hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 04:06:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,315 Commits 1,672 Branches 157 Tags
e1a5eba61b8558f55f230d6969027fb33acb51b2
Commit Graph

10164 Commits

Author SHA1 Message Date
Chris Smowton
5e023bf619 Remove no-longer-applicable diagnostic matches 
These resulted from the Java compiler exploring NotNull and other Kotlin-emitted annotations, which it no longer does because it finds a .class trap file already present and truncates its class-graph walk
 2022-12-06 18:35:04 +00:00
Chris Smowton
82f3c2f6d5 Mark the Companion field as static 2022-12-06 18:35:04 +00:00
Chris Smowton
d9dc8e38f9 Fix binary names for classes declared from source 
Only top-level non-class declarations need the IrFile's expected class name inserting
 2022-12-06 18:35:04 +00:00
Chris Smowton
910a1f872d Adjust opt-in required to use string-manipulation functions in Kotlin <= 1.5 2022-12-06 18:35:04 +00:00
Chris Smowton
540a2a623e Don't create stub trap files for anonymous or local classes, or unexpected kinds of top-level declaration 2022-12-06 18:35:04 +00:00
Chris Smowton
08e3431107 Also stub class files relating to file classes and top-level declarations 2022-12-06 18:35:04 +00:00
Chris Smowton
748637c2d8 Tidy and use version 0 for classes extracted from source 2022-12-06 18:35:03 +00:00
Chris Smowton
e34d72aee9 Kotlin: stub trap .class files when extracting a class from Kotlin source 2022-12-06 18:35:03 +00:00
retanoj
b0c86d8e51 change string match to regex match 2022-12-06 21:50:09 +08:00
Michael Nebel
8e4190d84a Merge pull request #11516 from michaelnebel/java/externalflowcleanup 
Java: Cleanup imports of `ExternalFlow`
 2022-12-06 14:26:39 +01:00
Anders Schack-Mulligen
b579e2e7ed Merge pull request #11493 from aschackmull/java/scc-equivrel 
Java: Replace ad-hoc SCC reduction with union-find.
 2022-12-06 14:02:46 +01:00
retanoj
2bbd37f9ab change code snippet to or condition 2022-12-06 19:27:29 +08:00
retanoj
de652e1e27 expected 2022-12-06 18:09:48 +08:00
Chris Smowton
3b5b121aeb Merge pull request #11553 from smowton/smowton/fix/kotlin-synthetic-noarg-constructor 
Kotlin: Extract a no-arg constuctor whenever a Kotlin class has default values for all parameters
 2022-12-06 10:07:31 +00:00
retanoj
fb8559f03a tiny fix function name 2022-12-06 18:03:00 +08:00
retanoj
82d0551215 Merge branch 'main' into MybatisSqli 2022-12-06 17:19:30 +08:00
retanoj
d2140eb4b1 MyBatisAnnotationSqlInjection no @Param case 2022-12-06 17:07:49 +08:00
Tom Hvitved
b5e2e1e469 Merge pull request #11564 from hvitved/dataflow/parameter-position-consistency-checks 
Data flow: Add consistency checks for parameter positions
 2022-12-06 09:33:36 +01:00
Michael Nebel
cd5c0bec33 Merge pull request #11527 from michaelnebel/java/regeneratemodels 
Java/C#: Delete old model generator scripts and update Java model re-generator script.
