4850 Commits

Author	SHA1	Message	Date
Anders Schack-Mulligen	d0b5b99e74	Merge pull request #8611 from github/smowton/doc/switch-expr-accessors ... Java: make SwitchCase.getRuleExpression/Statement more consistent	2022-04-06 11:16:40 +02:00
Alvaro Muñoz Sanchez	19b8d51c0b	Update CommandLineQuery ... Make TaintTracking configuration public	2022-04-06 10:58:56 +02:00
Alvaro Muñoz Sanchez	abaa71e2c5	Update Sql Injection queries ... move java/ql/src/Security/CWE/CWE-089/SqlInjectionLib.qll -> java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll	2022-04-06 10:57:14 +02:00
Michael Nebel	2562910b94	C#: Update Csv validation to allow sources and sink kinds to be prefixed with generated.	2022-04-05 14:25:34 +02:00
Michael Nebel	d7bf024318	Java: Add testcase for generated summary model.	2022-04-05 14:25:34 +02:00
Michael Nebel	0374f84c05	Java: Make support for generated as a part of kind.	2022-04-05 14:25:34 +02:00
Michael Nebel	3a04e9a03d	Java: Update java capture models with new kind column (including tests).	2022-04-05 12:55:47 +02:00
Michael Nebel	784327c183	Java/Ruby: Hardcode generated flag to false.	2022-04-05 08:55:12 +02:00
Michael Nebel	de76df3988	C#: Only use generated summaries, if no handwritten model exist for a particular dataflow callable.	2022-04-05 08:55:12 +02:00
Michael Nebel	3fe941aae2	C#: Add missing empty ext column in generated summaries.	2022-04-04 15:58:35 +02:00
Marcono1234	6dd14a6cb3	Java: Fix reflection predicate for getMethod having non-public method result	2022-04-04 15:10:49 +02:00
Tom Hvitved	415a1c2107	Java/C#: Update CaptureModels.qll	2022-04-04 13:51:44 +02:00
Tom Hvitved	b91858e7cf	Java: Implement ContentSet	2022-04-04 13:51:44 +02:00
Tom Hvitved	c4fbc618a9	Data flow: Sync files	2022-04-04 13:51:44 +02:00
github-actions[bot]	6af568b16d	Post-release preparation for codeql-cli-2.8.5	2022-04-01 16:22:14 +00:00
Chris Smowton	28fa49dcd6	dataflow -> data-flow	2022-04-01 13:22:58 +01:00
Tony Torralba	4cf0ebc5a8	Add change note	2022-04-01 12:43:27 +02:00
github-actions[bot]	ee746d20df	Release preparation for version 2.8.5	2022-04-01 10:39:31 +00:00
Tony Torralba	cc9b16beff	Fix wrong models of spring-web	2022-04-01 12:37:30 +02:00
Tony Torralba	3747aec144	Improve models of spring-beans	2022-04-01 12:37:22 +02:00
Chris Smowton	3b0bd3bc0f	Improve wording	2022-04-01 11:31:31 +01:00
Chris Smowton	81e60eb145	Add change note	2022-04-01 11:20:03 +01:00
Chris Smowton	99026a6071	Improve wording of isAdditionalFlow/TaintStep qldoc	2022-04-01 11:07:27 +01:00
Chris Smowton	9309a652df	Merge pull request #8493 from JLLeitschuh/feat/JLL/test_assertion_guard_preconditions ... [Java]: Add precondition support for testing library asserts	2022-03-31 22:30:09 +01:00
Chris Smowton	9bcf466aa8	Accept expected test result improvement	2022-03-31 15:19:08 +01:00
Chris Smowton	2829770003	Autoformat and fix typo	2022-03-31 14:11:09 +01:00
Anders Schack-Mulligen	f1ec2e3260	Merge pull request #8426 from atorralba/atorralba/missing-severities ... Java: Add missing security-severity scores	2022-03-31 14:53:47 +02:00
Anders Schack-Mulligen	8d9ce5fb4c	Merge pull request #8625 from aschackmull/java/qldoc-casing-fix ... Java: Fix acronym casing in qldoc referring to Java class names.	2022-03-31 13:33:11 +02:00
Chris Smowton	04325abfa5	Add test	2022-03-31 12:26:38 +01:00
Chris Smowton	c2d461bcee	Format	2022-03-31 12:19:53 +01:00
Chris Smowton	0d9c353c37	Represent switch statement and switch expression results alike	2022-03-31 12:19:11 +01:00
Chris Smowton	96bf754f01	Accept intrigus suggested doc clarifications ... Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>	2022-03-31 12:09:45 +01:00
Anders Schack-Mulligen	f28da00ec4	Java: Fix qldoc as followup to https://github.com/github/codeql/pull/8323	2022-03-31 12:50:36 +02:00
Michael Nebel	27b1d1e1e0	Merge pull request #8348 from michaelnebel/csharp/externalapi-telemetry ... C#: ExternalAPI implementation for Telemetry.	2022-03-31 11:36:07 +02:00
Chris Smowton	19cd97e426	Java: Clarify the meaning of getRuleExpression/Statement	2022-03-30 17:58:11 +01:00
Chris Smowton	9675f34cf5	Merge pull request #8257 from luchua-bc/java/insecure-webview-resource-response ... Java: CWE-200 Query to detect insecure WebResourceResponse implementation	2022-03-30 15:56:27 +01:00
Marcono1234	a93b4ed0f2	Java: Make JumpStmt a proper superclass	2022-03-30 00:30:27 +02:00
luchua-bc	fa2a6a7da3	Remove unnecessary taint step and update qldoc	2022-03-29 17:52:49 +00:00
Michael Nebel	6be41b0c29	C#/Java: Address review comments.	2022-03-29 14:52:57 +02:00
Michael Nebel	b0a24a7a44	C#: Change the implementation on getAnInput and getAnOutput based on hvitveds recommendations.	2022-03-29 14:52:57 +02:00
Michael Nebel	e1d4c1b68c	C#/Java: Reorder code in terms of dependency, rename ExternalAPI to ExternalApi and add some missing predicate qualifiers.	2022-03-29 14:52:52 +02:00
Michael Nebel	c552ab4138	Java: Remove duplicate import statement in ExternalAPI.qll.	2022-03-29 14:49:37 +02:00
Tony Torralba	e564481e9f	Organize imports	2022-03-29 11:38:24 +02:00
Michael Nebel	8e60073d5a	Java: Remove dataflow imports for java.qll.	2022-03-29 11:07:58 +02:00
Michael Nebel	f734edf8ff	C#/Java: Minor refactor and re-arranging of code to align the CaptureModel specific implementations.	2022-03-29 11:07:58 +02:00
Michael Nebel	3933dfa78e	Java: Make imports private and add parts of the dataflow library to java.qll (same as in C#).	2022-03-29 11:07:58 +02:00
Michael Nebel	26d5eb64b3	C#/Java: Initial merge ModelGeneratorUtils into CaptureModels.	2022-03-29 11:07:57 +02:00
Michael Nebel	9b7691a5fc	C#/Java: Address comments on re-exposing functionality.	2022-03-29 11:07:57 +02:00
Michael Nebel	1710b66003	C#/Java: Some minor variable name changes and QL Doc updates.	2022-03-29 11:07:57 +02:00
Michael Nebel	8a65efbae4	C#/Java: Add isRelevantSinkKind predicate with language specific implementation.	2022-03-29 11:07:57 +02:00