Skip to content

Sync upstream v2.23.8 #308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ropwareJB merged 667 commits into from
Dec 15, 2025
Merged

Sync upstream v2.23.8 #308

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
667 commits
Select commit Hold shift + click to select a range
3d49eff
Rust: Add integration test for `pub extern crate` resolution
hvitved Nov 19, 2025
87b9afc
Merge branch 'main' into redsun82/ripunzip
redsun82 Nov 19, 2025
e850a8a
Merge pull request #20861 from github/redsun82/ripunzip
redsun82 Nov 19, 2025
9bfe847
C++: Fix awful joins on bochs:
MathiasVP Nov 19, 2025
7d746d4
C#: Move .NET 10 RC2 basic integration test all platforms folder.
michaelnebel Nov 14, 2025
d7545f2
C#: Enable tests for all platforms and use .NET 10 instead of .NET 10…
michaelnebel Nov 14, 2025
ed92352
C#: Remove the linux specific .NET 10 RC 2 test.
michaelnebel Nov 14, 2025
8df57d8
C#: Add basic buildless test for .NET 10.
michaelnebel Nov 14, 2025
0daee6f
C#: Specifically download .NET for Arm architecture.
michaelnebel Nov 18, 2025
fba496f
C#: Add proper .NET environment for dotnet info and list-sdks and str…
michaelnebel Nov 18, 2025
34de2f5
C#: Update linux integration tests (as we have added CLI preferred la…
michaelnebel Nov 19, 2025
edabbfc
C#: Add change note.
michaelnebel Nov 19, 2025
b3c0938
Java: add missing QLDoc
redsun82 Nov 19, 2025
e235e04
C++: Fix `getAnExpandedArgument`
jketema Nov 19, 2025
fe3f90e
C++: Make `getExpandedArgument` more robust
jketema Nov 19, 2025
5cdfb3c
C#: Address review comments.
michaelnebel Nov 19, 2025
481f627
Rust: Add string literal test
paldepind Nov 19, 2025
0e539db
Rust: Handle string literals with line breaks
paldepind Nov 19, 2025
8fef604
JS: Remove out-commented code
asgerf Nov 19, 2025
efa438a
JS: Move identityFunctionStep back into CachedSteps module
asgerf Nov 19, 2025
4d9ab7b
Merge pull request #20871 from paldepind/rust/string-literal
paldepind Nov 19, 2025
83b3711
Swift: update `fmt`
redsun82 Nov 19, 2025
2c20d3f
Move weak crypto algorithm query out of experimental
owen-mc Jul 9, 2025
a71bb4b
Convert test to inline expectations
owen-mc Jul 18, 2025
188b25f
Remove `experimental` tag from query metadata
owen-mc Jul 9, 2025
92a3bcc
Align metadata with related queries
owen-mc Jul 10, 2025
5c403d3
Move crypto qll files from query pack to library pack
owen-mc Jul 17, 2025
34b2e3e
Copy the structure of the Javascript query
owen-mc Jul 18, 2025
fac5296
Avoid duplicate results using in-barriers
owen-mc Oct 14, 2025
f34a625
Model cryptographic operations
owen-mc Oct 15, 2025
713e19f
Make non-path query for encryption only
owen-mc Oct 31, 2025
52d7e2d
Add query for hashing sensitive data with weak hashing algorithm
owen-mc Oct 31, 2025
d2033ca
Add change note
owen-mc Oct 21, 2025
2cfafe5
Fix failing ruby crypto test that lists all algorithms
owen-mc Oct 21, 2025
970b5d7
Fix query suite integration tests
owen-mc Oct 21, 2025
69ecdcb
Fix capitalization of class names
owen-mc Oct 31, 2025
8d7b275
Add query help examples
owen-mc Nov 3, 2025
7d7af19
Fix small mistake in Ruby query help
owen-mc Nov 3, 2025
adbc1ef
Fix diff-informed predicates
owen-mc Nov 3, 2025
349e8ca
Remove unnecessary import
owen-mc Nov 4, 2025
f562b3d
Make line differences in test comments relative
