 Merge pull request #16553 from atorralba/atorralba/java/xxe-qhelp-reword 
Java: Reword recommendation section of XXE query
 2024-05-23 08:48:29 +02:00
github-actions[bot]
0f2d0c098f Add changed framework coverage reports 2024-05-23 00:16:44 +00:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Anders Schack-Mulligen
15a7c3faeb Java: Accept qltest .expected file changes. 2024-05-22 15:42:40 +02:00
Anders Schack-Mulligen
a650499a9c Java: Accept qltest .expected file changes (interesting). 2024-05-22 15:42:12 +02:00
Anders Schack-Mulligen
de5c69d0a1 Merge pull request #16551 from aschackmull/java/model-fixes 
Java: Revise some jdk time-related models
 2024-05-22 14:05:23 +02:00
Paolo Tranquilli
eab940c45d Merge branch 'main' into redsun82/kotlin 2024-05-22 13:30:23 +02:00