hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
69,188 Commits 1,671 Branches 157 Tags
a1b3ea53f6909c36261198fb2bab0dec578a9b7f
Commit Graph

12333 Commits

Author SHA1 Message Date
github-actions[bot]
019da8c287 Release preparation for version 2.18.2 2024-08-07 14:02:38 +00:00
Alexander Eyers-Taylor
46577b585e Revert "Release preparation for version 2.18.2" 2024-08-07 14:24:37 +01:00
github-actions[bot]
c14ba0e4bd Release preparation for version 2.18.2 2024-08-06 12:46:15 +00:00
Dave Bartolomeo
a6e2fbb241 Merge remote-tracking branch 'origin/main' into dbartol/provenance/qltest 2024-08-05 13:16:31 -04:00
Dave Bartolomeo
aea13b46ce Merge remote-tracking branch 'origin/main' into dbartol/provenance/qltest 2024-08-05 10:33:31 -04:00
Chris Smowton
95e504a5ff Merge branch 'main' into am0o0-java-PathInjection 2024-08-05 11:41:25 +01:00
github-actions[bot]
f5394c9ee9 Add changed framework coverage reports 2024-08-04 00:19:56 +00:00
am0o0
4169cfac9f use the current slf4j stubs instead of new one 2024-08-03 14:12:18 +02:00
Dave Bartolomeo
6596705811 Update test expectations after extension numbering fix 2024-08-02 16:55:02 -04:00
Chris Smowton
f891423810 Run Maven integration tests sequentially due to conflicts over ~/.m2 2024-08-02 20:13:41 +01:00
Chris Smowton
1ee87670c6 Switch to measuring just diagnostics 2024-08-02 20:13:40 +01:00
Chris Smowton
ee11307751 Add test for ECJ compiling an enum with a constructor parameter annotation 2024-08-02 20:13:39 +01:00
Andrew Eisenberg
6a49647a28 Merge pull request #17132 from github/aeisenberg-patch-1 
Update CHANGELOG.md
 2024-08-02 07:55:06 -07:00
Chris Smowton
be945f14f6 Merge pull request #17135 from github/smowton/admin/build-mode-none-ga 
Announce Java build-mode: none GA
 2024-08-02 12:05:39 +01:00
Anders Schack-Mulligen
4d023f14a6 Merge pull request #17075 from RobbingDaHood/17052-second-try-do-not-expose-error-message 
Java: 17052 Second try: do not expose error message
 2024-08-02 12:44:27 +02:00
Chris Smowton
c299d8ddc1 Move change note to lib directory 2024-08-02 11:22:10 +01:00
Chris Smowton
2c85511af1 Announce Java build-mode: none GA 2024-08-02 11:05:24 +01:00
Andrew Eisenberg
c8994003c1 Update CHANGELOG.md 
Drive-by fix of a typo.
 2024-08-01 16:16:17 -07:00
am0o0
a645e01b4b delete wrong stubs 2024-08-02 01:03:47 +02:00
am0o0
d52826879b delete wrong stubs 2024-08-02 01:02:49 +02:00
am0o0
ee9f134828 update current springframework core stub and use this instead of creating a new stubs 2024-08-02 01:00:34 +02:00
am0o0
af43178602 move slf4j to a separate dir 2024-08-02 00:35:20 +02:00
am0o0
1551cf0093 move java/ql/test/experimental/stubs/org-springframework-6.1.4/org/reactivestreams into a separate dir 2024-08-02 00:06:02 +02:00
Anders Schack-Mulligen
377301a55a Merge pull request #17108 from aschackmull/dataflow/flowthrough-provenance 
Dataflow: Propagate provenance correctly for flow-through wrappers.
