4808 Commits

Author	SHA1	Message	Date
REDMOND\brodes	8280cbcaa1	Crypto: Update JCA model to include new model.qll updates.	2025-06-25 13:55:47 -04:00
Nicolas Will	710e08088f	Crypto: Refactor casing and documentation	2025-06-25 15:29:03 +02:00
Nora Dimitrijević	a49999dd5d	PolynomialReDoS: disable diff-informed support ... This is because it was failing the diff-informed consistency check, and like other ReDoS queries (Python?) the query tries to be helpful by showing a substring of a regex, which has a `hasLocation(...)` (intensional) but no corresponding `getLocation()` (extensional). Until the location overrides get updated to support `hasLocation`-based locations, it's probably best to turn off diff-informed support.	2025-06-24 16:42:41 +02:00
Nora Dimitrijević	b2cb585bf2	UnsafeDeserialization: add missing getASelectedSinkLocation override ... This fixes the failing diff-informed consistency check.	2025-06-24 16:42:39 +02:00
github-actions[bot]	6972c7a872	Post-release preparation for codeql-cli-2.22.1	2025-06-24 12:55:14 +00:00
github-actions[bot]	3e074b2425	Release preparation for version 2.22.1	2025-06-24 08:55:31 +00:00
Kasper Svendsen	0ee6a78a4a	Java: Allow methods with empty bodies for overlay	2025-06-24 10:38:07 +02:00
Kasper Svendsen	6e92d7e247	Java: Add entity discard predicates	2025-06-24 10:38:06 +02:00
Kasper Svendsen	81b677a2d9	rename overlay[caller] to overlay[caller?]	2025-06-24 10:25:07 +02:00
Kasper Svendsen	c207cfdeb7	Overlay: Add overlay annotations to Java & shared libraries	2025-06-24 10:25:06 +02:00
Nora Dimitrijević	f577c08f4d	Merge pull request #19795 from d10c/d10c/java/diff-informed-2 ... Java: mass enable diff-informed data flow + `none()` overrides	2025-06-19 13:48:53 +02:00
Nora Dimitrijević	aa5dd7bb4e	Java: mass enable diff-informed data flow + none() overrides ... An auto-generated patch that enables diff-informed data flow in the obvious cases. Builds on github#18346 and github/codeql-patch#88	2025-06-17 14:05:36 +02:00
REDMOND\brodes	2b6a8321fd	Crypto: Update JCA model to account for Model.qll changes.	2025-06-16 12:53:48 -04:00
Anders Schack-Mulligen	6131c680f6	Update java/ql/lib/semmle/code/java/ControlFlowGraph.qll ... Co-authored-by: Tom Hvitved <hvitved@github.com>	2025-06-13 14:07:46 +02:00
Anders Schack-Mulligen	d0d47808e9	Java: Add change note.	2025-06-12 11:03:49 +02:00
Anders Schack-Mulligen	f27e310ba3	Java: Adjust references.	2025-06-11 15:53:02 +02:00
Anders Schack-Mulligen	b3bb71f2e2	Java: Update the CFG for assert statements to make them proper guards.	2025-06-11 15:38:29 +02:00
github-actions[bot]	21463a9653	Post-release preparation for codeql-cli-2.22.0	2025-06-09 18:50:20 +00:00
github-actions[bot]	88ba02edf8	Release preparation for version 2.22.0	2025-06-09 18:14:51 +00:00
Chuan-kai Lin	631502e129	Merge branch 'main' into cklin/rc-3.18-mergeback	2025-06-09 07:19:40 -07:00
Nicolas Will	5a822462ad	Merge branch 'main' into openssl_keyagreement_instances_and_consumers	2025-06-02 16:54:22 +02:00
