hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
42,482 Commits 1,673 Branches 157 Tags
e6a1b1fab9400eca1722709116fecf19cc8de7ee
Commit Graph

6823 Commits

Author SHA1 Message Date
Edward Minnix III
e6a1b1fab9 Rename allowBackup query id 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-08-24 15:54:13 -04:00
Ed Minnix
de36372d1c Refactor android:backupAllowed query 
Refactor the query to check for the nonexistence of the
`android:allowBackup` attribute being set to false.

The default value is true, so we need to check for it being explicitly
marked false.
 2022-08-24 15:54:13 -04:00
Ed Minnix
a036639ecd Added change notes 2022-08-24 15:54:13 -04:00
Ed Minnix
dad4a403db Add support for android:allowBackup default value 
The default value of `android:allowBackup` is `true`. Added support for
detecting if the default value is used.
 2022-08-24 15:54:13 -04:00
Ed Minnix
6509426fb3 android:allowBackup query documentation 2022-08-24 15:54:13 -04:00
Ed Minnix
44b0a2b8af Android allowBackup query 2022-08-24 15:54:13 -04:00
Ed Minnix
7d15af6caa Add allowBackup check to AndroidManifest 2022-08-24 15:54:13 -04:00
Ed Minnix
dac64eeca7 Query test files 2022-08-24 15:54:13 -04:00
Jami
b3e88f8234 Merge pull request #9983 from jcogs33/android-implicit-export 
Java: query to detect implicitly exported Android components
 2022-08-24 10:52:50 -04:00
Ian Lynagh
20ac15d549 Merge pull request #10152 from igfoo/igfoo/not-null-exprs 
Kotlin: Remove more not-null expressions
 2022-08-24 12:18:45 +01:00
Ian Lynagh
b5f20e40fc Kotlin: Remove some more not-null-expressions 2022-08-24 11:13:27 +01:00
Ian Lynagh
8fe59e7ebc Kotlin: Remove another not-null-expr 2022-08-24 11:09:31 +01:00
Ian Lynagh
01f27ea331 Kotlin: Remove another not-null-expr 2022-08-24 11:07:10 +01:00
Michael Nebel
c514c8838d Merge pull request #9867 from michaelnebel/csharp/nosummary 
C#: Negative summaries (ie. no flow through)
 2022-08-24 12:06:05 +02:00
Ian Lynagh
940f18f5ae Kotlin: Remove another not-null-expr 2022-08-24 10:59:15 +01:00
Ian Lynagh
44501f5318 Kotlin: Remove another not-null-expr 2022-08-24 10:57:36 +01:00
Ian Lynagh
da7b7ce9f5 Kotlin: Remove some not-null-exprs 2022-08-24 10:55:31 +01:00
Ian Lynagh
623d87aaca Merge pull request #10142 from igfoo/igfoo/not-null-expr 
Kotlin: Remove some more non-null-expressions
 2022-08-24 10:37:37 +01:00
Ian Lynagh
8b4cf295bc Merge pull request #10110 from igfoo/igfoo/compression 
Kotlin: Add support for TRAP compression
 2022-08-24 10:37:20 +01:00
Michael Nebel
a412c955e7 Java: One implementation of the interface has no flow (which seems unsound and contradicting our assumptions on interface 'contracts') - this now yields a negative summary. 2022-08-24 09:58:54 +02:00
Michael Nebel
761ed283b6 C#/Java/Ruby/Swift: Address review comments. 2022-08-24 09:58:54 +02:00
Michael Nebel
2e273f2273 C#: Re-arange the import order, such that CsvValidation follows ExternalFlow directly. 2022-08-24 09:58:54 +02:00
Michael Nebel
30d554503a C#/Java: Fix some QL doc spelling typos. 2022-08-24 09:58:53 +02:00
Michael Nebel
160ae934af C#/Java/Ruby/Swift: Fix typo in QL doc. 2022-08-24 09:58:53 +02:00
Michael Nebel
