hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 16:47:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
69,366 Commits 1,759 Branches 168 Tags
db46ca0bbf4a3d356f7e15e127261d35e47df185
Commit Graph

3939 Commits

Author SHA1 Message Date
Dilan
0550ff1040 Merge tag 'codeql-cli/latest' 
Compatible with the latest released version of the CodeQL CLI
 2024-08-13 14:59:34 +00:00
github-actions[bot]
019da8c287 Release preparation for version 2.18.2 2024-08-07 14:02:38 +00:00
Alexander Eyers-Taylor
46577b585e Revert "Release preparation for version 2.18.2" 2024-08-07 14:24:37 +01:00
github-actions[bot]
c14ba0e4bd Release preparation for version 2.18.2 2024-08-06 12:46:15 +00:00
Chris Smowton
95e504a5ff Merge branch 'main' into am0o0-java-PathInjection 2024-08-05 11:41:25 +01:00
Dilan Bhalla
ed8ada30e8 apply Mathias patch 2024-08-02 15:45:35 -07:00
Chris Smowton
be945f14f6 Merge pull request #17135 from github/smowton/admin/build-mode-none-ga 
Announce Java build-mode: none GA
 2024-08-02 12:05:39 +01:00
Anders Schack-Mulligen
4d023f14a6 Merge pull request #17075 from RobbingDaHood/17052-second-try-do-not-expose-error-message 
Java: 17052 Second try: do not expose error message
 2024-08-02 12:44:27 +02:00
Chris Smowton
c299d8ddc1 Move change note to lib directory 2024-08-02 11:22:10 +01:00
Dilan Bhalla
73ee8ef664 2.18.1 merge conflict 2024-07-31 14:53:08 -07:00
Dilan Bhalla
db6fb7b5a3 2.18.1 merge 2024-07-31 14:52:51 -07:00
Jami
4fb29c4473 Merge branch 'main' into jcogs33/java/add-apache-ant-path-inj-sinks 2024-07-31 08:15:07 -04:00
Owen Mansel-Chan
e259b25428 Add "tokenizer" to sensitive variable name FPs 2024-07-30 15:38:32 +01:00
Owen Mansel-Chan
0704946324 Factor out matching sensitive variable name FPs 2024-07-30 15:37:54 +01:00
Anders Schack-Mulligen
5073f4f7dd Merge pull request #17096 from aschackmull/java/pp-experimental-models 
Java: Pretty-print experimental models for qltest.
 2024-07-30 13:31:15 +02:00
Anders Schack-Mulligen
da5250d3a7 Java: Pretty-print experimental models for qltest. 2024-07-30 11:43:44 +02:00
Ian Lynagh
1530037eae Merge pull request #17071 from igfoo/igfoo/dep_env 
Java/Kotlin: Remove support for deprecated SOURCE_ARCHIVE and TRAP_FOLDER
 2024-07-29 14:55:50 +01:00
Jami
0ba5a74f6a Merge pull request #17074 from jcogs33/jcogs33/java/fix-regex-use-comments 
Java: fix comments about use of sink kind `regex-use`
 2024-07-26 08:57:39 -04:00
Jami
ff9093f2de Merge branch 'main' into jcogs33/java/add-apache-ant-path-inj-sinks 2024-07-26 08:54:27 -04:00
RobbingDaHood
feb31d2006 Merge branch 'main' into 17052-second-try-do-not-expose-error-message 2024-07-25 18:13:49 +02:00
Daniel Winther Petersen
1c1ba7734f Now alerts about exposing exception.getMessage() in servlet responses are split out of java/stack-trace-exposure into its own alert java/error-message-exposure because this is a better fit. 2024-07-25 18:12:45 +02:00
Jami
91f5f086fb Merge pull request #17025 from jcogs33/jcogs33/java/adjust-url-syntheticfield 
Java: add TaintInheritingContent for URL synthetic fields
 2024-07-25 12:11:39 -04:00
Jami Cogswell
eea3e82cca Java: fix 'regex-use' comments 2024-07-25 10:39:03 -04:00
Anders Schack-Mulligen
c693f03462 Merge pull request #17070 from aschackmull/dataflow/pptype-refactor 
Dataflow: Replace `ppReprType` with `DataFlowType.toString`.
