hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,743 Commits 1,672 Branches 157 Tags
c67cc23e07d06b9e095079b7aa158e5e2b8a0e81
Commit Graph

10238 Commits

Author SHA1 Message Date
Ian Lynagh
c67cc23e07 Kotlin: Write usesK2 information to the database 2023-08-22 12:37:01 +01:00
Erik Krogh Kristensen
08ef31d452 Merge pull request #13916 from erik-krogh/limit-java-field-reg 
Java: limit field flow when tracking regex strings
 2023-08-18 12:14:31 +02:00
Edward Minnix III
41a527cf72 Merge pull request #13934 from egregius313/egregius313/add-dashes-to-sha-algorithms 
Java: Add dashes to SHA algorithm names in `Encryption.qll`
 2023-08-17 13:03:15 -04:00
Anders Schack-Mulligen
e27aad9d6c Merge pull request #13987 from aschackmull/java/rangeanalysis-joinorder-fix 
Java: Join-order fix in RangeAnalysis.
 2023-08-17 14:47:26 +02:00
Anders Schack-Mulligen
f8a0b6cd22 Java: Add nomagic 2023-08-17 11:20:02 +02:00
Anders Schack-Mulligen
0afda68ba1 Java: Join-order fix in RangeAnalysis. 2023-08-17 11:07:24 +02:00
github-actions[bot]
b0da1ef892 Add changed framework coverage reports 2023-08-17 00:14:13 +00:00
Ian Lynagh
1fb4e13e0a Merge pull request #13960 from igfoo/igfoo/parent 
Kotlin: Handle Kotlin 2 parents better
 2023-08-16 16:27:15 +01:00
Stephan Brandauer
20254c3d0a Merge pull request #13886 from github/kaeluka/java-automodel-variadic-args 
Java: automodel application mode: use endpoint class like in framework mode
 2023-08-16 08:49:01 +02:00
Ed Minnix
cafd08521e Add change note 2023-08-15 23:46:12 -04:00
Ed Minnix
7cfe78a52d Add dashes to SHA algorithm names in Encryption.qll 2023-08-15 23:42:17 -04:00
Ian Lynagh
3b9bd16097 Kotlin: Mark some functions as private 2023-08-15 12:38:47 +01:00
Ian Lynagh
a8b69e5b55 Kotlin: Fix build on old versions 2023-08-15 11:30:23 +01:00
Michael Nebel
a95aad51bd Merge pull request #13546 from michaelnebel/java/withoutelement 
Java: Support for With[out]Element for MaD.
 2023-08-15 10:03:03 +02:00
Ian Lynagh
eb27428514 Kotlin: Handle IrExternalPackageFragment when dealing with external decls 2023-08-14 17:37:48 +01:00
Ian Lynagh
72af8ac1e2 Kotlin: Switch to useDeclarationParentOf 
This lets us handle Kotlin 2 declarations whose parent is an
IrExternalPackageFragment, indicating that they are in a (multi)file
class.
 2023-08-14 17:02:49 +01:00
Ian Lynagh
4f336820de Kotlin: Start handling IrExternalPackageFragment parents 2023-08-14 17:02:48 +01:00
Ian Lynagh
77451de9a3 Kotlin: Fix isExternalDeclaration for Kotlin 2 2023-08-14 15:01:13 +01:00
Stephan Brandauer
1a95a34441 Java: automodel: use the call for call context, rather than the argument 2023-08-14 09:54:44 +02:00
Stephan Brandauer
4107758c8a Java: automodel extraction: add strings to query selection 2023-08-14 09:49:50 +02:00
Henry Mercer
1213eba630 Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
Stephan Brandauer
a9906f6f7b Java: fix - add extra $@ 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-08-11 09:15:09 +02:00
Ian Lynagh
58da62e244 Kotlin: Handle null parent IDs in getFunctionLabel correctly 2023-08-10 18:49:10 +01:00
Ian Lynagh
f377d25c23 Merge pull request #13919 from igfoo/igfoo/useFunction 
Kotlin: useFunction might return null
 2023-08-10 12:17:20 +01:00
github-actions[bot]
432c21d4fb Post-release preparation for codeql-cli-2.14.2 2023-08-09 18:45:18 +00:00
Ian Lynagh
0eb6d1c76e Kotlin: useFunction might return null 2023-08-09 13:45:15 +01:00
Stephan Brandauer
e927470961 Merge branch 'main' into kaeluka/java-automodel-variadic-args 2023-08-09 09:02:32 +02:00
Anders Schack-Mulligen
0ca3f3308b Merge pull request #13478 from aschackmull/java/varcapture 
Java: Add proper support for variable capture flow.
