hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-29 08:37:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,875 Commits 1,785 Branches 169 Tags
b40cb5dedda94dd9fee823b15e94cdc4134091a7
Commit Graph

77 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
17fded4aa5 Java: Delete old deprecated code. 2026-05-04 10:52:27 +02:00
Owen Mansel-Chan
a5e6f6daf9 Replace "javax" with javaxOrJakarta() 
This is just a find-replace of `"javax` with `javaxOrJakarta() + "`.
 2026-02-16 11:02:12 +00:00
Anders Schack-Mulligen
6f40ac15b4 Java: Rename ReturnStmt.getResult to getExpr. 2026-02-04 14:43:31 +01:00
Owen Mansel-Chan
a5d9cb179a Merge pull request #20930 from owen-mc/java/spring-rest-template-request-forgery-sinks 
Java: add more Spring RestTemplate request forgery sinks
 2026-01-15 14:23:15 +00:00
Owen Mansel-Chan
97e0b4e9fd Use parameter name to only select correct overloads 2026-01-15 10:36:03 +00:00
Owen Mansel-Chan
9f2a7f712a Apply suggestion from @owen-mc 2025-12-02 15:52:01 +00:00
Owen Mansel-Chan
992bd68d4b Use set literals #2 2025-11-28 03:48:50 +00:00
Owen Mansel-Chan
89546cbc83 Fix qldoc inaccuracies 2025-11-28 01:09:07 +00:00
Owen Mansel-Chan
8debe49563 Correct mistake in qldoc 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-28 01:00:16 +00:00
Owen Mansel-Chan
969b0cf439 Add SSRF sinks for uriVariables arguments of more methods on Spring RestTemplate 2025-11-27 23:44:35 +00:00
Kasper Svendsen
c207cfdeb7 Overlay: Add overlay annotations to Java & shared libraries 2025-06-24 10:25:06 +02:00
Owen Mansel-Chan
476ada13db Improve QLDoc for SpringRequestMappingMethod.getAValue 2025-05-22 14:22:28 +01:00
Owen Mansel-Chan
59d4f039d8 Deprecate SpringRequestMappingMethod.getValue (which didn't work) 2025-05-22 12:29:29 +01:00
Owen Mansel-Chan
775338ebdd Rename getArrayValue to getAValue 2025-05-22 12:21:20 +01:00
sentient0being
f575d2f941 get array string url 2025-05-17 19:40:41 +08:00
Jami Cogswell
746f022cfa Java: add 'Spring' prefix to public class names 2025-03-04 10:34:16 -05:00
Jami Cogswell
6fe7c7a233 Java: some refactoring 2025-02-24 18:33:29 -05:00
Jami Cogswell
b2469ff8ba Java: add APIs and tests for more recent Spring versions: authorizeHttpRequests, AuthorizeHttpRequestsConfigurer, securityMatcher(s) 2025-02-24 18:26:02 -05:00
Jami Cogswell
8dfb920e05 Java: refactor QL, move code to libraries 2025-02-24 18:24:48 -05:00
Jami Cogswell
0462425191 Java: rename getMethod to getMethodValue 2025-01-30 10:14:20 -05:00
Jami Cogswell
20e8eb4323 Java: some clean-up and refactoring 2025-01-30 10:14:18 -05:00
Anders Schack-Mulligen
0f96e79264 Java: Improve performance of XSS regex. 2025-01-21 14:41:08 +01:00
Owen Mansel-Chan
1420bce36a Move import statement in SpringWebClient.qll 2024-12-11 14:19:24 +00:00
Owen Mansel-Chan
347fd575a2 Refactor to avoid duplicated logic 2024-12-05 11:15:43 +00:00
Owen Mansel-Chan
b20b7c7572 Remove escaped "{" and "}" before counting placeholders 2024-12-05 10:43:13 +00:00
Owen Mansel-Chan
7648d397f8 Improve model to remove some false positives 2024-11-29 09:46:41 +00:00
Owen Mansel-Chan
ba3f9d6134 Convert model to QL 2024-11-29 09:46:38 +00:00
erik-krogh
0fdd06fff5 use my script to delete outdated deprecations 2024-09-03 20:30:58 +02:00
Tom Hvitved
a6c147134a Java: Switch to shared XML.qll implementation 2024-03-19 13:15:45 +01:00
Chris Smowton
f552a15aae Mass-rename MethodAccess -> MethodCall 2023-10-24 10:30:26 +01:00
Tony Torralba
5330ce12cc Use new TypeInputStream 2023-07-24 08:49:34 +02:00
erik-krogh
44b6366586 delete old deprecations 2023-06-02 11:58:08 +02:00
Kasper Svendsen
081085e128 Java: Make implicit this receivers explicit 2023-05-03 13:37:35 +02:00
Tony Torralba
32471d326e Java: Remove omittable exists variables 2023-01-10 13:37:19 +01:00
erik-krogh
8262fbbfb5 Java/C#/GO: Use instanceof in more places 2022-12-11 18:32:19 +01:00
Michael Nebel
4c7cdc6245 Java: Remove unneeded imports of ExternalFlow.qll. 2022-12-05 09:49:38 +01:00
Michael Nebel
b3a3b676ba Java: Remove manual models from QL code. 2022-11-28 12:30:34 +01:00
Anders Schack-Mulligen
1945f185ed Apply suggestions from code review 
Autoformat
 2022-09-16 15:49:16 +01:00
Marcono1234
8c9bdeb3be Java: Address Annotation review comments and add change note 2022-09-16 15:49:16 +01:00
Marcono1234
998aa95eae Java: Add convenience array value Annotation predicates 2022-09-16 15:49:16 +01:00
Marcono1234
fd5fdd89d9 Java: Rename Annotation.getAValue predicates for array values 
Predicate name could lead to confusion with non-array predicate getAValue()
 2022-09-16 15:49:16 +01:00
Marcono1234
b96061aa7e Java: Rename Annotation value predicates 2022-09-16 15:49:16 +01:00
Marcono1234
536f5c7f89 Java: Add Annotation value convenience predicates 2022-09-16 15:49:15 +01:00
Sebastian Bauersfeld
130e1892f4 Address review comments. 2022-08-25 18:49:38 +07:00
Sebastian Bauersfeld
a486a89cee Java: Taint flow through org.springframework.data.repository.CrudRepository.save(). 2022-08-25 17:58:24 +07:00
erik-krogh
e89e0eb7fb make some acronyms camelCase 2022-08-22 21:22:35 +02:00
erik-krogh
ce9f69a639 rename all occurrences of XML to Xml 2022-08-22 14:08:31 +02:00
Anders Schack-Mulligen
27f76330be Java: Fix models. 2022-08-17 12:46:09 +02:00
Erik Krogh Kristensen
887f6557ed fix common misspellings throughout github/codeql 2022-08-10 23:21:41 +02:00
Michael Nebel
2e46e93f36 Java: Update java models with provenance column information. 2022-06-20 16:20:02 +02:00