hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
69,607 Commits 1,671 Branches 157 Tags
d5bccd537305b864faea8979e76ceed22465a34a
Commit Graph

12416 Commits

Author SHA1 Message Date
github-actions[bot]
0724fd7ce2 Post-release preparation for codeql-cli-2.18.3 2024-08-21 18:25:54 +00:00
github-actions[bot]
17cd9624fb Release preparation for version 2.18.3 2024-08-21 17:13:52 +00:00
Chris Smowton
15989ce213 Merge pull request #14089 from am0o0/amammad-java-JWT 
Java: JWT decoding without verification
 2024-08-21 14:14:08 +01:00
am0o0
b001c24dfc update tests to pass the github actions 2024-08-20 20:57:11 +02:00
Anders Schack-Mulligen
993bfee096 Merge pull request #17259 from aschackmull/dataflow/remove-srcsink-grouping 
Dataflow: Remove src/sink grouping feature
 2024-08-20 14:42:33 +02:00
Chris Smowton
f0327732ef Merge pull request #17247 from smowton/smowton/admin/add-spring-component-scan-test 
Java: add a test exercising Spring component liveness detection
 2024-08-20 12:56:26 +01:00
Cornelius Riemenschneider
932c07a0f4 Address review. 2024-08-20 11:46:28 +02:00
Anders Schack-Mulligen
8470e91c16 Legacy Dataflow: Sync. 2024-08-20 10:07:57 +02:00
Chris Smowton
80e03c3c51 Improve ql/doc style 2024-08-19 16:25:06 +01:00
Chris Smowton
27522a2781 Remove redundant imports 2024-08-19 16:23:06 +01:00
Cornelius Riemenschneider
33f87c0c46 Port linux/kotlin tests to pytest. 2024-08-19 11:33:25 +02:00
Cornelius Riemenschneider
ccd90f25ba Port posix/kotlin tests to pytest. 2024-08-19 11:33:24 +02:00
Cornelius Riemenschneider
c2aff1ea97 Port all-platforms/kotlin tests to pytest. 2024-08-19 11:33:23 +02:00
Cornelius Riemenschneider
ed7f3305d9 Move legacy marker only to java tests. 2024-08-19 10:47:15 +02:00
Chris Smowton
9c0bdbb20a Java: add a test exercising Spring component liveness detection 
The existing Spring stubs are expanded sufficiently to support the needed annotations and a few referenced classes and exceptions.
 2024-08-16 16:36:08 +01:00
am0o0
f4764378c9 update tests to contain the new source, delete query with local sources 2024-08-16 16:15:46 +02:00
am0o0
d88b310b0e add getCredentials method of AuthenticationToken as a remote source 2024-08-16 15:41:19 +02:00
Anders Schack-Mulligen
3a9610795b Merge pull request #16808 from JLLeitschuh/patch-8 
Align Java CommandInjectionRuntimeExec.ql Severity
 2024-08-16 15:14:48 +02:00
Chris Smowton
f7d8c210e5 Merge pull request #17239 from smowton/smowton/admin/camel-test 
Java: add test for Apache Camel dead-code analysis
 2024-08-16 11:00:30 +01:00
Rasmus Wriedt Larsen
c3d8efc43d Merge branch 'main' into stdin3 2024-08-16 09:54:45 +02:00
Anders Schack-Mulligen
51c43a7440 Java: Accept expected changes. 2024-08-16 07:01:35 +02:00
Anders Schack-Mulligen
86708c9ff8 Dataflow: Fix missing subpaths due to type strengthening. 2024-08-15 18:57:10 +02:00
Chris Smowton
0b56bf98f3 Java: add test for Apache Camel dead-code analysis 
This exercises code that detects Camel entry-points and marks them as live.
 2024-08-15 17:26:38 +01:00
Anders Schack-Mulligen
e77c3dfda1 Java: Fix expected files following https://github.com/github/codeql/pull/17233 and https://github.com/github/codeql/pull/17224. 2024-08-15 15:45:37 +02:00
Rasmus Wriedt Larsen
1e7eae58f4 Java: Add change-note 2024-08-15 15:45:20 +02:00
Rasmus Wriedt Larsen
fee38b3781 Java: Fixup test 2024-08-15 15:37:35 +02:00
Rasmus Wriedt Larsen
1e12c11adc Java: Model System.in as stdin threat-model 2024-08-15 15:37:35 +02:00
Anders Schack-Mulligen
7d61d9282c Merge pull request #17233 from aschackmull/dataflow/match-summarylabel 
Dataflow: Fix missing join on summaryLabel.
