hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,410 Commits 1,672 Branches 157 Tags
codeql-cli/v2.16.2
Commit Graph

11346 Commits

Author SHA1 Message Date
github-actions[bot]
36f01ff31a Release preparation for version 2.16.2 2024-02-08 15:25:24 +00:00
Dave Bartolomeo
a58dd45d0b Revert "Merge pull request #15522 from github/release-prep/2.16.2" 
This reverts commit c4c8cd6b34, reversing
changes made to 525f27173d.
 2024-02-08 09:28:34 -05:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Joe Farebrother
525f27173d Merge pull request #15396 from joefarebrother/android-sensitive-ui-text 
Java: Add query for sensitive data exposed in text fields
 2024-02-05 15:47:03 +00:00
github-actions[bot]
ee5df7bf58 Add changed framework coverage reports 2024-02-05 00:16:44 +00:00
Joe Farebrother
3878192810 Apply suggestions from documentation review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-02-02 17:21:23 +00:00
Ian Lynagh
643817e74e Merge pull request #15477 from igfoo/igfoo/kot_path_trans 
Kotlin: Add path transformer support
 2024-02-02 15:34:14 +00:00
Max Schaefer
21c0422dc7 Merge pull request #15499 from github/max-schaefer/automodel-functional-interface-expr 
Automodel: Do not consider `@FunctionalInterface`-typed expressions as candidates.
 2024-02-02 14:28:41 +00:00
Anders Schack-Mulligen
49b00f3842 Java: Remove two redundant models implied by CharSequence models. 2024-02-02 13:17:26 +01:00
Ian Lynagh
68f267798e Kotlin: Add support for path transformers 2024-02-01 18:07:47 +00:00
Max Schaefer
e47b021050 Do not consider expressions as candidates whose type is annotated with @FunctionalInterface. 2024-02-01 11:04:14 +00:00
Joe Farebrother
9130603334 Address reviews - use SimpleTypeSanitizer and alter qldoc style 2024-01-31 11:31:25 +00:00
Ian Lynagh
2eb9b61412 Kotlin: Add a test for path transformers 2024-01-30 17:40:43 +00:00
Joe Farebrother
460ffc89b2 Add additional test cases 2024-01-29 22:43:28 +00:00
Joe Farebrother
3abd67064d Add change note 2024-01-29 16:33:07 +00:00
Joe Farebrother
94075ef148 Fix FPs - consider flow through fields when determining whether a view is masked, and find more instances of findViewById. 2024-01-29 16:25:38 +00:00
Joe Farebrother
8d201626e1 Add documentation 2024-01-29 16:25:38 +00:00
Joe Farebrother
aa78050933 Implement checks for elements hidden by their xml attributes 2024-01-29 16:25:38 +00:00
Joe Farebrother
6081f18089 Add unit tests + make some fixes 2024-01-29 16:25:37 +00:00
Joe Farebrother
8582093e65 Implement checks for parent views being hidden 2024-01-29 16:25:37 +00:00
Joe Farebrother
1b13597d72 Implement checks for calls that may safely mask information 2024-01-29 16:25:37 +00:00
Joe Farebrother
5dd0addfc2 Add sensitive text flow query 2024-01-29 16:25:36 +00:00
Ian Lynagh
79d9109850 Merge pull request #15428 from igfoo/igfoo/catch_illegal_arg 
Kotlin: Catch/ignore a IllegalArgumentException exception
 2024-01-29 11:27:38 +00:00
Ian Lynagh
76e417c23e Merge pull request #14940 from igfoo/igfoo/comments 
Kotlin 2: Comment improvements
 2024-01-29 11:27:19 +00:00
github-actions[bot]
6d06c9cb7d Add changed framework coverage reports 2024-01-29 00:16:27 +00:00
Edward Minnix III
