codeql

mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00

Author	SHA1	Message	Date
Joe Farebrother	414e0b20b3	Add change note	2022-09-21 13:57:30 +01:00
Tony Torralba	cbb64cc8c1	Merge pull request #10352 from atorralba/atorralba/promote-template-injection Java: Promote Server-side template injection from experimental	2022-09-20 16:11:58 +02:00
Tony Torralba	e140f04881	Merge pull request #10393 from zbazztian/uri-constructor-flow Java: Model taint flow for java.net.URI constructors in tainted path queries	2022-09-16 15:10:40 +02:00
Sebastian Bauersfeld	8c35803749	Add more details to change note.	2022-09-16 16:11:34 +07:00
Chris Smowton	88644b6e76	Add change note	2022-09-15 15:35:52 +01:00
Sebastian Bauersfeld	f95663cdfb	Java: Added change note.	2022-09-13 11:38:15 +07:00
Edward Minnix III	eadb8a3988	Merge pull request #10106 from egregius313/egregius313/android-backup-allowed Java: Query to detect Android backup allowed	2022-09-12 11:14:03 -04:00
Tony Torralba	6413de6c20	Add change note	2022-09-08 17:38:26 +02:00
Edward Minnix III	9ddfcf935b	Update java/ql/src/change-notes/2022-08-18-android-allowbackup-query.md Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2022-09-07 09:46:16 -04:00
Tony Torralba	b94e0d3e69	Merge pull request #10251 from atorralba/atorralba/implicit-pendingintent-sinks Java: Add new AlarmManager sinks to Use of implicit PendingIntents	2022-09-06 11:31:27 +02:00
Erik Krogh Kristensen	6cee635cb5	Merge pull request #10180 from erik-krogh/fixTags Add missing security tags	2022-09-02 08:04:57 +02:00
Edoardo Pirovano	8f332714f4	Merge pull request #10260 from github/edoardo/3.7-mergeback Merge `rc/3.7` into `main`	2022-09-01 15:44:17 +01:00
Tony Torralba	5d9f366ac5	Add change note	2022-09-01 09:53:46 +02:00
Erik Krogh Kristensen	bd5fd7d963	fix typo in change-note Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>	2022-08-29 13:25:54 +02:00
erik-krogh	f09fc7b0fc	Java: add java change-note	2022-08-29 13:10:21 +02:00
Erik Krogh Kristensen	06afe9c0f4	Merge pull request #9816 from erik-krogh/msgConsis Make alert messages consistent across languages	2022-08-25 15:20:01 +02:00
github-actions[bot]	0f63bc077f	Release preparation for version 2.10.4	2022-08-25 12:52:26 +00:00
Ed Minnix	a036639ecd	Added change notes	2022-08-24 15:54:13 -04:00
Jami	b3e88f8234	Merge pull request #9983 from jcogs33/android-implicit-export Java: query to detect implicitly exported Android components	2022-08-24 10:52:50 -04:00
erik-krogh	27fcc90a97	Merge branch 'main' into msgConsis	2022-08-24 09:21:43 +02:00
Tony Torralba	085c12a51f	Merge pull request #10116 from atorralba/atorralba/static-init-vector-fix Java: Improve Static Initialization Vector query	2022-08-23 11:38:41 +02:00
Tony Torralba	e3c1101b79	Merge pull request #10136 from atorralba/atorralba/redos-cwe-tag Java: Add CWE-1333 tag to Java ReDoS queries	2022-08-23 11:07:51 +02:00
Joe Farebrother	ac79866799	Merge pull request #9982 from joefarebrother/rsa-without-oaep Java: Add query for RSA without OAEP	2022-08-23 09:14:46 +01:00
Tony Torralba	6b4cfbbacd	Add change note	2022-08-23 10:00:10 +02:00
Tony Torralba	da3288fced	Move change note to src	2022-08-23 09:40:34 +02:00
erik-krogh	f7846a598e	add change-notes	2022-08-23 07:54:01 +02:00
Jami Cogswell	a99d7ffaaf	minor wording update in change note	2022-08-22 12:41:22 -04:00
Jami Cogswell	33c48ec685	updated change note	2022-08-22 12:41:22 -04:00
Jami Cogswell	3e09d86a4f	adding starter files	2022-08-22 12:41:22 -04:00
Anders Schack-Mulligen	37e5f0438c	Java: Add change note.	2022-08-18 09:19:32 +02:00
Joe Farebrother	08b77493d2	Add security severity and change note	2022-08-17 10:35:47 +01:00
Joe Farebrother	7c188a6b96	Apply doc suggestions	2022-08-17 10:35:16 +01:00
Joe Farebrother	960a4e58a0	Add change note	2022-08-17 10:35:14 +01:00
Jami	dd23d48ad2	Merge pull request #9939 from jcogs33/android-debug-query-inline-tests Java: query to detect android:debuggable attribute enabled	2022-08-16 10:07:13 -04:00
Alex Ford	d02ad51d74	Merge pull request #10032 from github/post-release-prep/codeql-cli-2.10.3 Post-release preparation for codeql-cli-2.10.3	2022-08-16 12:04:07 +01:00
Jami Cogswell	ead36822be	update change note based on review comment	2022-08-15 15:50:00 -04:00
Jami Cogswell	f961540979	added change note	2022-08-15 15:50:00 -04:00
Chris Smowton	774e379eb1	Merge pull request #9742 from smehta23/feat/SM/java_partial_path_traversal_vulnerability [JAVA] Partial Path Traversal Vuln Query	2022-08-15 12:56:16 +01:00
Erik Krogh Kristensen	0adb588fe8	Merge pull request #9712 from erik-krogh/badRange JS/RB/PY/Java: add suspicious range query	2022-08-15 13:55:44 +02:00
github-actions[bot]	57c4f9145b	Release preparation for version 2.10.3	2022-08-11 11:12:15 +00:00
Anders Schack-Mulligen	ecc15a1f95	Java: Remove SensitiveLoggingQuery results that flow through a source.	2022-08-10 14:28:07 +02:00
Joe Farebrother	abf894a64c	Fix typos	2022-08-05 12:56:20 +01:00
Joe Farebrother	0d09484efc	Add change note	2022-08-05 12:56:19 +01:00
Chris Smowton	af274354a0	Merge pull request #9956 from github/smowton/feature/tainted-path-query-mad Make java/path-injection recognise create-file MaD sinks	2022-08-04 08:59:59 +01:00
Chris Smowton	977823bd76	Create 2022-08-03-tainted-path-mad.md	2022-08-03 10:54:35 +01:00
github-actions[bot]	212786ed91	Release preparation for version 2.10.2	2022-07-28 13:38:35 +00:00
smehta23	b7e522749f	Apply suggestions from code review Co-authored-by: Chris Smowton <smowton@github.com> Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2022-07-20 15:32:59 -04:00
Jeroen Ketema	fe1f1bb79d	Fix issues with change notes	2022-07-14 11:06:14 +02:00
github-actions[bot]	d1aa0d7dd3	Release preparation for version 2.10.1	2022-07-14 08:56:03 +00:00
smehta23	781a2a73d3	Merge branch 'main' into feat/SM/java_partial_path_traversal_vulnerability	2022-07-12 01:48:12 -04:00

1 2 3

143 Commits