Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main

.bazelversion

@@ -1 +1 @@
-8.1.1
+8.4.2

.github/dependabot.yml

@@ -40,3 +40,8 @@ updates:
       - dependency-name: "*"
     reviewers:
       - "github/codeql-go"
+
+  - package-ecosystem: bazel
+    directory: "/"
+    schedule:
+      interval: weekly

.github/workflows/codeql-analysis.yml

@@ -34,7 +34,7 @@ jobs:
     - name: Setup dotnet
       uses: actions/setup-dotnet@v4
       with:
-        dotnet-version: 9.0.300
+        dotnet-version: 10.0.100
 
     - name: Checkout repository
       uses: actions/checkout@v5

.github/workflows/csharp-qltest.yml

@@ -43,14 +43,14 @@ jobs:
       - name: Setup dotnet
         uses: actions/setup-dotnet@v4
         with:
-          dotnet-version: 9.0.300
+          dotnet-version: 10.0.100
       - name: Extractor unit tests
         run: |
           dotnet tool restore
-          dotnet test -p:RuntimeFrameworkVersion=9.0.5 extractor/Semmle.Util.Tests
+          dotnet test -p:RuntimeFrameworkVersion=10.0.0 extractor/Semmle.Util.Tests
-          dotnet test -p:RuntimeFrameworkVersion=9.0.5 extractor/Semmle.Extraction.Tests
+          dotnet test -p:RuntimeFrameworkVersion=10.0.0 extractor/Semmle.Extraction.Tests
-          dotnet test -p:RuntimeFrameworkVersion=9.0.5 autobuilder/Semmle.Autobuild.CSharp.Tests
+          dotnet test -p:RuntimeFrameworkVersion=10.0.0 autobuilder/Semmle.Autobuild.CSharp.Tests
-          dotnet test -p:RuntimeFrameworkVersion=9.0.5 autobuilder/Semmle.Autobuild.Cpp.Tests
+          dotnet test -p:RuntimeFrameworkVersion=10.0.0 autobuilder/Semmle.Autobuild.Cpp.Tests
         shell: bash
   stubgentest:
     runs-on: ubuntu-latest

MODULE.bazel

@@ -26,7 +26,7 @@ bazel_dep(name = "nlohmann_json", version = "3.11.3", repo_name = "json")
 bazel_dep(name = "fmt", version = "12.1.0-codeql.1")
 bazel_dep(name = "rules_kotlin", version = "2.1.3-codeql.1")
 bazel_dep(name = "gazelle", version = "0.40.0")
-bazel_dep(name = "rules_dotnet", version = "0.19.2-codeql.1")
+bazel_dep(name = "rules_dotnet", version = "0.21.5-codeql.1")
 bazel_dep(name = "googletest", version = "1.14.0.bcr.1")
 bazel_dep(name = "rules_rust", version = "0.66.0")
 bazel_dep(name = "zstd", version = "1.5.5.bcr.1")
@@ -172,7 +172,7 @@ http_archive(
 )
 
 dotnet = use_extension("@rules_dotnet//dotnet:extensions.bzl", "dotnet")
-dotnet.toolchain(dotnet_version = "9.0.300")
+dotnet.toolchain(dotnet_version = "10.0.100")
 use_repo(dotnet, "dotnet_toolchains")
 
 register_toolchains("@dotnet_toolchains//:all")
@@ -274,11 +274,11 @@ ripunzip_archive = use_repo_rule("//misc/ripunzip:ripunzip.bzl", "ripunzip_archi
 # go to https://github.com/GoogleChrome/ripunzip/releases to find latest version and corresponding sha256s
 ripunzip_archive(
     name = "ripunzip",
-    sha256_linux = "ee0e8a957687a5dc3a66b2a4b25883bf762df4c9c07f0651af527a32a405054b",
+    sha256_linux = "71482d7a7e4ea9176d5596161c49250c34b136b157c45f632b1111323fbfc0de",
-    sha256_macos_arm = "8a88eea54eac232d162a72a42065e0429b82dbf4f05e9642915dff9d7a81f846",
+    sha256_macos_arm = "604194ab13f0aba3972995d995f11002b8fc285c8170401fcd46655065df20c9",
-    sha256_macos_intel = "4457a18bfcc5feabe09f5ea3d1157128e07b4873392cb404a870e611924abf64",
+    sha256_macos_intel = "65367b94fd579d93d46f2d2595cc4c9a60cfcf497e3c824f9d1a7b80fa8bd38a",
-    sha256_windows = "66d0c1375301bf5ab815348048f43b110631d3fa7200acd50d50a8ed8655ca62",
+    sha256_windows = "ac3874075def2b9e5074a3b5945005ab082cc6e689e1de658da8965bc23e643e",
-    version = "2.0.3",
+    version = "2.0.4",
 )
 
 register_toolchains(

actions/ql/lib/change-notes/2025-11-28-fix-code-injection-alert-filtering.md

@@ -0,0 +1,4 @@
+---
+category: majorAnalysis
+---
+* The query `actions/code-injection/medium` has been updated to include results which were incorrectly excluded while filtering out results that are reported by `actions/code-injection/critical`.

