hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-08 00:24:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
78,044 Commits 1,731 Branches 164 Tags
e49fb839b8e3fa08555da5457599eb9a8216f663
Commit Graph

11675 Commits

Author SHA1 Message Date
Óscar San José
e49fb839b8 Update java/ql/integration-tests/java/buildless-inherit-trust-store/test.py 
Co-authored-by: Paolo Tranquilli <redsun82@github.com>
 2025-04-08 15:28:18 +02:00
Óscar San José
b5e1b25553 use sudo nice for running maven test server 2025-04-08 13:51:09 +02:00
Jonas Jensen
118abd40c9 Java: add exclude-from-incremental tag to telemetry queries 
In the future, this tag should signal to the action that the queries
should be excluded from incremental scans because they are too slow
and/or produce too many results.

The three queries tagged here rely on global data-flow analysis to find
all XSS sinks. All other metric and diagnostic queries are fast enough
for incrementality.
 2025-04-02 14:19:45 -07:00
Óscar San José
f4515515fe Merge pull request #19204 from github/oscarsj/migrate-builders-macos-15 
Run pytest server with `sudo` and higher `nice` value
 2025-04-02 16:59:11 +02:00
Chris Smowton
e865d07a70 Merge pull request #19187 from smowton/smowton/feature/jakarta-persistence 
Java: generalise `javax.persistence` models to also recognise `jakarta.persistence`.
 2025-04-02 15:56:29 +01:00
Óscar San José
18c901bee4 Merge branch 'main' into oscarsj/migrate-builders-macos-15 2025-04-02 16:11:58 +02:00
Chris Smowton
77e4d9e692 Fix stray references to the javax package name 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2025-04-02 10:03:49 +01:00
Anders Schack-Mulligen
47b1c3d3ce Merge pull request #19154 from aschackmull/ssa/variablecapture 
Ssa: Replace phi-read references in VariableCapture with default use-use flow
 2025-04-02 10:16:17 +02:00
Chris Smowton
3c555fce11 Add basic test for SQL injection vs Jakarta Persistence 2025-04-01 17:13:23 +01:00
Chris Smowton
5d37ccfa90 Change note 2025-04-01 16:51:29 +01:00
Chris Smowton
20839745bd Remove redundant import 2025-04-01 16:49:56 +01:00
Chris Smowton
50119ae481 Update docs 2025-04-01 16:20:06 +01:00
Chris Smowton
a5a6fd37df Enable recognising jakarta.persistence in dead-code queries 2025-04-01 16:19:42 +01:00
Chris Smowton
fb6296a564 Persistence models: recognise jakarta.persistence 2025-04-01 16:07:40 +01:00
Óscar San José
9b2eff88a6 restore original port 2025-04-01 15:17:52 +02:00
github-actions[bot]
10205cb990 Post-release preparation for codeql-cli-2.21.0 2025-04-01 11:30:43 +00:00
Óscar San José
81a39f380a Change niceness of test server 2025-04-01 12:48:00 +02:00
github-actions[bot]
84f6564cc0 Release preparation for version 2.21.0 2025-03-31 17:35:15 +00:00
Chris Smowton
d8f7f182a9 Change note 2025-03-31 13:36:23 +01:00
Chris Smowton
bc7bed42bd Java: add test exercising Gradle download pruning 2025-03-31 13:36:22 +01:00
Chris Smowton
31ccd658d2 Merge pull request #19152 from smowton/smowton/admin/test-mirrorof-rewriting 
Java buildless: add buildless-maven variant with a wildcard mirrorOf spec
 2025-03-31 12:14:08 +01:00
Anders Schack-Mulligen
56c46d74f9 Java/Rust/Swift: Accept qltest changes. 2025-03-31 11:44:37 +02:00
Anders Schack-Mulligen
e8e9403b4c Merge pull request #19093 from aschackmull/java/caching 
Java: Adjust caching of BasicBlocks, BaseSSA, and CompileTimeConstants
