hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,235 Commits 1,672 Branches 157 Tags
75b13da4e422c6f00519b51a3d29017cebf40aab
Commit Graph

452 Commits

Author SHA1 Message Date
Chris Smowton
5b72aee3ae Java: model JDK21 SequencedCollection, Set and Map 2023-11-06 16:04:13 +00:00
Edward Minnix III
1ec1dd368d Merge pull request #13978 from egregius313/egregius313/java/mad/convert-sensitive-api-to-mad 
Java: Convert `SensitiveApi.qll` to use Models-as-Data
 2023-10-31 15:25:42 -04:00
Tony Torralba
107a05af71 Update MaD Declarations after Triage 2023-10-31 16:52:02 +01:00
Dave Bartolomeo
d2afb20f3f Merge remote-tracking branch 'origin/main' into dbartol/threat-models-2 2023-10-26 14:05:40 -04:00
Ed Minnix
f288ddc3d5 Add signature back to trilead ssh2 model 2023-10-25 14:31:56 -04:00
Ed Minnix
d923784ae4 Add signatures to models 2023-10-25 14:31:56 -04:00
Ed Minnix
90c63ab6b0 Remove additional net.schmizz.sshj models 2023-10-25 14:31:56 -04:00
Edward Minnix III
2fb4dfeb90 TrustType should be nested in sun.security.pkcs11.Secmod models 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-10-25 14:31:55 -04:00
Ed Minnix
665b140a8a Make SaltAndParams be nested 2023-10-25 14:31:55 -04:00
Edward Minnix III
700201556c Remove extra model 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-10-25 14:31:55 -04:00
Ed Minnix
58dae6d1c6 Set provenance of models from otherApiCallableCredentialParam to manual and remove extra models 2023-10-25 14:31:55 -04:00
Ed Minnix
a28f19c857 Remove initialization vectors from SensitiveApi 2023-10-25 14:31:55 -04:00
Ed Minnix
855d96db66 Remove extra models 2023-10-25 14:31:55 -04:00
Ed Minnix
02c98fae5f Use hq-generated provenance 2023-10-25 14:31:55 -04:00
Ed Minnix
1ad06f3293 Add missing GaloisCounterMode model 2023-10-25 14:31:55 -04:00
Ed Minnix
3b0b5e403c Replace crypto-parameter with credentials-key 2023-10-25 14:31:55 -04:00
Ed Minnix
a2bcc97a74 Remove CipherBlockChaining#init 2023-10-25 14:31:55 -04:00
Ed Minnix
743814a234 Delete private methods 2023-10-25 14:31:55 -04:00
Ed Minnix
c2d072e3f8 Remove redundant Cipher init methods 
Remove redundant `init` methods which are overriding `FeedbackCipher`
and `SymmetricCipher`.
 2023-10-25 14:31:54 -04:00
Ed Minnix
22d968fba3 Delete private methods 2023-10-25 14:31:54 -04:00
Ed Minnix
31b069041f Initialization vector models 2023-10-25 14:31:54 -04:00
Ed Minnix
a8eb95a688 Remove redundant engineUnwrap method models 
Most implementations of `engineUnwrap` are overriding the method from
`javax.crypto.CipherSpi`. Therefore, these models can be compressed into
a single model.
 2023-10-25 14:31:54 -04:00
Ed Minnix
64d23d4f9b Delete private methods 2023-10-25 14:31:54 -04:00
Ed Minnix
5b2d226c35 Remove unneeded models 2023-10-25 14:31:54 -04:00
Ed Minnix
1edca19419 Remove redundant KeyStoreSpi models 
`java.security.KeyStoreSpi` is an abstract class. This removes its
subclasses' models, and instead uses model-as-data's capability to use
subclasses.
 2023-10-25 14:31:54 -04:00
Ed Minnix
a85df81b67 Rename sink kind to "credentials-username" to match naming convention 2023-10-25 14:31:54 -04:00
Ed Minnix
0612b3795a Rename sink kind to "credentials-password" to match naming convention 2023-10-25 14:31:54 -04:00
Ed Minnix
b77b3763be Fix com.amazonaws.auth models 2023-10-25 14:31:54 -04:00
Ed Minnix
8eeb861963 ch.ethz.ssh2 fixes 2023-10-25 14:31:54 -04:00
Ed Minnix
083a5068c3 Remove unnecessary models 2023-10-25 14:31:53 -04:00
Ed Minnix
886c85ddc1 Fix net.schmizz.sshj models 2023-10-25 14:31:53 -04:00
Ed Minnix
3219edc603 Change credential-other to more appropriate sink kinds 2023-10-25 14:31:53 -04:00
Ed Minnix
6b94b77a0a Remove spaces in sig field of models 2023-10-25 14:31:53 -04:00
Ed Minnix
f8c3b2977a Fix credential-other 2023-10-25 14:31:53 -04:00
Ed Minnix
f783ca7940 Fix credential-username 2023-10-25 14:31:53 -04:00
Ed Minnix
96d6ecb108 Fix crypto parameters 2023-10-25 14:31:53 -04:00
Ed Minnix
35e19eac96 Fix password models 2023-10-25 14:31:53 -04:00
Ed Minnix
f7c07d55ed Credential-other sinks 2023-10-25 14:31:53 -04:00
Ed Minnix
49218cdbfb Credential-username models 2023-10-25 14:31:53 -04:00
Ed Minnix
18661eee77 Crypto-parameter models 2023-10-25 14:31:53 -04:00
Ed Minnix
66486b08dc Password models 2023-10-25 14:31:53 -04:00
Tony Torralba
9f7a8aa18c Update MaD Declarations after Triage 2023-10-24 17:42:03 +02:00
Tony Torralba
cd10dc8a27 Java: Added up to date models for Spring's ResponseEntity 2023-10-23 16:06:11 +02:00
Dave Bartolomeo
bd7de83aab Use extension packs for threat models 2023-10-19 17:07:26 -04:00
Edward Minnix III
15afc3ed64 Merge pull request #14491 from egregius313/egregius313/java/mad/convert-iv 
Java: Refactor `java/static-initialization-vector` to use Models as Data
 2023-10-17 13:15:45 -04:00
Stephan Brandauer
9d719aa44e Merge pull request #13444 from github/java/update-mad-decls-after-triage-2023-06-13T14-50-57 
Java: Update MaD Declarations after Triage
 2023-10-17 13:54:10 +02:00
Tony Torralba
3cd06b0026 More review suggestions 2023-10-17 11:54:32 +02:00
Tony Torralba
62a9ffd277 Apply suggestions from code review 2023-10-17 11:51:55 +02:00
Ed Minnix
3356261031 Static IV refactor to MaD 2023-10-13 12:50:49 -04:00
Edward Minnix III
a1d3667f1c Refactor Hudson file methods to MaD 2023-10-03 22:28:59 -04:00