actions/ql/lib/codeql/actions/security/CodeInjectionQuery.qll

@@ -19,12 +19,7 @@ class CodeInjectionSink extends DataFlow::Node {
 Event getRelevantCriticalEventForSink(DataFlow::Node sink) {
   inPrivilegedContext(sink.asExpr(), result) and
   not exists(ControlCheck check | check.protects(sink.asExpr(), result, "code-injection")) and
-  // exclude cases where the sink is a JS script and the expression uses toJson
+  not isGithubScriptUsingToJson(sink.asExpr())
-  not exists(UsesStep script |
-    script.getCallee() = "actions/github-script" and
-    script.getArgumentExpr("script") = sink.asExpr() and
-    exists(getAToJsonReferenceExpression(sink.asExpr().(Expression).getExpression(), _))
-  )
 }
 
 /**
@@ -91,3 +86,38 @@ private module CodeInjectionConfig implements DataFlow::ConfigSig {
 
 /** Tracks flow of unsafe user input that is used to construct and evaluate a code script. */
 module CodeInjectionFlow = TaintTracking::Global<CodeInjectionConfig>;
+
+/**
+ * Holds if there is a code injection flow from `source` to `sink` with
+ * critical severity, linked by `event`.
+ */
+predicate criticalSeverityCodeInjection(
+  CodeInjectionFlow::PathNode source, CodeInjectionFlow::PathNode sink, Event event
+) {
+  CodeInjectionFlow::flowPath(source, sink) and
+  event = getRelevantCriticalEventForSink(sink.getNode()) and
+  source.getNode().(RemoteFlowSource).getEventName() = event.getName()
+}
+
+/**
+ * Holds if there is a code injection flow from `source` to `sink` with medium severity.
+ */
+predicate mediumSeverityCodeInjection(
+  CodeInjectionFlow::PathNode source, CodeInjectionFlow::PathNode sink
+) {
+  CodeInjectionFlow::flowPath(source, sink) and
+  not criticalSeverityCodeInjection(source, sink, _) and
+  not isGithubScriptUsingToJson(sink.getNode().asExpr())
+}
+
+/**
+ * Holds if `expr` is the `script` input to `actions/github-script` and it uses
+ * `toJson`.
+ */
+predicate isGithubScriptUsingToJson(Expression expr) {
+  exists(UsesStep script |
+    script.getCallee() = "actions/github-script" and
+    script.getArgumentExpr("script") = expr and
+    exists(getAToJsonReferenceExpression(expr.getExpression(), _))
+  )
+}

actions/ql/src/Security/CWE-094/CodeInjectionCritical.ql

@@ -20,10 +20,7 @@ import CodeInjectionFlow::PathGraph
 import codeql.actions.security.ControlChecks
 
 from CodeInjectionFlow::PathNode source, CodeInjectionFlow::PathNode sink, Event event
-where
+where criticalSeverityCodeInjection(source, sink, event)
-  CodeInjectionFlow::flowPath(source, sink) and
-  event = getRelevantCriticalEventForSink(sink.getNode()) and
-  source.getNode().(RemoteFlowSource).getEventName() = event.getName()
 select sink.getNode(), source, sink,
   "Potential code injection in $@, which may be controlled by an external user ($@).", sink,
   sink.getNode().asExpr().(Expression).getRawExpression(), event, event.getName()

actions/ql/src/Security/CWE-094/CodeInjectionMedium.ql

@@ -19,15 +19,7 @@ import codeql.actions.security.CodeInjectionQuery
 import CodeInjectionFlow::PathGraph
 
 from CodeInjectionFlow::PathNode source, CodeInjectionFlow::PathNode sink
-where
+where mediumSeverityCodeInjection(source, sink)
-  CodeInjectionFlow::flowPath(source, sink) and
-  inNonPrivilegedContext(sink.getNode().asExpr()) and
-  // exclude cases where the sink is a JS script and the expression uses toJson
-  not exists(UsesStep script |
-    script.getCallee() = "actions/github-script" and
-    script.getArgumentExpr("script") = sink.getNode().asExpr() and
-    exists(getAToJsonReferenceExpression(sink.getNode().asExpr().(Expression).getExpression(), _))
-  )
 select sink.getNode(), source, sink,
   "Potential code injection in $@, which may be controlled by an external user.", sink,
   sink.getNode().asExpr().(Expression).getRawExpression()

actions/ql/src/Security/CWE-275/MissingActionsPermissions.md

@@ -2,6 +2,8 @@
 
 If a GitHub Actions job or workflow has no explicit permissions set, then the repository permissions are used. Repositories created under organizations inherit the organization permissions. The organizations or repositories created before February 2023 have the default permissions set to read-write. Often these permissions do not adhere to the principle of least privilege and can be reduced to read-only, leaving the `write` permission only to a specific types as `issues: write` or `pull-requests: write`.
 
