hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,672 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

4207 Commits

Author SHA1 Message Date
Alvaro Muñoz
07e25e36b3 Merge branch 'java/langs3_improvements' of https://github.com/pwntester/codeql into java/langs3_improvements 2023-07-12 11:00:04 +02:00
Alvaro Muñoz
46e326e106 add change note 2023-07-12 10:59:56 +02:00
Tony Torralba
c54e93f005 Merge pull request #13705 from atorralba/atorralba/java/android-unsafe-fetch-apply 
Java: Add support for Kotlin's `apply` to java/android/unsafe-android-wevbiew-fetch
 2023-07-12 09:45:54 +02:00
Alvaro Muñoz
51f7031416 Update java/ql/lib/ext/org.apache.commons.lang3.builder.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-07-12 09:06:05 +02:00
Ian Lynagh
cfd29de677 Kotlin: Add Class.isFileClass() 2023-07-11 15:58:41 +01:00
Alvaro Muñoz
e8563e5dfd fix row 2023-07-11 10:47:23 +02:00
Mathias Vorreiter Pedersen
a4c0063ab1 Merge pull request #13679 from MathiasVP/speedup-big-step 
DataFlow: Speed up the big step relation
 2023-07-11 09:44:17 +01:00
Alvaro Muñoz
c2f1fbbf98 Add missing commons lang3 model for ToStringBuilder.reflectionToString 2023-07-11 10:34:17 +02:00
Alvaro Muñoz
047d486509 add new struts2 models 2023-07-11 10:23:26 +02:00
Tony Torralba
ce600367df Java: Add support for Kotlin's apply to java/android/unsafe-android-webview-fetch 2023-07-10 17:40:16 +02:00
Tony Torralba
b70e21df4f Merge pull request #13702 from atorralba/atorralba/kotlin/apply 
Kotlin: Support apply
 2023-07-10 17:39:57 +02:00
Tony Torralba
0f18c0227b Kotlin: Support apply 2023-07-10 16:15:27 +02:00
github-actions[bot]
13cf054a9d Post-release preparation for codeql-cli-2.14.0 2023-07-07 14:55:41 +00:00
github-actions[bot]
6484ee106e Release preparation for version 2.14.0 2023-07-07 08:22:14 +00:00
Dave Bartolomeo
9631e9f2f1 Bump minor version numbers post-GHES 2023-07-06 10:10:01 -04:00
Dave Bartolomeo
2bb9adfbf1 Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10 2023-07-06 10:00:46 -04:00
Mathias Vorreiter Pedersen
83d0dec0fb DataFlow: Sync identical files. 2023-07-06 14:00:00 +01:00
Michael Nebel
238f390738 Merge pull request #13452 from michaelnebel/refactorstackprinting 
Re-factor printing of summary component stacks.
 2023-07-04 08:29:10 +02:00
Michael Nebel
243c592447 Address review comments. 2023-07-03 17:01:08 +02:00
Michael Nebel
bddd22f522 Sync files and make language specific adjustments. 2023-07-03 14:36:07 +02:00
Michael Nebel
c18f4b1604 Sync files and make language specific rename. 2023-07-03 14:36:06 +02:00
Chuan-kai Lin
ce464a7d69 Remove pragma[assume_small_delta] 2023-06-30 11:09:29 -07:00
github-actions[bot]
668aaa2dc8 Post-release preparation for codeql-cli-2.13.5 2023-06-30 08:51:48 +00:00
github-actions[bot]
9d7987f822 Release preparation for version 2.13.5 2023-06-29 09:26:18 +00:00
jorgectf
9d8ae5039a Add models for javax.portlet 2023-06-28 17:53:56 +02:00
Tony Torralba
a7c2a25cac Merge pull request #12879 from atorralba/atorralba/java/command-injection-mad-sinks 
Java: Convert all command injection sinks to MaD format
 2023-06-27 14:06:45 +02:00
Tony Torralba
6e20bd04e9 Merge pull request #13539 from atorralba/atorralba/java/url-to-string-model 
Java: Add URL.toString summary
 2023-06-27 14:05:47 +02:00
Tony Torralba
3c3b53001f Merge pull request #13550 from jorgectf/jorgectf/lang2-models 
Java: Add models for `org.apache.commons.lang`
 2023-06-27 11:20:59 +02:00
Tony Torralba
55280e523a Update java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll 2023-06-26 11:14:31 +02:00
jorgectf
2dc4f23dbb Add models for org.apache.commons.lang 2023-06-23 19:34:21 +02:00
Jorge
7d0b880bf7 Merge branch 'main' into jorgectf/deserialization-lookahead 2023-06-23 18:24:39 +02:00
jorgectf
b6e4ba6f9d Add SerialKiller model 2023-06-23 18:19:43 +02:00
Tony Torralba
d07e2862f9 Java: Add URL.toString summary 
This adds coverage for CVE-2023-35149.
