hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-13 17:01:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,887 Commits 1,785 Branches 169 Tags
912dc9c0bd96b70922cdb161ab52c07c1827b8be
Commit Graph

25 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
17fded4aa5 Java: Delete old deprecated code. 2026-05-04 10:52:27 +02:00
Owen Mansel-Chan
766e908c79 Accept MaD sanitizers for existing sink kinds 2026-01-06 14:38:27 +00:00
Nora Dimitrijević
a0975e7e19 Constrain location overrides to actual sources/sinks 2025-10-28 09:42:20 +01:00
Nora Dimitrijević
4482e831d7 Java/CommandLineQuery 
85a4dd0325/java/ql/src/Security/CWE/CWE-078/ExecTainted.ql

857b51be58/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql

b6e56f26c7/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql
 2025-10-28 09:39:39 +01:00
Jonas Jensen
7ad6f13bf5 Java: adjust CommandLineQuery locations 
It turns out these locations need to be precise.
 2025-01-31 11:37:16 +01:00
Jonas Jensen
2561cec80c Java: Diff-informed CommandLineQuery 2024-12-20 11:22:56 +01:00
Rasmus Wriedt Larsen
8c10155eb7 mass rename to ActiveThreatModelSource 2024-09-12 10:16:55 +02:00
erik-krogh
0fdd06fff5 use my script to delete outdated deprecations 2024-09-03 20:30:58 +02:00
Michael Nebel
85a4dd0325 Java: Deprecate the local content of CommandLineQuery and remove the exec tainted local query variant. 2024-05-01 13:07:20 +02:00
Ed Minnix
fb80c5ea84 Rename SimpleScalarSanitizer to SimpleTypeSanitizer 2024-01-22 23:55:29 -05:00
Ed Minnix
696788e5b2 Rename semmle.code.java.security.dataflow.CommonSanitizers to semmle.code.java.security.Sanitizers 2024-01-22 23:52:19 -05:00
Ed Minnix
67dfca2e58 Convert libraries to use instanceof SimpleScalarSanitizer 2024-01-22 23:38:26 -05:00
Michael Nebel
40e63a63e2 Java: Re-factor most queries and tests to use threat models. 2023-10-04 14:01:58 +02:00
Kristen Newbury
5e01e1d464 Java: add sanitizer to command injection query 2023-08-21 12:33:05 -04:00
Tony Torralba
a276cc3094 Convert all command injection sinks to MaD format 2023-05-25 11:41:32 +02:00
Tony Torralba
3102199a69 Make LocalUserInputToArgumentToExecFlowConfig and LocalUserInputToArgumentToExecFlow importable 2023-03-30 10:24:23 +02:00
Tony Torralba
534725f9eb Add command injection sink kind 2023-03-30 10:17:35 +02:00
Ed Minnix
744f2653f0 Add QLdoc for RemoteUserInputToArgumentToExecFlow 2023-03-29 11:45:09 -04:00
Ed Minnix
25359d2218 Deprecate execTainted 2023-03-29 11:45:09 -04:00
Ed Minnix
dcd703f1a9 Update to the TaintTracking::Global api 2023-03-29 11:45:09 -04:00
Ed Minnix
bbf7c67f9b Remove unnecessary private markers (CommandLine and Request forgery) 2023-03-29 11:45:09 -04:00
Ed Minnix
0249890747 Refactor CommandLineQuery.qll 2023-03-29 11:45:09 -04:00
Alvaro Muñoz Sanchez
9ccd0e564b Add QLDocs 2022-04-06 12:00:41 +02:00
Alvaro Muñoz Sanchez
19b8d51c0b Update CommandLineQuery 
Make TaintTracking configuration public
 2022-04-06 10:58:56 +02:00
Andrew Eisenberg
8e750f18ad Packaging: Java refactoring 
Split java pack into `codeql/java-all` and `codeql/java-queries`.
 2021-08-19 14:09:35 -07:00