mirror of
https://github.com/github/codeql.git
synced 2026-07-01 01:25:33 +02:00
Compare commits
66 Commits
revert-220
...
yoff/pytho
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
ca2d5e21d7 | ||
|
|
aec819f3c9 | ||
|
|
47d2b05bc5 | ||
|
|
41c9d8b80a | ||
|
|
fbfbbd342a | ||
|
|
872c08148e | ||
|
|
3983e4db29 | ||
|
|
3058198c0d | ||
|
|
2ef06c9f96 | ||
|
|
1842382e23 | ||
|
|
db449dca6a | ||
|
|
7216d12b9a | ||
|
|
c4b4fde0d7 | ||
|
|
46382cbc8e | ||
|
|
da3d0cf977 | ||
|
|
93439db87b | ||
|
|
70ca7af04c | ||
|
|
664f0125b9 | ||
|
|
1b7f589000 | ||
|
|
eb7f8cc43d | ||
|
|
2767b8dbbf | ||
|
|
b1f60acf2c | ||
|
|
2b2613de4e | ||
|
|
14acc7fcab | ||
|
|
37ce885b0c | ||
|
|
52acaec03d | ||
|
|
d6e8555f8b | ||
|
|
b5ef15c70f | ||
|
|
5735ac330d | ||
|
|
5348c7d07c | ||
|
|
f89f304e50 | ||
|
|
ff7dc297d5 | ||
|
|
cacdc467de | ||
|
|
7b800b1dd6 | ||
|
|
1b6ff24642 | ||
|
|
3d1b6b64ed | ||
|
|
ac618e1cb2 | ||
|
|
221a54d22e | ||
|
|
5fcaac7cb2 | ||
|
|
cc215858e4 | ||
|
|
56a1b12c9e | ||
|
|
688213056c | ||
|
|
1c37688ec1 | ||
|
|
336df3ccf4 | ||
|
|
587f9c24ed | ||
|
|
456e33773b | ||
|
|
af7ae8c4cb | ||
|
|
1c4552edb0 | ||
|
|
5136d872ae | ||
|
|
474bcd4dd1 | ||
|
|
199489a225 | ||
|
|
ae4ccc651c | ||
|
|
0d845c2ea9 | ||
|
|
6d138c2bd4 | ||
|
|
85c39c04e0 | ||
|
|
1ee142d8bd | ||
|
|
a523c7f47f | ||
|
|
5f73754b95 | ||
|
|
e0fa6cf785 | ||
|
|
d1d9df7729 | ||
|
|
9bffcf81b5 | ||
|
|
f7c4e61956 | ||
|
|
575ece6ae2 | ||
|
|
f6ed5c19be | ||
|
|
4298b70f1c | ||
|
|
e88b8c53f3 |
@@ -1,3 +1,10 @@
|
||||
## 0.4.38
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* GitHub Actions queries now better account for permission checks on jobs that call reusable workflows.
|
||||
* The query `actions/pr-on-self-hosted-runner` was updated to the latest standard runner labels reducing false positive results.
|
||||
|
||||
## 0.4.37
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* The query `actions/pr-on-self-hosted-runner` was updated to the latest standard runner labels reducing false positive results.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
* GitHub Actions queries now better account for permission checks on jobs that call reusable workflows.
|
||||
6
actions/ql/lib/change-notes/released/0.4.38.md
Normal file
6
actions/ql/lib/change-notes/released/0.4.38.md
Normal file
@@ -0,0 +1,6 @@
|
||||
## 0.4.38
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* GitHub Actions queries now better account for permission checks on jobs that call reusable workflows.
|
||||
* The query `actions/pr-on-self-hosted-runner` was updated to the latest standard runner labels reducing false positive results.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.4.37
|
||||
lastReleaseVersion: 0.4.38
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-all
|
||||
version: 0.4.38-dev
|
||||
version: 0.4.39-dev
|
||||
library: true
|
||||
warnOnImplicitThis: true
|
||||
dependencies:
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 0.6.30
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The name, description, and alert message of `actions/untrusted-checkout/medium` have been corrected to describe a non-privileged context.
|
||||
|
||||
## 0.6.29
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: queryMetadata
|
||||
---
|
||||
## 0.6.30
|
||||
|
||||
### Query Metadata Changes
|
||||
|
||||
* The name, description, and alert message of `actions/untrusted-checkout/medium` have been corrected to describe a non-privileged context.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.6.29
|
||||
lastReleaseVersion: 0.6.30
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/actions-queries
|
||||
version: 0.6.30-dev
|
||||
version: 0.6.31-dev
|
||||
library: false
|
||||
warnOnImplicitThis: true
|
||||
groups: [actions, queries]
|
||||
|
||||
@@ -1,3 +1,20 @@
|
||||
## 11.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Removed the deprecated `overrideReturnsNull` predicate from `Options.qll`. Use `CustomOptions.overrideReturnsNull` instead.
