hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,976 Commits 1,671 Branches 157 Tags
f171ce63416085827aae78f32f5960ff6f240a9d
Commit Graph

4860 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
e5eef51e9d Merge pull request #8875 from aschackmull/java/useless-imports 
Java: Remove some useless imports.
 2022-04-26 13:32:09 +02:00
Anders Schack-Mulligen
7002f49abc Java: Remove some useless imports. 2022-04-26 12:37:03 +02:00
Chris Smowton
8d7098245b Add change note 2022-04-26 10:38:20 +01:00
Chris Smowton
7d4767a4f5 Java insecure cookies query: look through named constants 2022-04-26 10:32:13 +01:00
Anders Schack-Mulligen
59aedc2872 Merge pull request #8853 from aschackmull/dataflow/fix-join 
Dataflow: Fix join-on-config producing a CP.
 2022-04-26 09:52:50 +02:00
github-actions[bot]
51b2eb78a9 Add changed framework coverage reports 2022-04-26 00:15:54 +00:00
Mathias Vorreiter Pedersen
aca4c8727f Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0 
Post-release preparation for codeql-cli-2.9.0
 2022-04-25 22:52:55 +01:00
Tony Torralba
85d5b122f7 Merge pull request #8817 from atorralba/atorralba/cleartext-storage-sharedprefs-improvs 
Java: Add value-preserving flow steps for Android's SharedPreferences
 2022-04-25 16:16:46 +02:00
Anders Schack-Mulligen
c06efa1f42 Dataflow: Sync. 2022-04-25 13:11:04 +02:00
Anders Schack-Mulligen
f4d93f089a Dataflow: Fix join-on-config producing a CP. 2022-04-25 13:10:31 +02:00
Tony Torralba
f1e5e57d76 Update java/ql/lib/semmle/code/java/frameworks/android/SharedPreferences.qll 2022-04-25 12:39:01 +02:00
Anders Schack-Mulligen
40a16325a9 Minor clean-up in AccessPathSyntax. 2022-04-25 12:27:48 +02:00
Anders Schack-Mulligen
cbdd4927ce Merge pull request #8582 from Marcono1234/marcono1234/JumpStmt-superclass 
Java: Make `JumpStmt` a proper superclass
 2022-04-25 12:22:20 +02:00
Anders Schack-Mulligen
b21f077e8e Update java/ql/lib/semmle/code/java/Statement.qll 2022-04-25 11:02:23 +02:00
Tom Hvitved
2466288656 Data flow: Simplify revFlowStore 2022-04-25 10:11:54 +02:00
Tom Hvitved
cf0a1e748a Add change notes 2022-04-25 09:17:40 +02:00
Tony Torralba
d982aeaf6f Add change note 2022-04-22 17:50:47 +02:00
Tony Torralba
f1c08bc492 Add value-preserving steps for SharedPreferences 2022-04-22 17:44:59 +02:00
Tom Hvitved
3edc72feb6 Update CaptureModels.qll 2022-04-22 15:49:17 +02:00
Tom Hvitved
bc6ee10583 Data flow: Sync files 2022-04-22 15:10:00 +02:00
Tom Hvitved
b033f107df Merge remote-tracking branch 'upstream/main' into dataflow/interpret-read-store 2022-04-22 14:35:02 +02:00
Erik Krogh Kristensen
dca74a1f45 get tainttracking3/TaintTrackingImpl.qll in sync 2022-04-22 10:37:31 +02:00
Chris Smowton
d309e15072 Merge pull request #8748 from smowton/smowton/admin/dependent-dataflow-configs 
Java: Avoid higher-numbered dataflow configs that depend on lower-numbered ones
 2022-04-22 08:56:00 +01:00
github-actions[bot]
1aecfc67c2 Post-release preparation for codeql-cli-2.9.0 2022-04-21 19:22:19 +00:00
Dave Bartolomeo
b2fe530f1c Fix formatting in change log 2022-04-21 11:02:31 -04:00
Dave Bartolomeo
136d3ff1f4 Fix formatting in change log 2022-04-21 11:02:07 -04:00
Dave Bartolomeo
d0687303f4 Fix formatting in change log 2022-04-21 11:01:39 -04:00
