hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 21:21:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,366 Commits 1,688 Branches 160 Tags
783676566cabf96c67deeb02ff9ee9567f123e68
Commit Graph

4775 Commits

Author SHA1 Message Date
github-actions[bot]
4142b9c4ce Release preparation for version 2.24.0 2026-01-19 14:49:14 +00:00
Owen Mansel-Chan
a5d9cb179a Merge pull request #20930 from owen-mc/java/spring-rest-template-request-forgery-sinks 
Java: add more Spring RestTemplate request forgery sinks
 2026-01-15 14:23:15 +00:00
Owen Mansel-Chan
97e0b4e9fd Use parameter name to only select correct overloads 2026-01-15 10:36:03 +00:00
Anders Schack-Mulligen
c632e8f188 Merge pull request #20448 from github/alexet/avoid-path-node-java 
Java: Eliminate pointless use of PathNodes over DataFlow::Node
 2026-01-15 10:55:09 +01:00
Mauro Baluda
f71b6c1bfd Improved models for Supplier arguments 2026-01-14 12:32:42 +01:00
Mauro Baluda
4b7662f652 Merge branch 'main' into couchdb 2026-01-13 21:50:44 +01:00
Mauro Baluda
d335f039ef Improve model for CWE-089 2026-01-13 21:48:43 +01:00
Ian Lynagh
63f78e7609 Merge pull request #21156 from igfoo/igfoo/mb 
Merge rc/3.20 into main
 2026-01-13 12:11:37 +00:00
Mauro Baluda
dda042f7df rename change notes 2026-01-13 13:07:14 +01:00
Anders Schack-Mulligen
9c1351c3fe Merge pull request #21149 from aschackmull/java/typeflow-partially-unbound 
Java: Add TypeFlow base case for partially unbound types.
 2026-01-13 12:31:38 +01:00
Ian Lynagh
dcd0a69759 Merge remote-tracking branch 'upstream/main' into igfoo/mb 2026-01-13 01:01:35 +00:00
Anders Schack-Mulligen
8e2d74a7b1 Java: Add TypeFlow base case for partially unbound types. 2026-01-12 12:45:06 +01:00
Mauro Baluda
0464e64469 Merge branch 'github:main' into couchdb 2026-01-09 17:24:01 +01:00
Mauro Baluda
4c8058d97b Merge branch 'github:main' into couchdb 2026-01-09 17:20:40 +01:00
Chris Smowton
634e9e6c39 Reapply "Change note" 
This reverts commit 688f10daf1.
 2026-01-09 13:42:48 +00:00
Owen Mansel-Chan
d7acb75f9d Merge pull request #21055 from owen-mc/java/allow-mad-barriers 
Java: allow MaD barriers
 2026-01-09 10:27:48 +00:00
Owen Mansel-Chan
8c9318b1a0 Minor tweaks to QLDocs 2026-01-09 09:38:10 +00:00
Owen Mansel-Chan
8a80158959 Merge pull request #17590 from Kwstubbs/java-mad-test 
Java: FileUpload Support MaD
 2026-01-08 13:33:55 +00:00
yoff
608fa1a0a3 Merge pull request #20910 from yoff/java/more-thread-safe-initialisers 2026-01-08 13:16:39 +01:00
Chris Smowton
d048d394b4 Merge pull request #21117 from smowton/smowton/admin/revert-java-paths-directives 
Java: revert filtering of ancillary data extraction
 2026-01-07 16:13:21 +00:00
Owen Mansel-Chan
6a3c74c989 Merge pull request #20999 from joefarebrother/java-spring-websocket 
Java: Add models for spring WebSocketHandler
 2026-01-07 13:29:19 +00:00
Chris Smowton
688f10daf1 Revert "Change note" 
This reverts commit 6fb6923f63.
 2026-01-07 13:20:17 +00:00
Owen Mansel-Chan
6c291e1e7f Add model for handlePongMessage and update test 2026-01-07 11:09:59 +00:00
github-actions[bot]
2cb932cf5d Post-release preparation for codeql-cli-2.23.9 2026-01-06 15:42:16 +00:00
Owen Mansel-Chan
766e908c79 Accept MaD sanitizers for existing sink kinds 2026-01-06 14:38:27 +00:00
Owen Mansel-Chan
81667d741a Rename classes for external sanitizers 2026-01-06 14:36:54 +00:00
Chris Smowton
6fb6923f63 Change note 2026-01-06 10:59:06 +00:00
github-actions[bot]
c00663766e Release preparation for version 2.23.9 2026-01-05 11:57:06 +00:00
Mauro Baluda
1e1fb43534 Update JsonObject put method signatures in YAML 
Use erased type
 2026-01-02 11:55:40 +01:00
Owen Mansel-Chan
bf79b8a792 Merge branch 'main' into java-mad-test 2026-01-01 23:34:45 +00:00
Mauro Baluda
15ee88ee24 SQLi test case 2025-12-24 20:30:21 +01:00
Mauro Baluda
fd78c949d3 Merge branch 'github:main' into couchdb 2025-12-22 20:25:41 +01:00
Mauro Baluda
b22077c371 Hardcoded credentials in CouchBase 2025-12-22 20:22:20 +01:00
yoff
cbc0100675 Apply suggestion from @Copilot 2025-12-16 10:11:05 +01:00
yoff
c6240e5a99 java: understand more initializers 
Whne a fiels is assigned a safe type in a constructor,
that field is not exposed.
 2025-12-16 10:11:05 +01:00
Tom Hvitved
d709343d38 Merge pull request #21011 from aschackmull/mad/shared-externalflow 
Java/C++/Go/C#: Share parts of ExternalFlow.qll
 2025-12-15 20:27:04 +01:00
Óscar San José
2824c98efb Merge pull request #21025 from github/oscarsj/mergeback-rc-3-20-into-main 
Mergeback rc/3.20 into main
 2025-12-15 11:59:58 +01:00
Anders Schack-Mulligen
64a48e4e7b MaD: Use "namespace" instead "package" in shared code. 2025-12-12 13:57:02 +01:00
Anders Schack-Mulligen
7f8d0771df MaD: Rename file. 2025-12-12 13:50:58 +01:00
Óscar San José
d972af9ef8 Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main 2025-12-12 13:22:08 +01:00
Tom Hvitved
0b81d44ec7 Rust: Apply same filtering of generated summaries as in C# and Java 2025-12-12 11:16:16 +01:00
Anders Schack-Mulligen
5bddc8d289 Go: Move Go package-grouping support into shared lib. 2025-12-12 09:17:51 +01:00
Anders Schack-Mulligen
07252519c8 Java/C++: Thread additional models through the shared lib. 2025-12-12 08:20:20 +01:00
Anders Schack-Mulligen
47dcf05a32 C++/Go/Java: Don't import top-level extensible predicates. 2025-12-12 08:20:19 +01:00
Anders Schack-Mulligen
3b334ea215 Java/C#: Share model coverage code. 2025-12-12 08:20:19 +01:00
Anders Schack-Mulligen
cb578e32ab Java: Move interpretModelForTest into shared code. 2025-12-12 08:20:17 +01:00
Anders Schack-Mulligen
4066c0d84a Java: Fix input/output naming. 2025-12-11 16:24:29 +01:00
Owen Mansel-Chan
87f58fe51a Convert regex injection barrier to MaD 2025-12-11 16:24:29 +01:00
Owen Mansel-Chan
44295e4c7d Convert XSS barrier to MaD 2025-12-11 16:24:28 +01:00
Owen Mansel-Chan
7e562f3150 Convert request forgery barrier guard to MaD 2025-12-11 16:24:28 +01:00