hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
45,584 Commits 1,672 Branches 157 Tags
530b29ccdfb42bcb8173f270e2f89d76bc20c2bc
Commit Graph

3976 Commits

Author SHA1 Message Date
github-actions[bot]
9a0848bbc4 Release preparation for version 2.11.2 2022-10-20 11:05:19 +00:00
Tom Hvitved
9e5d9f897f Merge pull request #10824 from jsoref/spelling-csharp 
Spelling csharp
 2022-10-19 13:16:02 +02:00
Tony Torralba
fd8f8cb930 Merge pull request #10223 from atorralba/atorralba/unsafe-content-resolver 
Java: New Android query to detect unsafe content URI resolution
 2022-10-19 11:22:04 +02:00
Josh Soref
4b6b1fd8a8 spelling: propagates 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-19 03:49:17 -04:00
Tamas Vajk
bd9c7df25b Improve QL quality 2022-10-19 09:00:39 +02:00
Tamas Vajk
21c13fb9a3 Kotlin: Exclude variables of live literals from java/field-masks-super-field 2022-10-17 15:07:44 +02:00
Tony Torralba
01a08d44bb Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-17 14:14:38 +02:00
Tony Torralba
a540aaa35b Address alert message style violation 2022-10-17 10:22:31 +02:00
Tony Torralba
434a2a9f5d Improve qhelp example text 2022-10-17 10:19:40 +02:00
Tony Torralba
c909b8824c Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-17 10:12:56 +02:00
Anders Schack-Mulligen
30a891c2e7 Java: Fix compilation errors. 2022-10-13 11:19:57 +02:00
Edward Minnix III
ce740b47ae Merge pull request #10637 from egregius313/egregius313/android-misconfigured-contentprovider 
Android ContentProvider Incomplete Permissions
 2022-10-12 09:41:03 -04:00
Michael Nebel
2836c5eaef Merge pull request #10679 from michaelnebel/csharp/telemetryresults 
C#/Java: Limit telemetry results.
 2022-10-12 14:52:20 +02:00
Jeroen Ketema
d389a183f0 Merge pull request #10743 from jsoref/spelling 
Spelling
 2022-10-12 12:48:22 +02:00
Josh Soref
9eac158d7c spelling: revocation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Josh Soref
08a79531cf spelling: response 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Josh Soref
1a14c06008 spelling: receiver 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Josh Soref
ba0f34afed spelling: owasp 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 04:40:26 -04:00
Ed Minnix
80cc3fc518 Reword first sentence of documentation 2022-10-11 11:02:37 -04:00
Edward Minnix III
1f0a48de28 Documentation suggestion 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-11 10:59:00 -04:00
Tamas Vajk
9b2cc6c318 Kotlin/Java: Exclude generated code from java/missing-override-annotation 2022-10-11 15:48:46 +02:00
Josh Soref
22141e378e spelling: necessary 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 03:59:17 -04:00
Josh Soref
8f7e76f0cb spelling: initialization 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 03:59:08 -04:00
Josh Soref
b5bed9cbf5 spelling: explicitly 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 00:23:36 -04:00
Josh Soref
3b9546f02e spelling: deserialization 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 00:23:36 -04:00
Josh Soref
3e6477f878 spelling: currently 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 00:23:36 -04:00
Josh Soref
5755159f08 spelling: authentication 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 00:23:36 -04:00
Josh Soref
6db36616cd spelling: arbitrary 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 00:23:35 -04:00
Josh Soref
c2a0dbe715 spelling: application 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-11 00:23:35 -04:00
Edward Minnix III
b6270ebe52 Apply suggestions from documentation review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-10 14:57:14 -04:00
Edward Minnix III
b94b78115e Style fix. 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-10 14:52:17 -04:00
Tamás Vajk
1cf2db1a0b Merge pull request #10718 from tamasvajk/kotlin-internal-repr 
Kotlin: ignore properties in `java/internal-representation-exposure` check
 2022-10-10 13:58:55 +02:00
Tamás Vajk
cd8ac1a835 Merge pull request #10720 from tamasvajk/kotlin-equals-fix 
Kotlin: Consider `::class` type check in `java/unchecked-cast-in-equals`
 2022-10-10 13:58:15 +02:00
github-actions[bot]
b8ef9e0ddc Post-release preparation for codeql-cli-2.11.1 2022-10-07 15:59:45 +00:00
Tamas Vajk
51f9314a50 Kotlin: Consider ::class type check in equals 2022-10-07 09:23:01 +02:00
Tamas Vajk
cd64faf635 Kotlin: ignore properties in java/internal-representation-exposure check 2022-10-07 09:13:14 +02:00
github-actions[bot]
a02dcdc5e1 Release preparation for version 2.11.1 2022-10-07 02:20:28 +00:00
Tony Torralba
015d48ef66 Fix select message 2022-10-06 16:28:17 +02:00
Tony Torralba
39b5ebfd7b Fix qhelp 2022-10-06 16:28:17 +02:00
Tony Torralba
76ea255277 Add security-severity 2022-10-06 16:28:17 +02:00
Tony Torralba
4a18892da9 Second query version 
Remove sinks flowing to write operations requirement
 2022-10-06 16:28:17 +02:00
Tony Torralba
153ec5368e First query version requiring sinks to flow to write operations 2022-10-06 16:28:17 +02:00
Henry Mercer
7a7d164b07 Merge pull request #10698 from github/henrymercer/successfully-extracted-files-tag 
Tag successfully extracted files queries
 2022-10-06 13:21:52 +01:00
Anders Schack-Mulligen
5b67ba2939 Merge pull request #10177 from atorralba/atorralba/path-sanitizer 
Java: Promote `PathSanitizer.qll` from experimental
 2022-10-06 10:29:33 +02:00
Henry Mercer
d80d39504f Tag successfully extracted files queries 
Tag the successfully extracted files queries with
`successfully-extracted-files` to make them easier to identify
programmatically in a language-independent way.
This follows the prior art for lines of code queries, which are tagged
`lines-of-code`.
 2022-10-05 19:19:43 +01:00
Chris Smowton
7f8bcf76bf Merge pull request #10665 from dilanbhalla/dilan-java/guidance-exectainted 
Java Guidance: ExecTainted.ql (experimental version)
 2022-10-05 15:05:10 +01:00
Ed Minnix
3c7f5420db Update metadata to match CWE-926 2022-10-04 10:48:05 -04:00
Ed Minnix
f888c4b279 Move files from CWE-276 to CWE-926 2022-10-04 10:40:34 -04:00
Michael Nebel
52d2dd71c0 Java: Make equivalent fix to the telemetry queries as made for C#. 2022-10-04 15:16:21 +02:00
Tony Torralba
9db65eae7f Address review comments 2022-10-04 12:27:01 +02:00