hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,774 Commits 1,673 Branches 157 Tags
a5a6020f18fabe461e4e7a996083d54cce99ccb0
Commit Graph

10195 Commits

Author SHA1 Message Date
Ian Lynagh
a5a6020f18 Kotlin 2: Accept changes in library-tests/controlflow/basic 
Mostly location changes, but also some removal of generated blocks:
https://youtrack.jetbrains.com/issue/KT-63781/K2-Generated-blocks-appear-in-the-IR
 2024-02-16 14:37:10 +00:00
Max Schaefer
8d4a344d47 Merge pull request #15592 from github/max-schaefer/rephrase-negative-characteristics 
Automodel: Make description of some negative characteristics more explicit.
 2024-02-15 16:20:17 +00:00
Tony Torralba
90a9d82b9d Java: Expand ExactPathSanitizer to work on the argument of 'equals' too 2024-02-15 10:00:24 +01:00
Jonathan Leitschuh
50056d603e Fix typo in NettyRequestSplitting.java 2024-02-14 14:03:33 -05:00
Anders Schack-Mulligen
fb2d36ddac Merge pull request #15451 from Marcono1234/marcono1234/java-assignment-doc 
Java: Document which assignment type is covered by which class
 2024-02-14 08:59:50 +01:00
Ian Lynagh
ac001c37bd Merge pull request #15561 from igfoo/igfoo/kt2-tests 
Kotlin 2: Accept more test changes
 2024-02-13 14:02:45 +00:00
Max Schaefer
104a8d980c Automodel: Make description of some negative characteristics more explicit. 2024-02-13 08:18:13 +00:00
Asger F
faefa056eb Merge pull request #15507 from asgerf/shared/outbarrier-bugfix 
Shared: fix a bug in stateful outbarriers
 2024-02-12 21:44:49 +01:00
Tony Torralba
b6385f7938 Merge pull request #15533 from JLLeitschuh/patch-5 
Reduce severity of `java/relative-path-command`
 2024-02-12 15:04:05 +01:00
Joe Farebrother
75a2b9415c Merge pull request #15481 from joefarebrother/android-local-auth 
Java: Add query for insecure local authentication
 2024-02-12 13:48:53 +00:00
Tony Torralba
db2eb202ee Merge pull request #15565 from atorralba/atorralba/java/open-redirect-sanitizer 
Java: Add extension point and default sanitizer to Open Redirect query
 2024-02-12 14:42:52 +01:00
Ian Lynagh
931b27f76c Merge pull request #15573 from igfoo/igfoo/k2-more 
Kotlin 2: Accept loc changes in library-tests/parameter-defaults/defaults.expected
 2024-02-12 13:29:19 +00:00
Ian Lynagh
a7eac1100b Merge pull request #15569 from igfoo/igfoo/kt2-accept 
Kotlin 2: Accept more location changes
 2024-02-12 13:29:10 +00:00
Joe Farebrother
d3fea4044e Apply suggestions from documentation review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-02-12 10:27:56 +00:00
Tony Torralba
cf7091ae5f Merge branch 'main' into atorralba/java/open-redirect-sanitizer 2024-02-12 10:31:52 +01:00
Tony Torralba
e6623ebe4c Add change note 2024-02-12 10:10:42 +01:00
Joe Farebrother
16aed18821 Address reviews - Elaborate on docs and update severity 2024-02-09 13:53:36 +00:00
Ian Lynagh
ab758d5f1e Kotlin 2: Accept loc changes in library-tests/parameter-defaults/defaults.expected 2024-02-09 13:53:05 +00:00
Tom Hvitved
1ea7717714 Capture flow: Take overwrites in nested scopes into account 2024-02-09 14:49:23 +01:00
Ian Lynagh
0547c877c2 Kotlin 2: Accept some location changes in library-tests/methods/exprs.expected 2024-02-09 13:34:56 +00:00
Ian Lynagh
be4413ffc8 Kotlin 2: Accept changes in library-tests/methods/parameters.expected 
These mostly make things consistent with Kotlin 1.
 2024-02-09 13:19:26 +00:00
Ian Lynagh
b836260b9a Kotlin 2: Accept some test changes 
I'm not sure these are an improvement, but they bring Kotlin 2 back in
line with Kotlin 1.
 2024-02-09 13:15:02 +00:00