owen-mc Nov 18, 2025
a70d742
Add test for good password hashing
owen-mc Nov 18, 2025
0c43f2c
Merge pull request #20870 from jketema/exp-arg-fix
jketema Nov 19, 2025
4c09e55
Merge branch 'main' into union-content-field-content-common-base-class
MathiasVP Nov 19, 2025
6c4def1
C++: Add change note.
MathiasVP Nov 19, 2025
42f0ce7
C++: Enable overlay compilation
igfoo Nov 14, 2025
489fff9
Rust: Base `DataFlow::Node` on AST instead of CFG
hvitved Nov 19, 2025
d2bb53a
Rust: Run codegen
hvitved Nov 19, 2025
e4853ab
Add change note
hvitved Nov 19, 2025
b293dfe
C++: Fix CWE-119 memcpy tests
szsam Nov 19, 2025
08dfb95
javascript: Add change note for `document.defaultView` aliasing `window`
Eliav2 Nov 19, 2025
b54abc7
C++: move `-DFMT_UNICODE` into a module patch
redsun82 Nov 20, 2025
d4fdf95
Address review comments
hvitved Nov 20, 2025
613895e
Merge pull request #20424 from asgerf/js/overlay-manual-v4
asgerf Nov 20, 2025
4d4a677
Merge pull request #20869 from hvitved/rust/dataflow-ast
hvitved Nov 20, 2025
0f40b3c
Merge pull request #20842 from hvitved/rust/path-resolution-extern-cr…
hvitved Nov 20, 2025
05085a8
Merge pull request #20666 from owen-mc/go/promote-weak-crypto-algorithm
owen-mc Nov 20, 2025
240c637
Merge pull request #20868 from github/redsun82/java-doc
redsun82 Nov 20, 2025
62ee6d3
Made changes requested by reviewers - bounded() for range checking, s…
aegilops Nov 20, 2025
1e67907
Merge commit
aegilops Nov 20, 2025
801cd72
Merge branch 'main' into java-kotlin-sensitive-logging-substring-barr…
aegilops Nov 20, 2025
14f9997
Merge pull request #20862 from MathiasVP/union-content-field-content-…
MathiasVP Nov 20, 2025
91451b7
javascript: Update expected results for global variable references
Eliav2 Nov 20, 2025
6df789d
Merge branch 'main' into 20823-globalVarRef-document-defaultView
Eliav2 Nov 20, 2025
132f02c
Update rust/ql/lib/codeql/rust/internal/PathResolution.qll
hvitved Nov 20, 2025
195a723
Merge branch 'main' into redsun82/update-fmt
redsun82 Nov 20, 2025
794b328
Bazel: remove unneeded file from registry
redsun82 Nov 20, 2025
29a5b27
Removed bounds checking and only using literals - bounded() predicate…
aegilops Nov 20, 2025
e904520
Fixed formatting
aegilops Nov 20, 2025
ce13668
Fixed formatting
aegilops Nov 20, 2025
30d68d8
Java: Add missing deprecated annotations.
aschackmull Nov 7, 2025
e76e7ab
C#: Read from dependency directory from extractor option.
michaelnebel Nov 13, 2025
1256ccf
C#: Add extractor option for buildless dependency directory.
michaelnebel Nov 13, 2025
2700843
C#: Add an integration test for setting the dependency directory in BMN.
michaelnebel Nov 17, 2025
90dbb7a
C#: Add change note.
michaelnebel Nov 17, 2025
138441b
C#: Address review comments.
michaelnebel Nov 17, 2025
5c454d2
C#: Fix typo.
michaelnebel Nov 21, 2025
ec381e4
Use range analysis and improve tests
owen-mc Nov 21, 2025
ce9986c
JS: Change signature of isShadowedFromBulkExport
asgerf Nov 21, 2025
8d72040
Merge pull request #20772 from aschackmull/java/ssa-deprecate
aschackmull Nov 21, 2025
d539930
C++: Add `databaseMetadata` and `overlayChangedFiles` tables to dbscheme
igfoo Nov 19, 2025
c2f96b9
C++: Update stats
igfoo Nov 21, 2025
6c7370e
C++: Add up/downgrade scripts
igfoo Nov 21, 2025
74d725e