 2023-08-08 16:22:56 +02:00
Anders Starcke Henriksen
7da6da1c93 Merge pull request #13852 from github/starcke/automodel-package-filter 
Add option to filter automodel queries
 2023-08-08 14:59:00 +02:00
Anders Schack-Mulligen
9d59f50340 Java: Review fixes. 2023-08-08 13:37:40 +02:00
Michael Nebel
0ed724eb13 Java: Make a flow summary for Set.clear using WithoutElement and introduce appropriate tests. 2023-08-08 11:10:08 +02:00
Anders Schack-Mulligen
ab334f6c1b Java: Always apply heuristic query regardless of existing models. 2023-08-08 10:01:43 +02:00
Anders Schack-Mulligen
cd22bb3505 Java: Add another test case. 2023-08-08 10:00:55 +02:00
erik-krogh
45c39e6072 limit field flow when tracking regex strings in Java 2023-08-08 09:01:23 +02:00
github-actions[bot]
79c90fa36a Release preparation for version 2.14.2 2023-08-07 18:08:52 +00:00
Ian Lynagh
3e86c4c39e Kotlin: Allow extractNewExpr to return null 2023-08-07 18:59:51 +01:00
Jami
5862cd2378 Merge pull request #13889 from jcogs33/jcogs33/fix-some-models 
Java: remove duplicate models
 2023-08-07 08:46:18 -04:00
Stephan Brandauer
3433437034 Java: automodel application mode: only extract the first argument corresponding to a varargs array 2023-08-07 14:15:17 +02:00
Edward Minnix III
58d8a2d77f Merge pull request #13899 from egregius313/egregius313/random-nextbytes-typo-fix 
Java: Fix typo in `StdlibRandomSource::getOutput`
 2023-08-07 07:36:44 -04:00
Tom Hvitved
2126ab0dde Merge pull request #13901 from hvitved/dataflow/refactor 
Data flow: Refactor shared library
 2023-08-07 13:22:53 +02:00
Ian Lynagh
0d97c1c54a Merge pull request #13837 from igfoo/igfoo/nullFunLabel 
Kotlin: Pass on a parentId and remove some redundant braces
 2023-08-07 12:19:22 +01:00
Michael Nebel
e62ec888c0 Merge pull request #13506 from michaelnebel/java/threatmodels 
Java: Threat Models
 2023-08-07 12:50:01 +02:00
Stephan Brandauer
e1a5eba61b Java: automodel application mode: refactor varargs endpoint class to rely on normal argument node for nicer extracted examples 2023-08-07 12:18:52 +02:00
Stephan Brandauer
650ff8db87 Java: automodel comments 2023-08-07 12:18:51 +02:00
Stephan Brandauer
0781cb78e8 Java: automodel application mode: add isVarargsArray metadata value 2023-08-07 12:18:51 +02:00
Stephan Brandauer
5abf7769a7 Java: automodel application mode: use endpoint class like in framework mode 2023-08-07 12:18:51 +02:00
Tom Hvitved
693970f243 Java: Adjust to data flow refactor 2023-08-07 11:35:23 +02:00
Ed Minnix
23e2eb11dd Change note 2023-08-07 00:23:58 -04:00
Ed Minnix
fe4eef0bcb Fix typo, replace getBytes with nextBytes 2023-08-07 00:16:47 -04:00
Jami Cogswell
19622aec49 Java: remove duplicate 'Files.newOutputStream' ai model 2023-08-04 14:06:57 -04:00