|
||||
* Removed the deprecated `returnsNull` predicate from `Options.qll`. Use `CustomOptions.returnsNull` instead.
|
||||
* Removed the deprecated `exits` predicate from `Options.qll`. Use `CustomOptions.exits` instead.
|
||||
* Removed the deprecated `exprExits` predicate from `Options.qll`. Use `CustomOptions.exprExits` instead.
|
||||
* Removed the deprecated `alwaysCheckReturnValue` predicate from `Options.qll`. Use `CustomOptions.alwaysCheckReturnValue` instead.
|
||||
* Removed the deprecated `okToIgnoreReturnValue` predicate from `Options.qll`. Use `CustomOptions.okToIgnoreReturnValue` instead.
|
||||
* Removed the deprecated `semmle.code.cpp.Member`. Import `semmle.code.cpp.Element` and/or `semmle.code.cpp.Type` directly.
|
||||
* Removed the deprecated `UnknownDefaultLocation` class. Use `UnknownLocation` instead.
|
||||
* Removed the deprecated `UnknownExprLocation` class. Use `UnknownLocation` instead.
|
||||
* Removed the deprecated `UnknownStmtLocation` class. Use `UnknownLocation` instead.
|
||||
* Removed the deprecated `TemplateParameter` class. Use `TypeTemplateParameter` instead.
|
||||
* Support for class resolution across link targets has been removed for databases which were created with CodeQL versions before 1.23.0.
|
||||
|
||||
## 10.2.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
## 11.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Removed the deprecated `overrideReturnsNull` predicate from `Options.qll`. Use `CustomOptions.overrideReturnsNull` instead.
|
||||
* Removed the deprecated `returnsNull` predicate from `Options.qll`. Use `CustomOptions.returnsNull` instead.
|
||||
* Removed the deprecated `exits` predicate from `Options.qll`. Use `CustomOptions.exits` instead.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 10.2.0
|
||||
lastReleaseVersion: 11.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-all
|
||||
version: 10.2.1-dev
|
||||
version: 11.0.1-dev
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.6.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.6.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
cpp/ql/src/change-notes/released/1.6.5.md
Normal file
3
cpp/ql/src/change-notes/released/1.6.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.6.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.6.4
|
||||
lastReleaseVersion: 1.6.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/cpp-queries
|
||||
version: 1.6.5-dev
|
||||
version: 1.6.6-dev
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.69
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.68
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.69
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.68
|
||||
lastReleaseVersion: 1.7.69
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.69-dev
|
||||
version: 1.7.70-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.69
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.68
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.7.69
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.68
|
||||
lastReleaseVersion: 1.7.69
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.69-dev
|
||||
version: 1.7.70-dev
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
||||
@@ -1,3 +1,19 @@
|
||||
## 7.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Renamed types related to *operation* expressions. The QL classes `BinaryArithmeticOperation`, `BinaryBitwiseOperation`, and `BinaryLogicalOperation` now include compound assignments; for example, `BinaryArithmeticOperation` now includes `a += b`.
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added Razor Page handler method parameters (e.g., `OnGet`, `OnPost`, `OnPostAsync`) as remote flow sources, enabling security queries such as `cs/sql-injection` to detect vulnerabilities in `PageModel` subclasses.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Improved property and indexer call target resolution for partially overridden properties and indexers.
|
||||
* Improved extraction of range-access expressions on spans and strings (for example, `a[0..3]`). These expressions are now extracted as `Slice` (span) or `Substring` (string) calls.
|
||||
* Improved call target resolution for ref-return properties and indexers.
|
||||
|
||||
## 6.0.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved call target resolution for ref-return properties and indexers.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved extraction of range-access expressions on spans and strings (for example, `a[0..3]`). These expressions are now extracted as `Slice` (span) or `Substring` (string) calls.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved property and indexer call target resolution for partially overridden properties and indexers.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* Added Razor Page handler method parameters (e.g., `OnGet`, `OnPost`, `OnPostAsync`) as remote flow sources, enabling security queries such as `cs/sql-injection` to detect vulnerabilities in `PageModel` subclasses.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: breaking
|
||||
---
|
||||
* Renamed types related to *operation* expressions. The QL classes `BinaryArithmeticOperation`, `BinaryBitwiseOperation`, and `BinaryLogicalOperation` now include compound assignments; for example, `BinaryArithmeticOperation` now includes `a += b`.
|
||||
15
csharp/ql/lib/change-notes/released/7.0.0.md
Normal file
15
csharp/ql/lib/change-notes/released/7.0.0.md
Normal file
@@ -0,0 +1,15 @@
|
||||
## 7.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
||||
* Renamed types related to *operation* expressions. The QL classes `BinaryArithmeticOperation`, `BinaryBitwiseOperation`, and `BinaryLogicalOperation` now include compound assignments; for example, `BinaryArithmeticOperation` now includes `a += b`.
