hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,796 Commits 1,673 Branches 157 Tags
a865f1666d7de8b183cbf70ab703bfdc692fb163
Commit Graph

8905 Commits

Author SHA1 Message Date
Chris Smowton
a865f1666d maven-httpo-repository: add Maven wrapper 
Maven 3.9.1 changes the format of the error message this test is looking for (though it still matches the target regex). Use the Maven wrapper to avoid such sensitivity to the precise version present in the environment.
 2023-03-21 12:19:52 +00:00
Tom Hvitved
9f798902bd Data flow: Add consistency check for DataFlowCall::getEnclosingCallable 2023-03-16 08:40:53 +01:00
Henry Mercer
720eed398b Merge pull request #12523 from github/henrymercer/polish-diagnostics 
Polish diagnostic messages
 2023-03-15 15:06:52 +00:00
Anders Schack-Mulligen
bc9942eb75 Merge pull request #12530 from aschackmull/java/refactor-dataflow-queries-3 
Java: Refactor more dataflow queries to the new API (take 3)
 2023-03-15 14:57:29 +01:00
Anders Schack-Mulligen
6408d7cbbe Java: Refactor RsaWithoutOaep. 2023-03-15 10:37:54 +01:00
Anders Schack-Mulligen
b3b5c2c767 Java: Refactor UnsafeContentUriResolution. 2023-03-15 10:32:58 +01:00
Anders Schack-Mulligen
4b814ec71c Java: Refactor SensitiveCommunication.ql. 2023-03-15 10:32:35 +01:00
Anders Schack-Mulligen
ca8e013618 Java: Refactor FragmentInjection. 2023-03-15 10:23:21 +01:00
Anders Schack-Mulligen
5bd530f570 Java: Refactor IntentUriPermissionManipulation. 2023-03-15 10:13:28 +01:00
Anders Schack-Mulligen
b14b95cd79 Java: Refactor LogInjection 2023-03-15 10:10:02 +01:00
Anders Schack-Mulligen
abf3abdc65 Java: Delete DataFlowForOnActivityResult. 2023-03-15 09:47:21 +01:00
Anders Schack-Mulligen
bea7c43584 Java: Delete DataFlowForSerializability 2023-03-15 09:42:02 +01:00
Anders Schack-Mulligen
e8a7139020 Merge pull request #12476 from aschackmull/java/refactor-dataflow-queries-2 
Java: Refactor more dataflow queries to the new API
 2023-03-15 09:40:32 +01:00
Arthur Baars
fbe9823a42 Merge branch 'main' into henrymercer/polish-diagnostics 2023-03-14 23:42:33 +01:00
Henry Mercer
6fbc8261f2 Java: Add a full stop 2023-03-14 17:03:42 +00:00
Henry Mercer
770924455e Java: Use Dotcom help links 2023-03-14 17:00:48 +00:00
Henry Mercer
ce96f009b7 Java: Capitalise HTTPS 2023-03-14 16:58:24 +00:00
Henry Mercer
819e0dfbf0 Java: Use "relevant" instead of "suspicious" 2023-03-14 16:54:14 +00:00
Henry Mercer
110cb64b7a Java: Avoid reference to other diagnostics 2023-03-14 16:52:58 +00:00
Henry Mercer
4c329b7b62 Java: Remove "please" in diagnostics 
Per review from docs team
 2023-03-14 16:46:06 +00:00
Anders Schack-Mulligen
30163e4f60 Merge pull request #12515 from aschackmull/java/neutral-dispatch 
Java: Remove low-confidence dispatch to known neutrals.
 2023-03-14 15:35:05 +01:00
Tom Hvitved
c132891669 Merge pull request #12513 from hvitved/dataflow/lambda-flow-no-expects-content 
Data flow: Exclude `expectsContent` nodes from lambda flow
 2023-03-14 15:28:35 +01:00
Ian Lynagh
32e8b130ad Merge pull request #12501 from tamasvajk/java/javadoc_printast 
Java: Fix printAST to handle javadoc belonging to multiple elements
 2023-03-14 13:42:22 +00:00
Anders Schack-Mulligen
a9d2b936af Java: Add qldoc. 2023-03-14 14:15:15 +01:00
