hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,495 Commits 1,703 Branches 162 Tags
83c8e22225bf38297e6fc2e89abad8f3a4646891
Commit Graph

42495 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Edward Minnix III
83c8e22225 Apply suggestions from documentation review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2022-09-08 15:55:00 -04:00
Ed Minnix
59909751ae Change allowBackup tests to use qlref test format 
Due to some limitations of comments in XML, it is simpler to implement
the `android:allowBackup` tests using the qlref/expectations test format.
 2022-09-08 10:34:17 -04:00
Ed Minnix
e69a8269ad Move CleartextStorage test files into separate dir 
Move the files for the CleartextStorage tests into their own directory
to avoid issues with extraction
 2022-09-08 10:33:05 -04:00
Ed Minnix
09b723fc6d Formatting fixes for allowBackup tests 2022-09-07 13:30:19 -04:00
Ed Minnix
c69a2be976 Moved allowBackup query logic to allowsBackup pred 2022-09-07 12:08:25 -04:00
Ed Minnix
5206c792b0 Additional Unit tests for the allowBackup query 2022-09-07 12:07:48 -04:00
Edward Minnix III
f6c8144eed Update java/ql/src/Security/CWE/CWE-312/AllowBackupAttributeEnabled.ql 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-09-07 09:46:36 -04:00
Edward Minnix III
9ddfcf935b Update java/ql/src/change-notes/2022-08-18-android-allowbackup-query.md 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-09-07 09:46:16 -04:00
Ed Minnix
dca4cd221a Documentation cleanup for allowBackup query 2022-09-06 14:35:11 -04:00
Ed Minnix
0a83cedeb7 Unit tests for android:allowBackup query 2022-09-06 13:52:43 -04:00
Ed Minnix
6485e73cd3 Added documentation for providesMainIntent pred 2022-08-30 13:00:44 -04:00
Ed Minnix
500a6f3b86 Add check for files which provide the app launcher 
Adds support for filtering which applications include the
`android.intent.action.MAIN` intent.
 2022-08-30 12:54:26 -04:00
Ed Minnix
b5c54f5a3b Add check for android:allowBackup explicitly set 
`android:allowBackup` has a default value of `true`. So we want to flag
any file which explicitly sets it.
 2022-08-30 12:53:12 -04:00
Edward Minnix III
e6a1b1fab9 Rename allowBackup query id 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-08-24 15:54:13 -04:00
Ed Minnix
de36372d1c Refactor android:backupAllowed query 
Refactor the query to check for the nonexistence of the
`android:allowBackup` attribute being set to false.

The default value is true, so we need to check for it being explicitly
marked false.
 2022-08-24 15:54:13 -04:00
Ed Minnix
a036639ecd Added change notes 2022-08-24 15:54:13 -04:00
Ed Minnix
dad4a403db Add support for android:allowBackup default value 
The default value of `android:allowBackup` is `true`. Added support for
detecting if the default value is used.