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added Razor Page handler method parameters (e.g., `OnGet`, `OnPost`, `OnPostAsync`) as remote flow sources, enabling security queries such as `cs/sql-injection` to detect vulnerabilities in `PageModel` subclasses.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Improved property and indexer call target resolution for partially overridden properties and indexers.
|
||||
* Improved extraction of range-access expressions on spans and strings (for example, `a[0..3]`). These expressions are now extracted as `Slice` (span) or `Substring` (string) calls.
|
||||
* Improved call target resolution for ref-return properties and indexers.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 6.0.2
|
||||
lastReleaseVersion: 7.0.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-all
|
||||
version: 6.0.3-dev
|
||||
version: 7.0.1-dev
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.7.5
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
3
csharp/ql/src/change-notes/released/1.7.5.md
Normal file
3
csharp/ql/src/change-notes/released/1.7.5.md
Normal file
@@ -0,0 +1,3 @@
|
||||
## 1.7.5
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.7.4
|
||||
lastReleaseVersion: 1.7.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/csharp-queries
|
||||
version: 1.7.5-dev
|
||||
version: 1.7.6-dev
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
||||
@@ -10,7 +10,7 @@ toolchain go1.26.4
|
||||
// bazel mod tidy
|
||||
require (
|
||||
golang.org/x/mod v0.37.0
|
||||
golang.org/x/tools v0.46.0
|
||||
golang.org/x/tools v0.47.0
|
||||
)
|
||||
|
||||
require github.com/stretchr/testify v1.11.1
|
||||
|
||||
@@ -10,8 +10,8 @@ golang.org/x/mod v0.37.0 h1:vF1DjpVEshcIqoEaauuHebaLk1O1forxjxBaVn884JQ=
|
||||
golang.org/x/mod v0.37.0/go.mod h1:m8S8VeM9r4dzDwjrKO0a1sZP3YjeMamRRlD+fmR2Q/0=
|
||||
golang.org/x/sync v0.21.0 h1:HLII4xRRTtCRkxYp4HNFF0Js/Og6q2i++KXbg0gHCwM=
|
||||
golang.org/x/sync v0.21.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
|
||||
golang.org/x/tools v0.46.0 h1:7jTurBkPZu4moS/Uy4OQT1M+QBlsj3wejyZwsT8Z7rk=
|
||||
golang.org/x/tools v0.46.0/go.mod h1:FrD85F8l+NWL+9XWBSyVSHO6Ne4jutsfIFba7AWQ5Ys=
|
||||
golang.org/x/tools v0.47.0 h1:7Kn5x/d1svx/PzryTsqeoZN4TZwqeH5pGWjefhLi/1Q=
|
||||
golang.org/x/tools v0.47.0/go.mod h1:dFHnyTvFWY212G+h7ZY4Vsp/K3U4/7W9TyVaAul8uCA=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
## 1.0.52
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.51
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
## 1.0.52
|
||||
|
||||
No user-facing changes.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.0.51
|
||||
lastReleaseVersion: 1.0.52
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql-go-consistency-queries
|
||||
version: 1.0.52-dev
|
||||
version: 1.0.53-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -1,3 +1,20 @@
|
||||
## 7.2.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* `FuncTypeExpr.getResultDecl()` has been deprecated. Use `FuncTypeExpr.getResultDecl(int i)` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added models for the `log/slog` package (Go 1.21+). Its logging functions and
|
||||
`*slog.Logger` methods (`Debug`/`Info`/`Warn`/`Error`, their `Context`
|
||||
variants, and `Log`/`LogAttrs`) are now recognized as logging sinks, so the
|
||||
`go/log-injection` and `go/clear-text-logging` queries cover code that logs
|
||||
through `slog`.
|
||||
* `DataFlow::ResultNode`s are no longer created for returned expressions in functions with named result parameters. In this case there are already result nodes corresponding to `IR::ReadResultInstruction`s at the end of the function body.