JS: Remove unnecessary override in OriginalExportDeclaration
asgerf Nov 21, 2025
78c8ab1
JS: Split exportsAs into exportsDirectlyAs and reExportsAs
asgerf Nov 21, 2025
638c98b
Merge pull request #20832 from michaelnebel/csharp/dependencycaching
michaelnebel Nov 21, 2025
60826bd
Merge pull request #20837 from michaelnebel/csharp/dotnet10
michaelnebel Nov 21, 2025
3a393ec
Fixup! qldoc for reExportsAs
asgerf Nov 21, 2025
94566e5
JS: Remove unnecessary override in OriginalExportDeclaration
asgerf Nov 21, 2025
9c4f85f
JS: Split getSourceNode into getDirectSourceNode and getReExportedSou…
asgerf Nov 21, 2025
298e4cf
Java: Recognize int-sized long literals.
aschackmull Nov 21, 2025
51e1bda
JS: Move isTypeOnly() check into a direct check, instead of an override
asgerf Nov 21, 2025
d2fc6a7
Merge branch 'main' into java-kotlin-sensitive-logging-substring-barr…
owen-mc Nov 21, 2025
b1ed72d
Merge pull request #20886 from aschackmull/java/rangeanalysis-longlit…
aschackmull Nov 21, 2025
2da0814
Rust: Add test case involving taint.
geoffw0 Nov 20, 2025
8145264
Rust: Add threat model sources as additional sources for the query.
geoffw0 Nov 20, 2025
aca7877
Rust: Add some missing path / file metadata models.
geoffw0 Nov 21, 2025
89a9c46
Rust: Second change note.
geoffw0 Nov 21, 2025
785754e
Rust: Switch the query to taint flow, since some taint summaries are …
geoffw0 Nov 21, 2025
ace7a77
Rust: Switch to MaD models.
geoffw0 Nov 21, 2025
3ad014b
Rust: Additional sinks found in MRVA-1000.
geoffw0 Nov 21, 2025
e01c871
Rust: Accept changes to the dataflow/sources/file test.
geoffw0 Nov 21, 2025
9db1722
Rust: Accept consistency check changes.
geoffw0 Nov 21, 2025
03fc4cb
Merge remote-tracking branch 'upstream/main' into access-invalid-poin…
geoffw0 Nov 21, 2025
988aca1
Rust: Correct QLDoc comment.
geoffw0 Nov 21, 2025
8061505
Merge remote-tracking branch 'upstream/main' into cert-checks
geoffw0 Nov 21, 2025
2ce4c47
Rust: More sinks from the MRVA-1000.
geoffw0 Nov 21, 2025
eb674d0
Rust: Reinstate the original function names model but call it a heuri…
geoffw0 Nov 21, 2025
ff8032a
Rust: Fix after merge.
geoffw0 Nov 21, 2025
0ea28b4
Rust: Test .expected changes.
geoffw0 Nov 21, 2025
993154e
Rust: Avoid duplicating sinks.
geoffw0 Nov 21, 2025
b62968f
Rust: Spelling.
geoffw0 Nov 22, 2025
b16f8c2
Update rust/ql/lib/codeql/rust/internal/PathResolution.qll
hvitved Nov 23, 2025
17e1e17
Rust: Add placeholder declarations for `&mut` and `*mut`
hvitved Nov 23, 2025
192f254
Merge branch 'main' into 20823-globalVarRef-document-defaultView
Eliav2 Nov 23, 2025
c9e9322
C++: Add an example of missing MaD supporrt for non-type template par…
MathiasVP Nov 24, 2025
c7a0411
Merge pull request #20892 from hvitved/rust/builtin-mut-placeholders
hvitved Nov 24, 2025
ac644b2
Merge pull request #20848 from hvitved/rust/ranked-forex-rename
hvitved Nov 24, 2025
732e55d
C++: Ignore template non-type parameters in MaD signature matching.
MathiasVP Nov 24, 2025
98879d0
C++: Accept test changes.
MathiasVP Nov 24, 2025
43111b8
Merge pull request #20716 from hvitved/rust/path-resolution-variable-…
hvitved Nov 24, 2025
fd56678
Update cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll
MathiasVP Nov 24, 2025
ecb80cb
C++: Represent field content using a column that is shared by all tem…
