github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
59 799 коммитов 1 538 Ветки 130 Теги 478 MiB
Граф коммитов

9403 Коммитов

Автор SHA1 Сообщение Дата
Anders Schack-Mulligen 300425540a Java: Minor improvement to TypeFlow for super accesses. 2023-09-13 15:43:45 +02:00
Anders Schack-Mulligen a7b677ba40 Java: Bugfix for SuperAccess.isOwnInstanceAccess(). 2023-09-13 15:43:45 +02:00
Anders Schack-Mulligen 110a4c81e3 Java: Minor perf fix. 2023-09-13 15:43:45 +02:00
Koen Vlaswinkel 0434cce4c3 Java: Fix formatting of AutomodelVsCode.qll file 2023-09-13 14:54:03 +02:00
Koen Vlaswinkel 95296f1518 Java: Use don't care expression for kind and provenance 2023-09-13 14:45:47 +02:00
Ian Lynagh bd1d6e1d1e
Merge pull request #14188 from igfoo/igfoo/kotlin-1.9.20 
Kotlin: Support 1.9.20
 2023-09-13 12:19:46 +01:00
Koen Vlaswinkel 7db082f3fd Java: Add VS Code model editor queries 2023-09-13 13:04:26 +02:00
Ian Lynagh df9c601571 Kotlin: Pass memory limits to kotlinc in some tests 
We can run out of memory with the defaults
 2023-09-12 23:14:41 +01:00
Ian Lynagh 2b9a425468 Kotlin: Support 1.9.20 2023-09-12 18:28:33 +01:00
Stephan Brandauer 928898e979 Java: automodel: add class and method doc to test code 2023-09-12 15:43:09 +02:00
Stephan Brandauer 089b147d04 Java: Automodel format 2023-09-12 14:27:12 +02:00
Stephan Brandauer bd10ac799a Java: Automodel application mode: add test expectations 2023-09-12 14:20:28 +02:00
Stephan Brandauer 8121c7fefa Java: Automodel application mode: add method doc and class doc as related locations 2023-09-12 14:08:55 +02:00
Ian Lynagh d8a99e6b7d Kotlin: Regenerate expected test output 
It's now in the order generated by the new CLI. This means that
changes in test output are easier to understand.
 2023-09-12 11:13:58 +01:00
Stephan Brandauer 0115ba0df3 Java: Automodel: drive-by, add extensibleType metadata to app mode +/- extraction 2023-09-12 09:29:54 +02:00
intrigus-lgtm b6417ca212 Java: Fix alert message 
The signing key that is being set, is _not_ what is being parsed.
A _JWT_ is being parsed, that will then be verified using the set key.
(Or in our case not, because we're looking for security problems :P)
 2023-09-12 02:23:37 +02:00
github-actions[bot] d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
Stephan Brandauer bbedd72260 Java: Automodel App Mode: rename MethodCall to MethodReturnValue 2023-09-08 13:57:21 +02:00
Stephan Brandauer 704c7ee104
Java: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2023-09-08 13:54:26 +02:00
Stephan Brandauer 4effc11fdb Java: comments 2023-09-08 09:16:56 +02:00
Stephan Brandauer c4f5213d68 Java: format 2023-09-07 15:50:03 +02:00
Stephan Brandauer 836a5822f3 Java: Automodel App Mode: remove bogus implementation 2023-09-07 15:49:58 +02:00
Stephan Brandauer c173d9ae40 Java: automodel application mode: generate models for overridden method candidates 2023-09-07 15:49:58 +02:00
Stephan Brandauer 3121949123 Java: automodel application mode: test case for overridden method candidate 2023-09-07 15:49:58 +02:00
Stephan Brandauer 1e1b59ed52 Java: automodel: additionally consider sources for alreadyAiModeled property 2023-09-07 15:49:58 +02:00
Stephan Brandauer 6f7d78183f Java: add endpoints for parameters of overridden methods in automodel application mode 2023-09-07 15:49:57 +02:00
Stephan Brandauer dff8259e78 Java: support remote sources in automodel positive example extraction 2023-09-07 15:49:57 +02:00
