hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
43,499 Commits 1,672 Branches 157 Tags
70dae17d2fa45879032ce32eba668ac4da7026eb
Commit Graph

7150 Commits

Author SHA1 Message Date
Ian Lynagh
70dae17d2f Kotlin: Simplify trapFilePathForDecl 2022-09-23 12:41:41 +01:00
Chris Smowton
80968eef47 Add test for annotations with annotation-array-typed fields 2022-09-16 11:30:16 +01:00
Anders Schack-Mulligen
726772220c Merge pull request #10191 from smowton/smowton/admin/java-implicit-this-type-tests 
Java: Add test regarding the type of an implicit `this` expression
 2022-09-16 10:58:48 +02:00
github-actions[bot]
0e1aca547b Add changed framework coverage reports 2022-09-16 00:23:05 +00:00
Tony Torralba
c0762dfdb0 Merge pull request #10437 from github/atorralba/fix-0.3.4-changenote 
Java: Fix wrong packages in minor analysis change note
 2022-09-15 19:12:57 +02:00
Philip Ginsbach
c2bdb69476 remove upper-case variable name 2022-09-15 16:32:16 +01:00
Chris Smowton
88644b6e76 Add change note 2022-09-15 15:35:52 +01:00
Tony Torralba
62b1091c17 Fix wrong packages in minor analysis change 2022-09-15 16:30:12 +02:00
Tony Torralba
df5178d7ee Merge pull request #10330 from atorralba/atorralba/implicit-pendingintents-compat-sinks 
Java: Add Implicit PendingIntents sinks for Compat classes
 2022-09-15 14:39:19 +02:00
Tony Torralba
714b37e77b Merge pull request #10318 from atorralba/atorralba/notificationcompat-steps 
Java: Add summaries for NotificationCompat and its inner classes
 2022-09-15 14:38:39 +02:00
Chris Smowton
5a56bb97fc deprecated-call query: notice calls to methods of specialised generic classes 2022-09-15 12:49:12 +01:00
Ian Lynagh
a939156ade Merge pull request #10419 from igfoo/igfoo/unused 
Kotlin: Remove an unused method
 2022-09-15 10:57:58 +01:00
Ian Lynagh
618a5b9b8c Merge pull request #10427 from igfoo/igfoo/werror 
Kotlin: Compile with -Werror, and fix warnings
 2022-09-15 10:57:45 +01:00
Chris Smowton
b926bc9efa Fix and add test for java/subtle-inherited-call involving inheritence from generic types 2022-09-14 22:17:19 +01:00
Chris Smowton
da04673cb0 Fix query java/internal-representation-exposure regarding generic callees, and add a test 2022-09-14 22:17:19 +01:00
Chris Smowton
c149754c6b Fix java/iterator-remove-failure to handle calls to specialised generic functions 2022-09-14 22:17:19 +01:00
Chris Smowton
3bdccb38b6 Adapt inner-class-could-be-static query now that specialised methods are callable via an implicit this qualifier. 
Previously such a call always targeted the unbound method, so we checked for an inherited method that could be a specialisation thereof; now we expect it should be directly inherited.