MathiasVP Nov 20, 2025
6bae58e
C++: Accept more test changes.
MathiasVP Nov 24, 2025
0487e06
C++: Accept test changes from tests that use getAQlClass.
MathiasVP Nov 24, 2025
e37336d
No need for `getUnderlyingExpr` to look through casts
owen-mc Nov 24, 2025
1a59839
Range library recognises long literals now
owen-mc Nov 24, 2025
555301c
Merge pull request #20874 from igfoo/igfoo/overlay
igfoo Nov 24, 2025
0f4561e
Rust: Add XSS examples
paldepind Nov 24, 2025
ae9c753
Rust: Add XSS query
paldepind Nov 24, 2025
9e2bf76
Rust: Add XSS sinks for Actix and Warp
paldepind Nov 24, 2025
9c2858d
Rust: Add qhelp for XSS query
paldepind Nov 24, 2025
597c81d
Rust: Add change note for XSS query
paldepind Nov 24, 2025
2e53370
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
MathiasVP Nov 24, 2025
eb6b085
Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
MathiasVP Nov 24, 2025
daead03
Merge pull request #20829 from geoffw0/cert-checks
geoffw0 Nov 24, 2025
ce25def
Rust: Update integration test expected files
paldepind Nov 24, 2025
411d1fa
Rust: Fix grammar and typos
paldepind Nov 25, 2025
1c2d8bb
Merge pull request #20851 from geoffw0/access-invalid-pointer-fp
geoffw0 Nov 25, 2025
458f857
Fix KeyError: 'name' in python/extractor/imp.py on Python 3.14
akoeplinger Nov 25, 2025
47ab307
C++: Respond to review comments.
MathiasVP Nov 25, 2025
b4ae588
Rust: Tweak existing `isStruct` predicates
paldepind Nov 25, 2025
50e8d0c
Rust: Add `isFieldless` and `isUnitOnly` to `Enum`
paldepind Nov 25, 2025
393da45
Rust: Add tests for `Enum`
paldepind Nov 25, 2025
4f13ae3
Rust: Add qldoc
paldepind Nov 25, 2025
2024f32
C++: Add an example with missing flow.
MathiasVP Nov 25, 2025
861ca75
Merge branch 'main' into canonical-content
jketema Nov 25, 2025
9ae4c14
Rust: Address PR feedback
paldepind Nov 25, 2025
26e5320
Merge pull request #20901 from MathiasVP/canonical-content
MathiasVP Nov 25, 2025
7d76619
Implement cookie write concepts and httponly query
joefarebrother Nov 3, 2025
74c424d
Fixes, add secure query
joefarebrother Nov 5, 2025
5094784
Add modeling for gin
joefarebrother Nov 5, 2025
8d544e5
Add tests
joefarebrother Nov 6, 2025
2b1cd84
Fixes and doc updates
joefarebrother Nov 6, 2025
fa30041
Add qhelp & fix tests
joefarebrother Nov 9, 2025
536e885
Remove experimental query
joefarebrother Nov 10, 2025
d633120
Update integration tests
joefarebrother Nov 10, 2025
ed483dd
Add change note
joefarebrother Nov 10, 2025
a25861d
Update integration test
joefarebrother Nov 10, 2025
6282c34
Update formatting
joefarebrother Nov 10, 2025
1bd5005
Fix typos
joefarebrother Nov 10, 2025
03d63de
Address reviews - rename and update doc comments
joefarebrother Nov 17, 2025
5b702d9
Refactor parts of SensitiveCookieNameConfig
joefarebrother Nov 17, 2025
c6110ed
Split SecureCookies into query specific files
joefarebrother Nov 17, 2025
c7b16a0
Address reviews - update comments, remove unneeded stubs
joefarebrother Nov 19, 2025
cece73b
Remove references to gorilla
joefarebrother Nov 19, 2025
e95b359
JS: Fix project layout detection for Next.js apps
asgerf Nov 25, 2025
faa55f5
C++: Add another test with a template function whose non-type templat…
MathiasVP Nov 25, 2025
05737af
C++: Only support non-type template parameters in tail position.
