codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00

Author	SHA1	Message	Date
github-actions[bot]	a22e70373a	Release preparation for version 2.17.4	2024-05-31 13:40:51 +00:00
Chuan-kai Lin	b41835a7d9	Revert "Release preparation for version 2.17.4"	2024-05-30 09:25:15 -07:00
github-actions[bot]	33b4ae8bbb	Release preparation for version 2.17.4	2024-05-28 15:44:32 +00:00
Anders Schack-Mulligen	5c635e982e	C++/C#/Java: Update expected output.	2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen	5a259843bb	Dataflow: Switch call context to a set representation.	2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen	bc8ca1af86	Dataflow: Introduce NodeRegions for use in isUnreachableInCall.	2024-05-27 11:01:51 +02:00
Anders Schack-Mulligen	5a7174dcbb	Merge pull request #16500 from aschackmull/java/static-field-side-effect Java: Add support for flow through side-effects on static fields.	2024-05-24 09:19:31 +02:00
Michael Nebel	78d4745722	Merge pull request #16578 from michaelnebel/java/dontliftneutral Java: Do not lift neutrals in Model generation.	2024-05-24 09:19:20 +02:00
Dave Bartolomeo	f498e05099	Merge branch 'main' into dbartol/v1	2024-05-23 14:37:28 -04:00
Dave Bartolomeo	613ccaac1d	Add change note to all v1.0.0 packs	2024-05-23 13:01:22 -04:00
Arthur Baars	b2c64eabd4	Merge pull request #16572 from github/aibaars-patch-2 Java: include link to `remote source` in TrustBoundaryViolation.ql	2024-05-23 18:16:11 +02:00
Michael Nebel	9cf0995720	Java: Update test expected output.	2024-05-23 16:33:04 +02:00
Michael Nebel	6f5bdfba65	Java: Do not lift neutrals and only generate for public endpoints.	2024-05-23 16:32:45 +02:00
Arthur Baars	b5b5fef642	Switch source and sink in TrustBoundaryViolation.ql	2024-05-23 15:53:12 +02:00
Arthur Baars	5c4eb3c943	Java: add change note	2024-05-23 13:06:01 +00:00
Michael Nebel	1e54422662	Java: Add neutral implementations.	2024-05-23 15:00:23 +02:00
Anders Schack-Mulligen	4905612905	Merge pull request #16573 from aschackmull/java/dispatch-joinorder Java: Fix join-order in viableImplInCallContext.	2024-05-23 14:48:25 +02:00
Arthur Baars	d540675b9e	Update TrustBoundaryViolation.ql	2024-05-23 12:04:47 +00:00
Anders Schack-Mulligen	1bc3f6b0e7	Java: Add change note.	2024-05-23 13:03:06 +02:00
Anders Schack-Mulligen	bf3dbc24de	Java: Add support for flow through side-effects on static fields.	2024-05-23 12:57:57 +02:00
Anders Schack-Mulligen	4b3e35ed52	Java: Fix join-order in viableImplInCallContext.	2024-05-23 12:49:57 +02:00
Anders Schack-Mulligen	f353065d26	Java: Allow overloading for exact model matches.	2024-05-23 10:50:01 +02:00
Anders Schack-Mulligen	0f864081cb	Java: Remove source dispatch when there's an exact match from a manual model.	2024-05-23 10:50:00 +02:00
Owen Mansel-Chan	0cc868c742	Merge branch 'main' into workflow/coverage/update	2024-05-23 07:49:02 +01:00
Tony Torralba	d202355b07	Merge pull request #16553 from atorralba/atorralba/java/xxe-qhelp-reword Java: Reword recommendation section of XXE query	2024-05-23 08:48:29 +02:00
github-actions[bot]	0f2d0c098f	Add changed framework coverage reports	2024-05-23 00:16:44 +00:00
Dave Bartolomeo	ffe4c8c87b	Update all pack versions to `1.0.0`	2024-05-22 13:39:08 -04:00
Anders Schack-Mulligen	15a7c3faeb	Java: Accept qltest .expected file changes.	2024-05-22 15:42:40 +02:00
Anders Schack-Mulligen	a650499a9c	Java: Accept qltest .expected file changes (interesting).	2024-05-22 15:42:12 +02:00
Anders Schack-Mulligen	de5c69d0a1	Merge pull request #16551 from aschackmull/java/model-fixes Java: Revise some jdk time-related models	2024-05-22 14:05:23 +02:00
Anders Schack-Mulligen	a078dcf1f2	Merge pull request #16550 from aschackmull/java/zipslip-number-sanitizer Java: Improve sanitizer for java/zipslip	2024-05-22 12:43:44 +02:00
Tony Torralba	5ec3335b07	Java: Reword recommendation section of XXE query	2024-05-22 11:34:19 +02:00
Anders Schack-Mulligen	a74cf6501a	Java: update qltest expected files.	2024-05-22 11:13:06 +02:00
Michael Nebel	84e412fe36	Merge pull request #16477 from michaelnebel/csharp/madinlinetest C#: Inline expectation for model generator test.	2024-05-22 11:05:23 +02:00
Anders Schack-Mulligen	ba97c3623a	Java: Change most java.time.* df-generated taint models to neutrals.	2024-05-22 10:29:54 +02:00
Anders Schack-Mulligen	54f2316d00	Java: Add a neutral model.	2024-05-22 10:29:49 +02:00
Anders Schack-Mulligen	7828cb8f5a	Java: Add change note.	2024-05-22 10:27:33 +02:00
Anders Schack-Mulligen	d82acf5866	Java: Add simple type sanitization to java/zipslip.	2024-05-22 10:23:30 +02:00
Tom Hvitved	bebcd679a4	Address review comments	2024-05-21 14:51:52 +02:00
Rasmus Wriedt Larsen	2451a6d3f6	Accept `.expected` changes	2024-05-21 14:47:42 +02:00
Tom Hvitved	454687d583	Data flow: Synthesize parameter return nodes	2024-05-21 14:47:42 +02:00
Michael Nebel	78b8a9259a	Share the Models as Data inline expect predicates.	2024-05-17 09:44:57 +02:00
Owen Mansel-Chan	a8201a19ae	Merge pull request #16506 from github/smowton/admin/gradle-version-detection-change-note Java: Add change note for Gradle JDK version detection	2024-05-16 17:11:03 +01:00
Michael Nebel	b1329fd806	Merge pull request #16362 from michaelnebel/java/removelocalqueries Java: Remove local query variants.	2024-05-16 14:34:04 +02:00
Max Schaefer	98d2c848bb	Merge pull request #16497 from github/max-schaefer/comparison-with-wider-type Java: Add tests for `comparison-with-wider-type`.	2024-05-16 10:59:59 +01:00
Chris Smowton	e8d064e291	Java: Add change note for Gradle JDK version detection	2024-05-16 09:15:47 +01:00
Chris Smowton	a50584c665	Comment on Java version selection testing strategy	2024-05-15 14:52:09 +01:00
Chris Smowton	44edff7661	AGP 8 test: ignore and remove the .gradle directory	2024-05-15 14:52:09 +01:00
Chris Smowton	9c823d708d	Expose toolchains to some Android tests, which would otherwise now try to upgrade to JDK17	2024-05-15 14:52:09 +01:00
Chris Smowton	c328957bf3	Add Spring Boot 3 test	2024-05-15 14:52:09 +01:00

1 2 3 4 5 ...

11923 Commits