Anders Schack-Mulligen
dbfc256f40 Java: Remove low-confidence dispatch to known neutrals. 2023-03-14 11:34:07 +01:00
Edward Minnix III
de1ecf943e Merge pull request #11915 from egregius313/egregius313/arbitrary-apk-installation 
Java: Arbitrary APK installation
 2023-03-14 06:23:51 -04:00
Tom Hvitved
bdd56f1b6e Data flow: Sync files 2023-03-14 10:01:56 +01:00
github-actions[bot]
2c93ab99d8 Add changed framework coverage reports 2023-03-14 00:15:57 +00:00
Anders Schack-Mulligen
5792b4d363 Merge pull request #12503 from aschackmull/java/qltest-callback-instance-sideeffect 
Java: Add a qltest demonstrating side-effect on a callback instance.
 2023-03-13 17:26:12 +01:00
Ian Lynagh
70b85a3e00 Merge pull request #12431 from igfoo/igfoo/double_interception 
Kotlin: Test double interceptions
 2023-03-13 14:30:49 +00:00
Tamas Vajk
c57fcfb8fb Java: Fix printAST to handle javadoc belonging to multiple elements 2023-03-13 14:26:33 +01:00
Tony Torralba
705691b096 Merge pull request #12446 from github/java/update-mad-decls-after-triage-2023-03-08T14-51-59 
Java: Update MaD Declarations after Triage
 2023-03-13 14:07:59 +01:00
Anders Schack-Mulligen
f54b02edb3 Java: Add a qltest demonstrating side-effect on a callback instance. 2023-03-13 13:22:18 +01:00
Anders Schack-Mulligen
0c95ab2cdc Merge pull request #12474 from hvitved/dataflow/call-back-post-update 
Data flow: Synthesize post-update nodes for callback arguments inside summarized callables
 2023-03-13 13:21:52 +01:00
Ian Lynagh
4fbc747f93 Kotlin: Move kotlin_double_interception test to posix_only 
It's failing on Windows
 2023-03-13 11:57:57 +00:00
Ian Lynagh
fd8f7e071b Kotlin: Tweak double_interception test 2023-03-13 11:57:57 +00:00
Ian Lynagh
fae4a8f37b Kotlin: double interception test: Fix for old python versions 2023-03-13 11:57:57 +00:00
Ian Lynagh
8b6047dfd1 Kotlin: Handle double-interceptions without failing 2023-03-13 11:57:57 +00:00
Ian Lynagh
81e71c4669 Kotlin: Add a test for double niterception 2023-03-13 11:57:57 +00:00
Erik Krogh Kristensen
060c37b6a2 Merge pull request #12345 from erik-krogh/delOldDeps 
delete old deprecations
 2023-03-13 12:48:24 +01:00
Tamas Vajk
e44aca0b33 Java: Add printAST test with javadoc 2023-03-13 12:02:50 +01:00
Anders Schack-Mulligen
7c0e89ffdd Java: Refactor ArithmeticTainted.ql, TempDirLocalInformationDisclosure.ql 2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen
da273269cb Java: Refactor PolynomialReDoS.ql 2023-03-13 11:27:14 +01:00
Anders Schack-Mulligen
c380ecbbbc Data flow: Add change notes. 2023-03-13 11:09:13 +01:00
erik-krogh
6c1ebd999e Merge branch 'main' into delOldDeps 2023-03-13 11:00:29 +01:00
Tony Torralba
e834f9302e Fix Apache Commons HTTP Client and SQL Injection tests 2023-03-13 09:36:53 +01:00
Ed Minnix
59eea2a4a3 Change FlowState classes to use IPAs instead of string 2023-03-10 15:24:04 -05:00
Ed Minnix
b6eeac5bc8 Update names to new naming convention 2023-03-10 15:13:58 -05:00
Edward Minnix III
e2acc26419 Apply docs review suggestions 
- Punctuation
- Rewording

Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-03-10 09:47:47 -05:00
Anders Schack-Mulligen
1e64748ffe Dataflow: Autoformat. 2023-03-10 15:12:19 +01:00