codeql

mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00

Author	SHA1	Message	Date
Edward Minnix III	b102ddac30	Merge pull request #12542 from egregius313/egregius313/refactor-more-queries-to-dataflow-module-api Java: Refactor more queries to the new DataFlow module API (part 2)	2023-03-21 10:35:29 -04:00
Asger F	6d665da4dc	Merge pull request #12570 from github/post-release-prep/codeql-cli-2.12.5 Post-release preparation for codeql-cli-2.12.5	2023-03-21 13:06:25 +01:00
Chris Smowton	2876b4aa5d	maven-httpo-repository: add Maven wrapper Maven 3.9.1 changes the format of the error message this test is looking for (though it still matches the target regex). Use the Maven wrapper to avoid such sensitivity to the precise version present in the environment.	2023-03-21 09:25:33 +00:00
Tony Torralba	956f991b8d	Merge pull request #12603 from github/workflow/coverage/update Update CSV framework coverage reports	2023-03-21 10:11:51 +01:00
Tony Torralba	1f991807d4	Merge pull request #12366 from github/java/update-mad-decls-after-triage-2023-03-02T12-08-59 Java: Update MaD Declarations after Triage	2023-03-21 09:40:03 +01:00
github-actions[bot]	6598cc44ee	Add changed framework coverage reports	2023-03-21 00:15:33 +00:00
Ed Minnix	b64ca5dcaa	Remove "private" marker from configurations	2023-03-20 12:26:54 -04:00
Ed Minnix	c7816ea180	Conform `Config` modules to naming convention	2023-03-20 12:26:54 -04:00
Ed Minnix	8856730843	Refactor CWE-614/InsecureCookie	2023-03-20 12:26:54 -04:00
Ed Minnix	de6959c688	Refactor CWE-209/StackTraceExposure	2023-03-20 12:26:54 -04:00
Ed Minnix	73a17536f5	Refactor CWE-129 queries	2023-03-20 12:26:54 -04:00
Ed Minnix	ae57807359	Refactor CWE-089 Sql queries	2023-03-20 12:26:54 -04:00
Ed Minnix	e6e974a752	Refactor CWE-079/SqlConcatenated	2023-03-20 12:26:54 -04:00
Ed Minnix	c1ee2dce61	Refactor CWE-078/ExecTaintedLocal	2023-03-20 12:26:54 -04:00
Edward Minnix III	ac58299d9e	Merge pull request #12541 from egregius313/egregius313/refactor-queries-to-new-dataflow-api Java: Refactor more queries to the new DataFlow module API	2023-03-20 12:24:26 -04:00
Tony Torralba	1258812428	Fix Argument[this]	2023-03-20 17:13:44 +01:00
Tony Torralba	f685b93379	Add change note	2023-03-20 17:09:48 +01:00
Tony Torralba	a66b7ed54a	Fix incorrect model, add missing model	2023-03-20 17:09:48 +01:00
Stephan Brandauer	0cab45e4b9	update old data to current standard (stream creation arg is a sink)	2023-03-20 17:09:48 +01:00
Stephan Brandauer	8802fbdfe7	Update java/ql/lib/ext/java.nio.file.model.yml Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-03-20 17:09:48 +01:00
Stephan Brandauer	bc227179c7	Update java/ql/lib/ext/org.geogebra.web.full.main.model.yml Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-03-20 17:09:48 +01:00
Tony Torralba	bc99a44f3a	Apply suggestions from code review	2023-03-20 17:09:48 +01:00
Stephan Brandauer	12bb0d98c0	move toFile back to its original location	2023-03-20 17:09:48 +01:00
Stephan Brandauer	4761c3a328	remove duplicates	2023-03-20 17:09:48 +01:00
Stephan Brandauer	bd21dc9460	remove nonexploitable sinks	2023-03-20 17:09:48 +01:00
Stephan Brandauer	b7ce0c2d96	fix: taint flow of ctor goes to Argument[-1], instead of ReturnValue	2023-03-20 17:09:48 +01:00
Stephan Brandauer	2236db43ec	sort the changed MaD declarations	2023-03-20 17:09:46 +01:00
Stephan Brandauer	74e261738f	remove predicate	2023-03-20 17:06:40 +01:00
Stephan Brandauer	ec1762e015	Update MaD Declarations after Triage	2023-03-20 17:06:37 +01:00
Tony Torralba	fa60fa0ae2	Merge pull request #12572 from github/java/update-mad-decls-after-triage-2023-03-17T15-01-35 Java: Update MaD Declarations after Triage	2023-03-20 17:02:27 +01:00
Anders Schack-Mulligen	3876e4335f	Merge pull request #12420 from kaspersv/kaspersv/dataflow-remove-alias-preds Dataflow: Remove revFlowAlias and revFlowApAlias predicates	2023-03-20 16:30:15 +01:00
Michael Nebel	17b3383043	Merge pull request #12556 from michaelnebel/java/argumentthis Java: Argument[-1] -> Argument[this]	2023-03-20 15:59:59 +01:00
Erik Krogh Kristensen	a9d40d39d9	Merge pull request #12550 from erik-krogh/useNumberUtil Java/Python: use Number.qll to parse hex numbers in regex parsing	2023-03-20 15:50:31 +01:00
Stephan Brandauer	39726a54ec	fix suggestion	2023-03-20 14:12:46 +01:00
Kasper Svendsen	1d2f1b6ae6	Address comments	2023-03-20 13:34:14 +01:00
Ed Minnix	83b0d073f0	Fix typo in QLDoc	2023-03-20 08:11:01 -04:00
Ed Minnix	1c661fd3ac	Add missing QLDocs	2023-03-20 08:10:07 -04:00
Kasper Svendsen	e0e3a1d621	Dataflow: remove revFlowApAlias trick	2023-03-20 13:04:13 +01:00
Ed Minnix	84fd5f7ee0	Fix naming of ZipSlip configuration	2023-03-20 07:55:23 -04:00
Ed Minnix	60a4a79537	Make the Config module of public Flow modules public This is to make things easier for the CodeML/ATM team once these configurations are moved from `src/` to `lib/`.	2023-03-20 07:47:55 -04:00
Edward Minnix III	1c06afffe5	Merge pull request #12578 from egregius313/egregius313/conform-dataflow-configs-to-config-naming-convention Conform dataflow config modules to follow `*Config` naming convention	2023-03-20 07:25:10 -04:00
Tony Torralba	27fc14236f	Add change note	2023-03-20 10:48:56 +01:00
Tony Torralba	bff8bbfe33	Apply suggestions from code review	2023-03-20 10:43:46 +01:00
Michael Nebel	01ade878ea	Java: Update test comments to use this instead of -1.	2023-03-20 10:14:20 +01:00
Michael Nebel	ba711ab849	Java: Update expected test-output (different sorting).	2023-03-20 10:14:20 +01:00
Michael Nebel	ae12510d8d	Java: Add change-note.	2023-03-20 10:14:20 +01:00
Michael Nebel	9039a468cb	Java: Update models that uses -1 in a range.	2023-03-20 10:14:20 +01:00
Michael Nebel	e86f1e4961	Java: Replace Argument[-1] with Argument[this].	2023-03-20 10:14:20 +01:00
Michael Nebel	0ec56203f9	Java: Introduce index validation.	2023-03-20 09:38:40 +01:00
Michael Nebel	9a3c2d3fbe	Java: Update summary parsing to use this instead of -1 and adjust the model generator.	2023-03-20 09:38:40 +01:00

1 2 3 4 5 ...

9004 Commits