hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-13 22:44:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,950 Commits 1,679 Branches 158 Tags
54c780bdf95278374ff8eb53ffac60d59940736e
Commit Graph

2051 Commits

Author SHA1 Message Date
Tony Torralba
32471d326e Java: Remove omittable exists variables 2023-01-10 13:37:19 +01:00
Michael Nebel
16cd148961 Merge pull request #11711 from michaelnebel/externalflowcleanup 
C#/Java: Delete deprecated ModelCsv classes and related predicates.
 2023-01-10 10:22:50 +01:00
Chris Smowton
45c732a6f9 Java: improve naming and description of SqlUnescaped.ql 
Since the main thing it's objecting to is concatenation not lack of escaping (in particular it doesn't look for escaping sanitizers), rename and re-describe it accordingly.
 2023-01-09 10:56:13 +00:00
Jami
f5e5f6dfd1 Merge pull request #11821 from jcogs33/jcogs33/fix-mad-typos 
Java: fix typos in MaD row `name` columns for `MappingSqlQuery` and `MappingSqlQueryWithParameters`
 2023-01-06 07:59:30 -05:00
github-actions[bot]
cdb8f67601 Post-release preparation for codeql-cli-2.12.0 2023-01-06 10:36:34 +00:00
github-actions[bot]
b6a8193785 Release preparation for version 2.12.0 2023-01-05 16:32:14 +00:00
Jami Cogswell
f03f687d61 Java: add change note 2023-01-05 09:08:04 -05:00
Jami Cogswell
0640bd9d8b Java: fix typos in the MaD row name columns for MappingSqlQuery and MappingSqlQueryWithParameters 2023-01-05 08:32:22 -05:00
Aditya Sharad
9988c19a42 Merge branch 'main' into tutorial/library-pack 2023-01-03 14:08:37 -08:00
Jami
c9258effb6 Merge pull request #11572 from jcogs33/jcogs33/model-top-jdk-apis 
Java: model top 100 JDK APIs
 2022-12-20 09:13:53 -05:00
Jami
dc0bad3dc5 update change note 
Co-authored-by: yo-h <55373593+yo-h@users.noreply.github.com>
 2022-12-20 07:55:58 -05:00
Tony Torralba
149cae9603 Merge pull request #10971 from joefarebrother/android-certificate-pinning 
Java: Add Android missing certificate pinning query (CWE-295)
 2022-12-20 11:03:16 +01:00
Tony Torralba
3e7a819fe7 Simplification 2022-12-20 09:42:25 +01:00
Jeroen Ketema
edc768b43b Merge pull request #11707 from smowton/smowton/fix/java-empty-multiline-comment 
Java: handle printing an empty comment (/**/); add relevant tests
 2022-12-20 08:07:42 +01:00
Aditya Sharad
ed29b3e4d6 Shared packs: Depend on codeql/tutorial from all language libraries 
This allows `import tutorial` from queries targeting
any language, just like before, while removing the
duplicate copies of `tutorial.qll`.