Stephan Brandauer fcabca4581 Java: Export MaD output in application mode extraction queries 2023-09-07 15:49:57 +02:00
Stephan Brandauer 8d133f86c7 Java: replace getArgIndex by getMaDInput 2023-09-07 15:49:57 +02:00
Stephan Brandauer 902a585b47 Java: remove isArgOf predicate 2023-09-07 15:49:57 +02:00
Stephan Brandauer caaf2f83d7 Java: enable model exclusion characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer 344aa9cb6b Java: enable local call characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer afc5aedd0a Java: enable exception characteristic also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer a526b79211 Java: enable unexploitable is/exists characteristics also for source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer f55d950be3 Java: update application mode extraction test expectations after adding source candidates 2023-09-07 15:49:57 +02:00
Stephan Brandauer 937e452ce0 Java: add extensibleType to sampling keys 2023-09-07 15:49:57 +02:00
Stephan Brandauer eb1e29d284 Java: add new endpoint class for source candidates in application mode 2023-09-07 15:49:57 +02:00
Stephan Brandauer 7cfcbf6b71 Java: add extensible type to endpoint class in application mode 2023-09-07 15:49:56 +02:00
github-actions[bot] abf2b12b1c Release preparation for version 2.14.4 2023-09-05 16:56:14 +00:00
Kasper Svendsen ecee427c72
Merge pull request #14117 from kaspersv/delete-unnecessary-test 
Java: Delete java test query which fails to compile
 2023-09-04 15:28:57 +02:00
Ian Lynagh a2659eecfb
Merge pull request #14018 from igfoo/igfoo/extractor_information_kotlin1 
Kotlin: Write usesK2 ("uses Kotlin 2") information to the database
 2023-09-04 13:38:23 +01:00
Ian Lynagh bbf441f87a Kotlin: Add an integration test for Kotlin 2 2023-09-04 11:28:31 +01:00
Kasper Svendsen 4bc6ca3d84 Java: Delete java test query which fails to compile 2023-09-01 11:21:06 +02:00
Tom Hvitved 73370e7282
Merge pull request #14100 from hvitved/dataflow/consistency-pack 
Data flow: Add consistency checks to shared ql pack
 2023-08-31 11:47:40 +02:00
Asger F 2d5c40db31
Merge pull request #14048 from asgerf/shared/variable-capture-write-source-node 
Variable capture: allow arbitrary data-flow nodes to be the source of a write
 2023-08-31 10:20:48 +02:00
Tom Hvitved fefe64bf0c Java: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00
Anders Starcke Henriksen 361ae1747e Merge branch 'main' into starcke/automodel-pack 2023-08-30 09:25:28 +02:00
Jean Helie 41726f52a2
Merge pull request #13954 from github/kaeluka/add-provenance-to-metadata 
Java: Automodel: Add Candidates for Regression Testing
 2023-08-29 14:33:02 +01:00
Jean Helie de76c0749a
Java: Automodel Framework Mode: Add Candidates for Regression Testing 2023-08-29 09:53:55 +01:00
Jeroen Ketema 0d1fd88729
Merge pull request #14050 from jketema/inline-6 
Consolidate all `InlineFlowTest` libraries in the dataflow qlpack
 2023-08-29 09:30:35 +02:00
Dave Bartolomeo 3343b78015
Merge pull request #14074 from github/post-release-prep/codeql-cli-2.14.3 
Post-release preparation for codeql-cli-2.14.3
 2023-08-28 13:34:10 -04:00
github-actions[bot] 3eba77421a Post-release preparation for codeql-cli-2.14.3 2023-08-28 15:53:49 +00:00
Asger F d4cfa8c2b8 Java: autoformatting changes 2023-08-28 15:35:06 +02:00
Asger F d2fe4d235a Java: Inline VariableWrite.getSource() 2023-08-28 15:34:48 +02:00