Dave Bartolomeo
033694d7f7 Fix formatting in change log 2022-04-21 11:00:38 -04:00
github-actions[bot]
eeaf233c29 Release preparation for version 2.9.0 2022-04-21 14:49:00 +00:00
Tom Hvitved
bd09c61504 Merge pull request #8786 from hvitved/ruby/dataflow/argument-tokens 
Ruby: Implement `Argument[any]` and `Argument[n..]`
 2022-04-21 16:31:24 +02:00
Tom Hvitved
ea229d361c Sync files 2022-04-20 13:55:18 +02:00
Anders Schack-Mulligen
48fbbf2531 Dataflow: Add change notes. 2022-04-19 15:29:35 +02:00
Anders Schack-Mulligen
b521d64156 Dataflow: Sync. 2022-04-19 15:29:35 +02:00
Anders Schack-Mulligen
4ae59b530b Dataflow: Revert flow-state versions of in-/out-barriers. 2022-04-19 15:29:34 +02:00
Mathias Vorreiter Pedersen
91b413d59f Dataflow: Sync identical files. 2022-04-19 09:57:21 +01:00
Chris Smowton
90505949c7 Generally define lower-numbered data-flow configs in terms of higher-numbered ones 
Since usually we have DataFlow3::Configurations that stand alone, DataFlow2::Configurations that depend on them, and finally DataFlow::Configurations that produce a top-level query result (for example), qll files where the reverse pattern holds will usually not be concurrently importable due to dataflow configuration recursion prevention.
 2022-04-15 09:25:40 +01:00
Chris Smowton
27d87e9300 Add TaintTracking3 2022-04-15 09:25:26 +01:00
Marcono1234
348a186df8 Java: Make JumpStmt a concrete class again 
Public abstract classes can be error-prone, when users unintentionally
implement a new subclass instead of refining the set of existing subclasses.
 2022-04-10 17:54:47 +02:00
Edoardo Pirovano
f25618eed6 Bump minor version of all packs 2022-04-08 15:38:58 +01:00
Edoardo Pirovano
ce82c54b94 Merge branch 'main' into edoardo/3.5-mergeback 2022-04-08 15:30:58 +01:00
Anders Schack-Mulligen
4eaec3953a Merge pull request #8694 from aschackmull/dataflow/cleanup-unused 
Dataflow: Cleanup unused column
 2022-04-07 15:16:27 +02:00
Anders Schack-Mulligen
c0f48b6c14 Merge pull request #8681 from JLLeitschuh/fix/JLL/os_check_bugs 
Java: Fix Local Temp File/Dir Incorrect Guard Logic
 2022-04-07 14:00:13 +02:00
Anders Schack-Mulligen
7beed570f2 Dataflow: Sync. 2022-04-07 13:53:48 +02:00
Anders Schack-Mulligen
876a9f80ce Dataflow: remove unused column. 2022-04-07 13:53:27 +02:00
Erik Krogh Kristensen
ef9b6a11a6 Merge pull request #8679 from erik-krogh/getUrl 
Java: rename existing getUrl predicate to getRepositoryUrl
 2022-04-07 10:01:14 +02:00
Michael Nebel
72d4c97463 Merge pull request #8628 from michaelnebel/csharp/generatedkind 
C#: Introduce generated flag as a part of the kind column for flow summaries
 2022-04-07 08:43:30 +02:00
Erik Krogh Kristensen
489d4cb908 add change-note 2022-04-06 23:23:50 +02:00
Jonathan Leitschuh
2753521650 Java: Fix Local Temp File/Dir Incorrect Guard Logic 
Resolves https://github.com/github/codeql/pull/8032#discussion_r841723906
 2022-04-06 12:16:09 -04:00
Erik Krogh Kristensen
563d0d6532 rename existing getUrl predicate to getRepositoryUrl 2022-04-06 15:32:33 +02:00
Anders Schack-Mulligen
879b8a1200 Merge pull request #8676 from pwntester/java_hotspots_mods 
Make security-related TaintTracking Configuration public
 2022-04-06 14:40:14 +02:00