codeql

mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00

Author	SHA1	Message	Date
lcartey@github.com	1d1234093f	Java: Model Spring @ResponseBody methods.	2020-06-16 09:50:33 +01:00
lcartey@github.com	fd2cd6025d	Java: Modelling of the Spring HTTP classes.	2020-06-16 09:50:33 +01:00
lcartey@github.com	bfcc06dd0b	Java: Improve Spring controller modelling - Identify ModelMaps correctly - Add extra not tainted param types (Pageable) - Identify ModelAttributes	2020-06-16 09:50:33 +01:00
lcartey@github.com	7c4251deac	Java: Add flow out of Map and List	2020-06-16 09:50:32 +01:00
lcartey@github.com	6de2b93f3a	Java: Add SpringWebRequest to RemoteTaintedMethod	2020-06-16 09:50:32 +01:00
lcartey@github.com	4300bc8088	Java: Update RemoteFlowSource to use improve Spring request parameter mapping.	2020-06-16 09:50:31 +01:00
lcartey@github.com	f5dc0337ed	Java: Improve modelling of Spring request methods - Recognise @<httpverb>Mapping as well as @RequestMapping. - Identify tainted/not tainted parameters of RequestMapping methods.	2020-06-16 09:50:31 +01:00
Anders Schack-Mulligen	421a548e42	Update java/ql/src/semmle/code/java/Expr.qll	2020-06-12 09:24:37 +02:00
intrigus-lgtm	422b059aec	Fix typo	2020-06-11 22:54:13 +02:00
Anders Schack-Mulligen	c961a31789	Java: Add Expr.getAnEnclosingStmt.	2020-06-11 13:46:12 +02:00
Anders Schack-Mulligen	f23eb0432e	Java: Improve qldoc for JavadocTag.	2020-06-11 11:44:50 +02:00
semmle-qlci	1b8f3c4b84	Merge pull request #3657 from hvitved/dataflow/hidden-nodes Approved by aschackmull, jbj	2020-06-10 13:22:09 +01:00
Anders Schack-Mulligen	c334d72f11	Java: Fix CompileTimeConstantExpr qldoc and add char cast case.	2020-06-10 10:59:10 +02:00
Tom Hvitved	a371205db1	Data flow: Sync files	2020-06-09 13:55:12 +02:00
Tom Hvitved	8c9f85d04f	Data flow: Allow nodes to be hidden from path explanations	2020-06-09 13:53:19 +02:00
Anders Schack-Mulligen	ad8647f345	Merge pull request #3547 from pwntester/issue_3139 add support for java.io.StringWriter	2020-06-08 10:02:23 +02:00
Anders Schack-Mulligen	be862280b2	Update java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll Fix trailing whitespace	2020-06-08 09:18:39 +02:00
Anders Schack-Mulligen	8d6e39eb18	Java: Add instanceof type bounds for ArrayAccess.	2020-06-03 09:42:37 +02:00
yo-h	1fea545160	Merge pull request #3573 from aschackmull/java/private-interface-methods Java: Fix for private interface methods.	2020-05-28 20:31:55 -04:00
yo-h	c2de08ca51	Merge pull request #3499 from aschackmull/java/instanceof-pattern-cfg Java: Add CFG edges for Java 14 pattern-matching instanceof.	2020-05-28 20:24:39 -04:00
Anders Schack-Mulligen	a858a8cd42	Java: Fix for private interface methods.	2020-05-27 11:05:41 +02:00
Anders Schack-Mulligen	796eac108f	Java: Autoformat	2020-05-27 09:19:59 +02:00
Jonas Jensen	5deeda0337	Merge pull request #3387 from geoffw0/tostringperf C++: Eliminate recursion from toString().	2020-05-26 13:24:43 +02:00