Tony Torralba 6573b1f772
Merge pull request #14056 from atorralba/atorralba/java/jenkins-stapler-regenerate 
Java: Re-generate Jenkins and Stapler models
 2023-08-25 13:15:21 +02:00
Tony Torralba 5367fb99d9 Manually update a couple of models affected by the nested name change 2023-08-25 11:25:40 +02:00
Tony Torralba 25ac87279e Add change note 2023-08-25 11:17:54 +02:00
Tony Torralba 2448bc8ce2 Java: Add new Apache CXF models 2023-08-25 11:17:51 +02:00
Tony Torralba 2ed01d06b4 Java: Re-generate Jenkins and Stapler models 
Re-generated the Jenkins and Stapler models to pick up the changes from github/codeql#14032
 2023-08-25 10:01:28 +02:00
Jeroen Ketema b550c067a1
Java: Remove redundant inline expectation test imports 2023-08-25 00:18:55 +02:00
Jeroen Ketema 9d573e5544
Consolidate all `InlineFlowTest` libraries in the dataflow qlpack 2023-08-24 21:38:46 +02:00
Ian Lynagh 5dff1852e1 Kotlin: We now support 1.9.10 2023-08-24 17:36:45 +01:00
Asger F 6c664e93ef
Merge pull request #14035 from asgerf/shared/variable-capture-nested 
Variable capture: synchronize with aliases in nested scopes
 2023-08-24 15:39:34 +02:00
Asger F f17518ace2 Java: update to reflect changes in VariableCapture.qll 2023-08-24 14:06:44 +02:00
Anders Schack-Mulligen 7af1e96943
Merge pull request #14032 from aschackmull/java/mad-nestednames 
Java: Use nested names in MaD signatures.
 2023-08-24 13:53:55 +02:00
Tony Torralba 6b58d11eeb
Merge pull request #13900 from atorralba/atorralba/java/jaxws-getaremotemethod-improv 
Java: Improve `JaxWsEndpoint::getARemoteMethod`
 2023-08-24 13:37:15 +02:00
Tony Torralba 8c32919381
Merge pull request #13903 from atorralba/atorralba/jaxrs-mad-models 
Java: New models for JAX-RS
 2023-08-24 11:43:13 +02:00
Tony Torralba 3f9701cea7 Two fixes: 
* Consider that the @WebService annotation (et al) can be in a supertype or interface

* getARemoteMethod should only return public methods, since protected, package-private, and private methods are not exposed
 2023-08-24 11:35:52 +02:00
Anders Schack-Mulligen ebe3f61ef6 Java: Fix models in qltest. 2023-08-24 09:44:43 +02:00
Asger F ee1b3fd7e9 Java: update test after VariableCapture.qll change 2023-08-23 14:57:26 +02:00
Tony Torralba 0f3918af16
Merge pull request #13773 from atorralba/atorralba/java/mdht-xxe-sink 
Java: Add XXE sinks for MDHT
 2023-08-23 13:49:49 +02:00
Anders Schack-Mulligen 736c4beb9e Java: Add change note. 2023-08-23 13:26:41 +02:00
Anders Schack-Mulligen 6c02e30f56 Java: Update models. 2023-08-23 13:24:55 +02:00
Anders Schack-Mulligen 4b0a1cf74b Java: Remove old interpretation. 2023-08-23 13:19:16 +02:00
Anders Schack-Mulligen 410c09270f Java: Use nested names in MaD signatures. 2023-08-23 13:17:52 +02:00
Ian Lynagh deaf912cb8 Kotlin: Add an integration test for extractor information 2023-08-22 16:39:18 +01:00
Anders Starcke Henriksen 3b8b33a94d Released pack. 2023-08-22 09:45:52 +02:00
Anders Starcke Henriksen 3aeacf6df3 Update publish script to have right path. 2023-08-22 09:37:31 +02:00
Anders Schack-Mulligen bdc5f9cdea
Merge pull request #14012 from knewbury01/knewbury01/add-sanitizer-command-query 
Java: add sanitizer to command injection query
 2023-08-22 08:40:49 +02:00
Michael Nebel ce6fd8ac5f
Merge pull request #13432 from michaelnebel/updateissupported 
Java/C#: Update telemetry queries to report callables with sink/source neutrals as being supported.
