Owen Mansel-Chan
Owen Mansel-Chan
`strings.Replacer.Replace` and `strings.Replacer.WriteString`
Work in progress
I'd recommend updating the dependency `neurosnap/sentences` to use its new location (github.com/neurosnap/sentences) and the latest version (v1.0.9). This version fixes a very minor security problem where the readme linked to...
Add dataflow-generated models for JDK17 and update test expectations as needed. Note that preparatory work was done in: - [this PR](https://github.com/github/codeql/pull/15280) (adding manual models to override dataflow-generated models that didn't...
These were contributed by @am0o0 in https://github.com/github/codeql/pull/13553 .
These were not converted when most of the rest of the models were converted in https://github.com/github/codeql/pull/12750 because at the time flow didn't work through variadic parameters when using models-as-data. That...
Update go's copy of `ExternalFlow.qll` to bring it in line with java and csharp's. - Add support for neutral models. - Change the way that the receiver is referred to...
The duplication of flow steps in additional flow steps added by configs was highlighted by https://github.com/github/codeql/pull/16511 and fixed in https://github.com/github/codeql/pull/16562. This PR fixes them, so we aren't specifying additional flow...
Convert sources from Chi, Echo and Elazarl to MaD. I don't believe it needs a change note.
I'm new to threat models, so I may be missing something that is required. In particular, is it okay to have a threat model kind that isn't part of the...