 2024-08-01 09:35:56 +02:00
Jami
f9f57e9122 Merge pull request #17023 from jcogs33/jcogs33/java/add-apache-ant-path-inj-sinks 
Java: add apache-ant `Property` path injection sinks
 2024-07-31 11:04:13 -04:00
Owen Mansel-Chan
6280ed2a6b Merge pull request #13555 from am0o0/amammad-java-bombs 
Java: Decompression Bombs
 2024-07-31 14:55:28 +01:00
Anders Schack-Mulligen
9724516c84 C#/Go/Java/Python/Ruby: Accept qltest .expected changes. 2024-07-31 14:45:10 +02:00
Jami
4fb29c4473 Merge branch 'main' into jcogs33/java/add-apache-ant-path-inj-sinks 2024-07-31 08:15:07 -04:00
Jami
05b0a3f41c Merge pull request #17093 from jcogs33/jcogs33/java/provenance-postprocess-qltest-remaining-lib-tests 
Java: Add support for post-process provenance pretty-printing in `.ql` library-tests
 2024-07-31 08:11:15 -04:00
Owen Mansel-Chan
8901b1fd14 Merge pull request #17100 from owen-mc/java/sensitive-log/ignore-tokenizer 
Java: whitelist variable names containing "tokenizer" for `java/sensitive-log`
 2024-07-31 12:16:03 +01:00
Owen Mansel-Chan
59e22f6cd9 Merge pull request #17101 from owen-mc/java/dead-ref-types-junit-4-5 
Java: Fix FPs in `java/unused-reference-type` for JUnit 4-style tests
 2024-07-31 11:11:35 +01:00
Edward Minnix III
bae0ea5599 Merge pull request #17042 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2024-07-30 20:04:23 -04:00
Jami Cogswell
2db07bdbf3 Java: add missing models to experimental expected files 2024-07-30 12:13:18 -04:00
am0o0
40eef25133 use more specefic Classes instead of Call 2024-07-30 18:07:03 +02:00
am0o0
591b1b4f07 use $ SPURIOUS: instead of "this test gives a FP" 2024-07-30 17:53:23 +02:00
Owen Mansel-Chan
1cb5f35c56 Add change note 2024-07-30 16:29:38 +01:00
Owen Mansel-Chan
cd0af0fc57 Ignore types with methods which have annotations 
The motivation is test classes in JUnit 4 and 5 are currently FPs for this. They have methods with `@Test`, so this should fix the FPs.
 2024-07-30 16:29:35 +01:00
Owen Mansel-Chan
050dcb1370 Add some tests for java/unused-reference-type 2024-07-30 16:29:11 +01:00
Jami
2c8f3a58b3 Merge branch 'main' into jcogs33/java/provenance-postprocess-qltest 2024-07-30 10:53:52 -04:00
Owen Mansel-Chan
44b6309e07 Add change note 2024-07-30 15:44:00 +01:00
Owen Mansel-Chan
e259b25428 Add "tokenizer" to sensitive variable name FPs 2024-07-30 15:38:32 +01:00
Owen Mansel-Chan
0704946324 Factor out matching sensitive variable name FPs 2024-07-30 15:37:54 +01:00
Owen Mansel-Chan
bdff0fdcc5 Add test for "tokenizer" 2024-07-30 15:37:46 +01:00
Owen Mansel-Chan
0d71072f94 Make test more compact 2024-07-30 15:36:59 +01:00
Arthur Baars
0d469536ae Merge pull request #17065 from github/aibaars/proxy-tests 
Java: integration tests with proxy server
 2024-07-30 15:53:45 +02:00
Anders Schack-Mulligen
5073f4f7dd Merge pull request #17096 from aschackmull/java/pp-experimental-models 
Java: Pretty-print experimental models for qltest.
 2024-07-30 13:31:15 +02:00
am0o0
9662950405 add comments for FPs 2024-07-30 13:24:46 +02:00
Anders Schack-Mulligen
da5250d3a7 Java: Pretty-print experimental models for qltest. 2024-07-30 11:43:44 +02:00
github-actions[bot]
d39609254c Add changed framework coverage reports 2024-07-30 00:18:23 +00:00
am0o0
4dc1a10f71 update tests for zip4j, add aditional flow steps for zip4j, remove BombTypeInputStream class since we don't need it anymore, add a predicate which was for testing porpose and was junk 2024-07-29 18:10:04 +02:00