 2023-08-22 08:39:38 +02:00
Kristen Newbury 5e01e1d464
Java: add sanitizer to command injection query 2023-08-21 12:33:05 -04:00
Jeroen Ketema 2d0f73d7c2
Merge pull request #13881 from jketema/shared-taint-tracking 
Introduce shared taint tracking library
 2023-08-21 12:45:49 +02:00
Jeroen Ketema a2bb7dee18
Java: Delete copy of shared taint tracking library 2023-08-21 10:32:28 +02:00
Michael Nebel 51f166d71e Java: Address review comments. 2023-08-21 10:22:28 +02:00
Michael Nebel 106ba11e10 Address review comments. 2023-08-21 09:59:02 +02:00
Michael Nebel d66fe08661 Add QLDoc for the getKind predicate. 2023-08-21 09:59:02 +02:00
Michael Nebel 699ed107f3 Java: Update SupportedExternalApis expected test output. 2023-08-21 09:59:00 +02:00
Michael Nebel 5623ccf4a0 Java: Re-factor NeutralCallable to include all neutrals and introduce NeutralSummaryCallable. 2023-08-21 09:59:00 +02:00
Michael Nebel 6deeb36a97 Java: Update the comments in SupportedExternalApis to include the neutral kind and add a sink neutral example. 2023-08-21 09:58:59 +02:00
github-actions[bot] 098dfb4242 Release preparation for version 2.14.3 2023-08-18 14:48:15 +00:00
Edward Minnix III d109637e2d
Merge pull request #13413 from egregius313/egregius313/trust-boundary 
Java: Trust Boundary Violation Query
 2023-08-18 10:33:32 -04:00
Erik Krogh Kristensen 08ef31d452
Merge pull request #13916 from erik-krogh/limit-java-field-reg 
Java: limit field flow when tracking regex strings
 2023-08-18 12:14:31 +02:00
Stephan Brandauer 480e3bf506 Java: update model exclusions logic to cope with new automodel test location 2023-08-18 10:28:51 +02:00
Edward Minnix III 8d88af1af0 Apply docs review suggestions 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2023-08-17 13:05:38 -04:00
Ed Minnix 4eb1035dfe Documentation fixes 2023-08-17 13:05:38 -04:00
Ed Minnix 655a98452a Remove `escapeHTML` models 2023-08-17 13:05:37 -04:00
Ed Minnix d468ea9e90 Add default sanitizers 2023-08-17 13:05:37 -04:00
Ed Minnix b305962c9a Use more appropriate description 2023-08-17 13:05:37 -04:00
Ed Minnix a36c12ff1f Add trust-boundary-violation sink kind 2023-08-17 13:05:37 -04:00
Ed Minnix 60642c52aa Use non-extending subtype 2023-08-17 13:05:37 -04:00
Ed Minnix e22a67e7fe Remove unnecessary methods 2023-08-17 13:05:37 -04:00
Ed Minnix a3a4c31911 Replace servlet source node with RemoteFlowSource 2023-08-17 13:05:37 -04:00
Edward Minnix III 929090a847 Typos and style fixes 
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
 2023-08-17 13:05:37 -04:00
Ed Minnix 52ebf9fff6 Java: Add trust boundary change note 2023-08-17 13:05:37 -04:00
Ed Minnix 172b8a6967 Documentation fixes 2023-08-17 13:05:37 -04:00
Ed Minnix b567ec875a Documentation 2023-08-17 13:05:37 -04:00
Ed Minnix 55fae2daaa Added ESAPI sanitizer 2023-08-17 13:05:37 -04:00
Ed Minnix 97d6e82869 Stubs for `org.owasp.esapi` 2023-08-17 13:05:37 -04:00
Ed Minnix f58590c6a9 Trust Boundary Work 2023-08-17 13:05:37 -04:00
Ed Minnix 2aba425464 TrustBoundary test ql file 2023-08-17 13:05:36 -04:00
Ed Minnix ab9f0240d3 Add taint steps for HTML encoding methods 2023-08-17 13:05:36 -04:00
Ed Minnix b9f2da7875 Comments and import fixes 2023-08-17 13:05:36 -04:00
Ed Minnix 3e7444cd66 Style fixes 2023-08-17 13:05:36 -04:00
Ed Minnix 15370506b8 Add missing security severity 2023-08-17 13:05:36 -04:00
Ed Minnix a8b7e70d01 Convert trust boundary models to MaD 2023-08-17 13:05:36 -04:00
Ed Minnix 76438f13b6 Trust Boundary Query 2023-08-17 13:05:36 -04:00
Edward Minnix III 41a527cf72
Merge pull request #13934 from egregius313/egregius313/add-dashes-to-sha-algorithms 
Java: Add dashes to SHA algorithm names in `Encryption.qll`
 2023-08-17 13:03:15 -04:00
Anders Schack-Mulligen e27aad9d6c
Merge pull request #13987 from aschackmull/java/rangeanalysis-joinorder-fix 
Java: Join-order fix in RangeAnalysis.
