8904 Commits

Author	SHA1	Message	Date
Tom Hvitved	9f798902bd	Data flow: Add consistency check for DataFlowCall::getEnclosingCallable	2023-03-16 08:40:53 +01:00
Henry Mercer	720eed398b	Merge pull request #12523 from github/henrymercer/polish-diagnostics ... Polish diagnostic messages	2023-03-15 15:06:52 +00:00
Anders Schack-Mulligen	bc9942eb75	Merge pull request #12530 from aschackmull/java/refactor-dataflow-queries-3 ... Java: Refactor more dataflow queries to the new API (take 3)	2023-03-15 14:57:29 +01:00
Anders Schack-Mulligen	6408d7cbbe	Java: Refactor RsaWithoutOaep.	2023-03-15 10:37:54 +01:00
Anders Schack-Mulligen	b3b5c2c767	Java: Refactor UnsafeContentUriResolution.	2023-03-15 10:32:58 +01:00
Anders Schack-Mulligen	4b814ec71c	Java: Refactor SensitiveCommunication.ql.	2023-03-15 10:32:35 +01:00
Anders Schack-Mulligen	ca8e013618	Java: Refactor FragmentInjection.	2023-03-15 10:23:21 +01:00
Anders Schack-Mulligen	5bd530f570	Java: Refactor IntentUriPermissionManipulation.	2023-03-15 10:13:28 +01:00
Anders Schack-Mulligen	b14b95cd79	Java: Refactor LogInjection	2023-03-15 10:10:02 +01:00
Anders Schack-Mulligen	abf3abdc65	Java: Delete DataFlowForOnActivityResult.	2023-03-15 09:47:21 +01:00
Anders Schack-Mulligen	bea7c43584	Java: Delete DataFlowForSerializability	2023-03-15 09:42:02 +01:00
Anders Schack-Mulligen	e8a7139020	Merge pull request #12476 from aschackmull/java/refactor-dataflow-queries-2 ... Java: Refactor more dataflow queries to the new API	2023-03-15 09:40:32 +01:00
Arthur Baars	fbe9823a42	Merge branch 'main' into henrymercer/polish-diagnostics	2023-03-14 23:42:33 +01:00
Henry Mercer	6fbc8261f2	Java: Add a full stop	2023-03-14 17:03:42 +00:00
Henry Mercer	770924455e	Java: Use Dotcom help links	2023-03-14 17:00:48 +00:00
Henry Mercer	ce96f009b7	Java: Capitalise HTTPS	2023-03-14 16:58:24 +00:00
Henry Mercer	819e0dfbf0	Java: Use "relevant" instead of "suspicious"	2023-03-14 16:54:14 +00:00
Henry Mercer	110cb64b7a	Java: Avoid reference to other diagnostics	2023-03-14 16:52:58 +00:00
Henry Mercer	4c329b7b62	Java: Remove "please" in diagnostics ... Per review from docs team	2023-03-14 16:46:06 +00:00
Anders Schack-Mulligen	30163e4f60	Merge pull request #12515 from aschackmull/java/neutral-dispatch ... Java: Remove low-confidence dispatch to known neutrals.	2023-03-14 15:35:05 +01:00
Tom Hvitved	c132891669	Merge pull request #12513 from hvitved/dataflow/lambda-flow-no-expects-content ... Data flow: Exclude `expectsContent` nodes from lambda flow	2023-03-14 15:28:35 +01:00
Ian Lynagh	32e8b130ad	Merge pull request #12501 from tamasvajk/java/javadoc_printast ... Java: Fix printAST to handle javadoc belonging to multiple elements	2023-03-14 13:42:22 +00:00
Anders Schack-Mulligen	a9d2b936af	Java: Add qldoc.	2023-03-14 14:15:15 +01:00
Anders Schack-Mulligen	dbfc256f40	Java: Remove low-confidence dispatch to known neutrals.	2023-03-14 11:34:07 +01:00
Edward Minnix III	de1ecf943e	Merge pull request #11915 from egregius313/egregius313/arbitrary-apk-installation ... Java: Arbitrary APK installation	2023-03-14 06:23:51 -04:00