|
||||
* `FuncTypeExpr.getNumResult()` now gets the number of result parameters. It previously got the number of result declarations, which is different when one result declaration declares more than one variable, as in `x, y int`. All uses of it expected the number of result parameters. Its QLDoc has been updated.
|
||||
* More logging functions are now recognized as not returning or panicking.
|
||||
|
||||
## 7.1.2
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* More logging functions are now recognized as not returning or panicking.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: deprecated
|
||||
---
|
||||
* `FuncTypeExpr.getResultDecl()` has been deprecated. Use `FuncTypeExpr.getResultDecl(int i)` instead.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* `DataFlow::ResultNode`s are no longer created for returned expressions in functions with named result parameters. In this case there are already result nodes corresponding to `IR::ReadResultInstruction`s at the end of the function body.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* `FuncTypeExpr.getNumResult()` now gets the number of result parameters. It previously got the number of result declarations, which is different when one result declaration declares more than one variable, as in `x, y int`. All uses of it expected the number of result parameters. Its QLDoc has been updated.
|
||||
@@ -1,8 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added models for the `log/slog` package (Go 1.21+). Its logging functions and
|
||||
`*slog.Logger` methods (`Debug`/`Info`/`Warn`/`Error`, their `Context`
|
||||
variants, and `Log`/`LogAttrs`) are now recognized as logging sinks, so the
|
||||
`go/log-injection` and `go/clear-text-logging` queries cover code that logs
|
||||
through `slog`.
|
||||
16
go/ql/lib/change-notes/released/7.2.0.md
Normal file
16
go/ql/lib/change-notes/released/7.2.0.md
Normal file
@@ -0,0 +1,16 @@
|
||||
## 7.2.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* `FuncTypeExpr.getResultDecl()` has been deprecated. Use `FuncTypeExpr.getResultDecl(int i)` instead.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added models for the `log/slog` package (Go 1.21+). Its logging functions and
|
||||
`*slog.Logger` methods (`Debug`/`Info`/`Warn`/`Error`, their `Context`
|
||||
variants, and `Log`/`LogAttrs`) are now recognized as logging sinks, so the
|
||||
`go/log-injection` and `go/clear-text-logging` queries cover code that logs
|
||||
through `slog`.
|
||||
* `DataFlow::ResultNode`s are no longer created for returned expressions in functions with named result parameters. In this case there are already result nodes corresponding to `IR::ReadResultInstruction`s at the end of the function body.
|
||||
* `FuncTypeExpr.getNumResult()` now gets the number of result parameters. It previously got the number of result declarations, which is different when one result declaration declares more than one variable, as in `x, y int`. All uses of it expected the number of result parameters. Its QLDoc has been updated.
|
||||
* More logging functions are now recognized as not returning or panicking.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 7.1.2
|
||||
lastReleaseVersion: 7.2.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-all
|
||||
version: 7.1.3-dev
|
||||
version: 7.2.1-dev
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
||||
@@ -33,9 +33,11 @@ module StoredXss {
|
||||
walkFn.getACall().getArgument(1) = f.getASuccessor*()
|
||||
)
|
||||
or
|
||||
// A call to os.FileInfo.Name
|
||||
exists(Method m | m.implements("io/fs", "FileInfo", "Name") |
|
||||
m = this.(DataFlow::CallNode).getTarget()
|
||||
// The return value of a call to `os.DirEntry.Name`, `os.FileInfo.Name`
|
||||
// or `os.File.ReadDirNames`.
|
||||
exists(DataFlow::CallNode cn, Method m | m = cn.getTarget() and this = cn.getResult(0) |
|
||||
m.implements("io/fs", ["DirEntry", "FileInfo"], "Name") or
|
||||
m.hasQualifiedName("os", "File", "ReadDirNames")
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
## 1.6.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The query `go/unhandled-writable-file-close` ("Writable file handle closed without error handling") now produces fewer false positives. A deferred call to `Close` that is preceded on every execution path by a handled call to `Sync` on the same file handle is no longer flagged.