 2023-06-22 17:39:30 +02:00
Henry Mercer
5afdaf8fe1 Merge pull request #13525 from github/rc/3.10 
Merge `rc/3.10` back to `main`
 2023-06-21 17:13:36 +01:00
Ian Lynagh
18a5c48c79 Merge pull request #13508 from igfoo/igfoo/rc_kot 
Kotlin: Backport some Kotlin 1.9 fixes to the rc/3.10 branch
 2023-06-21 15:26:41 +01:00
Jami
622cd05b77 Merge branch 'main' into java/update-mad-decls-after-triage-2023-06-08T08-51-47 2023-06-20 21:58:15 -04:00
Jami
5259a6ecfc Merge pull request #13324 from jcogs33/jcogs33/shared-sink-kind-validation 
Shared: share MaD kind validation across languages
 2023-06-20 11:56:12 -04:00
Owen Mansel-Chan
d7c97f8759 Merge pull request #13455 from owen-mc/dataflow/add-flowCheckNodeSpecific 
Dataflow: add language-specific hook for breaking up big step relation
 2023-06-20 13:24:26 +01:00
github-actions[bot]
18b678e69e Post-release preparation for codeql-cli-2.13.4 2023-06-20 10:20:05 +00:00
Ian Lynagh
0076d8aac1 Java: Add up/downgrade scripts 2023-06-20 10:59:13 +01:00
Ian Lynagh
81142f51fb Kotlin: Handle IrSyntheticBodyKind.ENUM_ENTRIES 
Generated by Kotlin 1.9 for some of our tests.
 2023-06-20 10:59:04 +01:00
Jeroen Ketema
9c774ac97f Merge pull request #13426 from jketema/inline-3 
Update inline flow tests to use parameterized module
 2023-06-19 17:39:29 +02:00
Tony Torralba
c62689022e Merge pull request #13256 from atorralba/atorralba/java/stapler-models 
Java: Model the Stapler framework
 2023-06-19 15:27:19 +02:00
Tony Torralba
00fe8adc09 Fix name clash 2023-06-19 15:04:33 +02:00
Ian Lynagh
ca5bc6f224 Java: Add up/downgrade scripts 2023-06-19 10:36:29 +01:00
Ian Lynagh
1f538cced3 Kotlin: Handle IrSyntheticBodyKind.ENUM_ENTRIES 
Generated by Kotlin 1.9 for some of our tests.
 2023-06-19 10:36:29 +01:00
Tony Torralba
1b39faaded QLDoc correction 2023-06-15 16:20:39 +02:00
Tony Torralba
7cbc13db40 Update java/ql/lib/change-notes/2023-06-08-new-models.md 2023-06-15 15:14:12 +02:00
Tony Torralba
dcd180f3f6 Remove model 2023-06-15 12:00:46 +02:00
Tony Torralba
af240ff533 Apply suggestions from code review 2023-06-15 11:58:53 +02:00