 2025-03-31 10:48:12 +02:00
Chris Smowton
d374b24d6f Java buildless: add buildless-maven variant with a wildcard mirrorOf spec 
This should get rewritten to exclude the buildless repository.
 2025-03-28 21:26:28 +00:00
Anders Schack-Mulligen
5a986f5327 SSA: Remove empty predicates and dead code. 2025-03-28 12:00:38 +01:00
Anders Schack-Mulligen
4c420c5bae Java: Switch from ssaDefAssigns/ssaDefInitializesParam to ssaDefHasSource. 2025-03-28 11:57:27 +01:00
Anders Schack-Mulligen
0c74f21107 Merge pull request #19044 from aschackmull/ssa/useuse-trim 
Ssa: Trim the use-use relation to skip irrelevant nodes
 2025-03-28 11:55:34 +01:00
Tamas Vajk
34e8318797 Rename the CCR query suite to code-quality 2025-03-27 08:36:53 +01:00
Tamás Vajk
b21968c495 Merge pull request #18947 from tamasvajk/tamasvajk/java_empty_method 
Java: Add new quality query to detect empty methods
 2025-03-26 09:33:47 +01:00
Anders Schack-Mulligen
d5d0274ce7 Java/SSA: Keep proper distinction between cached stages. 2025-03-25 13:43:55 +01:00
Anders Schack-Mulligen
f27e8199a1 Java: Accept test changes. 2025-03-25 12:31:04 +01:00
Anders Schack-Mulligen
7c82f51381 Java: Skip SSA definition nodes in data flow. 2025-03-25 12:31:01 +01:00
Anders Schack-Mulligen
dc0ca1ac18 Java: Fix TC magic in SystemProperty. 2025-03-24 13:31:23 +01:00
Tamás Vajk
a5fd2e923a Improve query documentation 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-03-24 11:03:43 +01:00
Anders Schack-Mulligen
3c6db09039 Java: Cache the other compiletimeconstant value predicates 2025-03-21 15:53:26 +01:00
Anders Schack-Mulligen
e75ed5a085 Java: Merge BaseSSA cached stages. 2025-03-21 15:45:50 +01:00
Nick Rolfe
361fbba39b Java: fix comma splice in alert message 2025-03-21 14:23:32 +00:00
Anders Schack-Mulligen
33135330fd Java: Merge cached stages for BasicBlocks. 2025-03-21 15:21:25 +01:00
mc
1f76793863 Merge branch 'main' into tamasvajk/java_empty_method 2025-03-21 10:01:10 +00:00
Chris Smowton
5892cdf456 Avoid CodeQL alert against integration test 
This doesn't really matter since it's a dummy test server, but it's simpler to fix than to dismiss.
 2025-03-20 15:49:21 +00:00
Tamas Vajk
9bdec217e4 Clean test files and add new test cases 2025-03-20 09:32:27 +01:00
Tamás Vajk
246c8276e0 Update java/ql/lib/semmle/code/java/UnitTests.qll 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2025-03-20 09:22:13 +01:00
Chris Smowton
9a2a13ed55 Merge remote-tracking branch 'origin/main' into smowton/admin/merge-rc317-into-main 2025-03-19 16:01:29 +00:00
Jami
2750d1d889 Merge pull request #18646 from jcogs33/jcogs33/java/directory-chars-path-sanitizer 
Java: path sanitizer for `replace`, `replaceAll`, and `matches`
 2025-03-18 13:26:01 -04:00
Chris Smowton
80d8018d3c Merge pull request #19054 from smowton/smowton/admin/java-change-notes 
Add change notes for recent Java changes
 2025-03-18 16:17:22 +00:00
Chris Smowton
b507a0d766 Add change notes for recent Java changes 2025-03-18 15:43:46 +00:00
Chris Smowton
834594fe98 Java: add integration test for failed Gradle download 2025-03-18 15:21:08 +00:00
Chris Smowton
025c2b82c4 Update test ref autobuilder using '-B' 2025-03-18 14:04:01 +00:00
Chris Smowton
ee82b00d31 Add tests checking the expected Maven version is fetched 2025-03-18 12:33:35 +00:00
Jami Cogswell
0d2e9ae469 Java: fix 'matches' false branch 2025-03-17 18:48:44 -04:00