|
||||
|
||||
## 1.6.4
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 1.6.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The query `go/unhandled-writable-file-close` ("Writable file handle closed without error handling") now produces fewer false positives. A deferred call to `Close` that is preceded on every execution path by a handled call to `Sync` on the same file handle is no longer flagged.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 1.6.4
|
||||
lastReleaseVersion: 1.6.5
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/go-queries
|
||||
version: 1.6.5-dev
|
||||
version: 1.6.6-dev
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
||||
@@ -156,12 +156,3 @@ nodes
|
||||
| websocketXss.go:54:3:54:38 | ... := ...[1] | semmle.label | ... := ...[1] |
|
||||
| websocketXss.go:55:24:55:31 | gorilla3 | semmle.label | gorilla3 |
|
||||
subpaths
|
||||
testFailures
|
||||
| websocketXss.go:30:32:30:60 | comment | Missing result: Source[go/reflected-xss] |
|
||||
| websocketXss.go:31:11:31:14 | xnet [postupdate] | Unexpected result: Source |
|
||||
| websocketXss.go:34:30:34:58 | comment | Missing result: Source[go/reflected-xss] |
|
||||
| websocketXss.go:35:21:35:25 | xnet2 [postupdate] | Unexpected result: Source |
|
||||
| websocketXss.go:46:38:46:66 | comment | Missing result: Source[go/reflected-xss] |
|
||||
| websocketXss.go:47:26:47:35 | gorillaMsg [postupdate] | Unexpected result: Source |
|
||||
| websocketXss.go:50:33:50:61 | comment | Missing result: Source[go/reflected-xss] |
|
||||
| websocketXss.go:51:17:51:24 | gorilla2 [postupdate] | Unexpected result: Source |
|
||||
|
||||
@@ -1,7 +1,9 @@
|
||||
#select
|
||||
| StoredXss.go:13:21:13:36 | ...+... | StoredXss.go:13:21:13:31 | call to Name | StoredXss.go:13:21:13:36 | ...+... | Stored cross-site scripting vulnerability due to $@. | StoredXss.go:13:21:13:31 | call to Name | stored value |
|
||||
| stored.go:30:22:30:25 | name | stored.go:18:3:18:28 | ... := ...[0] | stored.go:30:22:30:25 | name | Stored cross-site scripting vulnerability due to $@. | stored.go:18:3:18:28 | ... := ...[0] | stored value |
|
||||
| stored.go:61:22:61:25 | path | stored.go:59:30:59:33 | SSA def(path) | stored.go:61:22:61:25 | path | Stored cross-site scripting vulnerability due to $@. | stored.go:59:30:59:33 | SSA def(path) | stored value |
|
||||
edges
|
||||
| StoredXss.go:13:21:13:31 | call to Name | StoredXss.go:13:21:13:36 | ...+... | provenance | |
|
||||
| stored.go:18:3:18:28 | ... := ...[0] | stored.go:25:14:25:17 | rows | provenance | Src:MaD:1 |
|
||||
| stored.go:25:14:25:17 | rows | stored.go:25:29:25:33 | &... [postupdate] | provenance | FunctionModel |
|
||||
| stored.go:25:29:25:33 | &... [postupdate] | stored.go:30:22:30:25 | name | provenance | |
|
||||
@@ -9,6 +11,8 @@ edges
|
||||
models
|
||||
| 1 | Source: database/sql; DB; true; Query; ; ; ReturnValue[0]; database; manual |
|
||||
nodes
|
||||
| StoredXss.go:13:21:13:31 | call to Name | semmle.label | call to Name |
|
||||
| StoredXss.go:13:21:13:36 | ...+... | semmle.label | ...+... |
|
||||
| stored.go:18:3:18:28 | ... := ...[0] | semmle.label | ... := ...[0] |
|
||||
| stored.go:25:14:25:17 | rows | semmle.label | rows |
|
||||
| stored.go:25:29:25:33 | &... [postupdate] | semmle.label | &... [postupdate] |
|
||||
@@ -16,5 +20,3 @@ nodes
|
||||
| stored.go:59:30:59:33 | SSA def(path) | semmle.label | SSA def(path) |
|
||||
| stored.go:61:22:61:25 | path | semmle.label | path |
|
||||
subpaths
|
||||
testFailures
|
||||
| StoredXss.go:13:39:13:63 | comment | Missing result: Alert[go/stored-xss] |
|
||||
|
||||
@@ -27,12 +27,12 @@ func xss(w http.ResponseWriter, r *http.Request) {
|
||||
origin := "test"
|
||||
{
|
||||
ws, _ := websocket.Dial(uri, "", origin)
|
||||
var xnet = make([]byte, 512) // $ Source[go/reflected-xss]
|
||||
ws.Read(xnet)
|
||||
var xnet = make([]byte, 512)
|
||||
ws.Read(xnet) // $ Source[go/reflected-xss]
|
||||
fmt.Fprintf(w, "%v", xnet) // $ Alert[go/reflected-xss]
|
||||
codec := &websocket.Codec{Marshal: marshal, Unmarshal: unmarshal}
|
||||
xnet2 := make([]byte, 512) // $ Source[go/reflected-xss]
|
||||
codec.Receive(ws, xnet2)
|
||||
xnet2 := make([]byte, 512)
|
||||
codec.Receive(ws, xnet2) // $ Source[go/reflected-xss]