 2024-07-25 14:30:08 +02:00
Ian Lynagh
225d2915e5 Java/Kotlin: Add changenote for dropping SOURCE_ARCHIVE/TRAP_FOLDER 2024-07-25 12:48:55 +01:00
Anders Schack-Mulligen
7a48fe1102 Dataflow: Replace ppReprType with DataFlowType.toString. 2024-07-25 13:08:47 +02:00
Owen Mansel-Chan
5a39610ba7 Merge pull request #17053 from owen-mc/java/fix/regex-use-sink-kind 
Java: Add comments about use of sink kind `regex-use`
 2024-07-24 21:08:52 +01:00
Jami Cogswell
5854e88f63 Java: add change note 2024-07-24 16:00:38 -04:00
Owen Mansel-Chan
3edeb82d5b Add comment by models using regex-use sink kind 2024-07-23 21:40:45 +01:00
Owen Mansel-Chan
89f958105a Mention regex-use sink kind in QLDoc for regexSinkKindInfo 2024-07-23 21:38:30 +01:00
Owen Mansel-Chan
4c8da54b64 Merge pull request #17036 from chmodxxx/sbaddou/fix 
Java: Move SensitiveLoggerConfig source to extensible format
 2024-07-23 14:55:26 +01:00
Chuan-kai Lin
67dac96e80 Merge pull request #17041 from github/post-release-prep/codeql-cli-2.18.1 
Post-release preparation for codeql-cli-2.18.1
 2024-07-23 06:48:30 -07:00
Salah Baddou
4f80ae2190 Merge branch 'main' into sbaddou/fix 2024-07-23 12:03:13 +01:00
Owen Mansel-Chan
ff8bb2b1f8 Merge pull request #16760 from owen-mc/java/reverse-dns-separate-threat-model-kind 
Java: make a separate threat model kind for reverse DNS sources
 2024-07-23 10:08:52 +01:00
Anders Schack-Mulligen
b5b9c4d931 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
Java: Make class private
 2024-07-23 10:07:51 +02:00
Anders Schack-Mulligen
bb86a07a93 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
fix typo
 2024-07-23 10:03:07 +02:00
Anders Schack-Mulligen
5912a17ab4 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
Autoformat
 2024-07-23 10:01:49 +02:00
github-actions[bot]
49cc8f8ff8 Post-release preparation for codeql-cli-2.18.1 2024-07-22 22:00:48 +00:00
Chuan-kai Lin
a5fe3f4d9c Minor changelog improvements 2024-07-22 14:34:56 -07:00
github-actions[bot]
368bcb684a Release preparation for version 2.18.1 2024-07-22 21:30:50 +00:00
Chuan-kai Lin
23320b6e5e Revert "Release preparation for version 2.18.1" 2024-07-22 13:22:49 -07:00
Chuan-kai Lin
cda4339056 Minor changelog improvements 2024-07-22 09:42:31 -07:00
Salah Baddou
2ad70cbee2 Move SensitiveLoggerConfig source to extensible format 2024-07-22 17:34:00 +01:00
github-actions[bot]
55935fc123 Release preparation for version 2.18.1 2024-07-22 14:56:15 +00:00
Jami Cogswell
4790656b79 Java: add TaintInheritingContent for URL synthetic fields 2024-07-20 23:03:32 -04:00
Jami Cogswell
d6d2a213e7 Java: add change note 2024-07-19 18:19:37 -04:00
Jami Cogswell
f3e5b55cc4 Java: add path injection sinks for Property.setFile and Property.setResource 2024-07-19 18:04:17 -04:00
Ed Minnix
0990a370c7 Convert QL classes for Lastaflute to MaD 2024-07-18 17:41:06 -04:00
Ed Minnix
9713551448 Missing QLDoc 2024-07-18 17:41:05 -04:00
Ed Minnix
4fa45bb81c Change note 2024-07-18 17:41:03 -04:00