codeql

mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00

Author	SHA1	Message	Date
Jami Cogswell	6bb865ad05	Java: make numeric flow models neutral	2023-01-11 18:04:43 -05:00
Jami Cogswell	0c7ffb0554	Java: update System.getProperty model	2023-01-11 12:04:22 -05:00
Pierre	c3116b3f0f	Merge branch 'main' into turbo/experimental/combined	2023-01-11 18:02:55 +01:00
Jami Cogswell	2a99af0e6d	Java: remove summary model for String.endsWith	2023-01-11 10:58:46 -05:00
Jami Cogswell	99ee6c95a1	Java: remove models for Consumer.accept and Collectors.toMap	2023-01-11 10:44:38 -05:00
Jami Cogswell	ac064ac2a7	Java: remove model for Collectors.joining	2023-01-11 10:30:49 -05:00
Michael Nebel	7e4f7a0c17	C#: Address review comments and sync files.	2023-01-11 16:29:24 +01:00
Michael Nebel	8112058a0a	Java: Adapt TopJdpApi library to the re-factor.	2023-01-11 16:20:55 +01:00
Michael Nebel	6a047d6916	Java: Re-factor provenance related predicates for summarized callable.	2023-01-11 16:20:55 +01:00
Michael Nebel	ea173f9516	Sync files.	2023-01-11 16:20:55 +01:00
Michael Nebel	11ca3f49f6	C#/Java: Adjust imports after moving files.	2023-01-11 13:13:33 +01:00
Michael Nebel	787b4743ee	C#/Java: Rename the directories containing the model generator and tests.	2023-01-11 13:13:33 +01:00
Michael Nebel	178fd0e9e1	C#/Java: Remove all dashes in mode-generator.	2023-01-11 13:13:33 +01:00
Jami Cogswell	181a711f04	Java: switch Collectors.joining model from neutral to summary	2023-01-10 21:06:03 -05:00
Jami Cogswell	faae811be7	Java: try simplification of paramsString and paramsStringPart	2023-01-10 13:35:52 -05:00
Jami Cogswell	65aa064838	Java: update paramsString qldoc	2023-01-10 13:33:47 -05:00
Edward Minnix III	ce06df3152	Merge pull request #11628 from egregius313/egregius313/android-webview-addjavascriptinterface-dataflow Java: Add parameters of methods annotated @JavascriptInterface as remote flow sources	2023-01-10 12:41:52 -05:00
Florin Coada	4c1c12dd70	suggestions in list format	2023-01-10 11:18:56 -05:00
Jonathan Leitschuh	1d7881e03f	Apply suggestions from code review Co-authored-by: Chris Smowton <smowton@github.com>	2023-01-10 11:18:56 -05:00
Tony Torralba	b7364f5428	Update UnsafeDeserialization.qhelp Move the table under <recommendation>, minor fixes.	2023-01-10 11:18:56 -05:00
Jonathan Leitschuh	3fa11c21c3	[Java] Document fixes for deserialization vulnerabilities by framework Related https://github.com/github/codeql/issues/11603	2023-01-10 11:18:56 -05:00
Ian Lynagh	3367da82c4	Kotlin: Accept test changes We get better locations with Kotlin 1.8.0.	2023-01-10 14:41:30 +00:00
Ian Lynagh	b7eb521fa0	Kotlin: Fix custom_plugin test for Kotlin 1.8.0	2023-01-10 14:41:30 +00:00
Ian Lynagh	c71ea80029	Kotlin: Accept test changes We now get better locations, with Kotlin 1.8.0.	2023-01-10 14:41:30 +00:00
Ian Lynagh	20b35e5d02	Kotlin: 1.8.0 changes	2023-01-10 14:41:30 +00:00
Ian Lynagh	c4119761cc	Kotlin: Another 1.8 build fix	2023-01-10 14:41:30 +00:00
Ian Lynagh	89b3363761	Kotlin: Bump CI version to 1.8.0-Beta	2023-01-10 14:41:30 +00:00
