codeql

codeql copied to clipboard

Java: openjdk model autogeneration

1

Add dataflow-generated models for JDK17 and update test expectations as needed. Note that preparatory work was done in: - [this PR](https://github.com/github/codeql/pull/15280) (adding manual models to override dataflow-generated models that didn't...

owen-mc

C++: Implement models-as-data

6

Implement models-as-data for C++. That is, support for CSV formatted flow sources, sinks and summaries that look something like this: ``` ";;false;getc;;;ReturnValue;remote", ``` The implementation is ported from Swift, and...

geoffw0

tamasvajk

Use the same approach as with ViewComponent, to track flow into ERB template files via explicit `render` calls. We don't yet deal with: - any options passed to `render` that...

hmac

aschackmull

aschackmull

C#: Add references to threat modeling to C# Models-as-Data documentation

1

Adds information about threat modeling to the C# MaD docs.

egregius313

hvitved

Java: Promote Unsafe URL Forward query from experimental

2

Draft PR.

jcogs33

hmac