|
||||
fmt.Fprintf(w, "%v", xnet2) // $ Alert[go/reflected-xss]
|
||||
}
|
||||
{
|
||||
@@ -43,12 +43,12 @@ func xss(w http.ResponseWriter, r *http.Request) {
|
||||
{
|
||||
dialer := gorilla.Dialer{}
|
||||
conn, _, _ := dialer.Dial(uri, nil)
|
||||
var gorillaMsg = make([]byte, 512) // $ Source[go/reflected-xss]
|
||||
gorilla.ReadJSON(conn, gorillaMsg)
|
||||
fmt.Fprintf(w, "%v", gorillaMsg) // $ Alert[go/reflected-xss]
|
||||
var gorillaMsg = make([]byte, 512)
|
||||
gorilla.ReadJSON(conn, gorillaMsg) // $ Source[go/reflected-xss]
|
||||
fmt.Fprintf(w, "%v", gorillaMsg) // $ Alert[go/reflected-xss]
|
||||
|
||||
gorilla2 := make([]byte, 512) // $ Source[go/reflected-xss]
|
||||
conn.ReadJSON(gorilla2)
|
||||
gorilla2 := make([]byte, 512)
|
||||
conn.ReadJSON(gorilla2) // $ Source[go/reflected-xss]
|
||||
fmt.Fprintf(w, "%v", gorilla2) // $ Alert[go/reflected-xss]
|
||||
|
||||
_, gorilla3, _ := conn.ReadMessage() // $ Source[go/reflected-xss]
|
||||
|
||||
@@ -14,7 +14,9 @@ pluginManagement {
|
||||
repositories {
|
||||
gradlePluginPortal()
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
dependencyResolutionManagement {
|
||||
@@ -33,7 +35,9 @@ dependencyResolutionManagement {
|
||||
repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
|
||||
repositories {
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
rootProject.name = "Android Sample"
|
||||
|
||||
@@ -14,7 +14,9 @@ pluginManagement {
|
||||
repositories {
|
||||
gradlePluginPortal()
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
}
|
||||
dependencyResolutionManagement {
|
||||
@@ -33,7 +35,9 @@ dependencyResolutionManagement {
|
||||
repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
|
||||
repositories {
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
}
|
||||
rootProject.name = "Android Sample"
|
||||
|
||||
@@ -14,7 +14,9 @@ pluginManagement {
|
||||
repositories {
|
||||
gradlePluginPortal()
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
}
|
||||
dependencyResolutionManagement {
|
||||
@@ -33,7 +35,9 @@ dependencyResolutionManagement {
|
||||
repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
|
||||
repositories {
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
}
|
||||
rootProject.name = "Android Sample"
|
||||
|
||||
@@ -14,7 +14,9 @@ pluginManagement {
|
||||
repositories {
|
||||
gradlePluginPortal()
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
dependencyResolutionManagement {
|
||||
@@ -33,7 +35,9 @@ dependencyResolutionManagement {
|
||||
repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
|
||||
repositories {
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
rootProject.name = "Android Sample"
|
||||
|
||||
@@ -13,7 +13,9 @@ buildscript {
|
||||
|
||||
repositories {
|
||||
google()
|
||||
jcenter()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -39,6 +41,8 @@ buildscript {
|
||||
allprojects {
|
||||
repositories {
|
||||
google()
|
||||
jcenter()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,7 +13,9 @@ buildscript {
|
||||
|
||||
repositories {
|
||||
google()
|
||||
jcenter()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -39,6 +41,8 @@ buildscript {
|
||||
allprojects {
|
||||
repositories {
|
||||
google()
|
||||
jcenter()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,7 +13,9 @@ buildscript {
|
||||
|
||||
repositories {
|
||||
google()
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -39,6 +41,8 @@ buildscript {
|
||||
allprojects {
|
||||
repositories {
|
||||
google()
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,7 +13,9 @@ buildscript {
|
||||
|
||||
repositories {
|
||||
google()
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -32,13 +34,15 @@ buildscript {
|
||||
* dependencies used by all modules in your project, such as third-party plugins
|
||||
* or libraries. However, you should configure module-specific dependencies in
|
||||
* each module-level build.gradle file. For new projects, Android Studio
|
||||
* includes JCenter and Google's Maven repository by default, but it does not
|
||||
* includes Maven Central and Google's Maven repository by default, but it does not
|
||||
* configure any dependencies (unless you select a template that requires some).
