hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
68,915 Commits 1,671 Branches 157 Tags
f4764378c99be12acb21ab5980ab5b90068925b4
Commit Graph

12228 Commits

Author SHA1 Message Date
am0o0
f4764378c9 update tests to contain the new source, delete query with local sources 2024-08-16 16:15:46 +02:00
am0o0
d88b310b0e add getCredentials method of AuthenticationToken as a remote source 2024-08-16 15:41:19 +02:00
am0o0
d560c1ea0f fix formatting 2024-07-31 11:08:06 +02:00
am0o0
9110df6e80 Merge branch 'amammad-java-JWT' of https://github.com/am0o0/codeql into amammad-java-JWT 2024-07-31 11:04:24 +02:00
am0o0
c6814fcf47 merge duplicate module into a module file 2024-07-31 11:04:03 +02:00
am0o0
701e3d7e53 add same query but with local source support to comply with the CVE-2021-37580 2024-07-31 10:58:22 +02:00
Chris Smowton
8f52b2cd95 Fix link 2024-07-30 12:23:38 +01:00
Chris Smowton
a781522ca0 Copyedit documentation 2024-07-30 12:19:16 +01:00
Am
96c142bf0a Merge branch 'main' into amammad-java-JWT 2024-07-28 13:03:23 +03:30
am0o0
6538a06f29 update tests 2024-07-28 11:30:59 +02:00
am0o0
b5e7716579 remove flow states, remove string as sources 2024-07-28 11:26:18 +02:00
am0o0
46ddddc8cf Merge tag 'codeql-cli/v2.18.1' into amammad-java-JWT 
Compatible with CodeQL CLI 2.18.1
 2024-07-28 11:23:20 +02:00
am0o0
85b02b1399 use MethodCall instead of MethodAccess, change query id 2024-07-28 10:42:44 +02:00
am0o0
494f0b709e Merge branch 'main' into amammad-java-JWT 2024-07-28 10:37:26 +02:00
am0o0
14cf47b906 comply with PascalCase/camelCase, remove redundant import 2024-07-28 10:28:28 +02:00
Chris Smowton
e3559d8f93 Adjust test expectations 2024-07-28 10:27:11 +02:00
Chris Smowton
142d7ae005 Make test compatible with Servlet 2.5; use old Servlet stubs 2024-07-28 10:26:58 +02:00
Jami
0ba5a74f6a Merge pull request #17074 from jcogs33/jcogs33/java/fix-regex-use-comments 
Java: fix comments about use of sink kind `regex-use`
 2024-07-26 08:57:39 -04:00
Owen Mansel-Chan
c051d33cc7 Merge branch 'main' into dataflow/provenance-postprocess-qltest 2024-07-26 08:04:05 +01:00
Jami
91f5f086fb Merge pull request #17025 from jcogs33/jcogs33/java/adjust-url-syntheticfield 
Java: add TaintInheritingContent for URL synthetic fields
 2024-07-25 12:11:39 -04:00
Jami Cogswell
eea3e82cca Java: fix 'regex-use' comments 2024-07-25 10:39:03 -04:00
Anders Schack-Mulligen
c693f03462 Merge pull request #17070 from aschackmull/dataflow/pptype-refactor 
Dataflow: Replace `ppReprType` with `DataFlowType.toString`.
 2024-07-25 14:30:08 +02:00
Anders Schack-Mulligen
7a48fe1102 Dataflow: Replace ppReprType with DataFlowType.toString. 2024-07-25 13:08:47 +02:00
Owen Mansel-Chan
5a39610ba7 Merge pull request #17053 from owen-mc/java/fix/regex-use-sink-kind 
Java: Add comments about use of sink kind `regex-use`
 2024-07-24 21:08:52 +01:00
Jami Cogswell
5854e88f63 Java: add change note 2024-07-24 16:00:38 -04:00
Owen Mansel-Chan
3edeb82d5b Add comment by models using regex-use sink kind 2024-07-23 21:40:45 +01:00
Owen Mansel-Chan
89f958105a Mention regex-use sink kind in QLDoc for regexSinkKindInfo 2024-07-23 21:38:30 +01:00
Owen Mansel-Chan
4c8da54b64 Merge pull request #17036 from chmodxxx/sbaddou/fix 
Java: Move SensitiveLoggerConfig source to extensible format
 2024-07-23 14:55:26 +01:00
Chuan-kai Lin
67dac96e80 Merge pull request #17041 from github/post-release-prep/codeql-cli-2.18.1 
Post-release preparation for codeql-cli-2.18.1
 2024-07-23 06:48:30 -07:00
Salah Baddou
4f80ae2190 Merge branch 'main' into sbaddou/fix 2024-07-23 12:03:13 +01:00
Salah Baddou
092de640fe add change-notes 2024-07-23 11:04:56 +01:00
Owen Mansel-Chan
ff8bb2b1f8 Merge pull request #16760 from owen-mc/java/reverse-dns-separate-threat-model-kind 
Java: make a separate threat model kind for reverse DNS sources
 2024-07-23 10:08:52 +01:00
Anders Schack-Mulligen
b5b9c4d931 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
Java: Make class private
 2024-07-23 10:07:51 +02:00
Anders Schack-Mulligen
bb86a07a93 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
fix typo
 2024-07-23 10:03:07 +02:00
Anders Schack-Mulligen
5912a17ab4 Update java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll 
Autoformat
 2024-07-23 10:01:49 +02:00
github-actions[bot]
49cc8f8ff8 Post-release preparation for codeql-cli-2.18.1 2024-07-22 22:00:48 +00:00
Chuan-kai Lin
a5fe3f4d9c Minor changelog improvements 2024-07-22 14:34:56 -07:00
github-actions[bot]
368bcb684a Release preparation for version 2.18.1 2024-07-22 21:30:50 +00:00
Chuan-kai Lin
23320b6e5e Revert "Release preparation for version 2.18.1" 2024-07-22 13:22:49 -07:00
Chuan-kai Lin
cda4339056 Minor changelog improvements 2024-07-22 09:42:31 -07:00
Salah Baddou
2ad70cbee2 Move SensitiveLoggerConfig source to extensible format 2024-07-22 17:34:00 +01:00
github-actions[bot]
55935fc123 Release preparation for version 2.18.1 2024-07-22 14:56:15 +00:00
Jami Cogswell
4790656b79 Java: add TaintInheritingContent for URL synthetic fields 2024-07-20 23:03:32 -04:00
Owen Mansel-Chan
2a5144d9d9 Improve tests for reverse DNS sources 2024-07-20 21:40:02 +01:00
Ed Minnix
ad4bca9975 Fix provenance in tests 2024-07-18 18:18:24 -04:00
Ed Minnix
0990a370c7 Convert QL classes for Lastaflute to MaD 2024-07-18 17:41:06 -04:00
Ed Minnix
9713551448 Missing QLDoc 2024-07-18 17:41:05 -04:00
Ed Minnix
4fa45bb81c Change note 2024-07-18 17:41:03 -04:00
Ed Minnix
62944ee473 Add tests for lastaflute framework 2024-07-18 17:41:02 -04:00
Ed Minnix
3bd330423d Add some models for the org.lastaflute.web library 
Methods annotated `@Execute` are handlers for URLs. Therefore, the
parameters of the methods annotated with the
`org.lastaflute.web.Execute` annotation are likely either URL parameters
or forms.
 2024-07-18 17:41:00 -04:00