hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-12 21:21:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,325 Commits 1,688 Branches 160 Tags
a11693268ba01ba2120dc53dd4237ed9f8ccaeea
Commit Graph

4387 Commits

Author SHA1 Message Date
Mauro Baluda
5cef0376a9 Update java/ql/test/query-tests/security/CWE-798/semmle/tests/HardcodedCouchBaseCredentials.java 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-01-14 11:50:52 +01:00
Mauro Baluda
9efefa6120 Fix test expectations 2026-01-13 22:46:42 +01:00
Mauro Baluda
29f23ee192 Fix extraction error 2026-01-13 22:33:01 +01:00
Mauro Baluda
4b7662f652 Merge branch 'main' into couchdb 2026-01-13 21:50:44 +01:00
Mauro Baluda
d335f039ef Improve model for CWE-089 2026-01-13 21:48:43 +01:00
Mauro Baluda
89f0e79ea1 Fix SqlTainted test 2026-01-13 13:55:14 +01:00
Mauro Baluda
dda042f7df rename change notes 2026-01-13 13:07:14 +01:00
Anders Schack-Mulligen
9c1351c3fe Merge pull request #21149 from aschackmull/java/typeflow-partially-unbound 
Java: Add TypeFlow base case for partially unbound types.
 2026-01-13 12:31:38 +01:00
Anders Schack-Mulligen
8b555ca514 Java: Add test. 2026-01-13 11:20:13 +01:00
Mauro Baluda
4c8058d97b Merge branch 'github:main' into couchdb 2026-01-09 17:20:40 +01:00
Owen Mansel-Chan
8a80158959 Merge pull request #17590 from Kwstubbs/java-mad-test 
Java: FileUpload Support MaD
 2026-01-08 13:33:55 +00:00
yoff
608fa1a0a3 Merge pull request #20910 from yoff/java/more-thread-safe-initialisers 2026-01-08 13:16:39 +01:00
Owen Mansel-Chan
6a3c74c989 Merge pull request #20999 from joefarebrother/java-spring-websocket 
Java: Add models for spring WebSocketHandler
 2026-01-07 13:29:19 +00:00
Owen Mansel-Chan
6c291e1e7f Add model for handlePongMessage and update test 2026-01-07 11:09:59 +00:00
Owen Mansel-Chan
bf79b8a792 Merge branch 'main' into java-mad-test 2026-01-01 23:34:45 +00:00
Kevin Stubbings
f73f1a7aa9 Add additional test 2025-12-29 07:09:31 +00:00
Mauro Baluda
15ee88ee24 SQLi test case 2025-12-24 20:30:21 +01:00
Mauro Baluda
fd78c949d3 Merge branch 'github:main' into couchdb 2025-12-22 20:25:41 +01:00
Mauro Baluda
b22077c371 Hardcoded credentials in CouchBase 2025-12-22 20:22:20 +01:00
yoff
c6240e5a99 java: understand more initializers 
Whne a fiels is assigned a safe type in a constructor,
that field is not exposed.
 2025-12-16 10:11:05 +01:00
yoff
a65d385297 java: add tests for thread safe initialisation 
Co-authored-by: Raúl Pardo <raul.pardo@protonmail.com>
 2025-12-16 10:11:05 +01:00
Anders Schack-Mulligen
eaa96864f7 Java: Extend test to cover assertion-like barrier guards. 2025-12-10 12:23:52 +01:00
Joe Farebrother
94fcee5340 minor formatting tweak 2025-12-09 14:15:36 +00:00
Joe Farebrother
d98e660803 Test fixes + more tests 2025-12-09 14:13:28 +00:00
Joe Farebrother
1d61da51a6 Generate stubs 2025-12-09 14:13:02 +00:00
Joe Farebrother
a594ca9de8 Add tests 2025-12-09 14:12:45 +00:00
Owen Mansel-Chan
5c8ab1f6d1 Merge pull request #20956 from owen-mc/java/improve-regex-sanitizer 
Java: improve regex sanitizer for `java/ssrf`
 2025-12-04 15:32:12 +00:00
Anders Schack-Mulligen
dc6d3fe7ba Use flowFrom. 2025-12-03 14:04:18 +01:00
Owen Mansel-Chan
a85d0ea8a3 Make tests pass 2025-12-02 17:08:16 +00:00
Owen Mansel-Chan
8fd8fc07b7 Add failing tests for more regex match methods 2025-12-02 17:06:34 +00:00
Owen Mansel-Chan
1a59839f3c Range library recognises long literals now 2025-11-24 14:10:54 +00:00
Owen Mansel-Chan
ec381e4ec5 Use range analysis and improve tests 2025-11-21 10:31:50 +00:00
aegilops
e904520779 Fixed formatting 2025-11-20 17:34:42 +00:00
Paul Hodgkinson
801cd72965 Merge branch 'main' into java-kotlin-sensitive-logging-substring-barriers 2025-11-20 12:24:22 +00:00
aegilops
1e67907516 Merge commit 2025-11-20 12:22:39 +00:00
aegilops
62ee6d3a33 Made changes requested by reviewers - bounded() for range checking, style and better comments 2025-11-20 11:46:42 +00:00
Anders Schack-Mulligen
fe7be22478 Merge pull request #20761 from aschackmull/java/ssa-shared 
Java: Replace SSA wrapper classes with shared implementation.
 2025-11-18 13:31:50 +01:00
Paul Hodgkinson
7b25e22a37 Merge branch 'main' into java-kotlin-sensitive-logging-substring-barriers 2025-11-17 11:03:39 +00:00
aegilops
fa703e3e60 Test cases for sensitive logging sanitizer 2025-11-14 16:53:46 +00:00
Owen Mansel-Chan
f22429de2d Merge branch 'main' into java-mad-test 2025-11-13 10:06:14 +00:00
Owen Mansel-Chan
7b533db4fb Sort models and tests alphabetically 2025-11-12 15:10:29 +00:00
Owen Mansel-Chan
f598027cbd Apply suggestions from code review 2025-11-12 15:02:42 +00:00
Anders Schack-Mulligen
d6800394fa Guards: Support disjunctive implications. 2025-11-12 14:14:32 +01:00
Anders Schack-Mulligen
2192d75286 Java: Add test for a known FP. 2025-11-12 14:08:18 +01:00
Anders Schack-Mulligen
109a5eb7e7 Java: Accept qltest changes due to dropped UntrackedDef. 2025-11-12 09:06:21 +01:00
Anders Schack-Mulligen
e059ded133 Java: Accept toString changes in qltest. 2025-11-12 09:06:21 +01:00
Anders Schack-Mulligen
f0bd0346f0 Java: Replace usages of SsaVariable. 2025-11-12 09:06:19 +01:00
Anders Schack-Mulligen
f4b9efcdce Java: Replace getAUse with getARead. 2025-11-12 09:06:18 +01:00
Anders Schack-Mulligen
35caede859 Java: Replace SsaPhiNode with SsaPhiDefinition. 2025-11-12 09:06:18 +01:00
Anders Schack-Mulligen
06df5c0bd1 Java: Introduce SsaCapturedDefinition and replace uses of getAnUltimateDefinition. 2025-11-12 09:06:17 +01:00