|
||||
*/
|
||||
|
||||
allprojects {
|
||||
repositories {
|
||||
google()
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,7 +14,9 @@ pluginManagement {
|
||||
repositories {
|
||||
gradlePluginPortal()
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
dependencyResolutionManagement {
|
||||
@@ -33,7 +35,9 @@ dependencyResolutionManagement {
|
||||
repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
|
||||
repositories {
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
rootProject.name = "Android Sample"
|
||||
|
||||
@@ -8,7 +8,9 @@
|
||||
apply plugin: 'java-library'
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
dependencies {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
https://repo.maven.apache.org/maven2/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
|
||||
https://repo.maven.apache.org/maven2/org/apiguardian/apiguardian-api/1.1.2/apiguardian-api-1.1.2.jar
|
||||
https://repo.maven.apache.org/maven2/org/junit/jupiter/junit-jupiter-api/5.12.1/junit-jupiter-api-5.12.1.jar
|
||||
https://repo.maven.apache.org/maven2/org/junit/platform/junit-platform-commons/1.12.1/junit-platform-commons-1.12.1.jar
|
||||
https://repo.maven.apache.org/maven2/org/opentest4j/opentest4j/1.3.0/opentest4j-1.3.0.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/apiguardian/apiguardian-api/1.1.2/apiguardian-api-1.1.2.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/junit/jupiter/junit-jupiter-api/5.12.1/junit-jupiter-api-5.12.1.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/junit/platform/junit-platform-commons/1.12.1/junit-platform-commons-1.12.1.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/opentest4j/opentest4j/1.3.0/opentest4j-1.3.0.jar
|
||||
|
||||
@@ -8,7 +8,9 @@
|
||||
apply plugin: 'java-library'
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
dependencies {
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
https://repo.maven.apache.org/maven2/joda-time/joda-time/2.12.7/joda-time-2.12.7-no-tzdb.jar
|
||||
https://repo.maven.apache.org/maven2/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/joda-time/joda-time/2.12.7/joda-time-2.12.7-no-tzdb.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -8,7 +8,9 @@
|
||||
apply plugin: 'java-library'
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
dependencies {
|
||||
|
||||
@@ -1 +1 @@
|
||||
https://repo.maven.apache.org/maven2/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
|
||||
|
||||
@@ -8,7 +8,9 @@
|
||||
apply plugin: 'java-library'
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
dependencies {
|
||||
|
||||
@@ -1 +1 @@
|
||||
https://repo.maven.apache.org/maven2/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/apache/commons/commons-math3/3.6.1/commons-math3-3.6.1.jar
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
https://jcenter.bintray.com/junit/junit/4.12/junit-4.12.jar
|
||||
https://jcenter.bintray.com/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar
|
||||
https://jcenter.bintray.com/org/slf4j/slf4j-api/1.7.21/slf4j-api-1.7.21.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/junit/junit/4.11/junit-4.11.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/junit/junit/4.12/junit-4.12.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar
|
||||
https://maven-central.storage-download.googleapis.com/maven2/org/slf4j/slf4j-api/1.7.21/slf4j-api-1.7.21.jar
|
||||
https://repo.maven.apache.org/maven2/com/feiniaojin/naaf/naaf-graceful-response-example/1.0/naaf-graceful-response-example-1.0.jar
|
||||
https://repo.maven.apache.org/maven2/com/github/MoebiusSolutions/avro-registry-in-source/avro-registry-in-source-tests/1.8/avro-registry-in-source-tests-1.8.jar
|
||||
https://repo.maven.apache.org/maven2/com/github/MoebiusSolutions/avro-registry-in-source/example-project/1.5/example-project-1.5.jar
|
||||
@@ -12,7 +13,6 @@ https://repo.maven.apache.org/maven2/de/knutwalker/rx-redis-example_2.11/0.1.2/r
|
||||
https://repo.maven.apache.org/maven2/de/knutwalker/rx-redis-java-example_2.11/0.1.2/rx-redis-java-example_2.11-0.1.2.jar
|
||||
https://repo.maven.apache.org/maven2/io/github/scrollsyou/example-spring-boot-starter/1.0.0/example-spring-boot-starter-1.0.0.jar
|
||||
https://repo.maven.apache.org/maven2/io/streamnative/com/example/maven-central-template/server/3.0.0/server-3.0.0.jar
|
||||
https://repo.maven.apache.org/maven2/junit/junit/4.11/junit-4.11.jar
