hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 08:37:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
79,059 Commits 1,758 Branches 168 Tags
9f44cb23f135f98d36b0d4ec4aa4b07a97fcd1fd
Commit Graph

5551 Commits

Author SHA1 Message Date
github-actions[bot]
b961c5961d Release preparation for version 2.21.1 2025-04-14 09:53:06 +00:00
Mathias Vorreiter Pedersen
11aef7019e Merge pull request #19273 from MathiasVP/prepare-shared-mad-generation-for-cpp 
Shared: Prepare model generation for C++ adoption
 2025-04-11 07:22:56 -07:00
Mathias Vorreiter Pedersen
b6c658767e Java: Fixup MaD input. 2025-04-10 14:01:11 +01:00
Owen Mansel-Chan
acfcc6d490 Sort ids in java-code-quality.qls 2025-04-10 12:35:42 +01:00
Owen Mansel-Chan
576f4cf19f Update tags 2025-04-10 12:21:09 +01:00
Owen Mansel-Chan
ad89e7980e Tweak documentation 2025-04-10 12:21:08 +01:00
Owen Mansel-Chan
3ea5cc1b66 Add query to code-quality query suite 2025-04-10 12:21:06 +01:00
Owen Mansel-Chan
626a7d5007 Fix punctuation 2025-04-10 12:21:02 +01:00
Owen Mansel-Chan
c4e56b1ec8 Add quality and cwe tag to query 
CWE-1176: Inefficient CPU Computation
 2025-04-10 12:21:00 +01:00
Owen Mansel-Chan
042fe07494 Adjust alert message 2025-04-10 11:47:19 +01:00
Owen Mansel-Chan
fea3d10b97 Update qhelp 2025-04-10 11:47:18 +01:00
Owen Mansel-Chan
441c79ebdf Use existing class StringReplaceAllCall 2025-04-10 11:47:17 +01:00
Owen Mansel-Chan
ff2947a0e5 Adjust query name 2025-04-10 11:47:14 +01:00
Owen Mansel-Chan
041adcd63a Java: Add initial version of string replaceAll with no regex query 2025-04-10 11:46:59 +01:00
Tamas Vajk
6abff483da Java: Add explicit filtering for quality queries that should be included in security-and-quality 2025-04-08 16:47:41 +02:00
Tamas Vajk
259a09386e Move query suite selector logic to security-and-quality-suite 2025-04-08 16:47:41 +02:00
Jonas Jensen
118abd40c9 Java: add exclude-from-incremental tag to telemetry queries 
In the future, this tag should signal to the action that the queries
should be excluded from incremental scans because they are too slow
and/or produce too many results.

The three queries tagged here rely on global data-flow analysis to find
all XSS sinks. All other metric and diagnostic queries are fast enough
for incrementality.
 2025-04-02 14:19:45 -07:00
github-actions[bot]
10205cb990 Post-release preparation for codeql-cli-2.21.0 2025-04-01 11:30:43 +00:00
github-actions[bot]
84f6564cc0 Release preparation for version 2.21.0 2025-03-31 17:35:15 +00:00
Tamas Vajk
34e8318797 Rename the CCR query suite to code-quality 2025-03-27 08:36:53 +01:00
Tamás Vajk
b21968c495 Merge pull request #18947 from tamasvajk/tamasvajk/java_empty_method 
Java: Add new quality query to detect empty methods
 2025-03-26 09:33:47 +01:00
Tamás Vajk
a5fd2e923a Improve query documentation 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-03-24 11:03:43 +01:00
Nick Rolfe
361fbba39b Java: fix comma splice in alert message 2025-03-21 14:23:32 +00:00
mc
1f76793863 Merge branch 'main' into tamasvajk/java_empty_method 2025-03-21 10:01:10 +00:00
Chris Smowton
9a2a13ed55 Merge remote-tracking branch 'origin/main' into smowton/admin/merge-rc317-into-main 2025-03-19 16:01:29 +00:00
github-actions[bot]
51cdeefafb Post-release preparation for codeql-cli-2.20.7 2025-03-17 13:00:41 +00:00
github-actions[bot]
2d64a618e6 Release preparation for version 2.20.7 2025-03-17 12:15:54 +00:00
Owen Mansel-Chan
7702e9da7d Address review comments 2025-03-14 11:44:01 +00:00
Tamas Vajk
9662b47464 Move likely test method logic to library 2025-03-14 11:36:15 +01:00
Tamas Vajk
05502bc74e Change severity and precision 2025-03-14 11:36:14 +01:00
Tamás Vajk
30ff68dc71 Update java/ql/src/Language Abuse/EmptyMethod.md 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2025-03-14 11:36:14 +01:00
Tamas Vajk
2538ba82cc Revert message 2025-03-14 11:36:13 +01:00
Tamás Vajk
050ef405c1 Improve query help 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2025-03-14 11:36:12 +01:00
Tamas Vajk
24f129c12c Fix typo in QL help 2025-03-14 11:36:12 +01:00
Tamas Vajk
dea081b385 Add quality and cwe tag 2025-03-14 11:36:10 +01:00
Tamas Vajk
3be7044c6e Fix references in query help file 2025-03-14 11:36:10 +01:00
Tamas Vajk
3d4fcefe70 Do not accept empty default methods 2025-03-14 11:36:09 +01:00
Tamas Vajk
77400778ea Add change note 2025-03-14 11:36:08 +01:00
Tamas Vajk
3d2a72341b Improve ql code quality 2025-03-14 11:36:08 +01:00
Tamas Vajk
6512ed9429 Adjust alert message 2025-03-14 11:36:07 +01:00
Tamas Vajk
7476f19b09 Adjust query help 2025-03-14 11:36:06 +01:00
Tamas Vajk
349f48982a Make query more accepting 2025-03-14 11:36:06 +01:00
Tamas Vajk
a8063e1cd2 Adjust query name 2025-03-14 11:36:03 +01:00
Tamas Vajk
f7f8b47f12 Java: Add initial version of empty method query 2025-03-14 11:36:03 +01:00
Owen Mansel-Chan
6ca9a1ff9a Add change note 2025-03-13 15:05:32 +00:00
Owen Mansel-Chan
a8e993c942 Fix FP for always-locked fields 2025-03-13 15:03:32 +00:00
Jami
ea9b0462bf Merge pull request #18793 from jcogs33/jcogs33/java/spring-boot-actuators-promo 
Java: Promote Spring Boot Actuators query from experimental
 2025-03-11 14:42:14 -04:00
Jami
ad63dd946c Apply suggestions from docs review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-03-10 09:01:04 -04:00
Lukas Abfalterer
32e1589745 Update java/ql/src/change-notes/2025-03-03-fix-improper-intent-verification-query.md 
Co-authored-by: Edward Minnix III <egregius313@github.com>
 2025-03-06 09:57:16 +01:00
Jami Cogswell
0eec951218 Java: update change note to mention removal from Community Packs 2025-03-05 08:55:51 -05:00