codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00

Author	SHA1	Message	Date
github-actions[bot]	9bfe4ea90a	Release preparation for version 2.17.1	2024-04-15 17:34:47 +00:00
Anders Schack-Mulligen	f85ff9defc	Java: Update expected output (interesting).	2024-04-12 09:20:28 +02:00
Anders Schack-Mulligen	c2f5731e8d	Java: Update expected output (uninteresting).	2024-04-12 09:20:26 +02:00
Anders Schack-Mulligen	eafc0075fd	Legacy dataflow: Sync.	2024-04-12 09:19:54 +02:00
Anders Schack-Mulligen	2925e45434	Java/Dataflow: Propagate MaD-id/model-id to PathGraph.	2024-04-12 09:19:51 +02:00
Ian Lynagh	58f825fcb8	Kotlin: Drop our 2.0.255-SNAPSHOT version It's now older than 2.0.0-RC1	2024-04-11 11:58:59 +01:00
Ian Lynagh	9c573dbee3	Kotlin: Update expected result for kotlin-version-too-new test	2024-04-11 11:58:59 +01:00
Ian Lynagh	7ce7685b91	Kotlin: FirMetadataSource.File.files has been removed In new versions, but not old versions, we want FirMetadataSource.File.fir instead.	2024-04-11 11:58:59 +01:00
Ian Lynagh	1698ccff9a	Kotlin: Add 2.0.0-RC1 support (and remove 2.0.0-Beta4)	2024-04-11 11:58:59 +01:00
github-actions[bot]	c4c81b77cf	Add changed framework coverage reports	2024-04-11 00:16:51 +00:00
Dave Bartolomeo	996f535f0b	Merge pull request #16103 from github/dbartol/javadoc-record Allow `@param` tags to apply to record parameters	2024-04-09 14:21:45 -04:00
Dave Bartolomeo	b9cfeaf614	Add test case	2024-04-09 12:41:32 -04:00
Taus	3656376cc4	Merge pull request #16064 from github/max-schaefer/fix-unexploitable-types Automodel: Filter unexploitable types in application mode.	2024-04-09 17:14:53 +02:00
Max Schaefer	deb78b248b	Apply suggestions from code review Co-authored-by: Taus <tausbn@github.com>	2024-04-09 14:38:17 +01:00
Owen Mansel-Chan	ae8240a695	Delete models for JDK internal packages	2024-04-09 13:23:03 +01:00
erik-krogh	8cb6598f50	fixing that I put a type on the wrong thing in the alert-message	2024-04-08 20:51:19 +02:00
erik-krogh	018b066b95	autoformat	2024-04-08 07:15:33 +02:00
erik-krogh	ca4f667053	add fallback if I can't easily determine the variable	2024-04-08 07:14:48 +02:00
erik-krogh	8b220cc1b3	also get the variable for array accesses	2024-04-08 07:14:48 +02:00
erik-krogh	795b767b6e	add link to the source variable in the alert-message for java/implicit-cast-in-compound-assignment	2024-04-08 07:14:48 +02:00
Mathias Vorreiter Pedersen	2256c4c008	Merge pull request #15728 from MathiasVP/shared-typeflow-library Java/Shared: Refactor `TypeFlow.qll` into a shared library	2024-04-05 16:24:17 +01:00
Mathias Vorreiter Pedersen	1775bdee5f	Java: Remove redundant qualifiers.	2024-04-05 12:52:04 +01:00
Mathias Vorreiter Pedersen	26cf8df8d6	Update java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-04-05 12:50:26 +01:00
Mathias Vorreiter Pedersen	3f63d3a865	Update java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>	2024-04-05 12:49:40 +01:00
Mathias Vorreiter Pedersen	1acbb84444	Shared/Java: Make the 'isNull' interface slightly prettier.	2024-04-05 11:58:43 +01:00
Owen Mansel-Chan	e10333bf2b	Merge pull request #14919 from github/java/jdk-model-autogeneration Java: add dataflow-generated models for JDK17	2024-04-04 21:12:55 +01:00
Dave Bartolomeo	2336e14627	Remove expectation of spurious diagnostic	2024-04-04 10:31:05 -04:00
Tom Hvitved	1dc13cc169	Merge pull request #15923 from hvitved/shared-xml-impl Properly shared `XML.qll` implementation	2024-04-03 11:39:50 +02:00
Dave Bartolomeo	ce98353d22	Allow `@param` tags to apply to record parameters	2024-04-02 15:15:11 -04:00
