hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-04 18:20:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,962 Commits 1,673 Branches 157 Tags
ed2dd87bda573aa543c1763d89ed89756419c4e5
Commit Graph

3005 Commits

Author SHA1 Message Date
Edward Minnix III
ce06df3152 Merge pull request #11628 from egregius313/egregius313/android-webview-addjavascriptinterface-dataflow 
Java: Add parameters of methods annotated @JavascriptInterface as remote flow sources
 2023-01-10 12:41:52 -05:00
Tony Torralba
32471d326e Java: Remove omittable exists variables 2023-01-10 13:37:19 +01:00
Chris Smowton
e9bbb5d7fa Merge pull request #11730 from smowton/smowton/admin/improve-sql-unescaped-docs 
Java: improve naming and description of SqlUnescaped.ql
 2023-01-09 12:50:27 +00:00
Chris Smowton
45c732a6f9 Java: improve naming and description of SqlUnescaped.ql 
Since the main thing it's objecting to is concatenation not lack of escaping (in particular it doesn't look for escaping sanitizers), rename and re-describe it accordingly.
 2023-01-09 10:56:13 +00:00
Rasmus Lerchedahl Petersen
c3b3c05cf3 Revert "Merge pull request #37 from erik-krogh/shared/inline-tests" 
This reverts commit 65fe9abcfe, reversing
changes made to 08e9d3391f.
 2023-01-05 09:19:43 +01:00
Rasmus Lerchedahl Petersen
2e46919e10 java: nicer code as suggested by review 2023-01-04 19:50:29 +01:00
Ed Minnix
28f555c2b2 Add simple test case for @JavascriptInterface parameter flow 2023-01-03 15:31:40 -05:00
Ed Minnix
f9b8200009 Add stub for android.webkit.JavascriptInterface annoation 2023-01-03 15:31:40 -05:00
erik-krogh
b3dd50bc36 inline Location into the shared implementation of InlineExpectationsTest 2022-12-22 11:09:43 +01:00
Rasmus Lerchedahl Petersen
4667068017 java: use shared inline tests 
- remove from identical-files
 2022-12-22 10:20:06 +01:00
Edward Minnix III
b77923f6e6 Merge pull request #11767 from atorralba/atorralba/java/fix-pinning-tests 
Java: Small simplification in Missing Certificate Pinning tests
 2022-12-21 11:21:47 -05:00
Arthur Baars
98c5b81456 Merge pull request #11723 from aibaars/alert-suppression 
CodeQL alert suppression
 2022-12-21 10:59:57 +01:00
Tony Torralba
ab73d13d8b Small simplification 2022-12-21 09:58:13 +01:00
Jami
c9258effb6 Merge pull request #11572 from jcogs33/jcogs33/model-top-jdk-apis 
Java: model top 100 JDK APIs
 2022-12-20 09:13:53 -05:00
Tony Torralba
149cae9603 Merge pull request #10971 from joefarebrother/android-certificate-pinning 
Java: Add Android missing certificate pinning query (CWE-295)
 2022-12-20 11:03:16 +01:00
Tony Torralba
3e7a819fe7 Simplification 2022-12-20 09:42:25 +01:00
Jeroen Ketema
edc768b43b Merge pull request #11707 from smowton/smowton/fix/java-empty-multiline-comment 
Java: handle printing an empty comment (/**/); add relevant tests
 2022-12-20 08:07:42 +01:00
Chris Smowton
ebc0b0c4d6 Merge pull request #11665 from smowton/smowton/admin/revert-kotlin-default-method-type-erasure 
Kotlin: Revert type erasure within $default functions
 2022-12-19 16:33:20 +00:00
Edward Minnix III
39a7c7bb12 Merge pull request #11282 from egregius313/egregiu313/webview-addjavascriptinterface 
Java: Query for detecting addJavascriptInterface method calls
 2022-12-19 11:28:45 -05:00
