hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,098 Commits 1,672 Branches 157 Tags
66737402c20fc83b3d3a654dcccf4b26c901b100
Commit Graph

12946 Commits

Author SHA1 Message Date
Alvaro Muñoz
07e25e36b3 Merge branch 'java/langs3_improvements' of https://github.com/pwntester/codeql into java/langs3_improvements 2023-07-12 11:00:04 +02:00
Alvaro Muñoz
46e326e106 add change note 2023-07-12 10:59:56 +02:00
Tony Torralba
c54e93f005 Merge pull request #13705 from atorralba/atorralba/java/android-unsafe-fetch-apply 
Java: Add support for Kotlin's `apply` to java/android/unsafe-android-wevbiew-fetch
 2023-07-12 09:45:54 +02:00
Alvaro Muñoz
51f7031416 Update java/ql/lib/ext/org.apache.commons.lang3.builder.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-07-12 09:06:05 +02:00
Ian Lynagh
b83f0275e3 Kotlin: Accept test changes for Kotlin 1.9.0 2023-07-11 17:37:24 +01:00
Ian Lynagh
470e033090 Kotlin: Restrict a test's results to those in the test directory 2023-07-11 17:37:23 +01:00
Ian Lynagh
6dedd9286c Kotlin: Record "file class" info from the compiler 
We were making file classes when the parent was a file, but not when it
was a class marked as one.
 2023-07-11 15:58:42 +01:00
Ian Lynagh
cfd29de677 Kotlin: Add Class.isFileClass() 2023-07-11 15:58:41 +01:00
Ian Lynagh
2162530729 Kotlin: Add an integration test for file classes 2023-07-11 15:58:41 +01:00
Ian Lynagh
a603f21ce1 Kotlin: Use 1.9.0 for CI 2023-07-11 14:10:48 +01:00
Ian Lynagh
c21797dd3c Kotlin: Add a test for file classes 2023-07-11 13:21:56 +01:00
Alvaro Muñoz
e8563e5dfd fix row 2023-07-11 10:47:23 +02:00
Mathias Vorreiter Pedersen
a4c0063ab1 Merge pull request #13679 from MathiasVP/speedup-big-step 
DataFlow: Speed up the big step relation
 2023-07-11 09:44:17 +01:00
Alvaro Muñoz
c2f1fbbf98 Add missing commons lang3 model for ToStringBuilder.reflectionToString 2023-07-11 10:34:17 +02:00
Alvaro Muñoz
047d486509 add new struts2 models 2023-07-11 10:23:26 +02:00
github-actions[bot]
7b8cd77cec Add changed framework coverage reports 2023-07-11 00:19:16 +00:00
Tony Torralba
ce600367df Java: Add support for Kotlin's apply to java/android/unsafe-android-webview-fetch 2023-07-10 17:40:16 +02:00
Tony Torralba
16529cdd18 Add failing test 2023-07-10 17:40:15 +02:00
Tony Torralba
b70e21df4f Merge pull request #13702 from atorralba/atorralba/kotlin/apply 
Kotlin: Support apply
 2023-07-10 17:39:57 +02:00
Tony Torralba
0f18c0227b Kotlin: Support apply 2023-07-10 16:15:27 +02:00
github-actions[bot]
13cf054a9d Post-release preparation for codeql-cli-2.14.0 2023-07-07 14:55:41 +00:00
github-actions[bot]
6484ee106e Release preparation for version 2.14.0 2023-07-07 08:22:14 +00:00
Taus
f666260cd8 Java: Add meta query for metrics gathering 
Exposes the same information as the existing queries through two query
predicates instead. This makes the downstream data gathering a bit more
convenient to implement.
