hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,478 Commits 1,697 Branches 161 Tags
d39b68cd41f13268b57dd4beaa12ea4e419cd182
Commit Graph

11931 Commits

Author SHA1 Message Date
am0o0
8f7c690529 revert some mistakes 2024-07-13 17:03:24 +02:00
am0o0
1d1c476674 update tests and use TaintFlowTestArgString 
add stubs
add missed sink models
 2024-07-13 16:58:51 +02:00
Chris Smowton
1cb9f6370f Use hasTaintFlow marker 2024-07-13 13:09:43 +02:00
Chris Smowton
059a1389c6 Run TaintedPath query on experimental tests 2024-07-13 13:09:26 +02:00
Chris Smowton
4e9a528df9 Move experimental tests 2024-07-13 13:09:08 +02:00
am0o0
025aa77e79 add the snappy missed sink 2024-07-13 11:15:45 +02:00
am0o0
8c106964ec remove duplicate parts thanks to @owen-mc 2024-07-13 11:11:07 +02:00
am0o0
3868b386f3 update inline tests 2024-07-13 10:47:42 +02:00
am0o0
0165696a1e update tests 2024-07-13 10:33:35 +02:00
am0o0
8ba48e801a fix examples 2024-07-13 10:28:19 +02:00
am0o0
dd3cc33298 move DecompressionBombsFlow::PathGraph to DecompressionBomb.ql 2024-07-13 10:24:07 +02:00
am0o0
c824aa4e45 delete pom.xml 2024-07-13 10:21:53 +02:00
Am
a3b5d2a28d Update java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/DecompressionBomb.qhelp 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-07-13 10:20:43 +02:00
Am
4fbf76008e Update java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/DecompressionBomb.qhelp 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-07-13 10:20:25 +02:00
Owen Mansel-Chan
b7a5252cb0 Refactor inAndroidApplication 2024-07-13 07:35:02 +01:00
Owen Mansel-Chan
8dcef8223f Tweak change note 2024-07-13 07:31:18 +01:00
Jami Cogswell
6b497da15f Java: fix line number changes in tests 2024-07-11 15:33:09 -04:00
Jami Cogswell
ab9a6faaf3 Java: add change note 2024-07-11 15:10:11 -04:00
Jami Cogswell
77a8ba934c Java: add path-injection sink for hudson.FilePath.exists() 2024-07-11 15:03:40 -04:00
Jami Cogswell
744a1a9b72 Java: fix line number changes in tests 2024-07-11 14:07:23 -04:00
Jami Cogswell
5cf05ec863 Java: add change note 2024-07-11 13:40:50 -04:00
Jami Cogswell
4a1497f367 Java: add IOUtils.toByteArray(InputStream) summary 2024-07-11 13:33:08 -04:00
Ian Lynagh
5c97a5f667 Kotlin: Kotlin support is now out of beta, and generally available 2024-07-11 16:11:40 +01:00
Max Schaefer
d5d0cf5d90 Java: Tag java/non-https-url with CWE-345 2024-07-11 13:37:09 +01:00
Ian Lynagh
311799c798 Merge pull request #16899 from igfoo/igfoo/semmle_dist 
Java/Kotlin: Remove legacy $SEMMLE_DIST support
 2024-07-11 12:48:53 +01:00
am0o0
dd4bce8e30 finilize tests 2024-07-09 19:48:58 +02:00
am0o0
7a5838f1a2 MethodAccess => MethodCall 2024-07-09 19:43:22 +02:00
am0o0
e87d2fe922 remove redundent imports 2024-07-09 19:41:06 +02:00
Owen Mansel-Chan
b83147fa44 Add links on threat models to change note 2024-07-08 15:39:27 +01:00
Owen Mansel-Chan
8241d0b7ef Update QLDoc for ReverseDnsUserInput 2024-07-08 15:33:39 +01:00
github-actions[bot]
ae3aba061b Post-release preparation for codeql-cli-2.18.0 2024-07-08 13:30:13 +00:00
Angela P Wen
dc20b0d19e Merge pull request #16921 from github/release-prep/2.18.0 
Release preparation for version 2.18.0
 2024-07-08 13:12:57 +02:00
Chris Smowton
d9573596c7 Merge pull request #16810 from smowton/smowton/feature/java-low-db-quality-query 
Java: add diagnostic query indicating low database quality
 2024-07-08 12:06:42 +01:00
github-actions[bot]
b0d6778652 Release preparation for version 2.18.0 2024-07-08 09:10:51 +00:00
Owen Mansel-Chan
e2a6358048 Update tests so they still work 2024-07-07 00:24:28 +01:00
Owen Mansel-Chan
de5fc4e609 Add change notes 2024-07-07 00:24:27 +01:00
Owen Mansel-Chan
5347770608 Update Android app detection 2024-07-07 00:24:25 +01:00
Owen Mansel-Chan
9c82966022 Move detection of Android app to one place 2024-07-05 23:47:56 +01:00
am0o0
fe1103d997 add stubs, upgrade test to inline test, update test files 2024-07-04 15:25:36 +02:00
Ian Lynagh
ea16f72c6f Java: Add changenote for dropping $SEMMLE_DIST support 2024-07-03 17:12:04 +01:00
Tom Hvitved
4ae8720930 SSA: Add BasicBlock.{getNode/1,length/0} to the input signature 2024-07-03 11:32:35 +02:00
am0o0
7e5f2e2a48 experimentalSinkModel to sinkModel, remove one path injection sink that already exist before 2024-07-03 08:55:12 +02:00
Michael Nebel
25b20186af Merge pull request #16861 from michaelnebel/modelgen/sourcesinklift 
C#/Java: Do not lift source and sink models.
 2024-07-02 08:50:31 +02:00
am0o0
7df59ffe6c update tests, is not completed yet :) 2024-07-01 18:22:27 +02:00
am0o0
a6833945c1 remove additional taint steps and flow states 2024-07-01 16:07:44 +02:00
am0o0
d31711bd89 merge all ne flow sources into one by extending current abstract class 2024-07-01 15:16:44 +02:00
am0o0
f1324a413a update qlhelp 2024-07-01 15:09:56 +02:00
Arthur Baars
b12b33c8f9 Merge remote-tracking branch 'upstream/main' into 'rc/3.14' 2024-06-28 19:50:35 +02:00
Jami
42925b56e3 Merge pull request #15921 from jcogs33/jcogs33/unsafe-url-forward-promotion-resource-and-file-methods 
Java: add models for some resource-related methods
 2024-06-28 08:05:50 -04:00
Jami Cogswell
85a1e1a972 Java: update change note date 2024-06-27 22:11:01 -04:00