+Note that this query cannot check whether the organization or repository token settings are set to read-only. However, even if they are, it is recommended to define explicit permissions (`contents: read` and `packages: read` are equivalent to the read-only default) so that (a) the actual needs of the workflow are documented, and (b) the permissions will remain restricted if the default is subsequently changed, or the workflow is copied to a different repository or organization.
+
 ## Recommendation
 
 Add the `permissions` key to the job or the root of workflow (in this case it is applied to all jobs in the workflow that do not have their own `permissions` key) and assign the least privileges required to complete the task.

actions/ql/test/query-tests/Security/CWE-094/.github/workflows/push_and_workflow_dispatch.yml

@@ -0,0 +1,18 @@
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  echo-chamber:
+    runs-on: ubuntu-latest
+    steps:
+    - run: echo '${{ github.event.commits[11].message }}'
+    - run: echo '${{ github.event.commits[11].author.email }}'
+    - run: echo '${{ github.event.commits[11].author.name }}'
+    - run: echo '${{ github.event.head_commit.message }}'
+    - run: echo '${{ github.event.head_commit.author.email }}'
+    - run: echo '${{ github.event.head_commit.author.name }}'
+    - run: echo '${{ github.event.head_commit.committer.email }}'
+    - run: echo '${{ github.event.head_commit.committer.name }}'
+    - run: echo '${{ github.event.commits[11].committer.email }}'
+    - run: echo '${{ github.event.commits[11].committer.name }}'

actions/ql/test/query-tests/Security/CWE-094/CodeInjectionCritical.expected

@@ -435,6 +435,16 @@ nodes
 | .github/workflows/push.yml:14:19:14:64 | github.event.head_commit.committer.name | semmle.label | github.event.head_commit.committer.name |
 | .github/workflows/push.yml:15:19:15:65 | github.event.commits[11].committer.email | semmle.label | github.event.commits[11].committer.email |
 | .github/workflows/push.yml:16:19:16:64 | github.event.commits[11].committer.name | semmle.label | github.event.commits[11].committer.name |
+| .github/workflows/push_and_workflow_dispatch.yml:9:19:9:57 | github.event.commits[11].message | semmle.label | github.event.commits[11].message |
+| .github/workflows/push_and_workflow_dispatch.yml:10:19:10:62 | github.event.commits[11].author.email | semmle.label | github.event.commits[11].author.email |
+| .github/workflows/push_and_workflow_dispatch.yml:11:19:11:61 | github.event.commits[11].author.name | semmle.label | github.event.commits[11].author.name |
+| .github/workflows/push_and_workflow_dispatch.yml:12:19:12:57 | github.event.head_commit.message | semmle.label | github.event.head_commit.message |
+| .github/workflows/push_and_workflow_dispatch.yml:13:19:13:62 | github.event.head_commit.author.email | semmle.label | github.event.head_commit.author.email |
+| .github/workflows/push_and_workflow_dispatch.yml:14:19:14:61 | github.event.head_commit.author.name | semmle.label | github.event.head_commit.author.name |
+| .github/workflows/push_and_workflow_dispatch.yml:15:19:15:65 | github.event.head_commit.committer.email | semmle.label | github.event.head_commit.committer.email |
+| .github/workflows/push_and_workflow_dispatch.yml:16:19:16:64 | github.event.head_commit.committer.name | semmle.label | github.event.head_commit.committer.name |
+| .github/workflows/push_and_workflow_dispatch.yml:17:19:17:65 | github.event.commits[11].committer.email | semmle.label | github.event.commits[11].committer.email |
+| .github/workflows/push_and_workflow_dispatch.yml:18:19:18:64 | github.event.commits[11].committer.name | semmle.label | github.event.commits[11].committer.name |
 | .github/workflows/reusable-workflow-1.yml:6:7:6:11 | input taint | semmle.label | input taint |
 | .github/workflows/reusable-workflow-1.yml:36:21:36:39 | inputs.taint | semmle.label | inputs.taint |
 | .github/workflows/reusable-workflow-1.yml:44:19:44:56 | github.event.pull_request.title | semmle.label | github.event.pull_request.title |

