codeql

mirror of https://github.com/github/codeql.git synced 2026-05-25 16:47:07 +02:00

Author	SHA1	Message	Date
Dilan	4fd7aec87f	Merge tag 'codeql-cli/latest' Compatible with the latest released version of the CodeQL CLI	2025-01-09 21:59:09 +00:00
github-actions[bot]	88b6f1e79a	Release preparation for version 2.20.1	2025-01-07 20:50:36 +00:00
Dave Bartolomeo	72a53c4b23	Revert "Release preparation for version 2.20.1"	2025-01-07 13:32:23 -05:00
github-actions[bot]	fbf9f2fff8	Release preparation for version 2.20.1	2025-01-07 17:20:13 +00:00
Dave Bartolomeo	22e030584c	Revert "Release preparation for version 2.20.1"	2025-01-07 12:14:27 -05:00
github-actions[bot]	a121c5a5d0	Release preparation for version 2.20.1	2025-01-06 18:20:22 +00:00
Michael Nebel	aaf0cd5dee	Merge pull request #17968 from michaelnebel/java/movetestutils Move test utilities to the query pack.	2024-12-16 13:41:30 +01:00
Michael Nebel	0bfc1b6ea8	Also move the postprocessing queries to the library pack.	2024-12-12 15:03:03 +01:00
Michael Nebel	941b0abbf6	Move modules to the library packs.	2024-12-12 15:03:01 +01:00
Owen Mansel-Chan	8703e21f62	Merge pull request #17996 from owen-mc/java/lightweight-IR-layer-classes Java: Make separate classes for different control flow node kinds	2024-12-12 13:36:54 +00:00
Owen Mansel-Chan	8e11789186	Restore `asStmt`, `asExpr` and `asCall` to `Node` It doesn't really make sense to define them in terms of dispatch.	2024-12-12 12:30:01 +00:00
Owen Mansel-Chan	066db766ef	Merge pull request #18153 from owen-mc/java/resttemplate-getforobject Java: add SSRF sink model for the third parameter of `RestTemplate.getForObject`	2024-12-11 16:37:35 +00:00
Jami	538dee81b6	Merge pull request #18214 from jcogs33/jcogs33/java/file-getname-path-sanitizer Java: add File.getName as a path injection sanitizer	2024-12-11 10:18:02 -05:00
Owen Mansel-Chan	1420bce36a	Move import statement in SpringWebClient.qll	2024-12-11 14:19:24 +00:00
Owen Mansel-Chan	aaa4361120	Rearrange member predicates in ControlFlow::Node Put all the ones which might need to be overrridden by subclasses together for ease of reading.	2024-12-11 10:34:18 +00:00
Owen Mansel-Chan	79f4f78fc2	Make separate classes for control flow node kinds This puts all the logic of a particular control flow node kind into one place and makes it easier to add new kinds.	2024-12-11 10:34:16 +00:00
Dilan	2e6d9e7ca5	Merge tag 'codeql-cli/latest' Compatible with the latest released version of the CodeQL CLI	2024-12-10 18:26:05 +00:00
Owen Mansel-Chan	3f5886ef7a	Accept another review suggestion	2024-12-10 15:26:17 +00:00
Owen Mansel-Chan	2da9bfb1a6	Finish renaming getCFGNode to getCfgNode	2024-12-10 15:26:16 +00:00
Owen Mansel-Chan	274281f61e	Apply all suggestions from code review Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-12-10 15:26:14 +00:00
Owen Mansel-Chan	d06dfe0ca3	Add change note	2024-12-10 15:26:13 +00:00
Owen Mansel-Chan	0f3dd6d8f1	Java: IPA the CFG	2024-12-10 15:26:11 +00:00
Jami Cogswell	214da9e9ad	Java: add change note	2024-12-06 19:59:40 -05:00