 2024-08-15 14:55:38 +02:00
Anders Schack-Mulligen
6f23e8dcf3 Merge pull request #17224 from aschackmull/java/inlineflow-pathgraph 
Java: Add PathGraph to test output for default inline flow tests.
 2024-08-15 13:35:24 +02:00
Anders Schack-Mulligen
a85f8a2fbd Java/C#: Accept expected changes. 2024-08-15 13:24:31 +02:00
Paolo Tranquilli
f0de9f9276 Merge pull request #17232 from github/redsun82/kotlin 
Kotlin: fix wrapper on windows and use `os.execv` on POSIX
 2024-08-15 12:50:46 +02:00
Chris Smowton
3450e509fe Merge pull request #17228 from smowton/smowton/admin/missing-change-notes 
Java: add change notes for three recent buildless fixes
 2024-08-15 10:56:22 +01:00
Michael Nebel
4b3cc5bd0e Merge pull request #17219 from michaelnebel/shared/neutralsourcesink 
C#/Java: Fix source- and sink callable provenance overlap.
 2024-08-15 11:02:18 +02:00
Anders Schack-Mulligen
fb1dfd4217 Java: Accept test changes. 2024-08-15 10:32:12 +02:00
Paolo Tranquilli
beba032ba5 Kotlin: fix wrapper on windows 2024-08-15 10:31:32 +02:00
Anders Schack-Mulligen
3cdc8d5eca Java: Add PathGraph to test output for default inline flow tests. 2024-08-15 10:17:31 +02:00
Chris Smowton
b4a42de7f4 Java: add change notes for three recent buildless fixes 2024-08-14 18:34:25 +01:00
Anders Schack-Mulligen
79dec723b0 Dataflow: Add test highlighting missing subpath. 2024-08-14 13:30:13 +02:00
Michael Nebel
eaf4f5eeab C#/Java: Update model generation expected output. 2024-08-14 09:57:49 +02:00
Michael Nebel
f0817dc07c C#/Java: Use a parameterized module for making the source and sink callable classes. 2024-08-14 09:50:38 +02:00
Michael Nebel
046018fa25 Java: Add example of missing sink generation. 2024-08-14 09:50:34 +02:00
Tom Hvitved
aeabee3e34 Merge pull request #17179 from hvitved/shared/pretty-print-models 
Go/Java: Share more `PrettyPrintModels.ql` logic
 2024-08-13 14:15:40 +02:00
Tom Hvitved
f83df76928 Shared: Apply ShowProvenance in InlineFlowTest.qll 2024-08-13 13:34:43 +02:00
Tom Hvitved
d5a0df3f87 Go/Java: Share more PrettyPrintModels.ql logic 2024-08-13 12:48:22 +02:00
Michael Nebel
4a5c9f0ec4 Merge pull request #17007 from michaelnebel/shared/neutralimplementation 
C#/Java/Go: Neutrals are split into separate classes.
 2024-08-12 13:58:12 +02:00
Anders Schack-Mulligen
f28f42bcba Merge pull request #17049 from aschackmull/dataflow/bugfix-flowfeature-sinkctx 
Dataflow: Fix bug causing spurious flow for FeatureHasSinkCallContext
 2024-08-12 13:29:42 +02:00
Chris Smowton
00efebe8b0 Add test for buildless fetching an executable war file 2024-08-09 12:32:43 +01:00
Chris Smowton
4de0d10dce Merge pull request #17111 from smowton/smowton/admin/gradle-classifier-test 
Java: Add test for Gradle fetching a jar with a classifier
 2024-08-08 17:50:50 +01:00
Alexander Eyers-Taylor
ffd811a55d Merge pull request #17182 from github/post-release-prep/codeql-cli-2.18.2 
Post-release preparation for codeql-cli-2.18.2
 2024-08-08 16:28:03 +01:00
Chris Smowton
84f3b7322e Add test for Gradle fetching a jar with a classifier 2024-08-08 15:49:11 +01:00