hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
44,622 Commits 1,673 Branches 157 Tags
f7f12076df9f3d88ebcc8b1a8c9014b67100546d
Commit Graph

3909 Commits

Author SHA1 Message Date
Chris Smowton
7f8bcf76bf Merge pull request #10665 from dilanbhalla/dilan-java/guidance-exectainted 
Java Guidance: ExecTainted.ql (experimental version)
 2022-10-05 15:05:10 +01:00
Tony Torralba
2deb3e5625 Reapply "Java: Fix cartesian product" 
This reverts commit c1654ce7cc.
 2022-10-04 11:11:44 +02:00
Tony Torralba
281e49daf7 Revert "Java: Add CompilationUnit.getATypeAvailableBySimpleName()" 
This reverts commit 431aa2cb79.
 2022-10-04 10:59:45 +02:00
Tony Torralba
01b950f68b Revert "Java: Rename predicate to getATypeInScope" 
This reverts commit fd99ae78b3.
 2022-10-04 10:59:43 +02:00
Tony Torralba
df29e05b9f Revert "Java: Adjust ImpossibleJavadocThrows.ql" 
This reverts commit c40b6285a2.
 2022-10-04 10:59:39 +02:00
Tony Torralba
c1654ce7cc Revert "Java: Fix cartesian product" 2022-10-04 10:56:32 +02:00
Dilan Bhalla
bff2633f8d java guidance: experimental version of exectainted 2022-10-03 11:18:17 -07:00
Tony Torralba
ba9eb8c73c Fix stub generator 
Add line break after all stubbed annotations to avoid malformed code

See https://github.com/github/codeql/pull/8695\#discussion_r985674245
 2022-10-03 14:43:58 +02:00
Tony Torralba
f860ae8c82 Apply review suggestions 2022-10-03 10:38:35 +02:00
Tony Torralba
0645f62a0d Use monotonicAggregates to avoid non-monotonic recursions 2022-10-03 10:31:14 +02:00
Tony Torralba
66e6f4d25e Use empty string as default value for string annotation values 2022-10-03 10:31:14 +02:00
Tony Torralba
8a3ed6bdcf Apply code review suggestions 2022-10-03 10:31:14 +02:00
Tony Torralba
6f7b7c9efe If an annotation value is an array, order its elements by index 2022-10-03 10:31:14 +02:00
Tony Torralba
6f1124d7e7 Handle more annotation element value types 2022-10-03 10:31:13 +02:00
Tony Torralba
1ece12efd7 Add annotation element names 2022-10-03 10:31:13 +02:00
Tony Torralba
d4499a10d2 Fix typo 2022-10-03 10:31:13 +02:00
Tony Torralba
ee7507386c Fix annotation vs interface keyword stubbing 2022-10-03 10:31:13 +02:00
Tony Torralba
eda676df3e Add support for Annotation types stub generation 2022-10-03 10:31:13 +02:00
Erik Krogh Kristensen
3d00a61dac Merge pull request #10528 from erik-krogh/java-followMsg 
Java: Update the alert messages to better follow the style guide
 2022-10-03 09:49:47 +02:00
erik-krogh
39ffa558f1 make a few more queries consistent with the other languages 2022-10-02 22:38:25 +02:00
erik-krogh
2f673efc67 autoformat 2022-10-01 13:21:20 +02:00
erik-krogh
129cda00db get a few more queries in sync with other languages 2022-10-01 11:17:48 +02:00
erik-krogh
acfcc4bfe2 update two more queries to better follow the style-guide 2022-10-01 10:59:59 +02:00
erik-krogh
7d643e41f3 Merge branch 'main' into java-followMsg 2022-10-01 10:48:06 +02:00
Tony Torralba
585cbe2b95 Fix cartesian product 2022-09-30 10:47:22 +02:00
Anders Schack-Mulligen
b48b5d45ef Merge pull request #10498 from Marcono1234/marcono1234/compilation-unit-simple-name-type 
Java: Add `CompilationUnit.getATypeInScope()`
 2022-09-28 13:18:29 +02:00
Joe Farebrother
6cb26d5129 Merge pull request #10241 from joefarebrother/android-webview-dubugging 
Java: Add query for WebView debugging enabled
 2022-09-28 10:50:51 +01:00
Tony Torralba
be9509ceb9 Merge pull request #9199 from luchua-bc/java/unsafe-url-forward-dispatch-load 
Java: CWE-552 Query to detect unsafe resource loading in Java Spring applications
 2022-09-27 15:27:51 +02:00
Tony Torralba
7ff82bbed3 Update java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll 2022-09-27 13:26:21 +02:00
Joe Farebrother
af41f2b903 Remove 'here'. 2022-09-26 13:36:14 +01:00
erik-krogh
46b5bf32f9 update alert-messsages of java queries 2022-09-26 12:15:25 +02:00
Marcono1234
c40b6285a2 Java: Adjust ImpossibleJavadocThrows.ql 2022-09-26 12:08:43 +02:00
Marcono1234
fd99ae78b3 Java: Rename predicate to getATypeInScope 2022-09-25 14:44:16 +02:00
github-actions[bot]
6cef0af5df Post-release preparation for codeql-cli-2.11.0 2022-09-23 21:01:40 +00:00
luchua-bc
8effbff817 Remove unused code and update qldoc 2022-09-23 12:43:39 +00:00
luchua-bc
e33d786745 Add test cases and reduce FPs 2022-09-23 12:31:16 +00:00
luchua-bc
251f67dcf3 Use the new CSV model 2022-09-23 12:31:16 +00:00
luchua-bc
b3572747f0 Simplify test case and minor update to the query 2022-09-23 12:31:15 +00:00
luchua-bc
311c9e4719 Query to detect unsafe resource loading in Java Spring applications 2022-09-23 12:31:15 +00:00
github-actions[bot]
f5cf8cffa3 Release preparation for version 2.11.0 2022-09-22 20:14:12 +00:00
Dave Bartolomeo
cee0e8e137 Merge pull request #10532 from github/henrymercer/3.7-mergeback 
Final mergeback from `rc/3.7`
 2022-09-22 13:42:59 -04:00
Erik Krogh Kristensen
6e6880bbe4 Merge pull request #10486 from erik-krogh/java-unqueryable 
Java: Delete some unused code
 2022-09-22 14:21:39 +02:00
Henry Mercer
f8f99af8b7 Bump the minor version of packs we regularly release 2022-09-22 12:14:19 +01:00
Joe Farebrother
2414239e50 Fix qhelp formatting 2022-09-21 16:36:20 +01:00
Joe Farebrother
ed8ec89497 Reword suggestion on using debug flags 2022-09-21 13:57:31 +01:00
Joe Farebrother
44bd038339 Apply docs suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2022-09-21 13:57:31 +01:00
Joe Farebrother
a6a500ade2 Apply suggestions from code review - doc improvements, simplification 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2022-09-21 13:57:31 +01:00
Joe Farebrother
6014a75e0e Fix qhelp 2022-09-21 13:57:30 +01:00
Joe Farebrother
eed2df0fb3 Fix qhelp & ql-for-ql errors 2022-09-21 13:57:30 +01:00
Joe Farebrother
414e0b20b3 Add change note 2022-09-21 13:57:30 +01:00