 2022-12-06 09:24:13 +01:00
Henry Mercer
2627632a41 Java: Fix duplicate IDs 2022-12-05 19:06:03 +00:00
Chris Smowton
407e4cdd07 Don't create a default constructor for annotations, or classes that explicitly declare a no-arg constructor. 2022-12-05 16:17:51 +00:00
Chris Smowton
8897f5bccc Merge pull request #11552 from smowton/smowton/fix/kotlin-toplevel-internal-names 
Kotlin: Don't add name mangling to top-level internal functions
 2022-12-05 15:36:52 +00:00
Michael Nebel
fca249a62e Java: Address review comments. 2022-12-05 14:44:52 +01:00
Tony Torralba
8422df1c43 Add change note 2022-12-05 13:35:54 +01:00
Tom Hvitved
52f3a48638 Data flow: Sync files 2022-12-05 12:57:27 +01:00
Mauro Baluda
7c4b76b08b Update InsecureCookie.ql 2022-12-05 12:55:53 +01:00
Tom Hvitved
faca4b5b56 Merge pull request #11461 from hvitved/ruby/unique-hash-splat-param 
Ruby: At most one hash-splat `ParameterNode` per callable
 2022-12-05 11:53:28 +01:00
Tony Torralba
47d61e0b4d Add test for File.startsWith 2022-12-05 11:52:50 +01:00
Tony Torralba
71a6b09bad Minor syntax change in tests 2022-12-05 11:52:02 +01:00
Michael Nebel
a9ba964be4 Java: Update the Java model re-generate script. 2022-12-05 11:39:44 +01:00
Michael Nebel
243b94b54a Java/C#: Delete old model generator scripts and rename the new ones. 2022-12-05 11:39:44 +01:00
Mauro Baluda
16d7dc0853 Restrict DF configuration 2022-12-05 11:02:19 +01:00
Tony Torralba
8fb5c37ba8 Add change note 2022-12-05 11:00:57 +01:00
Tony Torralba
995b7327fe Add missing QLDoc 2022-12-05 11:00:57 +01:00
Tony Torralba
21b51b48eb Adapt PathSanitizer to Kotlin 2022-12-05 11:00:57 +01:00
Michael Nebel
6e486d4347 Re-arrange imports. 2022-12-05 09:49:38 +01:00
Michael Nebel
5c8ef15d6f Java: Add bi-directional imports of some abstract class extensions. 2022-12-05 09:49:38 +01:00
Michael Nebel
65f242cabe Java: Delete import of framework related files in ExternalFlow. 2022-12-05 09:49:38 +01:00
Michael Nebel
4c7cdc6245 Java: Remove unneeded imports of ExternalFlow.qll. 2022-12-05 09:49:38 +01:00
Chris Smowton
ff4baf096f Don't add name mangling to top-level internal functions 
Turns out kotlinc only adds this sort of name mangling to class member functions
 2022-12-02 20:16:19 +00:00
Chris Smowton
1c0494ec53 Extract a no-arg constuctor whenever a Kotlin class has default values for all parameters 2022-12-02 20:07:43 +00:00
Ed Minnix
7c4bd509a7 Java: add AssetLoader example to WebView file access documentation 2022-12-02 14:43:52 -05:00
Jami
edfcc0cd6d Merge pull request #11487 from jcogs33/jcogs33/supportedexternalapis-telemetry-query 
Java/C#: add SupportedExternalApis telemetry query
 2022-12-02 13:27:51 -05:00
Mauro Baluda
04f1fe523a Update Test.java 2022-12-02 18:01:10 +01:00
Mauro Baluda
f3f8f35069 Update InsecureCookie.ql 
Support interprocedural setting of cookie security
 2022-12-02 17:37:23 +01:00
Edward Minnix III
55090ecb65 Java: Typos and minor fixes 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2022-12-02 09:17:41 -05:00
Michael Nebel
bb716ddb80 Merge pull request #11499 from michaelnebel/java/kotlinstd 
Kotlin: Migrate standard library models to data extensions.
 2022-12-02 14:44:50 +01:00
Chris Smowton
fef03a0806 Merge pull request #11540 from github/smowton/fix/path-injection-example-syntax-error 
Java: fix syntax error in path-injection example fix
 2022-12-02 11:47:53 +00:00
github-actions[bot]
5e35785fd0 Post-release preparation for codeql-cli-2.11.5 2022-12-02 11:37:44 +00:00
Michael Nebel
309807796c Java: Deprecate ModelCsv classes. 2022-12-02 12:20:22 +01:00