3633 Commits

Author	SHA1	Message	Date
Ian Lynagh	01475fd8ba	Merge pull request #16011 from igfoo/igfoo/legacy_vars ... Java/Kotlin: Remove references to legacy ODASA_SNAPSHOT env var	2024-03-22 12:38:37 +00:00
Arthur Baars	c219b1a3c7	Merge pull request #16013 from github/rc/3.13 ... Merge rc/3.13 into main	2024-03-21 16:04:58 +01:00
Ian Lynagh	1b3605754f	Java: Add a changenote for dropping ODASA_SNAPSHOT support	2024-03-21 13:38:54 +00:00
Michael Nebel	6619be3137	Merge pull request #15940 from michaelnebel/csharp/sourcesinktests ... C#: Source- and sink tests.	2024-03-21 08:12:16 +01:00
Dave Bartolomeo	bf46fa27d6	Merge remote-tracking branch 'origin/main' into dbartol/rc3.13-mergeback	2024-03-19 13:02:15 -04:00
Owen Mansel-Chan	b8608a1b1c	Merge pull request #15946 from owen-mc/java/more-manual-models ... Java: more manual models	2024-03-19 15:00:27 +00:00
Dave Bartolomeo	311ba8ea1b	Merge from main to resolve conflicts	2024-03-19 10:41:31 -04:00
Owen Mansel-Chan	7371f5e508	Provenance should be "df-manual"	2024-03-19 13:33:49 +00:00
Michael Nebel	70c6744944	Java/Go/Swift: Sync changes.	2024-03-19 14:20:43 +01:00
Tom Hvitved	fc55567d90	Merge pull request #15853 from hvitved/dataflow/get-location ... Data flow: Replace `hasLocationInfo` with `getLocation`	2024-03-18 20:21:46 +01:00
Owen Mansel-Chan	764e99bda7	Fix model for java.util.Scanner#findall(String) ... Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-03-18 16:56:20 +00:00
github-actions[bot]	aebe9f6992	Post-release preparation for codeql-cli-2.16.5	2024-03-18 12:16:26 +00:00
Owen Mansel-Chan	7fb05f4a76	Fix duplicate "df-" in "df-df-manual"	2024-03-18 11:17:55 +00:00
github-actions[bot]	0a6243d07b	Release preparation for version 2.16.5	2024-03-18 10:14:07 +00:00
Owen Mansel-Chan	754d4cd959	Fix model provenance to df-manual	2024-03-17 14:36:47 +00:00
Owen Mansel-Chan	23a58a0835	Add df-manual models related to existing df-manual models	2024-03-17 14:21:05 +00:00
Owen Mansel-Chan	fc367042ef	Fix df-manual model with wrong parameter type	2024-03-17 14:21:01 +00:00
Owen Mansel-Chan	8e52483beb	Add df-manual models in manually modeled classes	2024-03-15 10:10:23 +00:00
Owen Mansel-Chan	2bd08838d4	Add manual neutral models for java.lang.ClassLoader	2024-03-14 11:40:06 +00:00
Owen Mansel-Chan	5b734c76b6	Add manual neutral models for java.util.Locale and its subclasses	2024-03-14 11:39:59 +00:00
Tony Torralba	eecab9122a	Recognize the model generator involvement in the models' provenances	2024-03-14 08:56:23 +01:00
Tony Torralba	5b88b8a3ed	A few more neutrals	2024-03-14 08:53:58 +01:00
Tony Torralba	36f6a6fb10	Model more EnumSet methods as neutrals	2024-03-14 08:46:43 +01:00
Tony Torralba	039bea1625	Java: Add more neutral JDK models ... This is similar to https://github.com/github/codeql/pull/15766, in the sense that it adds neutral models to prevent the model generator from generating summaries for them. These models were spotted while evaluating https://github.com/github/codeql/pull/14919.	2024-03-13 16:59:38 +01:00
Tom Hvitved	02ae2d1520	Java: Implement new data flow interface	2024-03-13 14:41:57 +01:00
Edward Minnix III	d54489931c	Merge pull request #15869 from egregius313/egregius313/java/fix/parcelfiledescriptor-open-sink ... Java: Add path-injection sink for `ParcelFileDescriptor::open`	2024-03-12 16:39:20 -04:00
Erik Krogh Kristensen	863e3f79e5	Merge pull request #15731 from erik-krogh/java-url ... Java: More sanitizers for request-forgery	2024-03-12 19:31:52 +01:00
erik-krogh	f613823047	add explicit QLDoc that any method named "contains" is matched	2024-03-12 15:25:27 +01:00
erik-krogh	35aae0a981	move changenote to src/	2024-03-12 15:22:57 +01:00
Erik Krogh Kristensen	b53ae77c56	expand change-note ... Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2024-03-12 15:22:17 +01:00
erik-krogh	74876ff49b	add change-note	2024-03-12 15:07:36 +01:00
erik-krogh	52f71e4553	small fixes based on review	2024-03-12 15:07:29 +01:00
Ed Minnix	76aeee2820	Change note	2024-03-11 10:34:15 -04:00
Ed Minnix	61dbe26858	Add sinks for android.os.ParcelFileDescriptor	2024-03-11 10:31:51 -04:00
Tom Hvitved	da66281fef	Sync files	2024-03-11 13:02:04 +01:00
github-actions[bot]	dc9092c9ec	Post-release preparation for codeql-cli-2.16.4	2024-03-06 22:19:33 +00:00
github-actions[bot]	2f058ffb4d	Release preparation for version 2.16.4	2024-03-06 20:56:51 +00:00
Angela P Wen	ce31f8641a	Revert "Release preparation for version 2.16.4"	2024-03-06 12:07:33 -08:00
github-actions[bot]	661e68dab5	Release preparation for version 2.16.4	2024-03-05 18:13:58 +00:00
Angela P Wen	967963a653	Revert "Release preparation for version 2.16.4"	2024-03-05 08:53:33 -08:00
github-actions[bot]	a67218a027	Release preparation for version 2.16.4	2024-03-04 17:42:08 +00:00
Max Schaefer	1f3a3492ae	Merge pull request #15792 from github/max-schaefer-patch-1 ... Java: Fix sink type in hudson.model.yml	2024-03-04 13:08:47 +00:00
Owen Mansel-Chan	279605b486	Merge pull request #15786 from owen-mc/java/sensitive-logging-query-exclude-null-in-variable-name ... Java: sensitive logging query exclude null in variable name	2024-03-04 12:14:42 +00:00
Max Schaefer	52a36ce41c	Java: Fix sink type in hudson.model.yml	2024-03-04 11:53:37 +00:00
Owen Mansel-Chan	038afc4008	Merge pull request #15772 from owen-mc/java/model-generator-exclude-tostring ... Java: do not generate models for `toString` and lambda flow methods	2024-03-04 07:57:48 +00:00
Owen Mansel-Chan	c7efde3b7a	Remove variables with "null" in their name as sources	2024-03-03 20:55:04 +00:00
Owen Mansel-Chan	114c17ad57	Add more methods of java.util.Comparator	2024-03-02 20:55:30 +00:00
Owen Mansel-Chan	bf22c6dae0	Merge pull request #15766 from owen-mc/java/add-neutral-models ... Java: add neutral models	2024-03-02 06:00:33 +00:00
Owen Mansel-Chan	0a8dfbafe4	Accept suggestion to put models under the right heading ... Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2024-03-01 16:05:28 +00:00
Owen Mansel-Chan	df64e0bc5f	Add neutral summary models for java.security.MessageDigest#digest	2024-03-01 14:08:31 +00:00