hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-04 17:21:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,260 Commits 1,691 Branches 159 Tags
3f4ecd5fdd04ba61400d4cd7de4e9bc48fb1d585
Commit Graph

1962 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
636d5e341c Merge pull request #11652 from erik-krogh/static-useInstanceOf 
Java/C#/GO: Use instanceof in more places
 2022-12-12 17:52:04 +01:00
Edward Minnix III
0ebfee8b11 Merge pull request #11241 from egregius313/egregius313/webview-file-access 
Java: Query to detect Android Webview file access
 2022-12-12 11:12:26 -05:00
erik-krogh
873d3553cd Merge branch 'main' into static-useInstanceOf 2022-12-12 15:36:54 +01:00
Chris Smowton
77004f3e15 Merge pull request #11258 from smowton/smowton/feature/kotlin-annotation-extraction 
Kotlin: extract annotations
 2022-12-12 09:52:49 +00:00
Michael Nebel
e0f1b38439 Merge pull request #11580 from michaelnebel/renamenegativemodels 
C#/Java: Rename Negative Summary Model to Neutral Model
 2022-12-12 07:59:06 +01:00
erik-krogh
8262fbbfb5 Java/C#/GO: Use instanceof in more places 2022-12-11 18:32:19 +01:00
Michael Nebel
4835d14865 Java/C#: Delete the deprecated NeutralModelCsv class. 2022-12-09 15:11:49 +01:00
Michael Nebel
3af00a8f3f Java: Rename Negative Summary Model to Neutral Model. 2022-12-09 15:04:43 +01:00
Michael Nebel
079d48c42a Sync files. 2022-12-09 15:04:42 +01:00
Chris Smowton
40e902eca9 Look through generic annotation types extracted from Kotlin 2022-12-09 11:52:28 +00:00
Chris Smowton
251513c1d3 Format ql 2022-12-09 10:33:06 +00:00
Chris Smowton
7a7c08b185 Tolerate generic annotations 
This causes them to render properly in PrintAst output due to `getAnnotationElement` working as expected, and will hide the fact that they are represented by raw types in bytecode.
 2022-12-09 10:33:05 +00:00
Chris Smowton
f6888c727f PrintAst: Assign indices to annotation children that don't have source locations 
This avoids them all tying at rank 1 as before.
 2022-12-09 10:33:05 +00:00
Chris Smowton
d530817afc Accept annotation_classes test changes 2022-12-09 10:33:03 +00:00
Tamas Vajk
b5ae43a887 Remove empty annotations node from PrintAST 2022-12-09 10:31:33 +00:00
Tamas Vajk
7b075c2190 WIP: extract annotations on classes, with constant values 2022-12-09 10:31:33 +00:00
Tamas Vajk
6bcfdfca88 Adjust getExtensionReceiverParameterIndex predicate name and change note 2022-12-09 10:29:52 +01:00
Tamas Vajk
e410e2744b Add change note 2022-12-09 10:29:52 +01:00
Tamas Vajk
ce5509a080 Kotlin: Adjust MaD argument shifting for $default method 2022-12-09 10:29:52 +01:00
Tamas Vajk
81c35c8b27 Adjust PathSanitizer to use fixed $default extension method functionality 2022-12-09 10:29:52 +01:00
Tamas Vajk
f646938d91 Revert "Kotlin: Adjust ExtensionReceiverAccess.toString to not return hard coded this value" 
This reverts commit 9649a8f64aa47d860d3ce2d005a939df75ee0e41.