 2022-12-19 15:52:11 -08:00
Jami Cogswell
19deb59d07 Java: sort neutral models alphabetically 2022-12-19 14:22:17 -05:00
Edward Minnix III
39a7c7bb12 Merge pull request #11282 from egregius313/egregiu313/webview-addjavascriptinterface 
Java: Query for detecting addJavascriptInterface method calls
 2022-12-19 11:28:45 -05:00
Jami Cogswell
f37f0a09aa Java: update change note 2022-12-19 08:41:56 -05:00
Chris Smowton
2ca56e0c1e Java: handle printing an empty comment (/**/); add relevant tests 2022-12-19 14:12:09 +01:00
erik-krogh
ba7321ac5c add qldoc to RegExpCharEscape 2022-12-18 17:23:45 +01:00
erik-krogh
26c5480ee6 share {js,rb}/regex/missing-regexp-anchor 2022-12-18 17:23:41 +01:00
erik-krogh
f67d0bc8c0 put the shared HostnameRegexp code in the shared regex pack 2022-12-17 17:26:18 +01:00
Jami Cogswell
0c22d68a65 Java: update extensible predicate names 2022-12-16 15:40:14 -05:00
Jami
ff652f7dee Merge branch 'main' into jcogs33/model-top-jdk-apis 2022-12-16 15:32:50 -05:00
Jami Cogswell
9762423fbc Java: add more test cases 2022-12-16 15:26:54 -05:00
Henry Mercer
30451ee950 Merge pull request #11681 from github/henrymercer/mergeback-3.8 
Merge `rc/3.8` back to `main`
 2022-12-16 17:43:12 +00:00
Jami Cogswell
83630842b6 Java: add change note 2022-12-16 11:49:52 -05:00
Tom Hvitved
e45edcc159 Merge pull request #11674 from hvitved/dataflow/param-context 
Data flow: Track callable in flow-through pruning
 2022-12-16 09:25:15 +01:00
Jami Cogswell
f01ee9e4c2 Java: remove PR-merging comment 2022-12-15 22:56:15 -05:00
Jami Cogswell
08546549bf Java: update exception models and add test 2022-12-15 22:53:14 -05:00
Jami
fd63348549 Merge pull request #11585 from jcogs33/jcogs33/mad-metrics-query 
Java: add MaD metrics query
 2022-12-15 19:26:51 -05:00
Tom Hvitved
f8571dd0b6 Data flow: Work around functionality-induced misoptimization 2022-12-15 15:29:14 +01:00
Tom Hvitved
6eda042229 Data flow: Sync files 2022-12-15 15:29:13 +01:00
Michael Nebel
0f038ee93a Java: Remove deprecated ModelCsv classes. 2022-12-15 15:22:44 +01:00
Michael Nebel
a67e02df21 Merge pull request #11691 from michaelnebel/renameextensibles 
C#/Java: Rename externalflow extensible predicates
 2022-12-15 11:05:22 +01:00
Jami Cogswell
510cd4a163 Java: change negative to neutral 2022-12-15 00:46:03 -05:00
Jami Cogswell
f1ddbbb96f Java: update remaining models 2022-12-15 00:33:35 -05:00
Jami Cogswell
46b8fbc4c9 Java: update remaining models, resolve merge conflict 2022-12-15 00:33:06 -05:00
Jami Cogswell
15069250eb Java: add draft of test case 2022-12-15 00:24:41 -05:00
Jami Cogswell
134577e52b Java: some updates to models 2022-12-15 00:24:41 -05:00
Jami Cogswell
4c590d1190 Java: move most negative models to package.model.yml files 2022-12-15 00:24:41 -05:00
Jami Cogswell
b7016feb44 Java: initial updates based on review comments 2022-12-15 00:24:41 -05:00
Jami Cogswell
b3dbf00ae6 Java: update comment 2022-12-15 00:24:41 -05:00
Jami Cogswell
9d3abc72bf Java: add draft of top 100 jdk models 2022-12-15 00:24:40 -05:00
Jami
359e49044f Merge branch 'main' into jcogs33/mad-metrics-query 2022-12-14 15:33:29 -05:00
Anders Schack-Mulligen
598b4c38b7 Merge pull request #11619 from aschackmull/java/typetrack-lambda 
Java: Switch DispatchFlow to typetracking.
 2022-12-14 14:08:29 +01:00
Michael Nebel
bc02adb400 Java: Make the corresponding rename in all the data extensions. 2022-12-14 13:48:31 +01:00
Michael Nebel
b45d079a01 Java: Move and rename externalflow related extensible predicates. 2022-12-14 13:43:34 +01:00
Tom Hvitved
25b2d11368 Merge pull request #11635 from hvitved/dataflow/approx-content 
Data flow: Introduce `ApproxContent` in a new pruning stage between stages 2 and 3
 2022-12-14 12:56:50 +01:00
Tamás Vajk
a6d227d52e Merge pull request #11599 from igfoo/igfoo/diags 
Java/Kotlin: Update the diagnostic severity documentation
 2022-12-14 10:13:30 +01:00