MathiasVP Nov 25, 2025
a91969b
JS: Change note
asgerf Nov 25, 2025
0deac83
C++: Accept test changes.
MathiasVP Nov 25, 2025
73b6fa6
C++: Fix Code Scanning alert.
MathiasVP Nov 25, 2025
5b4e114
JS: Add test
asgerf Nov 25, 2025
7c76636
Rust: Fix typo in change note for XSS query
paldepind Nov 25, 2025
295dc69
Merge branch 'main' into ignore-non-type-template-params
MathiasVP Nov 25, 2025
85cb3e0
Merge pull request #20762 from joefarebrother/go-insecure-cookie
joefarebrother Nov 25, 2025
f0dec21
Merge branch 'main' into java-kotlin-sensitive-logging-substring-barr…
owen-mc Nov 25, 2025
7278bc7
Rust: Remove unused function in XSS tests
paldepind Nov 25, 2025
0245b9d
Merge pull request #20911 from asgerf/js/next-folders
asgerf Nov 26, 2025
0414555
Merge pull request #20741 from aegilops/java-kotlin-sensitive-logging…
owen-mc Nov 26, 2025
b33af5b
JS: Fix typo
asgerf Nov 26, 2025
dbf14c1
Factor XML discard predicates into OverlayXml.qll
asgerf Nov 19, 2025
1c8cc39
Merge pull request #20906 from paldepind/rust/enum-fieldless
paldepind Nov 26, 2025
33c7057
C++: Remove incorrect tests
jketema Nov 26, 2025
6050a0e
Rust: Split boolean from number barriers
paldepind Nov 26, 2025
081ab49
Rust: Add barrier for fieldless enum types
paldepind Nov 26, 2025
815af34
Rust: Add additional barriers to queries
paldepind Nov 26, 2025
adc13e3
Merge pull request #20920 from jketema/feature-incorrect
jketema Nov 26, 2025
d869b00
Merge pull request #20899 from MathiasVP/ignore-non-type-template-params
MathiasVP Nov 26, 2025
caf6b95
Remove trailing periods from @name metadata in query files
felicitymay Nov 26, 2025
329df20
Rust: Fix typo
paldepind Nov 26, 2025
4a8fbba
Merge branch 'main' into felicity-fix-query-names
jketema Nov 26, 2025
982950f
Merge pull request #20923 from github/felicity-fix-query-names
jketema Nov 26, 2025
a9b58b8
Rust: Model `async` return types as `dyn Future`
hvitved Aug 17, 2025
69ba764
Merge branch 'main' into 20823-globalVarRef-document-defaultView
Eliav2 Nov 26, 2025
25a46a8
C++: Use appropriate sizeof in CWE-119 memcpy tests
szsam Nov 27, 2025
8b32679
Merge pull request #20921 from paldepind/rust/barrier-tweaks
paldepind Nov 27, 2025
39136f3
C/C++ overlay: Add basic Overlay.qll file
IdrissRio Nov 25, 2025
6c09325
C/C++ Overlay: Preserve entities that have at least one location in a…
IdrissRio Nov 26, 2025
3d69286
C/C++ overlay: Address review comments
IdrissRio Nov 26, 2025
f0cac32
Merge pull request #20236 from hvitved/rust/type-inference-async-dyn-…
hvitved Nov 27, 2025
d8027fb
Merge pull request #20885 from asgerf/js/local-module-exports
asgerf Nov 27, 2025
e8cb6b8
Rust: Fix a couple of comments.
geoffw0 Nov 27, 2025
803e9fc
Merge branch 'main' into fix-CWE-119-tests
geoffw0 Nov 27, 2025
2371b65
Merge pull request #20925 from geoffw0/barrier-doc
geoffw0 Nov 27, 2025
7db06ca
Merge pull request #20876 from szsam/fix-CWE-119-tests
geoffw0 Nov 27, 2025
97dad2d
Rust: Apply suggestions from docs review
paldepind Nov 27, 2025
0896be0
Merge pull request #20844 from Eliav2/20823-globalVarRef-document-def…
asgerf Nov 27, 2025
f55ff96
Python: Bump extractor version and add change note
tausbn Nov 27, 2025
0c358ac
Merge pull request #20908 from akoeplinger/patch-1
tausbn Nov 27, 2025
2058c4a
Remove redundant char pred