Tom Hvitved	bdd56f1b6e	Data flow: Sync files	2023-03-14 10:01:56 +01:00
github-actions[bot]	2c93ab99d8	Add changed framework coverage reports	2023-03-14 00:15:57 +00:00
Anders Schack-Mulligen	5792b4d363	Merge pull request #12503 from aschackmull/java/qltest-callback-instance-sideeffect ... Java: Add a qltest demonstrating side-effect on a callback instance.	2023-03-13 17:26:12 +01:00
Ian Lynagh	70b85a3e00	Merge pull request #12431 from igfoo/igfoo/double_interception ... Kotlin: Test double interceptions	2023-03-13 14:30:49 +00:00
Tamas Vajk	c57fcfb8fb	Java: Fix printAST to handle javadoc belonging to multiple elements	2023-03-13 14:26:33 +01:00
Tony Torralba	705691b096	Merge pull request #12446 from github/java/update-mad-decls-after-triage-2023-03-08T14-51-59 ... Java: Update MaD Declarations after Triage	2023-03-13 14:07:59 +01:00
Anders Schack-Mulligen	f54b02edb3	Java: Add a qltest demonstrating side-effect on a callback instance.	2023-03-13 13:22:18 +01:00
Anders Schack-Mulligen	0c95ab2cdc	Merge pull request #12474 from hvitved/dataflow/call-back-post-update ... Data flow: Synthesize post-update nodes for callback arguments inside summarized callables	2023-03-13 13:21:52 +01:00
Ian Lynagh	4fbc747f93	Kotlin: Move kotlin_double_interception test to posix_only ... It's failing on Windows	2023-03-13 11:57:57 +00:00
Ian Lynagh	fd8f7e071b	Kotlin: Tweak double_interception test	2023-03-13 11:57:57 +00:00
Ian Lynagh	fae4a8f37b	Kotlin: double interception test: Fix for old python versions	2023-03-13 11:57:57 +00:00
Ian Lynagh	8b6047dfd1	Kotlin: Handle double-interceptions without failing	2023-03-13 11:57:57 +00:00
Ian Lynagh	81e71c4669	Kotlin: Add a test for double niterception	2023-03-13 11:57:57 +00:00
Erik Krogh Kristensen	060c37b6a2	Merge pull request #12345 from erik-krogh/delOldDeps ... delete old deprecations	2023-03-13 12:48:24 +01:00
Tamas Vajk	e44aca0b33	Java: Add printAST test with javadoc	2023-03-13 12:02:50 +01:00
Anders Schack-Mulligen	7c0e89ffdd	Java: Refactor ArithmeticTainted.ql, TempDirLocalInformationDisclosure.ql	2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen	da273269cb	Java: Refactor PolynomialReDoS.ql	2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen	c380ecbbbc	Data flow: Add change notes.	2023-03-13 11:09:13 +01:00
erik-krogh	6c1ebd999e	Merge branch 'main' into delOldDeps	2023-03-13 11:00:29 +01:00
Tony Torralba	e834f9302e	Fix Apache Commons HTTP Client and SQL Injection tests	2023-03-13 09:36:53 +01:00
Ed Minnix	59eea2a4a3	Change FlowState classes to use IPAs instead of string	2023-03-10 15:24:04 -05:00
Ed Minnix	b6eeac5bc8	Update names to new naming convention	2023-03-10 15:13:58 -05:00
Edward Minnix III	e2acc26419	Apply docs review suggestions ... - Punctuation - Rewording Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2023-03-10 09:47:47 -05:00
Anders Schack-Mulligen	1e64748ffe	Dataflow: Autoformat.	2023-03-10 15:12:19 +01:00
Anders Schack-Mulligen	a836444bc6	Dataflow: Add some qldoc.	2023-03-10 14:56:54 +01:00