Anders Schack-Mulligen
566351a49a Merge pull request #15549 from aschackmull/dataflow/empty-provenance 
Dataflow: Add empty provenance column to PathGraph.
 2024-02-09 12:58:09 +01:00
Ian Lynagh
1b91695934 Kotlin 2: Accept some location changes in library-tests/methods 2024-02-09 11:57:23 +00:00
Max Schaefer
93990ec9df Merge pull request #15486 from github/java/update-mad-decls-after-triage-2024-01-31T11-16-45 
Java: Update MaD Declarations after Triage
 2024-02-09 11:18:17 +00:00
Anders Schack-Mulligen
0eaf117f37 Kotlin: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
e9e445b2ba Java: Add empty provenance column to expected files. 2024-02-09 11:32:00 +01:00
Anders Schack-Mulligen
b7d4a6926f Dataflow: Add empty provenance column to PathGraph. 2024-02-09 11:27:30 +01:00
Joe Farebrother
f4b6a85a48 Fix typo in qldoc 2024-02-09 10:09:24 +00:00
Tony Torralba
4c0d535cc2 Merge pull request #12886 from atorralba/atorralba/java/path-injection-mad-sinks 
Java: Refactor path injection sinks
 2024-02-09 10:48:49 +01:00
Max Schaefer
fb109672b3 Address more review feedback. 2024-02-09 09:21:30 +00:00
Tony Torralba
34f74869c8 Java: Add extension point and default sanitizer to Open Redirect query 2024-02-09 09:11:07 +01:00
Ian Lynagh
2852f09a1a Kotlin: Accept test changes in library-tests/java-kotlin-collection-type-generic-methods 
I'm not sure exactly what's going on here in general, but I've made a
ticket to remind us to come back and look at this whole area.
 2024-02-08 17:44:38 +00:00
Ian Lynagh
f50dab3d93 Kotlin 2: Accept loc changes in library-tests/interface-delegate 2024-02-08 14:45:47 +00:00
Dave Bartolomeo
92bd550c55 Merge pull request #15531 from github/post-release-prep/codeql-cli-2.16.2 
Post-release preparation for codeql-cli-2.16.2
 2024-02-08 05:58:17 -08:00
Ian Lynagh
e0a5efef0a Merge pull request #15544 from igfoo/igfoo/k2tests 
Kotlin 2: Some test fixes
 2024-02-08 12:57:58 +00:00
Ian Lynagh
ef8e6c8805 Kotlin 2: Accept loc changes in library-tests/exprs/funcExprs.expected 2024-02-07 16:40:40 +00:00
Ian Lynagh
8a93133b81 Kotlin 2: Accept loc changes in library-tests/exprs/unaryOp.expected 2024-02-07 16:21:49 +00:00
Ian Lynagh
c314cc8b68 Kotlin 2: Accept some location changes in library-tests/exprs/binop.expected 2024-02-07 15:56:10 +00:00
Ian Lynagh
c731251e61 Kotlin 2: Remove an unused diagnostic matcher in library-tests/dataflow/func 2024-02-07 15:32:04 +00:00
Ian Lynagh
3d1f9a79fb Kotlin 2: Accept location changes in test-kotlin2/library-tests/data-classes 2024-02-07 15:17:40 +00:00
Ian Lynagh
1c6108028b Kotlin 2: Accept some location changes for arrays 2024-02-07 15:12:17 +00:00
Max Schaefer
082754a3d8 Remove problematic Kotlin model. 2024-02-07 13:21:59 +00:00
Jonathan Leitschuh
1484a169d7 Reduce severity of java/relative-path-command 
Significantly reduces the severity of `java/relative-path-command` from 9.8 to 5.4

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
 2024-02-06 15:43:19 -05:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
Erik Krogh Kristensen
879d882fa4 Java: fix typo in JndiInjection.qhelp 2024-02-06 15:17:30 +01:00
Max Schaefer
705a377060 Address review comments. 2024-02-06 12:54:29 +00:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Joe Farebrother
525f27173d Merge pull request #15396 from joefarebrother/android-sensitive-ui-text 
Java: Add query for sensitive data exposed in text fields
 2024-02-05 15:47:03 +00:00
Joe Farebrother
596f48ca95 Add change note 2024-02-02 17:35:07 +00:00