hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 23:33:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
55,710 Commits 1,684 Branches 159 Tags
f4b5cbf7eb586a61a5f0eeeccf9cafdbdff14e7c
Commit Graph

159 Commits

Author SHA1 Message Date
Stephan Brandauer
b38bc52019 Java: fix bug in ExcludedFromModeling Characteristic 2023-06-09 14:57:56 +02:00
Stephan Brandauer
2921df41da Java: fix import 2023-06-07 15:22:59 +02:00
Stephan Brandauer
ec3a7e39ad Java: qldoc style 2023-06-07 14:57:38 +02:00
Stephan Brandauer
715b1351f3 Java: share considerSubtypes predicate between Java modes 2023-06-07 14:55:00 +02:00
Stephan Brandauer
7e77e2ea82 Java: comment why we're using erased types in MaD 2023-06-07 14:42:20 +02:00
Stephan Brandauer
a8799fe981 Java: share getCallable interface between automodel extraction modes 2023-06-07 14:38:52 +02:00
Stephan Brandauer
92ad02a752 Java: update getRelatedLocation qldoc 2023-06-07 14:09:07 +02:00
Stephan Brandauer
be6b1d8aaf Java: remove SkipFrameworkModeling characteristic in favour of later evaluation 2023-06-07 13:58:56 +02:00
Stephan Brandauer
2e16b71215 Java: update qldoc of ClassQualifierCharacteristic 2023-06-07 13:52:57 +02:00
Stephan Brandauer
1bfbfec1bc Java: use problem.severity in automodel extraction queries 2023-06-07 13:44:52 +02:00
Stephan Brandauer
5de56db3af Java: QlDoc for isKnownKind 2023-05-31 14:13:14 +02:00
Stephan Brandauer
03051dde7f Java: spelling 2023-05-31 14:13:14 +02:00
Taus
ea5c36491b Java: Improve documentation of sampling strategy 2023-05-31 11:39:54 +00:00
Stephan Brandauer
5a9d09c49e Java: docs update 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2023-05-31 13:36:58 +02:00
Stephan Brandauer
12ea5e0e90 Java: fix sanitizer bug 2023-05-31 11:53:02 +02:00
Stephan Brandauer
86559317d7 Java: update comments 2023-05-31 11:52:26 +02:00
Stephan Brandauer
96bae2d5ec Java: avoid downcasting to DollarAtString 2023-05-31 10:41:52 +02:00
Taus
73aa790cdd Java: Improve sampling strategy 
Instead of the "random" sampling used before (which could -- in rare circumstances -- end up sampling fewer points than we want) we now sample an equally distributed set of points.
 2023-05-30 11:22:26 +00:00
Stephan Brandauer
d4b964c849 add support for sanitizers 2023-05-30 10:25:52 +02:00
Taus
227c5fab40 Java: Get location ordering without toString 2023-05-26 14:52:08 +00:00
Stephan Brandauer
efe539eb32 Java: better sampling of negative examples 2023-05-26 14:15:32 +02:00
Stephan Brandauer
a89378d86d Java: add extra known frameworks and sample negative samples to manage sarif file sizes 2023-05-26 13:20:04 +02:00
Stephan Brandauer
5ca2221097 remove some of the biggest frameworks from application mode consideration 2023-05-25 17:06:02 +02:00
Stephan Brandauer
db77c6b9a3 Java: mark functional expressions as likely not sinks 2023-05-25 16:39:27 +02:00
Stephan Brandauer
76d731a61d improve CannotBeTaintedCharacteristic 2023-05-25 16:28:07 +02:00
Stephan Brandauer
9a041243ff Java: fine-tune characteristics 2023-05-25 14:16:32 +02:00
Stephan Brandauer
f224a40dec Java: use containing call as call context, not argument 2023-05-25 14:16:23 +02:00
Stephan Brandauer
33fdb0fc52 Java: remove superfluous characteristic 2023-05-25 14:16:23 +02:00
Taus
2000f22533 Java: Port over characteristics from codex branch 2023-05-25 14:16:23 +02:00
Taus
11ab7e2e71 Java: Share argument indexing logic 
Adds a utility predicate for turning integer indices into the desired string representation.
 2023-05-25 14:16:23 +02:00
Taus
04b8bf35d4 Java: Avoid overlapping import 
Importing `AutomodelEndpointTypes` inside `AutomodelSharedUtil` non-privately made it overlap with the imports in the candidate extraction queries.
 2023-05-25 14:16:23 +02:00
Stephan Brandauer
db61a2d099 Java: share isKnownKind between modes 2023-05-25 14:16:16 +02:00
Stephan Brandauer
d93ad9b398 Java: remove unneeded abstract metadata extractor classes and fix some names 2023-05-25 14:16:11 +02:00
Stephan Brandauer
6e21f14c09 Java: update extraction query metadata 2023-05-25 14:16:03 +02:00
Stephan Brandauer
7c3bc26c41 Java: make input an actual string, not an integer 2023-05-25 14:15:59 +02:00
Stephan Brandauer
185ad101b3 Java: add application-mode and framework-mode tags to extraction queries 2023-05-25 14:15:50 +02:00
Taus
9b30f9a476 Java: Add negative characteristic for static calls 2023-05-25 14:15:49 +02:00
Taus
6fc16574b3 Java: Add QL support for automodel application mode 2023-05-25 14:15:49 +02:00
Stephan Brandauer
a5ef738bb0 add extra parameters in query-messages 2023-05-17 08:37:18 +00:00
Stephan Brandauer
2cd8a879a5 use asParameter().getName() instead of toString() 
Co-authored-by: Taus <tausbn@github.com>
 2023-05-16 17:28:02 +02:00
Stephan Brandauer
9845887452 automodel java fix: export method name as 'name' metadata parameter; export parameter name as 'parameterName' parameter 2023-05-16 15:07:14 +00:00
Stephan Brandauer
510febf46d Merge pull request #12830 from github/kaeluka/parameter-candidate-extraction 
Java: Automodel Framework Mode Extraction Queries
 2023-05-11 18:00:55 +02:00
Stephan Brandauer
c31ad01579 squash ql-for-ql warnings 2023-05-11 16:18:52 +02:00
Tony Torralba
c17b0e809f Apply suggestions from code review 2023-05-11 14:53:56 +02:00
Anders Schack-Mulligen
587ee53917 Java: Fix ExternalApi.jarContainer(). 2023-05-11 14:09:27 +02:00
Stephan Brandauer
e15610cfcd use ascii dash 2023-05-11 11:32:05 +02:00
Stephan Brandauer
f3d096cf37 update DollarAtString class to use hasLocationInfo instead of getURL 2023-05-10 15:02:22 +02:00
Stephan Brandauer
79f2beca2a ql-for-ql 2023-05-10 14:04:29 +02:00
Stephan Brandauer
cd388264d3 use new DollarAtString class to return metadata using notation 2023-05-10 13:44:50 +02:00
Stephan Brandauer
6be11d93bd document FrameworkCandidatesImpl 2023-05-10 12:03:32 +02:00