owen-mc Nov 28, 2025
fb0b407
Remove redundant import
owen-mc Nov 28, 2025
303deab
Remove redundant conjunct
owen-mc Nov 28, 2025
0b79087
Make predicate name start with `has` instead of `get`
owen-mc Nov 28, 2025
fe1c4e2
Make class qldoc start with "A".
owen-mc Nov 28, 2025
b8ccaf3
Improve formatting of tags metadata
owen-mc Nov 28, 2025
62238fc
Fix variable name in qldoc
owen-mc Nov 28, 2025
22b614a
Use set literals
owen-mc Nov 28, 2025
220fd08
Improve formatting of tags #2
owen-mc Nov 28, 2025
992bd68
Use set literals #2
owen-mc Nov 28, 2025
86eb949
Merge pull request #20902 from paldepind/rust/xss-query
paldepind Nov 28, 2025
38a1bb0
Use string instead of @file in XML discards
asgerf Nov 28, 2025
6257bed
Sync OverlayXml.qll
asgerf Nov 28, 2025
c43b03b
Merge pull request #20931 from owen-mc/go/fix-misc-ql
owen-mc Nov 28, 2025
eac06dd
C/C++ overlay: Address review comments
IdrissRio Nov 28, 2025
a69e781
C#: Pin tests and mark .NET 10 tests as flaky.
michaelnebel Nov 28, 2025
af41ca0
C#: Fix syntax error.
michaelnebel Nov 28, 2025
4ad25e4
C/C++ overlay: Address review comments
IdrissRio Nov 28, 2025
6c9d158
C#: Skip .NET 10 tests for now.
michaelnebel Nov 28, 2025
9fd31bf
Merge pull request #20909 from github/idrissrio/cpp/overlay/overlay.qll
IdrissRio Nov 28, 2025
1d56f17
Merge pull request #20935 from michaelnebel/csharp/flakynet10
michaelnebel Nov 28, 2025
50929ef
Merge pull request #20872 from github/redsun82/update-fmt
redsun82 Dec 1, 2025
b8cff77
Merge pull request #20873 from github/shared-xml-discard
asgerf Dec 1, 2025
1cc5b34
Fix date format in change note file
oscarsj Dec 1, 2025
10a53e6
Merge pull request #20927 from github/changedocs/2.23.6
coadaflorin Dec 1, 2025
f1aaefc
Merge pull request #20943 from github/oscarsj/update-codeql-cli-2.23.7
oscarsj Dec 1, 2025
19a1346
Release preparation for version 2.23.7
invalid-email-address Dec 1, 2025
871d5c9
Merge pull request #20944 from github/release-prep/2.23.7
oscarsj Dec 1, 2025
a045b31
Release preparation for version 2.23.7
invalid-email-address Dec 2, 2025
dce6d0e
Merge pull request #20955 from github/release-prep/2.23.7
oscarsj Dec 2, 2025
085faa2
Post-release preparation for codeql-cli-2.23.7
invalid-email-address Dec 2, 2025
5addb53
Merge pull request #20946 from github/post-release-prep/codeql-cli-2.…
oscarsj Dec 5, 2025
a0e7afd
Java: Add change note for Maven compiler flags
IdrissRio Dec 8, 2025
877669d
Merge pull request #20981 from github/idrissrio/java/java-maven-sap
IdrissRio Dec 8, 2025
294089f
JS: Use question-mark variant in all overlay annotations
asgerf Dec 8, 2025
4d1200f
Revert changes in synced files
asgerf Dec 8, 2025
b5f705a
Merge pull request #20985 from asgerf/js/overlay-local-optional
redsun82 Dec 8, 2025
66c51e9
Release preparation for version 2.23.8
invalid-email-address Dec 8, 2025
28b6aa8
Merge pull request #20988 from github/release-prep/2.23.8
redsun82 Dec 8, 2025
cffde88
Manual merge javascript/ql/lib/semmle/javascript/dataflow/internal/Da…
ropwareJB Dec 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
3 changes: 0 additions & 3 deletions .gitattributes
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,9 +82,6 @@
/csharp/paket.main.bzl linguist-generated=true
/csharp/paket.main_extension.bzl linguist-generated=true