4602f8933d Merge pull request #15292 from egregius313/egregius313/java/dataflow/common-sanitizers/uuid-and-date 
Java: Add `java.util.UUID` and `java.util.Date` to the `SimpleTypeSanitizer` class
 2024-01-26 13:16:18 -05:00
Joe Farebrother
031bd8bd0c Merge pull request #15281 from joefarebrother/android-sensitive-ui-notif 
Java: Add query for exposure of sensitive information to android notifiactions
 2024-01-26 16:42:55 +00:00
Max Schaefer
73130ec665 Merge pull request #15436 from github/max-schaefer-patch-1 
Java: Add models for overloads of DatagramPacket constructor
 2024-01-26 16:13:11 +00:00
Henry Mercer
452359f20e Merge pull request #15446 from github/codeql-cli-2.16.1 
Merge `codeql-cli-2.16.1` back to `main`
 2024-01-26 15:52:56 +00:00
Henry Mercer
6bef1404fd Merge remote-tracking branch 'origin/codeql-cli-2.16.1' into henrymercer/2.16.0-mergeback 2024-01-26 13:53:13 +00:00
Tony Torralba
52d7bd93a5 Merge pull request #15420 from github/java/update-mad-decls-after-triage-2024-01-24T10-05-04 
Java: Update MaD Declarations after Triage
 2024-01-26 08:42:49 +01:00
Tony Torralba
d299971086 Fix code review mistake 2024-01-25 17:42:11 +01:00
Tony Torralba
661c5cf6aa Merge pull request #15409 from erik-krogh/path-java 
Java: Improve the QHelp for `java/path-injection`.
 2024-01-25 17:14:59 +01:00
Ian Lynagh
c0a9c11101 Kotlin: Catch/ignore a IllegalArgumentException exception 
This works around
    https://youtrack.jetbrains.com/issue/KT-63847/K2-IllegalStateException-IrFieldPublicSymbolImpl-for-java.time-Clock.OffsetClock.offset0-is-already-bound
 2024-01-25 16:04:08 +00:00
Max Schaefer
13f0df3588 Add two more models. 2024-01-25 15:00:22 +00:00
Max Schaefer
5235291919 Add models for overloads of DatagramPacket constructor 2024-01-25 14:49:05 +00:00
Henry Mercer
10343dd822 Merge pull request #15416 from github/post-release-prep/codeql-cli-2.16.1 
Post-release preparation for codeql-cli-2.16.1
 2024-01-25 14:15:25 +00:00
Tony Torralba
282632c33b Add new snippets as tests 2024-01-25 15:11:11 +01:00
Stephan Brandauer
1f9a968774 Java: PR discussion 2024-01-25 13:59:47 +01:00
erik-krogh
73e3fada44 add missing </p> 2024-01-25 12:14:10 +01:00
erik-krogh
05a59d2a94 apply suggestions from doc review 2024-01-25 11:20:46 +01:00
Stephan Brandauer
5d6ee9c0cb Update java/ql/lib/ext/com.fasterxml.jackson.databind.model.yml 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2024-01-25 10:00:56 +01:00
Chris Smowton
ed9abdd9bd Mock Java 8 toolchain so sibling test works on arm runners 2024-01-24 16:51:38 +00:00
Chris Smowton
287fb8003d Make all toolchains available to test 2024-01-24 16:51:38 +00:00
Chris Smowton
16d30d7335 Remove xml and properties tests 2024-01-24 16:51:38 +00:00
Chris Smowton
042a3b64bb Use Java 11 to run old Gradle 2024-01-24 16:51:38 +00:00
Chris Smowton
b5429f1a50 Add test for buildless with sibling projects 2024-01-24 16:51:38 +00:00
Chris Smowton
e3ef8aa6f6 Adjust test expectations 2024-01-24 16:51:37 +00:00
Chris Smowton
96bf47fbd9 Remove accidentally-committed actual files 2024-01-24 16:51:37 +00:00
Stephan Brandauer
4e63cbc993 Merge branch 'main' into java/update-mad-decls-after-triage-2024-01-24T10-05-04 2024-01-24 14:55:20 +01:00