 2023-07-06 16:59:15 +02:00
Taus
36c6c7235c Java: Move instance counting logic into utility library 2023-07-06 16:59:15 +02:00
Dave Bartolomeo
9631e9f2f1 Bump minor version numbers post-GHES 2023-07-06 10:10:01 -04:00
Dave Bartolomeo
2bb9adfbf1 Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10 2023-07-06 10:00:46 -04:00
Mathias Vorreiter Pedersen
83d0dec0fb DataFlow: Sync identical files. 2023-07-06 14:00:00 +01:00
Taus
97610d2cac Java: Add query for counting sink model instances 
Also adds a more sensible ordering to the existing queries.
 2023-07-04 14:24:52 +02:00
Michael Nebel
3cde59e409 Merge pull request #13651 from michaelnebel/telemetrytop100 
Java/C#: Reduce the amount of telemetry being produced.
 2023-07-04 08:33:53 +02:00
Michael Nebel
238f390738 Merge pull request #13452 from michaelnebel/refactorstackprinting 
Re-factor printing of summary component stacks.
 2023-07-04 08:29:10 +02:00
Taus
b7e4bd290d Java: Use an IPA type instead of a string 
While the string representation is useful for quickly modifying queries, it's
a bit clunky when the data needs to be further parsed. Instead, the two queries
now select all of the columns of the sinkmodel separately (which makes it easy
to pull them out of the relevant output later on).
 2023-07-03 23:17:55 +02:00
Michael Nebel
243c592447 Address review comments. 2023-07-03 17:01:08 +02:00
Michael Nebel
23a119b8c2 Java/C#: Reduce the amount of telemetry being produced. 2023-07-03 16:54:07 +02:00
Chuan-kai Lin
6912f7ed3a Merge pull request #13638 from cklin/remove-pragma-assume-small-delta 
Remove pragma[assume_small_delta]
 2023-07-03 07:00:36 -07:00
Michael Nebel
bddd22f522 Sync files and make language specific adjustments. 2023-07-03 14:36:07 +02:00
Michael Nebel
c18f4b1604 Sync files and make language specific rename. 2023-07-03 14:36:06 +02:00
Taus
6f24d939f6 Java: Also select query id 2023-07-01 15:04:06 +02:00
Ian Lynagh
fcf003ceb5 Revert "Kotlin: Remove a use of ObsoleteDescriptorBasedAPI" 
This reverts commit a50d804ad7.
 2023-06-30 19:32:37 +01:00
Chuan-kai Lin
ce464a7d69 Remove pragma[assume_small_delta] 2023-06-30 11:09:29 -07:00
Taus
dca227389d Java: Add metric queries for counting sinks coming from models 
Adds two queries for gathering metrics on the number of alerts (for a selection of queries)
that arise from models with the `ai-generated` provenance.
 2023-06-30 15:07:13 +02:00
github-actions[bot]
668aaa2dc8 Post-release preparation for codeql-cli-2.13.5 2023-06-30 08:51:48 +00:00
github-actions[bot]
cf83baeead Add changed framework coverage reports 2023-06-30 00:17:47 +00:00
Tony Torralba
b2e8167407 Merge pull request #13587 from github/koesie10/update-java-external-api-name 
Java: Fix external API name for nested types
 2023-06-29 13:23:20 +02:00
Koen Vlaswinkel
6806b8750d Java: Use getSourceDeclaration to handle generic types 2023-06-29 11:49:16 +02:00
github-actions[bot]
9d7987f822 Release preparation for version 2.13.5 2023-06-29 09:26:18 +00:00
Paul Hodgkinson
bfbb77a796 Merge branch 'main' into java/experimental/command-injection 2023-06-29 09:51:14 +01:00
aegilops
8dbb0a51c0 Rewrote tests to work 2023-06-29 09:47:03 +01:00
aegilops
01798f63f8 Switched to new dataflow and added a test (but it doesn't produce results yet) 2023-06-28 17:14:39 +01:00
jorgectf
9d8ae5039a Add models for javax.portlet 2023-06-28 17:53:56 +02:00
Ian Lynagh
641f186afc Merge pull request #13600 from igfoo/igfoo/fake_fun 
Kotlin: Remove a use of ObsoleteDescriptorBasedAPI
 2023-06-28 15:50:27 +01:00