Jonas Jensen	3d58e6f7af	Merge pull request #3515 from hvitved/dataflow/remove-deprecated Data flow: Remove deprecated predicates	2020-05-25 15:08:28 +02:00
Alvaro Muñoz	0b20785cce	add support for java.io.StringWriter	2020-05-22 18:13:28 +02:00
Tom Hvitved	431403f5db	Data flow: Remove deprecated predicates	2020-05-19 15:42:59 +02:00
Anders Schack-Mulligen	9d7329de30	Java: Clean up deprecated overrides.	2020-05-19 10:41:41 +02:00
Anders Schack-Mulligen	bd114db862	Java: Add cfg edges for instanceof-pattern.	2020-05-18 09:49:32 +02:00
yo-h	4f00e40257	Merge pull request #3474 from aschackmull/java/string-formatted Java: Add taint steps for String.formatted.	2020-05-15 22:04:36 -04:00
yo-h	69ab158910	Merge pull request #3473 from aschackmull/java/switchexpr Java: Extend library support for switch expressions.	2020-05-15 20:46:37 -04:00
Tom Hvitved	cd9538d0d9	Merge remote-tracking branch 'upstream/master' into dataflow/precise-field-types	2020-05-15 15:24:05 +02:00
Anders Schack-Mulligen	1838a7455a	Java: Add taint steps for String.formatted.	2020-05-14 16:17:03 +02:00
Tom Hvitved	e608c53c3f	Java: Follow-up changes	2020-05-14 15:58:50 +02:00
Tom Hvitved	aa83cc1472	Data flow: Sync files	2020-05-14 15:58:50 +02:00
Anders Schack-Mulligen	0aad24e6db	Java: Extend library support for switch expressions.	2020-05-14 15:40:26 +02:00
yo-h	a884538238	Update java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2020-05-12 14:14:26 -04:00
yo-h	facd429d0a	Update java/ql/src/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2020-05-12 14:14:14 -04:00
yo-h	1d55dffb98	Java: add missing QLDoc for `J2ObjC.qll`	2020-05-11 20:01:48 -04:00
yo-h	c55d01318c	Java: add missing QLDoc for `JavaServerFaces.qll` and `JSFAnnotations.qll`	2020-05-11 20:01:48 -04:00
yo-h	6c8a016ca6	Java: add missing QLDoc for `JacksonSerializability.qll`	2020-05-11 20:01:45 -04:00
yo-h	45b502a82f	Java: add missing QLDoc for `GWT.qll`, `GwtUiBinder.qll`, `GwtXml.qll`	2020-05-11 20:01:45 -04:00
yo-h	6e64f3dd05	Java: add missing QLDoc for `JavaxAnnotations.qll`	2020-05-11 20:01:44 -04:00
yo-h	537c657b19	Java: add missing QLDoc for `EJBRestrictions.qll`	2020-05-11 20:01:44 -04:00
yo-h	4594b51dfc	Java: add missing QLDoc for `EJB.qll`	2020-05-11 20:01:43 -04:00
yo-h	3a82090087	Java: add missing QLDoc for `EJBJarXML.qll`	2020-05-11 20:01:42 -04:00
yo-h	8fe093c854	Java: add missing QLDoc for `PersistenceXML.qll`	2020-05-11 20:01:42 -04:00
yo-h	5b962c1add	Java: add missing QLDoc for `Persistence.qll`	2020-05-11 20:01:42 -04:00
yo-h	c54f8d8128	Merge pull request #3383 from aschackmull/java/printast Java: Library for pretty-printing AST in linear time.	2020-05-08 13:01:39 -04:00
Anders Schack-Mulligen	2561ba82db	Merge pull request #3215 from aibaars/validating-object-input Java: teach UnsafeDeserialization about ValidatingObjectInputStream	2020-05-07 14:57:50 +02:00
Anders Schack-Mulligen	f7410739d9	Java: Fix bug in qldoc.	2020-05-06 14:06:49 +02:00

... 6 7 8 9 10 ...

781 Commits