Michael Nebel	c378d6a661	Merge pull request #16027 from github/workflow/coverage/update Update CSV framework coverage reports	2024-04-02 14:08:09 +02:00
Ian Lynagh	e610573411	Merge pull request #16078 from igfoo/igfoo/exprs_changes Kotlin 2: Accept more changes	2024-04-02 12:19:17 +01:00
Ian Lynagh	e5999f76b0	Merge pull request #16079 from igfoo/igfoo/del Kotlin 2: Accept some more location changes	2024-04-02 12:18:58 +01:00
github-actions[bot]	55987d9c1f	Add changed framework coverage reports	2024-04-02 00:16:19 +00:00
github-actions[bot]	8e61c6625b	Post-release preparation for codeql-cli-2.17.0	2024-04-01 15:27:42 +00:00
github-actions[bot]	ec97d9a304	Release preparation for version 2.17.0	2024-04-01 13:46:57 +00:00
Owen Mansel-Chan	fdafaa2ff4	Change note: update numbers of models added	2024-04-01 14:04:01 +01:00
Owen Mansel-Chan	e3fb40a842	Adjust change note	2024-04-01 14:03:53 +01:00
Owen Mansel-Chan	a5979e209a	Add change note	2024-04-01 14:03:47 +01:00
Owen Mansel-Chan	fa614df3f4	Tests fixed by model for `CharBuffer.wrap(char[])`	2024-04-01 14:03:42 +01:00
Owen Mansel-Chan	2d24fe011b	Accept that lots of sinks are now summaries as well	2024-04-01 14:03:36 +01:00
Owen Mansel-Chan	9067a337b0	Test fixed by model for `BasicAttributes(String, Object)`	2024-04-01 14:03:30 +01:00
Owen Mansel-Chan	776c9d9eb2	Accept changes to top jdk apis test	2024-04-01 14:03:23 +01:00
Owen Mansel-Chan	52e6ea30e7	Accept more capture summary models This line is added because `FileOutputStream`'s constructor is now modeled as propagating taint, not just as a sink. \| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];ReturnValue;taint;df-generated \|	2024-04-01 14:03:00 +01:00
Owen Mansel-Chan	919436efbb	Remove df-gen models we have deliberately modeled Manual models always take precedence over generated models, so there is no point in keeping the generated models. These manual models were deliberately written to take precedence over the corresponding df-gen models.	2024-04-01 13:59:36 +01:00
Jami	d889e3cf98	Merge pull request #14854 from jcogs33/jcogs33/unsafe-url-forward-promotion Java: Promote Unsafe URL Forward query from experimental	2024-03-29 16:34:06 -04:00
Jami	2f8c4df309	docs wording updates Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>	2024-03-28 16:15:05 -04:00
Ian Lynagh	3acdc73f22	Kotlin 2: Accept some more location changes	2024-03-28 16:15:37 +00:00
Ian Lynagh	568fba6940	Kotlin 2: Accept some more test changes	2024-03-28 15:28:36 +00:00
Ian Lynagh	0fdc71bf57	Kotlin 2: Accept a test change For if(r != null) { val r2: Rectangle = r in Kotlin 2 mode, there is no IMPLICIT_NOTNULL check in Kotlin 2 mode: then: BLOCK type=kotlin.Unit origin=null VAR name:r2 type:java.awt.Rectangle [val] - TYPE_OP type=java.awt.Rectangle origin=IMPLICIT_NOTNULL typeOperand=java.awt.Rectangle - GET_VAR 'val r: @[FlexibleNullability] java.awt.Rectangle? [val] declared in <root>.foo' type=@[FlexibleNullability] java.awt.Rectangle? origin=null + GET_VAR 'val r: @[FlexibleNullability] java.awt.Rectangle? [val] declared in <root>.foo' type=@[FlexibleNullability] java.awt.Rectangle? origin=null VAR name:height type:kotlin.Int [val] GET_FIELD 'FIELD IR_EXTERNAL_JAVA_DECLARATION_STUB name:height type:kotlin.Int visibility:public' type=kotlin.Int origin=null receiver: GET_VAR 'val r2: java.awt.Rectangle [val] declared in <root>.foo' type=java.awt.Rectangle origin=null	2024-03-28 15:23:27 +00:00
Ian Lynagh	96723b1a8f	Kotlin 2: Accept some loc changes	2024-03-28 15:11:19 +00:00

1 2 3 4 5 ...

11794 Commits