 2023-08-17 14:47:26 +02:00
Anders Schack-Mulligen f8a0b6cd22 Java: Add nomagic 2023-08-17 11:20:02 +02:00
Anders Starcke Henriksen 1b31c4dd4c Update filter to point to right pack. 2023-08-17 11:07:27 +02:00
Anders Schack-Mulligen 0afda68ba1 Java: Join-order fix in RangeAnalysis. 2023-08-17 11:07:24 +02:00
Anders Starcke Henriksen 56871c77f5 Merge branch 'main' into starcke/automodel-pack 2023-08-17 10:04:44 +02:00
Jeroen Ketema 33e8310625
Merge branch 'main' into shared-taint-tracking 2023-08-17 00:14:25 +02:00
Stephan Brandauer 44a9cf93e0
Merge branch 'main' into kaeluka/add-provenance-to-metadata 2023-08-16 09:31:03 +02:00
Stephan Brandauer 808dc3e8d3 Java: Automodel framework mode: track exact ai- provenance in alreadyAiModeled meta data property 2023-08-16 09:25:03 +02:00
Stephan Brandauer 20254c3d0a
Merge pull request #13886 from github/kaeluka/java-automodel-variadic-args 
Java: automodel application mode: use endpoint class like in framework mode
 2023-08-16 08:49:01 +02:00
Ed Minnix cafd08521e Add change note 2023-08-15 23:46:12 -04:00
Ed Minnix 7cfe78a52d Add dashes to SHA algorithm names in `Encryption.qll` 2023-08-15 23:42:17 -04:00
Michael Nebel a95aad51bd
Merge pull request #13546 from michaelnebel/java/withoutelement 
Java: Support for With[out]Element for MaD.
 2023-08-15 10:03:03 +02:00
Geoffrey White 657642a122 Java: Expose parts of the vquery message in the test. 2023-08-14 14:12:07 +01:00
Stephan Brandauer bc55afcee7 Java: Automodel framework mode: use new interface 2023-08-14 13:17:55 +02:00
Stephan Brandauer 551b34e3be Java: Automodel application mode: include candidates that are useful for regression testing 2023-08-14 11:46:40 +02:00
Stephan Brandauer 1a95a34441 Java: automodel: use the call for call context, rather than the argument 2023-08-14 09:54:44 +02:00
Stephan Brandauer 4107758c8a Java: automodel extraction: add strings to query selection 2023-08-14 09:49:50 +02:00
Henry Mercer 1213eba630
Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
Stephan Brandauer a9906f6f7b
Java: fix - add extra $@ 
Co-authored-by: Jami <57204504+jcogs33@users.noreply.github.com>
 2023-08-11 09:15:09 +02:00
github-actions[bot] 432c21d4fb Post-release preparation for codeql-cli-2.14.2 2023-08-09 18:45:18 +00:00
Stephan Brandauer e927470961
Merge branch 'main' into kaeluka/java-automodel-variadic-args 2023-08-09 09:02:32 +02:00
Anders Schack-Mulligen 0ca3f3308b
Merge pull request #13478 from aschackmull/java/varcapture 
Java: Add proper support for variable capture flow.