actions/ql/test/query-tests/Security/CWE-094/CodeInjectionMedium.expected

@@ -435,6 +435,16 @@ nodes
 | .github/workflows/push.yml:14:19:14:64 | github.event.head_commit.committer.name | semmle.label | github.event.head_commit.committer.name |
 | .github/workflows/push.yml:15:19:15:65 | github.event.commits[11].committer.email | semmle.label | github.event.commits[11].committer.email |
 | .github/workflows/push.yml:16:19:16:64 | github.event.commits[11].committer.name | semmle.label | github.event.commits[11].committer.name |
+| .github/workflows/push_and_workflow_dispatch.yml:9:19:9:57 | github.event.commits[11].message | semmle.label | github.event.commits[11].message |
+| .github/workflows/push_and_workflow_dispatch.yml:10:19:10:62 | github.event.commits[11].author.email | semmle.label | github.event.commits[11].author.email |
+| .github/workflows/push_and_workflow_dispatch.yml:11:19:11:61 | github.event.commits[11].author.name | semmle.label | github.event.commits[11].author.name |
+| .github/workflows/push_and_workflow_dispatch.yml:12:19:12:57 | github.event.head_commit.message | semmle.label | github.event.head_commit.message |
+| .github/workflows/push_and_workflow_dispatch.yml:13:19:13:62 | github.event.head_commit.author.email | semmle.label | github.event.head_commit.author.email |
+| .github/workflows/push_and_workflow_dispatch.yml:14:19:14:61 | github.event.head_commit.author.name | semmle.label | github.event.head_commit.author.name |
+| .github/workflows/push_and_workflow_dispatch.yml:15:19:15:65 | github.event.head_commit.committer.email | semmle.label | github.event.head_commit.committer.email |
+| .github/workflows/push_and_workflow_dispatch.yml:16:19:16:64 | github.event.head_commit.committer.name | semmle.label | github.event.head_commit.committer.name |
+| .github/workflows/push_and_workflow_dispatch.yml:17:19:17:65 | github.event.commits[11].committer.email | semmle.label | github.event.commits[11].committer.email |
+| .github/workflows/push_and_workflow_dispatch.yml:18:19:18:64 | github.event.commits[11].committer.name | semmle.label | github.event.commits[11].committer.name |
 | .github/workflows/reusable-workflow-1.yml:6:7:6:11 | input taint | semmle.label | input taint |
 | .github/workflows/reusable-workflow-1.yml:36:21:36:39 | inputs.taint | semmle.label | inputs.taint |
 | .github/workflows/reusable-workflow-1.yml:44:19:44:56 | github.event.pull_request.title | semmle.label | github.event.pull_request.title |
@@ -719,6 +729,16 @@ subpaths
 | .github/workflows/push.yml:14:19:14:64 | github.event.head_commit.committer.name | .github/workflows/push.yml:14:19:14:64 | github.event.head_commit.committer.name | .github/workflows/push.yml:14:19:14:64 | github.event.head_commit.committer.name | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push.yml:14:19:14:64 | github.event.head_commit.committer.name | ${{ github.event.head_commit.committer.name }} |
 | .github/workflows/push.yml:15:19:15:65 | github.event.commits[11].committer.email | .github/workflows/push.yml:15:19:15:65 | github.event.commits[11].committer.email | .github/workflows/push.yml:15:19:15:65 | github.event.commits[11].committer.email | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push.yml:15:19:15:65 | github.event.commits[11].committer.email | ${{ github.event.commits[11].committer.email }} |
 | .github/workflows/push.yml:16:19:16:64 | github.event.commits[11].committer.name | .github/workflows/push.yml:16:19:16:64 | github.event.commits[11].committer.name | .github/workflows/push.yml:16:19:16:64 | github.event.commits[11].committer.name | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push.yml:16:19:16:64 | github.event.commits[11].committer.name | ${{ github.event.commits[11].committer.name }} |
+| .github/workflows/push_and_workflow_dispatch.yml:9:19:9:57 | github.event.commits[11].message | .github/workflows/push_and_workflow_dispatch.yml:9:19:9:57 | github.event.commits[11].message | .github/workflows/push_and_workflow_dispatch.yml:9:19:9:57 | github.event.commits[11].message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:9:19:9:57 | github.event.commits[11].message | ${{ github.event.commits[11].message }} |
+| .github/workflows/push_and_workflow_dispatch.yml:10:19:10:62 | github.event.commits[11].author.email | .github/workflows/push_and_workflow_dispatch.yml:10:19:10:62 | github.event.commits[11].author.email | .github/workflows/push_and_workflow_dispatch.yml:10:19:10:62 | github.event.commits[11].author.email | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:10:19:10:62 | github.event.commits[11].author.email | ${{ github.event.commits[11].author.email }} |
+| .github/workflows/push_and_workflow_dispatch.yml:11:19:11:61 | github.event.commits[11].author.name | .github/workflows/push_and_workflow_dispatch.yml:11:19:11:61 | github.event.commits[11].author.name | .github/workflows/push_and_workflow_dispatch.yml:11:19:11:61 | github.event.commits[11].author.name | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:11:19:11:61 | github.event.commits[11].author.name | ${{ github.event.commits[11].author.name }} |
+| .github/workflows/push_and_workflow_dispatch.yml:12:19:12:57 | github.event.head_commit.message | .github/workflows/push_and_workflow_dispatch.yml:12:19:12:57 | github.event.head_commit.message | .github/workflows/push_and_workflow_dispatch.yml:12:19:12:57 | github.event.head_commit.message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:12:19:12:57 | github.event.head_commit.message | ${{ github.event.head_commit.message }} |
+| .github/workflows/push_and_workflow_dispatch.yml:13:19:13:62 | github.event.head_commit.author.email | .github/workflows/push_and_workflow_dispatch.yml:13:19:13:62 | github.event.head_commit.author.email | .github/workflows/push_and_workflow_dispatch.yml:13:19:13:62 | github.event.head_commit.author.email | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:13:19:13:62 | github.event.head_commit.author.email | ${{ github.event.head_commit.author.email }} |
+| .github/workflows/push_and_workflow_dispatch.yml:14:19:14:61 | github.event.head_commit.author.name | .github/workflows/push_and_workflow_dispatch.yml:14:19:14:61 | github.event.head_commit.author.name | .github/workflows/push_and_workflow_dispatch.yml:14:19:14:61 | github.event.head_commit.author.name | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:14:19:14:61 | github.event.head_commit.author.name | ${{ github.event.head_commit.author.name }} |