# ripunzip tool
/misc/ripunzip/ripunzip-* filter=lfs diff=lfs merge=lfs -text

# swift prebuilt resources
/swift/third_party/resources/*.zip filter=lfs diff=lfs merge=lfs -text
/swift/third_party/resources/*.tar.zst filter=lfs diff=lfs merge=lfs -text
Expand Down
74 changes: 0 additions & 74 deletions .github/workflows/build-ripunzip.yml
View file
Open in desktop

This file was deleted.

16 changes: 13 additions & 3 deletions CODEOWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,29 @@
/actions/ @github/codeql-dynamic
/cpp/ @github/codeql-c-analysis
/csharp/ @github/codeql-csharp
/csharp/autobuilder/Semmle.Autobuild.Cpp @github/codeql-c-extractor
/csharp/autobuilder/Semmle.Autobuild.Cpp.Tests @github/codeql-c-extractor
/csharp/autobuilder/Semmle.Autobuild.Cpp @github/codeql-c-extractor @github/code-scanning-language-coverage
/csharp/autobuilder/Semmle.Autobuild.Cpp.Tests @github/codeql-c-extractor @github/code-scanning-language-coverage
/go/ @github/codeql-go
/go/codeql-tools/ @github/codeql-go @github/code-scanning-language-coverage
/go/downgrades/ @github/codeql-go @github/code-scanning-language-coverage
/go/extractor/ @github/codeql-go @github/code-scanning-language-coverage
/go/extractor-smoke-test/ @github/codeql-go @github/code-scanning-language-coverage
/go/ql/test/extractor-tests/ @github/codeql-go @github/code-scanning-language-coverage
/java/ @github/codeql-java
/javascript/ @github/codeql-javascript
/javascript/extractor/ @github/codeql-javascript @github/code-scanning-language-coverage
/python/ @github/codeql-python
/python/extractor/ @github/codeql-python @github/code-scanning-language-coverage
/ql/ @github/codeql-ql-for-ql-reviewers
/ruby/ @github/codeql-ruby
/ruby/extractor/ @github/codeql-ruby @github/code-scanning-language-coverage
/rust/ @github/codeql-rust
/rust/extractor/ @github/codeql-rust @github/code-scanning-language-coverage
/shared/ @github/codeql-shared-libraries-reviewers
/swift/ @github/codeql-swift
/swift/extractor/ @github/codeql-swift @github/code-scanning-language-coverage
/misc/codegen/ @github/codeql-swift
/java/kotlin-extractor/ @github/codeql-kotlin
/java/kotlin-extractor/ @github/codeql-kotlin @github/code-scanning-language-coverage
/java/ql/test-kotlin1/ @github/codeql-kotlin
/java/ql/test-kotlin2/ @github/codeql-kotlin

Expand Down
28 changes: 10 additions & 18 deletions MODULE.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ bazel_dep(name = "rules_shell", version = "0.5.0")
bazel_dep(name = "bazel_skylib", version = "1.8.1")
bazel_dep(name = "abseil-cpp", version = "20240116.1", repo_name = "absl")
bazel_dep(name = "nlohmann_json", version = "3.11.3", repo_name = "json")
bazel_dep(name = "fmt", version = "10.0.0")
bazel_dep(name = "fmt", version = "12.1.0-codeql.1")
bazel_dep(name = "rules_kotlin", version = "2.1.3-codeql.1")
bazel_dep(name = "gazelle", version = "0.40.0")
bazel_dep(name = "rules_dotnet", version = "0.19.2-codeql.1")
Expand Down Expand Up @@ -269,24 +269,16 @@ go_deps = use_extension("@gazelle//:extensions.bzl", "go_deps")
go_deps.from_file(go_mod = "//go/extractor:go.mod")
use_repo(go_deps, "org_golang_x_mod", "org_golang_x_tools")

lfs_archive = use_repo_rule("//misc/bazel:lfs.bzl", "lfs_archive")
ripunzip_archive = use_repo_rule("//misc/ripunzip:ripunzip.bzl", "ripunzip_archive")

lfs_archive(
name = "ripunzip-linux",
src = "//misc/ripunzip:ripunzip-Linux.zip",
build_file = "//misc/ripunzip:BUILD.ripunzip.bazel",
)

lfs_archive(
name = "ripunzip-windows",
src = "//misc/ripunzip:ripunzip-Windows.zip",
build_file = "//misc/ripunzip:BUILD.ripunzip.bazel",
)