 2022-08-24 15:54:13 -04:00
Ed Minnix
6509426fb3 android:allowBackup query documentation 2022-08-24 15:54:13 -04:00
Ed Minnix
44b0a2b8af Android allowBackup query 2022-08-24 15:54:13 -04:00
Ed Minnix
7d15af6caa Add allowBackup check to AndroidManifest 2022-08-24 15:54:13 -04:00
Ed Minnix
dac64eeca7 Query test files 2022-08-24 15:54:13 -04:00
Henry Mercer
d9c078060a Merge pull request #10159 from github/codeql-ci/js-atm-new-release 
JS: Bump version numbers of ML-powered packs after 0.3.1 release
 2022-08-24 16:50:41 +01:00
Jami
b3e88f8234 Merge pull request #9983 from jcogs33/android-implicit-export 
Java: query to detect implicitly exported Android components
 2022-08-24 10:52:50 -04:00
Henry Mercer
eb7091a6d3 Merge branch 'main' into codeql-ci/js-atm-new-release 2022-08-24 14:37:44 +01:00
Paolo Tranquilli
610c788e34 Merge pull request #10156 from github/redsun82/swift-import-optional-module 
Swift: make `ImportDecl:imported_module` optional
 2022-08-24 15:18:04 +02:00
github-actions[bot]
3af330dce9 JS: Bump version of ML-powered library and query packs to 0.3.2 2022-08-24 13:12:12 +00:00
github-actions[bot]
613c13c2bf JS: Bump patch version of ML-powered library and query packs 2022-08-24 13:03:14 +00:00
Mathias Vorreiter Pedersen
436fe65c7b Merge pull request #10155 from MathiasVP/swift-properties-as-callables 
Swift: Model property getters, setters and observers as callables
 2022-08-24 13:57:12 +01:00
Paolo Tranquilli
2ee8d1a9d3 Swift: implement optional ImportDecl:imported_module 2022-08-24 14:31:55 +02:00
Mathias Vorreiter Pedersen
06a39d2b93 Swift: Accept test change. 2022-08-24 13:29:17 +01:00
Paolo Tranquilli
7873f07fac Swift: define ImportDecl:imported_module optional 2022-08-24 14:26:29 +02:00
Mathias Vorreiter Pedersen
edb29b498d Swift: Teach 'DataFlowDispatch' about property getters, observers and setters. 2022-08-24 13:08:26 +01:00
Ian Lynagh
20ac15d549 Merge pull request #10152 from igfoo/igfoo/not-null-exprs 
Kotlin: Remove more not-null expressions
 2022-08-24 12:18:45 +01:00
Erik Krogh Kristensen
28d58be1b6 Merge pull request #10126 from erik-krogh/myApply 
JS: precise flow through calls to `.apply()`
 2022-08-24 12:55:36 +02:00
Mathias Vorreiter Pedersen
cee15277ce Merge pull request #10144 from MathiasVP/swift-extract-this-param-decl 
Swift: Extract `self` parameter declarations
 2022-08-24 11:17:51 +01:00
Ian Lynagh
b5f20e40fc Kotlin: Remove some more not-null-expressions 2022-08-24 11:13:27 +01:00
Ian Lynagh
8fe59e7ebc Kotlin: Remove another not-null-expr 2022-08-24 11:09:31 +01:00
Ian Lynagh
01f27ea331 Kotlin: Remove another not-null-expr 2022-08-24 11:07:10 +01:00
Michael Nebel
c514c8838d Merge pull request #9867 from michaelnebel/csharp/nosummary 
C#: Negative summaries (ie. no flow through)
 2022-08-24 12:06:05 +02:00
Ian Lynagh
940f18f5ae Kotlin: Remove another not-null-expr 2022-08-24 10:59:15 +01:00
Ian Lynagh
44501f5318 Kotlin: Remove another not-null-expr 2022-08-24 10:57:36 +01:00
Ian Lynagh
da7b7ce9f5 Kotlin: Remove some not-null-exprs 2022-08-24 10:55:31 +01:00
Ian Lynagh
623d87aaca Merge pull request #10142 from igfoo/igfoo/not-null-expr 
Kotlin: Remove some more non-null-expressions
 2022-08-24 10:37:37 +01:00
Ian Lynagh
8b4cf295bc Merge pull request #10110 from igfoo/igfoo/compression 
Kotlin: Add support for TRAP compression
 2022-08-24 10:37:20 +01:00
Arthur Baars
acff279e8d Merge pull request #10147 from github/aibaars-fix-go 
Go: fix tracing spec for windows
 2022-08-24 11:17:34 +02:00
Mathias Vorreiter Pedersen
1d50dd54ce Merge branch 'main' into swift-extract-this-param-decl 2022-08-24 10:14:18 +01:00
Paolo Tranquilli
f570cc1916 Merge pull request #10143 from github/redsun82/swift-add-module-to-decl 
Swift: add module to `Decl`
 2022-08-24 11:05:06 +02:00
Mathias Vorreiter Pedersen
de03fbdc49 Swift: Accept test changes. 2022-08-24 10:03:21 +01:00
Mathias Vorreiter Pedersen
997d9e8559 Swift: Include 'self' parameter declaration in the CFG. 2022-08-24 10:01:25 +01:00
Mathias Vorreiter Pedersen
09427af2a2 Swift: Accept test changes. 2022-08-24 10:01:25 +01:00