 2023-08-08 16:22:56 +02:00
Anders Starcke Henriksen 3918e57ffe Take filter pack into account. 2023-08-08 15:10:12 +02:00
Anders Starcke Henriksen 8d34ab6d18 Merge branch 'main' into starcke/automodel-pack 2023-08-08 15:02:33 +02:00
Anders Starcke Henriksen 7da6da1c93
Merge pull request #13852 from github/starcke/automodel-package-filter 
Add option to filter automodel queries
 2023-08-08 14:59:00 +02:00
Anders Schack-Mulligen 9d59f50340 Java: Review fixes. 2023-08-08 13:37:40 +02:00
Michael Nebel 0ed724eb13 Java: Make a flow summary for Set.clear using WithoutElement and introduce appropriate tests. 2023-08-08 11:10:08 +02:00
Anders Schack-Mulligen ab334f6c1b Java: Always apply heuristic query regardless of existing models. 2023-08-08 10:01:43 +02:00
Anders Schack-Mulligen cd22bb3505 Java: Add another test case. 2023-08-08 10:00:55 +02:00
erik-krogh 45c39e6072
limit field flow when tracking regex strings in Java 2023-08-08 09:01:23 +02:00
github-actions[bot] 79c90fa36a Release preparation for version 2.14.2 2023-08-07 18:08:52 +00:00
Jeroen Ketema 8b6a7985db
Refactor the traint-tracking library to follow the dataflow library refactoring 2023-08-07 15:23:15 +02:00
Jeroen Ketema 5d2984b7a5
Merge branch 'main' into shared-taint-tracking 2023-08-07 15:22:29 +02:00
Jami 5862cd2378
Merge pull request #13889 from jcogs33/jcogs33/fix-some-models 
Java: remove duplicate models
 2023-08-07 08:46:18 -04:00
Stephan Brandauer 3433437034 Java: automodel application mode: only extract the first argument corresponding to a varargs array 2023-08-07 14:15:17 +02:00
Edward Minnix III 58d8a2d77f
Merge pull request #13899 from egregius313/egregius313/random-nextbytes-typo-fix 
Java: Fix typo in `StdlibRandomSource::getOutput`
 2023-08-07 07:36:44 -04:00
Tom Hvitved 2126ab0dde
Merge pull request #13901 from hvitved/dataflow/refactor 
Data flow: Refactor shared library
 2023-08-07 13:22:53 +02:00
Michael Nebel e62ec888c0
Merge pull request #13506 from michaelnebel/java/threatmodels 
Java: Threat Models
 2023-08-07 12:50:01 +02:00
Stephan Brandauer e1a5eba61b Java: automodel application mode: refactor varargs endpoint class to rely on normal argument node for nicer extracted examples 2023-08-07 12:18:52 +02:00
Stephan Brandauer 650ff8db87 Java: automodel comments 2023-08-07 12:18:51 +02:00
Stephan Brandauer 0781cb78e8 Java: automodel application mode: add isVarargsArray metadata value 2023-08-07 12:18:51 +02:00
Stephan Brandauer 5abf7769a7 Java: automodel application mode: use endpoint class like in framework mode 2023-08-07 12:18:51 +02:00
Tony Torralba fb0102b763 Java: New models for JAX-RS 2023-08-07 11:52:23 +02:00
Tom Hvitved 693970f243 Java: Adjust to data flow refactor 2023-08-07 11:35:23 +02:00
Anders Starcke Henriksen 0d78eeb871 Address comments. 2023-08-07 10:47:59 +02:00
Tony Torralba 43b9199734 Java: Improved JaxWsEndpoint::getARemoteMethod 2023-08-07 10:21:58 +02:00
Ed Minnix 23e2eb11dd Change note 2023-08-07 00:23:58 -04:00
Ed Minnix fe4eef0bcb Fix typo, replace `getBytes` with `nextBytes` 2023-08-07 00:16:47 -04:00
Jeroen Ketema 747cd1745a
Update all languages to use the shared taint-tracking library 2023-08-04 22:53:25 +02:00
Jami Cogswell 19622aec49 Java: remove duplicate 'Files.newOutputStream' ai model 2023-08-04 14:06:57 -04:00
Jami Cogswell e64d581f7a Java: remove duplicate 'Files.newInputStream' ai model 2023-08-04 14:05:05 -04:00
Jami Cogswell d2a24dee7f Java: remove duplicate 'Files.delete' ai model 2023-08-04 14:02:59 -04:00
Jami Cogswell 516831aa41 Java: remove duplicate 'Files.move' ai model 2023-08-04 14:01:27 -04:00
Jami Cogswell c510d33fbf Java: remove duplicate 'Files.deleteIfExists' ai model 2023-08-04 13:52:18 -04:00
Mathias Vorreiter Pedersen abe3a816ce
Merge pull request #13851 from MathiasVP/sink-without-states 
DataFlow: Support stateless `isSink` in `StateConfigSig`s
 2023-08-04 18:01:42 +02:00
Michael Nebel 9c4d77a925 Java: Address review comments. 2023-08-04 13:47:30 +02:00
Michael Nebel d3eb9c1325 Java: Add release note and address review comments. 2023-08-04 13:36:43 +02:00
Anders Starcke Henriksen 3ef82c1091 Address comments. 2023-08-04 10:22:17 +02:00
Tony Torralba 586c8803c5 Move the sources back the .ql files 
Otherwise they would both apply at the same time, making both versions of the query identical.