37976d56bc C#/Java/Go/Swift: Move CsvValidation back into ExternalFlow. 2022-08-24 09:58:53 +02:00
Michael Nebel
581824a9b4 C#/Java/Ruby/Swift: Fix various typos. 2022-08-24 09:58:53 +02:00
Michael Nebel
9f9129d3c9 Java: Introduce column validation for negative summaries. 2022-08-24 09:58:52 +02:00
Michael Nebel
4939439982 Java: Re-factor CSV Validation into standalone module. 2022-08-24 09:58:52 +02:00
Michael Nebel
120fb25702 Java: Sync files and model generator and tests. 2022-08-24 09:58:52 +02:00
Michael Nebel
5255e16816 Java: Sync files and make framework specific code. 2022-08-24 09:58:51 +02:00
Michael Nebel
15c05e201d Java: Re-factor specialized CSV predicates into overrides of the row predicate. 2022-08-24 09:58:46 +02:00
Erik Krogh Kristensen
4df2e5d937 Merge pull request #10096 from erik-krogh/acronyms-part1 
make acronyms camelcase
 2022-08-24 09:33:53 +02:00
Tony Torralba
f0e5ef68c2 Merge pull request #10149 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2022-08-24 09:13:49 +02:00
Tamás Vajk
ecde0abc04 Merge pull request #10091 from tamasvajk/kotlin-data-class 
Kotlin: Identify data classes during extraction
 2022-08-24 08:45:41 +02:00
github-actions[bot]
03faddd7eb Add changed framework coverage reports 2022-08-24 00:18:31 +00:00
Ian Lynagh
910372bfb7 Kotlin: Refactor CallableReferenceHelper 
This removes some non-null-expressions, and also makes the code more
robust and easier to understand.
 2022-08-23 15:24:13 +01:00
Ian Lynagh
d3a8060e34 Kotlin: Remove another not-null-expr in the extractor 2022-08-23 12:05:14 +01:00
Ian Lynagh
98dd2448ff Kotlin: Remove a not-null-expr from the extractor 2022-08-23 11:49:55 +01:00
Chris Smowton
0a7350f3bf Merge pull request #10041 from smowton/AddSensitiveApiCalls 
Java: support more libraries in hardcoded-credentials queries
 2022-08-23 10:51:04 +01:00
Ian Lynagh
51ada5c2af Merge pull request #10130 from igfoo/igfoo/non-null-exprs 
Kotlin: Fix some more not-null-exprs in the extractor
 2022-08-23 10:49:45 +01:00
Tony Torralba
085c12a51f Merge pull request #10116 from atorralba/atorralba/static-init-vector-fix 
Java: Improve Static Initialization Vector query
 2022-08-23 11:38:41 +02:00
Tony Torralba
e3c1101b79 Merge pull request #10136 from atorralba/atorralba/redos-cwe-tag 
Java: Add CWE-1333 tag to Java ReDoS queries
 2022-08-23 11:07:51 +02:00
Chris Smowton
131d6043c1 Add java imports 2022-08-23 09:41:00 +01:00
erik-krogh
82a5b7838c don't add deprecated alias in experimental folder 2022-08-23 10:38:23 +02:00
erik-krogh
82d9180892 only have one deprecated alias for XmlDtd 2022-08-23 10:38:23 +02:00
Joe Farebrother
ac79866799 Merge pull request #9982 from joefarebrother/rsa-without-oaep 
Java: Add query for RSA without OAEP
 2022-08-23 09:14:46 +01:00
Tony Torralba
6b4cfbbacd Add change note 2022-08-23 10:00:10 +02:00
Tony Torralba
cd10f559ca Add CWE-1333 tag to Java ReDoS queries 2022-08-23 09:56:59 +02:00
Tony Torralba
a3f27d4abe Merge pull request #10131 from atorralba/atorralba/path-steps 
Java: Add new java.nio.Path{,s} summary models
 2022-08-23 09:47:34 +02:00
Tony Torralba
da3288fced Move change note to src 2022-08-23 09:40:34 +02:00