Ian Lynagh	b51c3aae85	Kotlin: Logs test: Allow for -Beta versions etc when parsing the logs	2023-01-10 14:41:29 +00:00
Ian Lynagh	6fbda1a9f0	Kotlin: Accept test changes with 1.8	2023-01-10 14:41:29 +00:00
Ian Lynagh	f7d8d16ed3	Kotlin: Fix build for 1.8.0-Beta The build no longer works for Kotlin < 1.8: We get error: class 'org.jetbrains.kotlin.ir.IrElement' was compiled with an incompatible version of Kotlin. The binary version of its metadata is 1.8.0, expected version is 1.6.0.	2023-01-10 14:41:29 +00:00
Tony Torralba	32471d326e	Java: Remove omittable exists variables	2023-01-10 13:37:19 +01:00
Tony Torralba	da90ae0e8f	Update java/ql/lib/semmle/code/java/dataflow/FlowSources.qll	2023-01-10 11:18:53 +01:00
Michael Nebel	16cd148961	Merge pull request #11711 from michaelnebel/externalflowcleanup C#/Java: Delete deprecated ModelCsv classes and related predicates.	2023-01-10 10:22:50 +01:00
Ed Minnix	293a203756	Move JavascriptInterfaceMethod to WebView.qll	2023-01-09 15:10:23 -05:00
Ed Minnix	909b1d70d9	Rename files to say "Allow" instead of "Permit"	2023-01-09 10:11:03 -05:00
Ed Minnix	c723df3ca7	Fix alert message in expected file	2023-01-09 10:08:19 -05:00
Ed Minnix	f626d4794a	Change wording from "permit" to "allow" in id and name	2023-01-09 10:03:12 -05:00
Ed Minnix	972b4629c8	Fix typo in change note	2023-01-09 10:01:38 -05:00
Ed Minnix	64668883a4	Add good example to documentation	2023-01-09 09:59:38 -05:00
Ed Minnix	2ec73c50f9	Mention WebView in alert message	2023-01-09 09:55:09 -05:00
Chris Smowton	e9bbb5d7fa	Merge pull request #11730 from smowton/smowton/admin/improve-sql-unescaped-docs Java: improve naming and description of SqlUnescaped.ql	2023-01-09 12:50:27 +00:00
yoff	c01ce955ba	Merge pull request #11778 from yoff/shared/inline-tests Shared: Inline test expectations	2023-01-09 13:21:18 +01:00
Chris Smowton	2e26fb1171	Merge pull request #11819 from smowton/smowton/admin/port-java-autobuilder-tests Add Java autobuilder integration tests	2023-01-09 12:17:39 +00:00
Chris Smowton	efe23c1da7	Note that alerts should not be re-raised	2023-01-09 10:56:13 +00:00
Chris Smowton	994a46289f	Add change note	2023-01-09 10:56:13 +00:00
Chris Smowton	ef27f9fe96	Replace one more mention of escaping	2023-01-09 10:56:13 +00:00
Chris Smowton	45c732a6f9	Java: improve naming and description of SqlUnescaped.ql Since the main thing it's objecting to is concatenation not lack of escaping (in particular it doesn't look for escaping sanitizers), rename and re-describe it accordingly.	2023-01-09 10:56:13 +00:00
Jami Cogswell	a3c7b2c3a2	Java: move java.lang.Math.min to the correct file	2023-01-06 14:35:09 -05:00
Jami	f5e5f6dfd1	Merge pull request #11821 from jcogs33/jcogs33/fix-mad-typos Java: fix typos in MaD row `name` columns for `MappingSqlQuery` and `MappingSqlQueryWithParameters`	2023-01-06 07:59:30 -05:00
github-actions[bot]	cdb8f67601	Post-release preparation for codeql-cli-2.12.0	2023-01-06 10:36:34 +00:00

... 3 4 5 6 7 ...

8810 Commits