 2023-08-04 10:02:56 +02:00
Tony Torralba e9bad321b6
Apply suggestions from code review 2023-08-04 09:21:45 +02:00
Paul Hodgkinson fba37aa7c9
Merge branch 'main' into java/experimental/command-injection 2023-08-03 14:12:38 +01:00
aegilops fc7f8409be
Fix up for code review 2023-08-03 13:50:40 +01:00
aegilops 3658710578
Fixed formatting, committed expected test results 2023-08-03 13:50:40 +01:00
Anders Starcke Henriksen e2abd3ff13 Create separate automodel pack. 2023-08-03 13:55:15 +02:00
Anders Schack-Mulligen 0ae81eace3 Java: update fixed test 2023-08-03 10:07:00 +02:00
Anders Schack-Mulligen 84316c41a3 Java: Add more qldoc. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen 90052a3ca2 Java: Add proper types for capture nodes. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen 37455ec29e Java: Replace ratpack test fix with general heuristic summary. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen c5990311ca Java: Redesign and reimplement variable capture flow. 2023-08-03 10:04:06 +02:00
Anders Schack-Mulligen 70bef64e2a Java: Fix ratpack flow. 2023-08-03 10:04:05 +02:00
Anders Schack-Mulligen a23e77ca58 Java: Disregard heap parameter in any-argument and any-parameter specs. 2023-08-03 10:04:05 +02:00
Anders Schack-Mulligen 9a4de208ef Java: Fix qltests. 2023-08-03 10:04:05 +02:00
Anders Schack-Mulligen d1a616a70a Java: Add proper support for variable capture flow. 2023-08-03 10:04:02 +02:00
Anders Starcke Henriksen 131ae1aae9 Fix name in predicate. 2023-08-03 09:53:40 +02:00
Anders Starcke Henriksen 1c425a5602 Change from package to endpoint. 2023-08-03 09:50:23 +02:00
Anders Starcke Henriksen 9b8d7df370 Add option to filter automodel queries by package. 2023-08-03 09:50:23 +02:00
Mathias Vorreiter Pedersen 3007fdab5e Sync identical files. 2023-08-02 14:33:33 +02:00
Anders Schack-Mulligen 7bc8bf616f
Merge pull request #13863 from aschackmull/dataflow/pack4 
Dataflow: Move the shared library to a properly shared qlpack.
 2023-08-02 14:19:49 +02:00
Stephan Brandauer cb55b10edc
Merge pull request #13788 from github/kaeluka/automodel-telemetry-testing 
Java: Tests for Automodel Extraction Queries
 2023-08-01 15:30:26 +02:00
Anders Schack-Mulligen 405a3a73d1 Java: Remove irrelevant import. 2023-08-01 14:31:30 +02:00
Anders Schack-Mulligen c34c667e6b Java: Adjust to use the qlpack data-flow api. 2023-08-01 13:47:09 +02:00
Anders Schack-Mulligen d7ea60e137 Java: Move data flow lib. 2023-08-01 13:47:08 +02:00
Michael Nebel 4568cccd71 Java: Add some unit tests for sourceModelKindConfig. 2023-08-01 12:56:13 +02:00