lfs_archive(
name = "ripunzip-macos",
src = "//misc/ripunzip:ripunzip-macOS.zip",
build_file = "//misc/ripunzip:BUILD.ripunzip.bazel",
# go to https://github.com/GoogleChrome/ripunzip/releases to find latest version and corresponding sha256s
ripunzip_archive(
name = "ripunzip",
sha256_linux = "ee0e8a957687a5dc3a66b2a4b25883bf762df4c9c07f0651af527a32a405054b",
sha256_macos_arm = "8a88eea54eac232d162a72a42065e0429b82dbf4f05e9642915dff9d7a81f846",
sha256_macos_intel = "4457a18bfcc5feabe09f5ea3d1157128e07b4873392cb404a870e611924abf64",
sha256_windows = "66d0c1375301bf5ab815348048f43b110631d3fa7200acd50d50a8ed8655ca62",
version = "2.0.3",
)

register_toolchains(
Expand Down
16 changes: 16 additions & 0 deletions actions/ql/lib/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
## 0.4.24

No user-facing changes.

## 0.4.23

No user-facing changes.

## 0.4.22

No user-facing changes.

## 0.4.21

No user-facing changes.

## 0.4.20

No user-facing changes.
Expand Down
3 changes: 3 additions & 0 deletions actions/ql/lib/change-notes/released/0.4.21.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.4.21

No user-facing changes.
3 changes: 3 additions & 0 deletions actions/ql/lib/change-notes/released/0.4.22.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.4.22

No user-facing changes.
3 changes: 3 additions & 0 deletions actions/ql/lib/change-notes/released/0.4.23.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.4.23

No user-facing changes.
3 changes: 3 additions & 0 deletions actions/ql/lib/change-notes/released/0.4.24.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.4.24

No user-facing changes.
2 changes: 1 addition & 1 deletion actions/ql/lib/codeql-pack.release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.4.20
lastReleaseVersion: 0.4.24
2 changes: 1 addition & 1 deletion actions/ql/lib/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/actions-all
version: 0.4.20
version: 0.4.24
library: true
warnOnImplicitThis: true
dependencies:
Expand Down
16 changes: 16 additions & 0 deletions actions/ql/src/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
## 0.6.16

No user-facing changes.

## 0.6.15

No user-facing changes.

## 0.6.14

No user-facing changes.

## 0.6.13

No user-facing changes.

## 0.6.12

No user-facing changes.
Expand Down
3 changes: 3 additions & 0 deletions actions/ql/src/change-notes/released/0.6.13.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.6.13

No user-facing changes.
3 changes: 3 additions & 0 deletions actions/ql/src/change-notes/released/0.6.14.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.6.14

No user-facing changes.
3 changes: 3 additions & 0 deletions actions/ql/src/change-notes/released/0.6.15.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.6.15

No user-facing changes.
3 changes: 3 additions & 0 deletions actions/ql/src/change-notes/released/0.6.16.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.6.16

No user-facing changes.
2 changes: 1 addition & 1 deletion actions/ql/src/codeql-pack.release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.6.12
lastReleaseVersion: 0.6.16
2 changes: 1 addition & 1 deletion actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* @name Artifact Poisoning (Path Traversal).
* @name Artifact Poisoning (Path Traversal)
* @description An attacker may be able to poison the workflow's artifacts and influence on consequent steps.
* @kind problem
* @problem.severity error
Expand Down
2 changes: 1 addition & 1 deletion actions/ql/src/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/actions-queries
version: 0.6.12
version: 0.6.16
library: false
warnOnImplicitThis: true
groups: [actions, queries]
Expand Down
7 changes: 7 additions & 0 deletions config/identical-files.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -276,5 +276,12 @@
"Python model summaries test extension": [
"python/ql/test/library-tests/dataflow/model-summaries/InlineTaintTest.ext.yml",
"python/ql/test/library-tests/dataflow/model-summaries/NormalDataflowTest.ext.yml"
],
"XML discard predicates": [
"javascript/ql/lib/semmle/javascript/internal/OverlayXml.qll",
"java/ql/lib/semmle/code/java/internal/OverlayXml.qll",
"go/ql/lib/semmle/go/internal/OverlayXml.qll",
"python/ql/lib/semmle/python/internal/OverlayXml.qll",
"csharp/ql/lib/semmle/code/csharp/internal/OverlayXml.qll"
]
}
Loading
Loading