REDMOND\brodes	f5d24c5a7b	Crypto: Fix UnknownKeyAgreementType to OthernKeyAgreementType for JCA.	2025-06-02 10:11:53 -04:00
github-actions[bot]	d2c6875eac	Post-release preparation for codeql-cli-2.21.4	2025-05-27 18:16:21 +00:00
github-actions[bot]	bfb91e95e3	Release preparation for version 2.21.4	2025-05-27 17:22:05 +00:00
Anders Schack-Mulligen	62000319fe	Rangeanalysis: Simplify Guards integration.	2025-05-23 13:39:53 +02:00
Anders Schack-Mulligen	1d30103559	SSA: Distinguish between has and controls branch edge.	2025-05-23 09:56:22 +02:00
Owen Mansel-Chan	663c83d8c6	Merge pull request #19556 from owen-mc/java/pr/19512 ... Java: Fix SpringRequestMappingMethod URL Extraction #2	2025-05-22 15:08:31 +01:00
Owen Mansel-Chan	476ada13db	Improve QLDoc for SpringRequestMappingMethod.getAValue	2025-05-22 14:22:28 +01:00
Owen Mansel-Chan	45475c5c1d	Add change note	2025-05-22 12:29:31 +01:00
Owen Mansel-Chan	59d4f039d8	Deprecate SpringRequestMappingMethod.getValue (which didn't work)	2025-05-22 12:29:29 +01:00
Owen Mansel-Chan	775338ebdd	Rename getArrayValue to getAValue	2025-05-22 12:21:20 +01:00
Nicolas Will	7ee1bd61fb	Merge pull request #19541 from bdrodes/openssl_ec_key_gen ... Openssl ec key gen	2025-05-21 16:13:05 +02:00
Anders Schack-Mulligen	10efea1075	Java/Shared: Address review comments.	2025-05-21 09:01:47 +02:00
Anders Schack-Mulligen	3fde675d08	Java: Extend qldoc.	2025-05-21 09:01:47 +02:00
Anders Schack-Mulligen	a98d93b98b	Java: Override dominates to reference the right type.	2025-05-21 09:01:46 +02:00
Anders Schack-Mulligen	6b830faa62	Java: Add change note.	2025-05-21 09:01:46 +02:00
Anders Schack-Mulligen	db01828717	Java: Deprecate redundant basic block predicates.	2025-05-21 09:01:46 +02:00
Anders Schack-Mulligen	f202586f5e	Java: Use the shared BasicBlocks library.	2025-05-21 09:01:45 +02:00
REDMOND\brodes	b56472436e	Crypto: Alterations to OpenSSL cipher algorithms to use new fixed keysize predicate.	2025-05-20 10:36:56 -04:00
Jon Janego	9d65b5f85c	Merge pull request #19531 from github/changedocs-2.21.3 ... Changenotes for 2.21.3	2025-05-19 19:00:47 -05:00
Jon Janego	e5efe83243	Fixing upstream backticks around problematic characters so that the RST generator doesn't choke on asterisks	2025-05-19 17:03:23 -05:00
Jon Janego	b9841dccfb	Fixing more upstream typos	2025-05-19 16:45:08 -05:00
Jon Janego	3bd2f85a8e	Fixing some upstream typos etc	2025-05-19 16:33:45 -05:00
REDMOND\brodes	e7535b3eff	Crypto: Updating JCA to use new key size predicate returning int for elliptic curve.	2025-05-19 13:09:33 -04:00
sentient0being	f575d2f941	get array string url	2025-05-17 19:40:41 +08:00
REDMOND\brodes	dbd66e64c6	Fixing bug in JCA cipher modeling. intermediate operations should not be key operations.	2025-05-16 11:23:42 -04:00
github-actions[bot]	5f9dd75d7d	Post-release preparation for codeql-cli-2.21.3	2025-05-13 21:49:43 +00:00
github-actions[bot]	2de4a01c86	Release preparation for version 2.21.3	2025-05-13 21:14:27 +00:00
Chris Smowton	2ad5e20e79	Change note	2025-05-13 14:42:09 +01:00
Nicolas Will	c66ec63333	Fix query compilation errors	2025-05-12 14:48:58 +02:00