10164 Commits

Author	SHA1	Message	Date
Stephan Brandauer	7c02a9b6ea	Merge pull request #13185 from github/fix-automodel-extraction-parameterName ... Java: Automodel Extraction Parameter Name Fix	2023-05-17 12:16:44 +02:00
Stephan Brandauer	a5ef738bb0	add extra parameters in query-messages	2023-05-17 08:37:18 +00:00
erik-krogh	480e71fd69	avoid contractions	2023-05-17 08:42:45 +02:00
Michael B. Gale	2d80302108	Use empty toolchains.xml for java-version-too-old	2023-05-16 16:54:19 +01:00
Stephan Brandauer	2cd8a879a5	use asParameter().getName() instead of toString() ... Co-authored-by: Taus <tausbn@github.com>	2023-05-16 17:28:02 +02:00
Stephan Brandauer	9845887452	automodel java fix: export method name as 'name' metadata parameter; export parameter name as 'parameterName' parameter	2023-05-16 15:07:14 +00:00
Michael B. Gale	9660b47879	Hide GHA variables in java-version-too-old test	2023-05-16 14:20:17 +01:00
Alvaro Muñoz	d17199a9e1	add gson models	2023-05-16 15:00:26 +02:00
Tony Torralba	770099f210	Merge branch 'main' into atorralba/java/promote-xxe-experimental-sinks	2023-05-16 09:49:34 +02:00
Tony Torralba	7d79d87d48	Add XPath.evaluate as XXE sink	2023-05-15 17:39:35 +02:00
erik-krogh	83ca1495e0	trim the whitespace in the poly-redos examples	2023-05-15 16:47:24 +02:00
erik-krogh	d989359656	add another example to the qhelp in poly-redos, showing how to just limit the length of the input	2023-05-15 16:47:02 +02:00
Ian Lynagh	202037e925	Merge pull request #13148 from igfoo/igfoo/arrays ... Kotlin: Add some documentation on arrays, and tweak the tests we use for them	2023-05-12 18:52:16 +01:00
Tony Torralba	549fa7e288	Java: make inputStreamWrapper only act on constructors from outside of source	2023-05-12 17:47:56 +02:00
Ian Lynagh	826e87f435	Kotlin: Simplify some array tests	2023-05-12 12:54:08 +01:00
Ian Lynagh	ad51767374	Kotlin: Add comment describing Kotlin array predicates	2023-05-12 12:38:05 +01:00
Kasper Svendsen	d40cd0f275	Java: Make implicit this receivers explicit	2023-05-12 12:47:21 +02:00
Tony Torralba	a48fa652ce	Java: Add SQLi sinks for Spring JDBC	2023-05-12 10:57:49 +02:00
github-actions[bot]	996d864e73	Add changed framework coverage reports	2023-05-12 00:15:01 +00:00
Ian Lynagh	4885e584a0	Merge pull request #13042 from igfoo/igfoo/ODASA_JAVA_LAYOUT ... Kotlin: Remove ODASA_JAVA_LAYOUT support	2023-05-11 18:35:08 +01:00
Stephan Brandauer	510febf46d	Merge pull request #12830 from github/kaeluka/parameter-candidate-extraction ... Java: Automodel Framework Mode Extraction Queries	2023-05-11 18:00:55 +02:00
Anders Schack-Mulligen	82e780d175	Merge pull request #13128 from aschackmull/java/externalapi-jar ... Java: Fix ExternalApi.jarContainer().	2023-05-11 16:31:05 +02:00
Stephan Brandauer	c31ad01579	squash ql-for-ql warnings	2023-05-11 16:18:52 +02:00
Stephan Brandauer	61b0514b53	Merge pull request #13122 from github/java/update-mad-decls-after-triage-2023-05-11T08-52-07 ... Java: Update MaD Declarations after Triage	2023-05-11 16:04:36 +02:00
Tony Torralba	ca6ae26aad	Change provenance to ai-manual	2023-05-11 14:56:16 +02:00
Tony Torralba	c17b0e809f	Apply suggestions from code review	2023-05-11 14:53:56 +02:00
Anders Schack-Mulligen	587ee53917	Java: Fix ExternalApi.jarContainer().	2023-05-11 14:09:27 +02:00
Ian Lynagh	712561ffa2	Kotlin: Fix recommended variable names in error messages	2023-05-11 13:02:35 +01:00
Stephan Brandauer	9b35a9f74a	Update java/ql/lib/ext/org.apache.hadoop.fs.model.yml ... Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2023-05-11 14:01:25 +02:00
Ian Lynagh	e7d1782eea	Merge pull request #13088 from igfoo/igfoo/getTypeParameterParentLabel ... Kotlin: Small simplification	2023-05-11 11:59:06 +01:00
Ian Lynagh	07808867cc	Merge pull request #13086 from igfoo/igfoo/double_return ... Kotlin: Remove some redundant return statments	2023-05-11 11:58:58 +01:00
Stephan Brandauer	e15610cfcd	use ascii dash	2023-05-11 11:32:05 +02:00
Stephan Brandauer	b0ec089a3a	Update MaD Declarations after Triage	2023-05-11 10:52:09 +02:00
github-actions[bot]	7da6bb6e24	Add changed framework coverage reports	2023-05-11 00:15:11 +00:00
Tony Torralba	aa14105e1c	Don't use the reflexive transitive closure, so that the predicate becomes a little more efficient	2023-05-10 16:45:07 +02:00
Tony Torralba	e1f868b976	Merge pull request #12965 from atorralba/atorralba/java/apache-commons-net-models ... Java: Add manual models for `org.apache.commons.net`	2023-05-10 16:28:19 +02:00
Stephan Brandauer	f3d096cf37	update DollarAtString class to use hasLocationInfo instead of getURL	2023-05-10 15:02:22 +02:00
Stephan Brandauer	79f2beca2a	ql-for-ql	2023-05-10 14:04:29 +02:00
Stephan Brandauer	cd388264d3	use new DollarAtString class to return metadata using notation	2023-05-10 13:44:50 +02:00
Stephan Brandauer	6be11d93bd	document FrameworkCandidatesImpl	2023-05-10 12:03:32 +02:00
Stephan Brandauer	d2d884b007	special case for Argument[this]	2023-05-10 11:53:40 +02:00
Stephan Brandauer	7ae6a992b6	fix code compilation error after main branch breaking change	2023-05-10 11:29:49 +02:00
Stephan Brandauer	9ed3c248ad	Merge branch 'main' into kaeluka/parameter-candidate-extraction	2023-05-10 11:26:49 +02:00
Stephan Brandauer	1e5c9e8a58	simplify by using hasQualifiedName	2023-05-10 10:49:27 +02:00
Tony Torralba	3f8a56722f	Remove auto-generated models	2023-05-10 10:35:34 +02:00
Stephan Brandauer	f43edb8046	rename query files to make framework mode explicit	2023-05-10 10:30:58 +02:00
Stephan Brandauer	170e895593	use newtype for related location type	2023-05-10 10:28:14 +02:00
Tony Torralba	9839eb1fd2	Update java/ql/lib/change-notes/2023-05-02-apache-commons-net-models.md ... Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>	2023-05-10 10:15:55 +02:00
Stephan Brandauer	5dab1b2a3b	leftover renaming label->kind	2023-05-10 10:01:39 +02:00
Stephan Brandauer	1f60fd6d58	use specialized getAParameter predicate, instead of getParameter(_)	2023-05-10 10:01:04 +02:00