+| .github/workflows/push_and_workflow_dispatch.yml:15:19:15:65 | github.event.head_commit.committer.email | .github/workflows/push_and_workflow_dispatch.yml:15:19:15:65 | github.event.head_commit.committer.email | .github/workflows/push_and_workflow_dispatch.yml:15:19:15:65 | github.event.head_commit.committer.email | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:15:19:15:65 | github.event.head_commit.committer.email | ${{ github.event.head_commit.committer.email }} |
+| .github/workflows/push_and_workflow_dispatch.yml:16:19:16:64 | github.event.head_commit.committer.name | .github/workflows/push_and_workflow_dispatch.yml:16:19:16:64 | github.event.head_commit.committer.name | .github/workflows/push_and_workflow_dispatch.yml:16:19:16:64 | github.event.head_commit.committer.name | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:16:19:16:64 | github.event.head_commit.committer.name | ${{ github.event.head_commit.committer.name }} |
+| .github/workflows/push_and_workflow_dispatch.yml:17:19:17:65 | github.event.commits[11].committer.email | .github/workflows/push_and_workflow_dispatch.yml:17:19:17:65 | github.event.commits[11].committer.email | .github/workflows/push_and_workflow_dispatch.yml:17:19:17:65 | github.event.commits[11].committer.email | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:17:19:17:65 | github.event.commits[11].committer.email | ${{ github.event.commits[11].committer.email }} |
+| .github/workflows/push_and_workflow_dispatch.yml:18:19:18:64 | github.event.commits[11].committer.name | .github/workflows/push_and_workflow_dispatch.yml:18:19:18:64 | github.event.commits[11].committer.name | .github/workflows/push_and_workflow_dispatch.yml:18:19:18:64 | github.event.commits[11].committer.name | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/push_and_workflow_dispatch.yml:18:19:18:64 | github.event.commits[11].committer.name | ${{ github.event.commits[11].committer.name }} |
 | .github/workflows/reusable-workflow-1.yml:36:21:36:39 | inputs.taint | .github/workflows/reusable-workflow-caller-1.yml:11:15:11:52 | github.event.pull_request.title | .github/workflows/reusable-workflow-1.yml:36:21:36:39 | inputs.taint | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/reusable-workflow-1.yml:36:21:36:39 | inputs.taint | ${{ inputs.taint }} |
 | .github/workflows/reusable-workflow-1.yml:53:26:53:39 | env.log | .github/workflows/reusable-workflow-1.yml:44:19:44:56 | github.event.pull_request.title | .github/workflows/reusable-workflow-1.yml:53:26:53:39 | env.log | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/reusable-workflow-1.yml:53:26:53:39 | env.log | ${{ env.log }} |
 | .github/workflows/reusable-workflow-1.yml:66:34:66:52 | env.prev_log | .github/workflows/reusable-workflow-1.yml:45:24:45:61 | github.event.changes.title.from | .github/workflows/reusable-workflow-1.yml:66:34:66:52 | env.prev_log | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/reusable-workflow-1.yml:66:34:66:52 | env.prev_log | ${{ env.prev_log }} |
@@ -729,6 +749,10 @@ subpaths
 | .github/workflows/test10.yml:333:34:333:77 | github.event.workflow_run.head_branch | .github/workflows/test10.yml:333:34:333:77 | github.event.workflow_run.head_branch | .github/workflows/test10.yml:333:34:333:77 | github.event.workflow_run.head_branch | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test10.yml:333:34:333:77 | github.event.workflow_run.head_branch | ${{ github.event.workflow_run.head_branch }} |
 | .github/workflows/test10.yml:423:34:423:77 | github.event.workflow_run.head_branch | .github/workflows/test10.yml:423:34:423:77 | github.event.workflow_run.head_branch | .github/workflows/test10.yml:423:34:423:77 | github.event.workflow_run.head_branch | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test10.yml:423:34:423:77 | github.event.workflow_run.head_branch | ${{ github.event.workflow_run.head_branch }} |
 | .github/workflows/test10.yml:518:34:518:77 | github.event.workflow_run.head_branch | .github/workflows/test10.yml:518:34:518:77 | github.event.workflow_run.head_branch | .github/workflows/test10.yml:518:34:518:77 | github.event.workflow_run.head_branch | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test10.yml:518:34:518:77 | github.event.workflow_run.head_branch | ${{ github.event.workflow_run.head_branch }} |
+| .github/workflows/test20.yml:15:54:15:94 | github.event.pull_request.head.ref | .github/workflows/test20.yml:15:54:15:94 | github.event.pull_request.head.ref | .github/workflows/test20.yml:15:54:15:94 | github.event.pull_request.head.ref | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test20.yml:15:54:15:94 | github.event.pull_request.head.ref | ${{ github.event.pull_request.head.ref }} |
+| .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | ${{ github.event.head_commit.message }} |
+| .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | ${{ github.event.head_commit.message }} |
+| .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | ${{ github.event.head_commit.message }} |
 | .github/workflows/workflow_run_branches1.yml:13:20:13:63 | github.event.workflow_run.head_branch | .github/workflows/workflow_run_branches1.yml:13:20:13:63 | github.event.workflow_run.head_branch | .github/workflows/workflow_run_branches1.yml:13:20:13:63 | github.event.workflow_run.head_branch | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/workflow_run_branches1.yml:13:20:13:63 | github.event.workflow_run.head_branch | ${{ github.event.workflow_run.head_branch }} |
 | .github/workflows/workflow_run_branches2.yml:13:20:13:63 | github.event.workflow_run.head_branch | .github/workflows/workflow_run_branches2.yml:13:20:13:63 | github.event.workflow_run.head_branch | .github/workflows/workflow_run_branches2.yml:13:20:13:63 | github.event.workflow_run.head_branch | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/workflow_run_branches2.yml:13:20:13:63 | github.event.workflow_run.head_branch | ${{ github.event.workflow_run.head_branch }} |
 | .github/workflows/workflow_run_branches4.yml:13:20:13:63 | github.event.workflow_run.head_branch | .github/workflows/workflow_run_branches4.yml:13:20:13:63 | github.event.workflow_run.head_branch | .github/workflows/workflow_run_branches4.yml:13:20:13:63 | github.event.workflow_run.head_branch | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/workflow_run_branches4.yml:13:20:13:63 | github.event.workflow_run.head_branch | ${{ github.event.workflow_run.head_branch }} |

