hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
45,584 Commits 1,672 Branches 157 Tags
530b29ccdfb42bcb8173f270e2f89d76bc20c2bc
Commit Graph

7616 Commits

Author SHA1 Message Date
Michael Nebel
dbfd16647b Java: Add negative model CSV validation test. 2022-08-29 14:29:32 +02:00
Michael Nebel
290c35e7c6 Java: Use negative summary models in unsupported external api telemetry query. 2022-08-29 14:28:55 +02:00
Michael Nebel
23e0ee66e0 Java: Add negative models for commons-io. 2022-08-29 14:28:55 +02:00
Michael Nebel
beb85c20f2 Java: Update commons-io generated positive models based on main. 2022-08-29 14:28:55 +02:00
Anders Schack-Mulligen
bd6acc0d75 Java: Refactor upcastCand, and track type flow for upcasts to unbound generics. 2022-08-29 13:57:39 +02:00
Anders Schack-Mulligen
fc415b32c2 Java: Bugfix in TypeFlow. 2022-08-29 13:50:13 +02:00
Anders Schack-Mulligen
e89b42fc11 Java: Allow dispatch to methods on abstract classes without subtypes. 2022-08-29 13:48:55 +02:00
erik-krogh
77949cbeb3 add context to the rankState predicate in ExponentialBackTracking.qll 2022-08-29 13:42:05 +02:00
Anders Schack-Mulligen
6e7dcfcc6e Merge pull request #10097 from aschackmull/java/unification 
Java: Improve virtual dispatch via better unification check and deduplicate code with parameterised module
 2022-08-29 13:28:04 +02:00
erik-krogh
b1e53280a6 fix that the wrong line got deleted 2022-08-29 13:26:02 +02:00
Erik Krogh Kristensen
bd5fd7d963 fix typo in change-note 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-08-29 13:25:54 +02:00
erik-krogh
f09fc7b0fc Java: add java change-note 2022-08-29 13:10:21 +02:00
erik-krogh
8b37168223 Java: remove security tag from queries not in the security folder and with missing security-severity tags 2022-08-29 13:08:56 +02:00
Anders Schack-Mulligen
adfd474fee Java: Move file. 2022-08-29 11:50:54 +02:00
Ian Lynagh
4cd7bf2ebb Kotlin: Small simplification 
Also removes a cast
 2022-08-26 16:28:10 +01:00
Ian Lynagh
d2a5281d94 Kotlin: Remove another cast 2022-08-26 15:59:26 +01:00
Ian Lynagh
131632e7c1 Kotlin: Remove a cast from substituteTypeAndArguments 
It looks like it was safe, but it was hard to see why, and may
become unsafe following future kotlinc changes.
 2022-08-26 13:06:05 +01:00
Anders Schack-Mulligen
3e5155d1a1 Java: Address review comments. 2022-08-26 11:45:01 +02:00
github-actions[bot]
3b4ad3c4f1 Post-release preparation for codeql-cli-2.10.4 2022-08-26 09:32:11 +00:00
Erik Krogh Kristensen
c02387a25a Merge pull request #10153 from erik-krogh/more-acronyms 
more renamings of acronyms to camelCase
 2022-08-26 10:52:17 +02:00
Michael Nebel
be4c2231d1 C#: Avoid generating new source models on 'file' kind sources. 2022-08-26 09:30:07 +02:00
Tamás Vajk
4f5c06fed7 Merge pull request #10169 from tamasvajk/kotlin-array-iterator 
Kotlin: fix array iterator extraction
 2022-08-26 08:33:52 +02:00
erik-krogh
ebb1106d9d add missing qldoc 2022-08-25 20:52:30 +02:00
erik-krogh
cc7a9ef97a rename more acronyms 2022-08-25 20:52:27 +02:00
Ian Lynagh
5be8e45d09 Kotlin: Add AnyDbType 
All DbType* types extend it, and `Label`s require their argument to be a