 2022-12-09 10:29:52 +01:00
Tamas Vajk
ac5219fc7a Kotlin: Adjust ExtensionReceiverAccess.toString to not return hard coded this value 2022-12-09 10:29:52 +01:00
Tamas Vajk
d93dce0fa9 Kotlin: Fix extension and dispatch parameter order in $default functions 2022-12-09 10:29:51 +01:00
Chris Smowton
49bc524fd0 Merge remote-tracking branch 'origin/rc/3.8' into smowton/admin/merge-rc38-into-main 2022-12-08 11:12:30 +00:00
Jami
5e694b5983 Merge pull request #11192 from jcogs33/jcogs33/share-key-sizes 
Share encryption key sizes between Java and Python
 2022-12-07 08:08:24 -05:00
Tony Torralba
cabce5fb36 Merge pull request #11549 from mbaluda/mbaluda/insecure-cookie 
Java: Support interprocedural setting of cookie security
 2022-12-07 12:14:46 +01:00
Tony Torralba
321a2f5a73 Merge pull request #11550 from atorralba/atorralba/kotlin/adapt-path-sanitizer 
Kotlin: Adapt PathSanitizer
 2022-12-07 12:08:00 +01:00
Tony Torralba
6dcc0cc188 Further simplification 2022-12-07 10:50:23 +01:00
Tony Torralba
ccd465d669 Update java/ql/lib/semmle/code/java/security/PathSanitizer.qll 2022-12-07 10:38:33 +01:00
Tony Torralba
2f622ad72c Refactor by introducing helper predicates 2022-12-07 10:31:54 +01:00
Michael Nebel
8e4190d84a Merge pull request #11516 from michaelnebel/java/externalflowcleanup 
Java: Cleanup imports of `ExternalFlow`
 2022-12-06 14:26:39 +01:00
Anders Schack-Mulligen
b579e2e7ed Merge pull request #11493 from aschackmull/java/scc-equivrel 
Java: Replace ad-hoc SCC reduction with union-find.
 2022-12-06 14:02:46 +01:00
Tom Hvitved
b5e2e1e469 Merge pull request #11564 from hvitved/dataflow/parameter-position-consistency-checks 
Data flow: Add consistency checks for parameter positions
 2022-12-06 09:33:36 +01:00
Michael Nebel
fca249a62e Java: Address review comments. 2022-12-05 14:44:52 +01:00
Tony Torralba
8422df1c43 Add change note 2022-12-05 13:35:54 +01:00
Tom Hvitved
52f3a48638 Data flow: Sync files 2022-12-05 12:57:27 +01:00
Tom Hvitved
faca4b5b56 Merge pull request #11461 from hvitved/ruby/unique-hash-splat-param 
Ruby: At most one hash-splat `ParameterNode` per callable
 2022-12-05 11:53:28 +01:00
Tony Torralba
8fb5c37ba8 Add change note 2022-12-05 11:00:57 +01:00
Tony Torralba
995b7327fe Add missing QLDoc 2022-12-05 11:00:57 +01:00
Tony Torralba
21b51b48eb Adapt PathSanitizer to Kotlin 2022-12-05 11:00:57 +01:00
Michael Nebel
6e486d4347 Re-arrange imports. 2022-12-05 09:49:38 +01:00
Michael Nebel
5c8ef15d6f Java: Add bi-directional imports of some abstract class extensions. 2022-12-05 09:49:38 +01:00
Michael Nebel
65f242cabe Java: Delete import of framework related files in ExternalFlow. 2022-12-05 09:49:38 +01:00
Michael Nebel
4c7cdc6245 Java: Remove unneeded imports of ExternalFlow.qll. 2022-12-05 09:49:38 +01:00
github-actions[bot]
5e35785fd0 Post-release preparation for codeql-cli-2.11.5 2022-12-02 11:37:44 +00:00
Michael Nebel
309807796c Java: Deprecate ModelCsv classes. 2022-12-02 12:20:22 +01:00
Michael Nebel
b80829a3a0 Java/Kotlin: Cleanup files needed for inline models. 2022-12-02 12:20:22 +01:00
Michael Nebel
f5069ffc1f Kotlin: Remove the inlined models. 2022-12-02 12:20:22 +01:00
Michael Nebel
42411fd455 Java/Kotlin: Allow dashes in callable names (the Kotlin standard library contains methods with dashes). 2022-12-02 12:20:22 +01:00
Michael Nebel
d9e4aafe3a Kotlin: Add Kotlin standard library models as Data extensions. 2022-12-02 12:20:22 +01:00