config/identical-files.json

@@ -282,6 +282,7 @@
     "java/ql/lib/semmle/code/java/internal/OverlayXml.qll",
     "go/ql/lib/semmle/go/internal/OverlayXml.qll",
     "python/ql/lib/semmle/python/internal/OverlayXml.qll",
-    "csharp/ql/lib/semmle/code/csharp/internal/OverlayXml.qll"
+    "csharp/ql/lib/semmle/code/csharp/internal/OverlayXml.qll",
+    "cpp/ql/lib/semmle/code/cpp/internal/OverlayXml.qll"
   ]
 }

cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowSummaryImpl.qll

@@ -148,6 +148,19 @@ module SourceSinkInterpretationInput implements
     )
   }
 
+  predicate barrierElement(
+    Element n, string output, string kind, Public::Provenance provenance, string model
+  ) {
+    none()
+  }
+
+  predicate barrierGuardElement(
+    Element n, string input, Public::AcceptingValue acceptingvalue, string kind,
+    Public::Provenance provenance, string model
+  ) {
+    none()
+  }
+
   private newtype TInterpretNode =
     TElement_(Element n) or
     TNode_(Node n)

cpp/ql/lib/semmle/code/cpp/internal/Overlay.qll

@@ -2,6 +2,8 @@
  * Defines entity discard predicates for C++ overlay analysis.
  */
 
+private import OverlayXml
+
 /**
  * Holds always for the overlay variant and never for the base variant.
  * This local predicate is used to define local predicates that behave
@@ -20,9 +22,21 @@ private string getLocationFilePath(@location_default loc) {
  */
 overlay[local]
 private string getSingleLocationFilePath(@element e) {
-  // @var_decl has a direct location in the var_decls relation
+  exists(@location_default loc |
-  exists(@location_default loc | var_decls(e, _, _, _, loc) | result = getLocationFilePath(loc))
+    var_decls(e, _, _, _, loc)
-  //TODO: add other kinds of elements with single locations
+    or
+    fun_decls(e, _, _, _, loc)
+    or
+    type_decls(e, _, loc)
+    or
+    namespace_decls(e, _, loc, _)
+    or
+    macroinvocations(e, _, loc, _)
+    or
+    preprocdirects(e, _, loc)
+  |
+    result = getLocationFilePath(loc)
+  )
 }
 
 /**
@@ -30,11 +44,17 @@ private string getSingleLocationFilePath(@element e) {
  */
 overlay[local]
 private string getMultiLocationFilePath(@element e) {
-  // @variable gets its location(s) from its @var_decl(s)
+  exists(@location_default loc |
-  exists(@var_decl vd, @location_default loc | var_decls(vd, e, _, _, loc) |
+    exists(@var_decl vd | var_decls(vd, e, _, _, loc))
+    or
+    exists(@fun_decl fd | fun_decls(fd, e, _, _, loc))
+    or
+    exists(@type_decl td | type_decls(td, e, loc))
+    or
+    exists(@namespace_decl nd | namespace_decls(nd, e, loc, _))
+  |
     result = getLocationFilePath(loc)
   )
-  //TODO: add other kinds of elements with multiple locations
 }
 
 /**

cpp/ql/lib/semmle/code/cpp/internal/OverlayXml.qll

@@ -0,0 +1,46 @@
+overlay[local]
+module;
+
+/**
+ * A local predicate that always holds for the overlay variant and never holds for the base variant.
+ * This is used to define local predicates that behave differently for the base and overlay variant.
+ */
+private predicate isOverlay() { databaseMetadata("isOverlay", "true") }
+
+private string getXmlFile(@xmllocatable locatable) {
+  exists(@location_default location, @file file | xmllocations(locatable, location) |
+    locations_default(location, file, _, _, _, _) and
+    files(file, result)
+  )
+}
+
+private string getXmlFileInBase(@xmllocatable locatable) {
+  not isOverlay() and
+  result = getXmlFile(locatable)
+}
+
+/**
+ * Holds if the given `file` was extracted as part of the overlay and was extracted by the HTML/XML
+ * extractor.
+ */
+private predicate overlayXmlExtracted(string file) {
+  isOverlay() and
+  exists(@xmllocatable locatable |
+    not files(locatable, _) and not xmlNs(locatable, _, _, _) and file = getXmlFile(locatable)
+  )
+}
+
+/**
+ * Holds if the given XML `locatable` should be discarded, because it is part of the overlay base
+ * and is in a file that was also extracted as part of the overlay database.
+ */
+overlay[discard_entity]
+private predicate discardXmlLocatable(@xmllocatable locatable) {
+  exists(string file | file = getXmlFileInBase(locatable) |
+    overlayChangedFiles(file)
+    or
+    // The HTML/XML extractor is currently not incremental and may extract more files than those
+    // included in overlayChangedFiles.
+    overlayXmlExtracted(file)
+  )
+}

cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll

@@ -1051,12 +1051,12 @@ module BarrierGuardWithIntParam<guardChecksNodeSig/4 guardChecksNode> {
   }
 
   private predicate guardChecksInstr(
-    IRGuards::Guards_v1::Guard g, IRGuards::GuardsInput::Expr instr, boolean branch,
+    IRGuards::Guards_v1::Guard g, IRGuards::GuardsInput::Expr instr, IRGuards::GuardValue gv,
     int indirectionIndex
   ) {
     exists(Node node |
       nodeHasInstruction(node, instr, indirectionIndex) and
-      guardChecksNode(g, node, branch, indirectionIndex)
+      guardChecksNode(g, node, gv.asBooleanValue(), indirectionIndex)
     )
   }
 
@@ -1064,8 +1064,8 @@ module BarrierGuardWithIntParam<guardChecksNodeSig/4 guardChecksNode> {
     DataFlowIntegrationInput::Guard g, SsaImpl::Definition def, IRGuards::GuardValue val,
     int indirectionIndex
   ) {
-    IRGuards::Guards_v1::ValidationWrapperWithState<int, guardChecksInstr/4>::guardChecksDef(g, def,
+    IRGuards::Guards_v1::ParameterizedValidationWrapper<int, guardChecksInstr/4>::guardChecksDef(g,
-      val, indirectionIndex)
+      def, val, indirectionIndex)
   }
 
   Node getABarrierNode(int indirectionIndex) {

cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll

@@ -10,7 +10,7 @@ import ExternalAPIsSpecific
 
 /** A node representing untrusted data being passed to an external API. */
 class UntrustedExternalApiDataNode extends ExternalApiDataNode {
-  UntrustedExternalApiDataNode() { UntrustedDataToExternalApiFlow::flow(_, this) }
+  UntrustedExternalApiDataNode() { UntrustedDataToExternalApiFlow::flowTo(this) }
 
   /** Gets a source of untrusted data which is passed to this external API data node. */
   DataFlow::Node getAnUntrustedSource() { UntrustedDataToExternalApiFlow::flow(result, this) }

cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll

@@ -10,7 +10,7 @@ import ExternalAPIsSpecific
 
 /** A node representing untrusted data being passed to an external API. */
 class UntrustedExternalApiDataNode extends ExternalApiDataNode {
-  UntrustedExternalApiDataNode() { UntrustedDataToExternalApiFlow::flow(_, this) }
+  UntrustedExternalApiDataNode() { UntrustedDataToExternalApiFlow::flowTo(this) }
 
   /** Gets a source of untrusted data which is passed to this external API data node. */
   DataFlow::Node getAnUntrustedSource() { UntrustedDataToExternalApiFlow::flow(result, this) }

cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql

@@ -263,7 +263,7 @@ module FromSensitiveFlow = TaintTracking::Global<FromSensitiveConfig>;
  * A taint flow configuration for flow from a sensitive expression to an encryption operation.
  */
 module ToEncryptionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { FromSensitiveFlow::flow(source, _) }
+  predicate isSource(DataFlow::Node source) { FromSensitiveFlow::flowFrom(source) }
 
   predicate isSink(DataFlow::Node sink) { isSinkEncrypt(sink, _) }
 
@@ -311,7 +311,7 @@ where
   FromSensitiveFlow::flowPath(source, sink) and
   isSinkSendRecv(sink.getNode(), networkSendRecv) and
   // no flow from sensitive -> evidence of encryption
-  not ToEncryptionFlow::flow(source.getNode(), _) and
+  not ToEncryptionFlow::flowFrom(source.getNode()) and
   not FromEncryptionFlow::flowTo(sink.getNode()) and
   // construct result
   if networkSendRecv instanceof NetworkSend

cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql

@@ -129,7 +129,7 @@ module PointerArithmeticToDerefFlow = DataFlow::Global<PointerArithmeticToDerefC
 
 predicate pointerArithOverflow(PointerArithmeticInstruction pai, int delta) {
   pointerArithOverflow0(pai, delta) and
-  PointerArithmeticToDerefFlow::flow(DataFlow::instructionNode(pai), _)
+  PointerArithmeticToDerefFlow::flowFrom(DataFlow::instructionNode(pai))
 }
 
 bindingset[v]

csharp/.config/dotnet-tools.json

@@ -3,7 +3,7 @@
   "isRoot": true,
   "tools": {
     "paket": {
-      "version": "9.0.2",
+      "version": "10.0.0-alpha011",
       "commands": [
         "paket"
       ]

