hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,672 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

4207 Commits

Author SHA1 Message Date
Jami Cogswell
9853a66b32 Java: update change note 2023-05-31 15:51:07 -04:00
Jami Cogswell
3e5dc28c0a Java: update more recently added sinks: path-injection and request-forgery 2023-05-31 15:51:07 -04:00
Jami Cogswell
6bb6802fb8 Java: add change note draft 2023-05-31 15:51:07 -04:00
Jami Cogswell
ad771984f1 Java: update recently added path-injection sinks 2023-05-31 15:51:07 -04:00
Jami Cogswell
5dbb698481 Java: update open/jdbc-url sink kinds to request-forgery 2023-05-31 15:50:31 -04:00
Jami Cogswell
cb10f4976b Java: update create/read-file sink kinds to path-injection 2023-05-31 15:49:07 -04:00
Jami Cogswell
eb1a8e2189 Java: update write-file sink kind to file-system-store 2023-05-31 15:49:07 -04:00
Jami Cogswell
ac8d985a63 Java: update xss sink kind to html-injection and js-injection 2023-05-31 15:49:07 -04:00
Jami Cogswell
041caa7405 Java: update header-splitting sink kind to response-splitting 2023-05-31 15:49:07 -04:00
Jami Cogswell
51df84ed1c Java: update set-hostname-verifier sink kind to hostname-verification 2023-05-31 15:49:07 -04:00
Jami Cogswell
b23f384a50 Java: update intent-start sink kind to intent-redirection 2023-05-31 15:49:07 -04:00
Jami Cogswell
5aa3e57ff3 Java: update pending-intent-sent sink kind to pending-intents 2023-05-31 15:49:07 -04:00
Jami Cogswell
3ff4c7de8f Java: update ldap sink kind to ldap-injection 2023-05-31 15:49:07 -04:00
Jami Cogswell
6d2d25406c Java: update xslt sink kind to xslt-injection 2023-05-31 15:49:07 -04:00
Jami Cogswell
cea97b3f2a Java: update mvel sink kind to mvel-injection 2023-05-31 15:49:06 -04:00
Jami Cogswell
6cee0c4c75 Java: update jexl sink kind to jexl-injection 2023-05-31 15:49:06 -04:00
Jami Cogswell
6431d370c1 Java: update groovy sink kind to groovy-injection 2023-05-31 15:49:06 -04:00
Jami Cogswell
430010daa3 Java: update logging sink kind to log-injection 2023-05-31 15:49:06 -04:00
Jami Cogswell
8c4b394e1a Java: update ssti sink kind to template-injection 2023-05-31 15:49:06 -04:00
Jami Cogswell
fc58d10a4e Java: update xpath sink kind to xpath-injection 2023-05-31 15:49:06 -04:00
Jami Cogswell
55be2e5b67 Java: update url-redirect sink kind to url-redirection 2023-05-31 15:49:06 -04:00
Jami Cogswell
d24d8b1626 Java: update sql sink kind to sql-injection 2023-05-31 15:49:06 -04:00
Ian Lynagh
0090429d53 Kotlin: Support 1.9.0 2023-05-31 19:43:45 +01:00
Arthur Baars
c211b704f3 Merge pull request #13272 from github/post-release-prep/codeql-cli-2.13.3 
Post-release preparation for codeql-cli-2.13.3
 2023-05-31 15:33:12 +02:00
Tony Torralba
282ee08ba9 Java: Fix GsonDeserializableField 2023-05-31 13:26:35 +02:00
Taus
b39a5a64af Merge pull request #13317 from github/java/update-mad-decls-after-triage-2023-05-30T14-11-29 
Java: Update MaD Declarations after Triage
 2023-05-31 11:40:49 +02:00
Tony Torralba
482bb94ad9 Merge pull request #13179 from pwntester/java_gson 
[Java] Add basic support for Google's Gson library
 2023-05-31 11:16:19 +02:00
Tony Torralba
fe26aca238 Remove non-ASCII character 2023-05-31 09:25:37 +02:00
Tony Torralba
6f302a43ea Merge pull request #13297 from atorralba/atorralba/java/playmvc-models 
Java: Add models for the Play Framework
 2023-05-31 09:02:17 +02:00
Michael Nebel
2266e28583 Merge pull request #13262 from michaelnebel/flowsummary/refactorgetcomponentstack 
C#: Re-factor getComponent.
 2023-05-31 08:22:44 +02:00
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Tony Torralba
70138448c3 Visibility 2023-05-30 17:54:59 +02:00
Tony Torralba
0151a728f8 Add change note 2023-05-30 17:53:03 +02:00
Tony Torralba
977263a126 Use container flow for more precision 2023-05-30 17:51:41 +02:00
Tony Torralba
54e011188d Formatting 2023-05-30 17:50:50 +02:00
Taus
00e4c455b5 Update MaD Declarations after Triage 2023-05-30 16:11:30 +02:00
Andrew Eisenberg
2d81e30d81 Fix addsTo.pack references 
This change is a prerequisite for a CLI change where there will be
strict testing of the `addsTo.pack` values. It must resolve to a pack
reference that is a transitive dependency of the current query's pack.
 2023-05-29 13:45:41 -07:00
Jami Cogswell
f255b6acb8 Java: fix typos 2023-05-26 18:55:13 -04:00
Jami Cogswell
7e6913af62 Java: update provenance to 'hq-manual' 2023-05-26 18:55:13 -04:00
Jami Cogswell
60b07083c3 Java: add 'sink' kind 2023-05-26 18:55:13 -04:00
Jami Cogswell
65dd7eb8e7 Java: add neutral models discovered with path-inj and ssrf heuristics 2023-05-26 18:55:13 -04:00
Michael Nebel
915042a881 Minor cleanup and sync files. 2023-05-26 12:25:00 +02:00
Michael Nebel
b7a8660375 Java: Re-factor getComponent. 2023-05-26 12:24:59 +02:00
Tony Torralba
903fdb0cb8 Java: Add models for the Play Framework 2023-05-26 10:23:43 +02:00
Tony Torralba
a276cc3094 Convert all command injection sinks to MaD format 2023-05-25 11:41:32 +02:00
github-actions[bot]
d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Tony Torralba
7d0b02e267 Merge pull request #13248 from atorralba/atorralba/java/nio-files-copy-models-fix 
Java: Tweak java.nio.file.Files.copy models
 2023-05-24 10:55:15 +02:00
Edward Minnix III
52340802bb Merge pull request #13097 from egregius313/egregius313/java/webgoat/ssrf-regex-fix 
Java: Add constraint to `HostnameSanitizingPrefix` to prevent false negatives in SSRF queries
 2023-05-23 10:50:43 -04:00
Tony Torralba
6f012d51c0 Merge pull request #13091 from atorralba/atorralba/java/inputstreamwrapper-transitive 
Java: Make inputStreamWrapper consider supertypes transitively
 2023-05-23 13:28:17 +02:00
Tony Torralba
5c5f910130 Add change note 2023-05-23 10:31:28 +02:00