Arthur Baars
0f313231bc AlertSuppression: add more tests 2022-12-19 16:43:11 +01:00
Arthur Baars
c176606be5 AlertSuppression: allow //lgtm comments to scope over the next line 2022-12-19 16:10:26 +01:00
Jami Cogswell
a8ee633acd Java: apply review suggestions 2022-12-19 09:09:01 -05:00
Jami Cogswell
42ddd66360 Java: add hasApiName predicate 2022-12-19 08:38:12 -05:00
Chris Smowton
2ca56e0c1e Java: handle printing an empty comment (/**/); add relevant tests 2022-12-19 14:12:09 +01:00
Jami Cogswell
f933fc75cd Java: update another test affected by Integer.parseInt, and one affected by String.length 2022-12-18 21:46:43 -05:00
Jami Cogswell
f3fc68352e Java: update tests affected by Integer.parseInt model 2022-12-18 19:43:32 -05:00
Jami Cogswell
1d916a2baa Java: clean up 2022-12-16 16:16:56 -05:00
Jami
ff652f7dee Merge branch 'main' into jcogs33/model-top-jdk-apis 2022-12-16 15:32:50 -05:00
Jami Cogswell
9762423fbc Java: add more test cases 2022-12-16 15:26:54 -05:00
Jami Cogswell
c0628035fa Java: reduce code duplication 2022-12-16 10:28:34 -05:00
Jami Cogswell
640b450c47 Java: add message column to qltest 2022-12-16 08:51:18 -05:00
Jami Cogswell
bf6148c477 Java: fix bot alert, remove metadata from qltest 2022-12-16 08:44:23 -05:00
Michael Nebel
b2856c1f5a Merge pull request #11705 from michaelnebel/dataextensiontests 
C#/Java: Migrate tests to use implicitly loaded extensions.
 2022-12-16 10:50:07 +01:00
Jami Cogswell
fdcaa93200 Java: update test case 2022-12-15 23:47:17 -05:00
Jami Cogswell
08546549bf Java: update exception models and add test 2022-12-15 22:53:14 -05:00
Jami
fd63348549 Merge pull request #11585 from jcogs33/jcogs33/mad-metrics-query 
Java: add MaD metrics query
 2022-12-15 19:26:51 -05:00
Jami Cogswell
96a0950048 Java: update test case 2022-12-15 15:49:53 -05:00
Michael Nebel
6dc798f970 Java: Migrate tests to use implicit ext.yml data extensions. 2022-12-15 14:13:07 +01:00
Jami Cogswell
56acfdf672 Java: update test case 2022-12-15 00:57:08 -05:00
Jami Cogswell
510cd4a163 Java: change negative to neutral 2022-12-15 00:46:03 -05:00
Jami Cogswell
f1ddbbb96f Java: update remaining models 2022-12-15 00:33:35 -05:00
Jami Cogswell
46b8fbc4c9 Java: update remaining models, resolve merge conflict 2022-12-15 00:33:06 -05:00
Jami Cogswell
15069250eb Java: add draft of test case 2022-12-15 00:24:41 -05:00
Jami
359e49044f Merge branch 'main' into jcogs33/mad-metrics-query 2022-12-14 15:33:29 -05:00
Michael Nebel
bc02adb400 Java: Make the corresponding rename in all the data extensions. 2022-12-14 13:48:31 +01:00
Tamás Vajk
8e500ec0f3 Merge pull request #11675 from tamasvajk/kotlin-error-expr-consistency 
Kotlin: Report CFG dead end consistency issues on `ErrorExpr`
 2022-12-13 20:22:47 +01:00
Edward Minnix III
a85de2b5f4 Merge pull request #10865 from egregius313/egregius313/android-activity-alias 
Java: Add library support for activity-alias elements in AndroidManifest.qll
 2022-12-13 11:52:01 -05:00
Jami Cogswell
028fc29639 Java: group test methods 2022-12-13 11:02:21 -05:00
Tamas Vajk
5cc2868857 Kotlin: Report CFG dead end consistency issues on ErrorExpr 2022-12-13 15:51:33 +01:00
Jami
93d8a03e73 Merge branch 'main' into jcogs33/mad-metrics-query 2022-12-12 20:31:53 -05:00