hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-16 07:54:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
65,308 Commits 1,680 Branches 158 Tags
f5ebd3d50180a4bdcc277e71c8f749b64be07e08
Commit Graph

5161 Commits

Author SHA1 Message Date
Owen Mansel-Chan
f2db9ce312 Merge pull request #16028 from owen-mc/java/sensitive-log-whitelist-tokenimage 
Java: whitelist variable name `tokenImage` for `java/sensitive-log` as it's used in code generated by JavaCC
 2024-03-25 10:02:19 +00:00
Owen Mansel-Chan
ac6c4add14 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-03-24 20:20:37 +00:00
Owen Mansel-Chan
821f399193 Add change note 2024-03-23 23:51:52 +00:00
Arthur Baars
c219b1a3c7 Merge pull request #16013 from github/rc/3.13 
Merge rc/3.13 into main
 2024-03-21 16:04:58 +01:00
Henry Mercer
4e3a6e2140 Merge pull request #15874 from github/henrymercer/mark-loc-as-telemetry 
Show lines of code data in debug mode only
 2024-03-21 12:20:09 +00:00
Michael Nebel
6619be3137 Merge pull request #15940 from michaelnebel/csharp/sourcesinktests 
C#: Source- and sink tests.
 2024-03-21 08:12:16 +01:00
Henry Mercer
a76832f4e0 Mark LOC queries as debug instead 2024-03-20 21:18:55 +00:00
Dave Bartolomeo
311ba8ea1b Merge from main to resolve conflicts 2024-03-19 10:41:31 -04:00
Michael Nebel
70c6744944 Java/Go/Swift: Sync changes. 2024-03-19 14:20:43 +01:00
github-actions[bot]
aebe9f6992 Post-release preparation for codeql-cli-2.16.5 2024-03-18 12:16:26 +00:00
github-actions[bot]
0a6243d07b Release preparation for version 2.16.5 2024-03-18 10:14:07 +00:00
erik-krogh
ef8368cfc4 fix typo 2024-03-13 22:37:13 +01:00
erik-krogh
013ed7adb3 Java: update the url-redirection in the same style as the C# qhelp 2024-03-13 11:58:16 +01:00
Erik Krogh Kristensen
863e3f79e5 Merge pull request #15731 from erik-krogh/java-url 
Java: More sanitizers for request-forgery
 2024-03-12 19:31:52 +01:00
erik-krogh
35aae0a981 move changenote to src/ 2024-03-12 15:22:57 +01:00
Henry Mercer
c325ff8a23 Mark lines of code queries as telemetry queries 
The new file coverage metrics are available in all supported GHES
versions. This PR tags lines of code queries as telemetry queries. Lines
of code information will still be available in the SARIF file, but it
will no longer be displayed in the logging output of the CLI.

The one exception is the metric queries for Java/Kotlin that provides
separate lines of code information for Java and Kotlin. I've kept these
since separate file coverage information for languages like Java and
Kotlin is only available for GHES 3.12 and later.
 2024-03-11 16:40:31 +00:00
Tom Hvitved
7a39f077d9 Data flow: Add ConfigSig::accessPathLimit 2024-03-11 13:01:58 +01:00
github-actions[bot]
dc9092c9ec Post-release preparation for codeql-cli-2.16.4 2024-03-06 22:19:33 +00:00
github-actions[bot]
2f058ffb4d Release preparation for version 2.16.4 2024-03-06 20:56:51 +00:00
Angela P Wen
ce31f8641a Revert "Release preparation for version 2.16.4" 2024-03-06 12:07:33 -08:00
github-actions[bot]
661e68dab5 Release preparation for version 2.16.4 2024-03-05 18:13:58 +00:00
Angela P Wen
967963a653 Revert "Release preparation for version 2.16.4" 2024-03-05 08:53:33 -08:00
github-actions[bot]
a67218a027 Release preparation for version 2.16.4 2024-03-04 17:42:08 +00:00
Owen Mansel-Chan
279605b486 Merge pull request #15786 from owen-mc/java/sensitive-logging-query-exclude-null-in-variable-name 
Java: sensitive logging query exclude null in variable name
 2024-03-04 12:14:42 +00:00
Owen Mansel-Chan
037c76d840 Update change note 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-03-04 07:49:18 +00:00
Owen Mansel-Chan
7a96b11a0a Add change note 2024-03-03 21:41:05 +00:00
Chris Smowton
0bb6a64e81 Java: extractor information: tolerate fractional percentages 2024-03-01 16:49:29 +00:00
Florin Coada
1719fd8acb Merge pull request #15769 from github/coadaflorin/changelog-2.16.3-updates 
Match changelog updates with public unified changelog
 2024-03-01 10:57:02 +00:00
Florin Coada
a8816a6d1c Update java/ql/src/change-notes/released/0.8.9.md 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-03-01 09:18:22 +00:00
Florin Coada
d54e3d73ab Update java/ql/src/CHANGELOG.md 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-03-01 09:18:14 +00:00
Chris Smowton
903e4f59f0 Exclude error types from contradictory-type-check query 2024-02-29 14:59:46 +00:00
Chris Smowton
ffa998eb4a Autoformat 2024-02-29 14:59:45 +00:00
Chris Smowton
5d55265910 Add telemetry for untyped expressions and missing call targets 2024-02-29 14:59:45 +00:00
Florin Coada
8d1965db59 match changelog to unified changelog 2024-02-29 14:33:14 +00:00
Florin Coada
cfdf163b40 Update changelog to match unified changelog 2024-02-29 14:32:57 +00:00
Joe Farebrother
2ebb80b632 Merge pull request #15548 from joefarebrother/android-local-auth-keys 
Java: Add query for insecurely generated keys for local authentication.
 2024-02-22 14:04:17 +00:00
Felicity Chapman
4810657515 Remove period from 'name' 
This is an error for the Docs content linter and does not match the style guide for query help.
 2024-02-22 10:50:45 +00:00
Joe Farebrother
ef124695a5 Apply suggestions from documentation review 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2024-02-22 10:11:49 +00:00
github-actions[bot]
37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot]
6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
Joe Farebrother
9ad05fe51c Address reveiws - Add BAD example to doc, add doc example to tests and fix typo. 2024-02-16 12:00:51 +00:00
Tony Torralba
90a9d82b9d Java: Expand ExactPathSanitizer to work on the argument of 'equals' too 2024-02-15 10:00:24 +01:00
Jonathan Leitschuh
50056d603e Fix typo in NettyRequestSplitting.java 2024-02-14 14:03:33 -05:00
Tony Torralba
b6385f7938 Merge pull request #15533 from JLLeitschuh/patch-5 
Reduce severity of `java/relative-path-command`
 2024-02-12 15:04:05 +01:00
Joe Farebrother
3a4a841844 Add change note + update severity 2024-02-12 14:01:27 +00:00
Joe Farebrother
16a7d68780 Add documentation 2024-02-12 13:58:01 +00:00
Joe Farebrother
2eb93b7a3b Add unit tests 2024-02-12 13:49:45 +00:00
Joe Farebrother
c79a3eb6ae Add query for insecure key generation 2024-02-12 13:49:44 +00:00
Joe Farebrother
75a2b9415c Merge pull request #15481 from joefarebrother/android-local-auth 
Java: Add query for insecure local authentication
 2024-02-12 13:48:53 +00:00
Joe Farebrother
d3fea4044e Apply suggestions from documentation review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-02-12 10:27:56 +00:00