github-actions[bot]	8c64648520	Release preparation for version 2.20.0	2024-12-06 19:10:28 +00:00
Henry Mercer	a6a4ad6400	Revert "Release preparation for version 2.20.0"	2024-12-06 19:00:27 +00:00
Owen Mansel-Chan	347fd575a2	Refactor to avoid duplicated logic	2024-12-05 11:15:43 +00:00
Owen Mansel-Chan	b20b7c7572	Remove escaped "{" and "}" before counting placeholders	2024-12-05 10:43:13 +00:00
Anders Schack-Mulligen	4bf63fedc9	Merge pull request #18179 from aschackmull/dataflow/accesspath-notypes Dataflow: Remove tracked types from Access Paths, track tainted object type, and tweak type pruning.	2024-12-05 09:58:36 +01:00
Jami Cogswell	121780c55a	Java: add File.getName as a path injection sanitizer	2024-12-04 18:57:51 -05:00
github-actions[bot]	cf71a1525b	Post-release preparation for codeql-cli-2.20.0	2024-12-04 18:36:17 +00:00
github-actions[bot]	96564b7128	Release preparation for version 2.20.0	2024-12-04 16:01:14 +00:00
Henry Mercer	963f084d87	Merge branch 'main' into henrymercer/merge-back-rc-3.16	2024-12-04 13:39:10 +00:00
Anders Schack-Mulligen	03fdceb0fd	Merge pull request #18191 from aschackmull/dataflow/remove-deprecated-lib Dataflow: Delete the old configuration-class based api.	2024-12-04 11:31:46 +01:00
Anders Schack-Mulligen	5042753b29	C#/Java: Add change notes.	2024-12-04 10:20:43 +01:00
Anders Schack-Mulligen	b12a1c078c	Java: Delete deprecated extension points referencing deleted api.	2024-12-03 20:08:44 +01:00
Anders Schack-Mulligen	cca27e4c77	Add change notes for all languages.	2024-12-03 19:42:33 +01:00
Anders Schack-Mulligen	2c0baff76a	Java: Delete deprecated data flow api.	2024-12-03 14:13:03 +01:00
Tom Hvitved	fbeb6f3940	Shared: Move shared logic into `FlowSummaryImpl.qll`	2024-12-03 09:11:11 +01:00
Dilan	0e25de1af0	Merge tag 'codeql-cli/latest' Compatible with the latest released version of the CodeQL CLI	2024-12-02 13:59:17 +00:00
Owen Mansel-Chan	2c061b0d56	Add QLDoc for HostnameSanitizingPrefix	2024-11-29 09:46:44 +00:00
Owen Mansel-Chan	7f8a1ae941	Add change note	2024-11-29 09:46:42 +00:00
Owen Mansel-Chan	7648d397f8	Improve model to remove some false positives	2024-11-29 09:46:41 +00:00
Owen Mansel-Chan	617f4f140e	Make HostnameSanitizingPrefix public	2024-11-29 09:46:39 +00:00
Owen Mansel-Chan	ba3f9d6134	Convert model to QL	2024-11-29 09:46:38 +00:00
github-actions[bot]	b36f3f97ee	Release preparation for version 2.19.4	2024-11-28 19:28:05 +00:00
Alexander Eyers-Taylor	6f18d69925	Revert "Release preparation for version 2.19.4"	2024-11-28 19:19:56 +00:00
Owen Mansel-Chan	b5fbf2e944	Add models for third arg of getForObject No attempt to stop FPs.	2024-11-28 16:51:13 +00:00
Owen Mansel-Chan	65fb895ed5	(Unrelated) Fix typo in class name	2024-11-28 16:51:09 +00:00
Anders Schack-Mulligen	df2e2e503a	Merge pull request #17901 from aschackmull/java/allowlist-sanitizer Java: Add a default taint sanitizer for contains-checks on lists of constants	2024-11-27 11:09:05 +01:00
Anders Schack-Mulligen	5ef496dd1b	Java: Add more qldoc.	2024-11-27 09:07:35 +01:00

1 2 3 4 5 ...

4139 Commits