hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,556 Commits 1,673 Branches 157 Tags
db2eb202ee90681f48929c4d2ee8f59d5ef26ba5
Commit Graph

10167 Commits

Author SHA1 Message Date
Tony Torralba
db2eb202ee Merge pull request #15565 from atorralba/atorralba/java/open-redirect-sanitizer 
Java: Add extension point and default sanitizer to Open Redirect query
 2024-02-12 14:42:52 +01:00
Ian Lynagh
931b27f76c Merge pull request #15573 from igfoo/igfoo/k2-more 
Kotlin 2: Accept loc changes in library-tests/parameter-defaults/defaults.expected
 2024-02-12 13:29:19 +00:00
Ian Lynagh
a7eac1100b Merge pull request #15569 from igfoo/igfoo/kt2-accept 
Kotlin 2: Accept more location changes
 2024-02-12 13:29:10 +00:00
Tony Torralba
cf7091ae5f Merge branch 'main' into atorralba/java/open-redirect-sanitizer 2024-02-12 10:31:52 +01:00
Ian Lynagh
ab758d5f1e Kotlin 2: Accept loc changes in library-tests/parameter-defaults/defaults.expected 2024-02-09 13:53:05 +00:00
Tom Hvitved
1ea7717714 Capture flow: Take overwrites in nested scopes into account 2024-02-09 14:49:23 +01:00
Ian Lynagh
0547c877c2 Kotlin 2: Accept some location changes in library-tests/methods/exprs.expected 2024-02-09 13:34:56 +00:00
Ian Lynagh
be4413ffc8 Kotlin 2: Accept changes in library-tests/methods/parameters.expected 
These mostly make things consistent with Kotlin 1.
 2024-02-09 13:19:26 +00:00
Ian Lynagh
b836260b9a Kotlin 2: Accept some test changes 
I'm not sure these are an improvement, but they bring Kotlin 2 back in
line with Kotlin 1.
 2024-02-09 13:15:02 +00:00
Anders Schack-Mulligen
566351a49a Merge pull request #15549 from aschackmull/dataflow/empty-provenance 
Dataflow: Add empty provenance column to PathGraph.
 2024-02-09 12:58:09 +01:00
Ian Lynagh
1b91695934 Kotlin 2: Accept some location changes in library-tests/methods 2024-02-09 11:57:23 +00:00
Max Schaefer
93990ec9df Merge pull request #15486 from github/java/update-mad-decls-after-triage-2024-01-31T11-16-45 
Java: Update MaD Declarations after Triage
 2024-02-09 11:18:17 +00:00
Anders Schack-Mulligen
0eaf117f37 Kotlin: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Anders Schack-Mulligen
e9e445b2ba Java: Add empty provenance column to expected files. 2024-02-09 11:32:00 +01:00
Anders Schack-Mulligen
b7d4a6926f Dataflow: Add empty provenance column to PathGraph. 2024-02-09 11:27:30 +01:00
Tony Torralba
4c0d535cc2 Merge pull request #12886 from atorralba/atorralba/java/path-injection-mad-sinks 
Java: Refactor path injection sinks
 2024-02-09 10:48:49 +01:00
Max Schaefer
fb109672b3 Address more review feedback. 2024-02-09 09:21:30 +00:00
Tony Torralba
34f74869c8 Java: Add extension point and default sanitizer to Open Redirect query 2024-02-09 09:11:07 +01:00
Dave Bartolomeo
92bd550c55 Merge pull request #15531 from github/post-release-prep/codeql-cli-2.16.2 
Post-release preparation for codeql-cli-2.16.2
 2024-02-08 05:58:17 -08:00
Ian Lynagh
e0a5efef0a Merge pull request #15544 from igfoo/igfoo/k2tests 
Kotlin 2: Some test fixes
 2024-02-08 12:57:58 +00:00
Ian Lynagh
ef8e6c8805 Kotlin 2: Accept loc changes in library-tests/exprs/funcExprs.expected 2024-02-07 16:40:40 +00:00
Ian Lynagh