subtype of it.
 2022-08-25 16:40:27 +01:00
Erik Krogh Kristensen
06afe9c0f4 Merge pull request #9816 from erik-krogh/msgConsis 
Make alert messages consistent across languages
 2022-08-25 15:20:01 +02:00
github-actions[bot]
0f63bc077f Release preparation for version 2.10.4 2022-08-25 12:52:26 +00:00
Ian Lynagh
2e2621adad Merge pull request #10154 from igfoo/igfoo/findSubType 
Kotlin: Implement and use fun <T,reified S: T> Iterable<T>.findSubType
 2022-08-25 12:57:46 +01:00
Sebastian Bauersfeld
130e1892f4 Address review comments. 2022-08-25 18:49:38 +07:00
Sebastian Bauersfeld
207aebc581 Change wording of change note. 2022-08-25 18:47:36 +07:00
Sebastian Bauersfeld
36b5e5f61a Java: Add change notes. 2022-08-25 17:58:24 +07:00
Sebastian Bauersfeld
a486a89cee Java: Taint flow through org.springframework.data.repository.CrudRepository.save(). 2022-08-25 17:58:24 +07:00
Erik Krogh Kristensen
ba1ad00d2a Merge pull request #10062 from erik-krogh/redosPrefix 
JS: use the shared regular expression libraries in `js/case-sensitive-middleware-path`
 2022-08-25 12:57:16 +02:00
erik-krogh
c7aa58252a change "does not seem to check" to "does not check" in unchecked-cast-in-equals queries 2022-08-25 12:31:58 +02:00
Ian Lynagh
12eab3d7f0 Kotlin: Specialise findSubType to IrDeclaration 
We only use it on that type, and this makes the uses a bit quieter.
 2022-08-25 10:11:19 +01:00
Ian Lynagh
b0ae12850d Merge pull request #10160 from igfoo/igfoo/more-not-null-exprs 
Kotlin: Remove the last not-null-expressions
 2022-08-25 10:05:53 +01:00
Ian Lynagh
bf6d9f8c23 Merge pull request #10161 from igfoo/igfoo/exec 
Make a load of files non-executable
 2022-08-25 10:05:39 +01:00
Tamas Vajk
15305fd9bb Kotlin: Fix iterator extraction of IntArray, BooleanArray, ... 2022-08-25 11:05:17 +02:00
Tamas Vajk
7196fdd475 Kotlin: fix array iterator extraction to work outside of for loops 2022-08-25 09:23:34 +02:00
Tamas Vajk
af2614be84 Kotlin: Add array iterator tests 2022-08-25 09:17:50 +02:00
Edward Minnix III
e6a1b1fab9 Rename allowBackup query id 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-08-24 15:54:13 -04:00
Ed Minnix
de36372d1c Refactor android:backupAllowed query 
Refactor the query to check for the nonexistence of the
`android:allowBackup` attribute being set to false.

The default value is true, so we need to check for it being explicitly
marked false.
 2022-08-24 15:54:13 -04:00
Ed Minnix
a036639ecd Added change notes 2022-08-24 15:54:13 -04:00
Ed Minnix
dad4a403db Add support for android:allowBackup default value 
The default value of `android:allowBackup` is `true`. Added support for
detecting if the default value is used.
 2022-08-24 15:54:13 -04:00
Ed Minnix
6509426fb3 android:allowBackup query documentation 2022-08-24 15:54:13 -04:00
Ed Minnix
44b0a2b8af Android allowBackup query 2022-08-24 15:54:13 -04:00
Ed Minnix
7d15af6caa Add allowBackup check to AndroidManifest 2022-08-24 15:54:13 -04:00
Ed Minnix
dac64eeca7 Query test files 2022-08-24 15:54:13 -04:00
Ian Lynagh
3fcfd32eb1 Make *.ql non-executable 2022-08-24 16:55:11 +01:00
Ian Lynagh
237b3670b4 Make *.xml non-executable 2022-08-24 16:53:48 +01:00