|
||||
https://repo.maven.apache.org/maven2/no/nav/security/token-validation-ktor-demo/3.1.0/token-validation-ktor-demo-3.1.0.jar
|
||||
https://repo.maven.apache.org/maven2/org/minijax/minijax-example-fileupload/0.5.10/minijax-example-fileupload-0.5.10.jar
|
||||
https://repo.maven.apache.org/maven2/org/minijax/minijax-example-inject/0.5.10/minijax-example-inject-0.5.10.jar
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
<settings>
|
||||
<mirrors>
|
||||
<mirror>
|
||||
<id>google-maven-central</id>
|
||||
<name>GCS Maven Central mirror</name>
|
||||
<url>https://maven-central.storage-download.googleapis.com/maven2/</url>
|
||||
<mirrorOf>central</mirrorOf>
|
||||
</mirror>
|
||||
</mirrors>
|
||||
</settings>
|
||||
@@ -26,4 +26,5 @@ maven-project-2/src/main/resources/my-app.properties
|
||||
maven-project-2/src/main/resources/page.xml
|
||||
maven-project-2/src/main/resources/struts.xml
|
||||
maven-project-2/src/test/java/com/example/AppTest4.java
|
||||
settings.xml
|
||||
test-db/working/settings.xml
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
import os
|
||||
|
||||
def test(codeql, use_java_11, java, actions_toolchains_file, check_diagnostics_java):
|
||||
# The version of gradle used doesn't work on java 17
|
||||
codeql.database.create(
|
||||
@@ -5,5 +7,6 @@ def test(codeql, use_java_11, java, actions_toolchains_file, check_diagnostics_j
|
||||
"CODEQL_EXTRACTOR_JAVA_OPTION_BUILDLESS": "true",
|
||||
"CODEQL_EXTRACTOR_JAVA_OPTION_BUILDLESS_CLASSPATH_FROM_BUILD_FILES": "true",
|
||||
"LGTM_INDEX_MAVEN_TOOLCHAINS_FILE": str(actions_toolchains_file),
|
||||
"LGTM_INDEX_MAVEN_SETTINGS_FILE": os.path.join(os.path.dirname(os.path.realpath(__file__)), "settings.xml"),
|
||||
}
|
||||
)
|
||||
|
||||
@@ -14,7 +14,9 @@ pluginManagement {
|
||||
repositories {
|
||||
gradlePluginPortal()
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
dependencyResolutionManagement {
|
||||
@@ -33,7 +35,9 @@ dependencyResolutionManagement {
|
||||
repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
|
||||
repositories {
|
||||
google()
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
}
|
||||
rootProject.name = "Android Sample"
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -12,8 +12,9 @@ plugins {
|
||||
}
|
||||
|
||||
repositories {
|
||||
// Use Maven Central for resolving dependencies.
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = uri("https://maven-central.storage-download.googleapis.com/maven2/")
|
||||
}
|
||||
}
|
||||
|
||||
dependencies {
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -12,9 +12,9 @@ apply plugin: 'java'
|
||||
|
||||
// In this section you declare where to find the dependencies of your project
|
||||
repositories {
|
||||
// Use 'jcenter' for resolving your dependencies.
|
||||
// You can declare any Maven/Ivy/file repository here.
|
||||
jcenter()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
// In this section you declare the dependencies for your production and test code
|
||||
|
||||
@@ -11,7 +11,9 @@ version = '0.0.1-SNAPSHOT'
|
||||
// but I omit it to test we recognise the Spring Boot plugin version.
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
dependencies {
|
||||
|
||||
@@ -15,8 +15,9 @@ plugins {
|
||||
}
|
||||
|
||||
repositories {
|
||||
// Use Maven Central for resolving dependencies.
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
application {
|
||||
|
||||
@@ -15,8 +15,9 @@ plugins {
|
||||
}
|
||||
|
||||
repositories {
|
||||
// Use Maven Central for resolving dependencies.
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
application {
|
||||
|
||||
@@ -4,7 +4,9 @@ plugins {
|
||||
}
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
dependencies {
|
||||
|
||||
@@ -15,8 +15,9 @@ plugins {
|
||||
}
|
||||
|
||||
repositories {
|
||||
// Use Maven Central for resolving dependencies.
|
||||
mavenCentral()
|
||||
maven {
|
||||
url = 'https://maven-central.storage-download.googleapis.com/maven2/'
|
||||
}
|
||||
}
|
||||
|
||||
application {
|
||||
|
||||
@@ -1,3 +1,13 @@
|
||||
## 9.2.0
|
||||
|
||||
### New Features
|
||||
|
||||
* Kotlin 2.4.0 can now be analysed.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Improved modeling of Apache HttpClient `execute` method sinks for `java/ssrf` and `java/non-https-url`.
|
||||
|
||||
## 9.1.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user