 2022-09-14 22:17:19 +01:00
Chris Smowton
25b4d485b4 Java: Add test regarding the type of an implicit this expression 2022-09-14 22:17:19 +01:00
Ian Lynagh
8a5bc3b635 Kotlin: Don't use hasQuestionMark 
1.7.0 warns:
    'hasQuestionMark: Boolean' is deprecated. hasQuestionMark has
    ambiguous meaning. Use isNullable() or isMarkedNullable() instead
 2022-09-14 17:56:27 +01:00
Ian Lynagh
fce111bebe Kotlin: Compile with -Werror, and fix warnings 2022-09-14 16:42:57 +01:00
Ian Lynagh
8f2a718787 Kotlin: Remove an unused method 2022-09-14 16:31:11 +01:00
Tamás Vajk
e4a712c9d6 Merge pull request #10402 from tamasvajk/kotlin-comp-args 
Kotlin: Add integration test for compiler argument extraction
 2022-09-14 15:27:18 +02:00
Tamas Vajk
16836de02b Code quality improvment to simplify test QL 2022-09-14 15:15:06 +02:00
Ian Lynagh
b3b1efb1a1 Merge pull request #10414 from igfoo/igfoo/getQualifiedName 
Java: Tweak Member.getQualifiedName()
 2022-09-14 13:30:22 +01:00
Anders Schack-Mulligen
d713910714 Merge pull request #10334 from aschackmull/java/uniontypeflow 
Java: Implement union type flow and replace ad-hoc variable tracking in dispatch
 2022-09-14 13:34:28 +02:00
Tamas Vajk
a68b61f50a Kotlin: adjust expected test results after fixing compiler argument interception 2022-09-14 13:15:29 +02:00
Tamas Vajk
6eccb5e99c Kotlin: Add integration test to show missing compiler arguments 2022-09-14 13:15:29 +02:00
Ian Lynagh
4ac0ecbc61 Java: Mark the getQualifiedName change as breaking 2022-09-14 12:10:50 +01:00
Ian Lynagh
d735b9e6f2 Java: Format QL 2022-09-14 11:56:13 +01:00
Ian Lynagh
fec6c35f21 Java: Accept test output for getQualifiedName change 2022-09-14 10:52:43 +01:00
Anders Schack-Mulligen
64e2f4164d Java: Add test for disjunctive type in call context. 2022-09-14 10:38:10 +02:00
Anders Schack-Mulligen
9f200633ca Java: convert test to inline expectation 2022-09-14 10:17:31 +02:00
Anders Schack-Mulligen
83e7bf71d7 Java: Adjust qldoc. 2022-09-14 10:16:09 +02:00
erik-krogh
252394666c sync files 2022-09-13 20:44:05 +02:00
Ian Lynagh
f807b801ce Merge pull request #10401 from igfoo/igfoo/throw 
Kotlin: Remove a throw statement
 2022-09-13 17:41:31 +01:00
Tony Torralba
4708052741 Merge pull request #10408 from giper45/patch-1 
Updated vulnerable XSS.java version
 2022-09-13 17:50:47 +02:00
Ian Lynagh
6a63b86f8a Java: Member.getQualifiedName() tweaked 
It now includes the qualified name of the declaring type.
 2022-09-13 16:05:51 +01:00
Ian Lynagh
fc445736b2 Java: Use hasQualifiedName rather than getQualifiedName in ExternalAPIs 
It's more efficient, as it doesn't require building intermediate
strings.
 2022-09-13 15:58:00 +01:00
Tony Torralba
ac46a38b9d Update java/ql/src/Security/CWE/CWE-079/XSS.java 2022-09-13 16:49:20 +02:00
Tony Torralba
2b027709e4 Update XSS qhelp 2022-09-13 16:39:48 +02:00
gx1
1c4488e7c8 Updated vulnerable XSS.java version 2022-09-13 15:58:25 +02:00
Tamas Vajk
2c757c714d Kotlin: Code quality improvements: refactor a cast 2022-09-13 15:44:54 +02:00
Ian Lynagh
2f8151d8d2 Kotlin: Remove a throw statement 
We have a way to carry on here, so we may as well do so
 2022-09-13 13:51:00 +01:00
Anders Schack-Mulligen
b8a1818422 Java: Fix test expectation. 2022-09-13 13:30:40 +02:00
Anders Schack-Mulligen
0e376b32d2 Java: extend typeflow tests to cover union types. 2022-09-13 13:30:40 +02:00
Anders Schack-Mulligen
d0f7052de2 Java: Support instanceof disjunction in union type flow. 2022-09-13 13:30:40 +02:00
Anders Schack-Mulligen
686e03e1cc Java: Fix perf issue. 2022-09-13 13:30:40 +02:00
Anders Schack-Mulligen
c8b93e0910 Java: Replace uses of deprecated variableTrack. 2022-09-13 13:30:40 +02:00
Anders Schack-Mulligen
a8eedce8ab Java: Replace ad-hoc variable tracking with union type flow in dispatch. 2022-09-13 13:30:40 +02:00
Anders Schack-Mulligen
6f06267892 Java: Implement union type flow. 2022-09-13 13:30:40 +02:00