8a93133b81 Kotlin 2: Accept loc changes in library-tests/exprs/unaryOp.expected 2024-02-07 16:21:49 +00:00
Ian Lynagh
c314cc8b68 Kotlin 2: Accept some location changes in library-tests/exprs/binop.expected 2024-02-07 15:56:10 +00:00
Ian Lynagh
c731251e61 Kotlin 2: Remove an unused diagnostic matcher in library-tests/dataflow/func 2024-02-07 15:32:04 +00:00
Ian Lynagh
3d1f9a79fb Kotlin 2: Accept location changes in test-kotlin2/library-tests/data-classes 2024-02-07 15:17:40 +00:00
Ian Lynagh
1c6108028b Kotlin 2: Accept some location changes for arrays 2024-02-07 15:12:17 +00:00
Max Schaefer
082754a3d8 Remove problematic Kotlin model. 2024-02-07 13:21:59 +00:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
Erik Krogh Kristensen
879d882fa4 Java: fix typo in JndiInjection.qhelp 2024-02-06 15:17:30 +01:00
Max Schaefer
705a377060 Address review comments. 2024-02-06 12:54:29 +00:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Joe Farebrother
525f27173d Merge pull request #15396 from joefarebrother/android-sensitive-ui-text 
Java: Add query for sensitive data exposed in text fields
 2024-02-05 15:47:03 +00:00
Joe Farebrother
3878192810 Apply suggestions from documentation review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-02-02 17:21:23 +00:00
Ian Lynagh
643817e74e Merge pull request #15477 from igfoo/igfoo/kot_path_trans 
Kotlin: Add path transformer support
 2024-02-02 15:34:14 +00:00
Max Schaefer
21c0422dc7 Merge pull request #15499 from github/max-schaefer/automodel-functional-interface-expr 
Automodel: Do not consider `@FunctionalInterface`-typed expressions as candidates.
 2024-02-02 14:28:41 +00:00
Anders Schack-Mulligen
49b00f3842 Java: Remove two redundant models implied by CharSequence models. 2024-02-02 13:17:26 +01:00
Max Schaefer
e47b021050 Do not consider expressions as candidates whose type is annotated with @FunctionalInterface. 2024-02-01 11:04:14 +00:00
Max Schaefer
ab6cea14c8 Fix missing quotes. 2024-01-31 11:49:25 +00:00
Joe Farebrother
9130603334 Address reviews - use SimpleTypeSanitizer and alter qldoc style 2024-01-31 11:31:25 +00:00
Max Schaefer
6c6f402fa5 Merge branch 'main' into java/update-mad-decls-after-triage-2024-01-31T11-16-45 2024-01-31 11:29:33 +00:00
Max Schaefer
ad8038bade Update MaD Declarations after Triage 2024-01-31 11:28:10 +00:00
Ian Lynagh
2eb9b61412 Kotlin: Add a test for path transformers 2024-01-30 17:40:43 +00:00
Tony Torralba
e2bf9ea2eb Consider File.exists() et al a path-injection sink 2024-01-30 14:51:36 +01:00
Joe Farebrother
460ffc89b2 Add additional test cases 2024-01-29 22:43:28 +00:00
Joe Farebrother
3abd67064d Add change note 2024-01-29 16:33:07 +00:00
Joe Farebrother
94075ef148 Fix FPs - consider flow through fields when determining whether a view is masked, and find more instances of findViewById. 2024-01-29 16:25:38 +00:00
Joe Farebrother
8d201626e1 Add documentation 2024-01-29 16:25:38 +00:00
Joe Farebrother
aa78050933 Implement checks for elements hidden by their xml attributes 2024-01-29 16:25:38 +00:00
Joe Farebrother
6081f18089 Add unit tests + make some fixes 2024-01-29 16:25:37 +00:00
Joe Farebrother
8582093e65 Implement checks for parent views being hidden 2024-01-29 16:25:37 +00:00