csharp/.vscode/launch.json

@@ -6,7 +6,7 @@
             "type": "coreclr",
             "request": "launch",
             "preLaunchTask": "dotnet: build",
-            "program": "${workspaceFolder}/extractor/Semmle.Extraction.CSharp.Standalone/bin/Debug/net9.0/Semmle.Extraction.CSharp.Standalone.dll",
+            "program": "${workspaceFolder}/extractor/Semmle.Extraction.CSharp.Standalone/bin/Debug/net10.0/Semmle.Extraction.CSharp.Standalone.dll",
             "args": [],
             // Set the path to the folder that should be extracted:
             "cwd": "${workspaceFolder}/ql/test/library-tests/standalone/standalonemode",
@@ -35,7 +35,7 @@
             "type": "coreclr",
             "request": "launch",
             "preLaunchTask": "dotnet: build",
-            "program": "${workspaceFolder}/autobuilder/Semmle.Autobuild.CSharp/bin/Debug/net9.0/Semmle.Autobuild.CSharp.dll",
+            "program": "${workspaceFolder}/autobuilder/Semmle.Autobuild.CSharp/bin/Debug/net10.0/Semmle.Autobuild.CSharp.dll",
             // Set the path to the folder that should be extracted:
             "cwd": "${workspaceFolder}/ql/integration-tests/all-platforms/autobuild",
             "stopAtEntry": true,
@@ -53,7 +53,7 @@
             "type": "coreclr",
             "request": "launch",
             "preLaunchTask": "dotnet: build",
-            "program": "${workspaceFolder}/extractor/Semmle.Extraction.CSharp.Driver/bin/Debug/net9.0/Semmle.Extraction.CSharp.Driver.dll",
+            "program": "${workspaceFolder}/extractor/Semmle.Extraction.CSharp.Driver/bin/Debug/net10.0/Semmle.Extraction.CSharp.Driver.dll",
             "stopAtEntry": true,
             "args": [
                 "--binlog",
@@ -66,7 +66,7 @@
             "type": "coreclr",
             "request": "launch",
             "preLaunchTask": "dotnet: build",
-            "program": "${workspaceFolder}/extractor/Semmle.Extraction.CSharp.Driver/bin/Debug/net9.0/Semmle.Extraction.CSharp.Driver.dll",
+            "program": "${workspaceFolder}/extractor/Semmle.Extraction.CSharp.Driver/bin/Debug/net10.0/Semmle.Extraction.CSharp.Driver.dll",
             // Set the path to the folder that should be extracted:
             "cwd": "${workspaceFolder}/ql/test/library-tests/dataflow/local",
             "args": [

csharp/Directory.Build.props

@@ -1,7 +1,7 @@
 <Project>
 
   <PropertyGroup>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <RuntimeIdentifiers>win-x64;linux-x64;osx-x64</RuntimeIdentifiers>
     <Nullable>enable</Nullable>
     <AllowUnsafeBlocks>true</AllowUnsafeBlocks>

csharp/actions/create-extractor-pack/action.yml

@@ -7,7 +7,7 @@ runs:
     - name: Setup dotnet
       uses: actions/setup-dotnet@v4
       with:
-        dotnet-version: 9.0.300
+        dotnet-version: 10.0.100
     - name: Build Extractor
       shell: bash
       run: scripts/create-extractor-pack.sh

csharp/autobuilder/Semmle.Autobuild.CSharp.Tests/BUILD.bazel

@@ -13,6 +13,5 @@ codeql_xunit_test(
         "//csharp/autobuilder/Semmle.Autobuild.CSharp:bin/Semmle.Autobuild.CSharp",
         "//csharp/autobuilder/Semmle.Autobuild.Shared",
         "@paket.main//microsoft.net.test.sdk",
-        "@paket.main//system.io.filesystem",
     ],
 )

csharp/autobuilder/Semmle.Autobuild.CSharp.Tests/paket.references

@@ -1,4 +1,3 @@
-System.IO.FileSystem
 xunit
 xunit.runner.visualstudio
 Microsoft.NET.Test.Sdk

csharp/autobuilder/Semmle.Autobuild.CSharp/DotNetRule.cs

@@ -48,7 +48,7 @@ namespace Semmle.Autobuild.CSharp
                 {
                     // When a custom .NET CLI has been installed, `dotnet --info` has already been executed
                     // to verify the installation.
-                    var ret = dotNetPath is null ? GetInfoCommand(builder.Actions, dotNetPath, environment) : BuildScript.Success;
+                    var ret = dotNetPath is null ? DotNet.InfoScript(builder.Actions, DotNetCommand(builder.Actions, dotNetPath), environment, builder.Logger) : BuildScript.Success;
                     foreach (var projectOrSolution in builder.ProjectsOrSolutionsToBuild)
                     {
                         var cleanCommand = GetCleanCommand(builder.Actions, dotNetPath, environment);
@@ -111,14 +111,6 @@ namespace Semmle.Autobuild.CSharp
         private static string DotNetCommand(IBuildActions actions, string? dotNetPath) =>
             dotNetPath is not null ? actions.PathCombine(dotNetPath, "dotnet") : "dotnet";
 
-        private static BuildScript GetInfoCommand(IBuildActions actions, string? dotNetPath, IDictionary<string, string>? environment)
-        {
-            var info = new CommandBuilder(actions, null, environment).
-                RunCommand(DotNetCommand(actions, dotNetPath)).
-                Argument("--info");
-            return info.Script;
-        }
-
         private static CommandBuilder GetCleanCommand(IBuildActions actions, string? dotNetPath, IDictionary<string, string>? environment)
         {
             var clean = new CommandBuilder(actions, null, environment).

csharp/autobuilder/Semmle.Autobuild.Cpp.Tests/BUILD.bazel

@@ -13,6 +13,5 @@ codeql_xunit_test(
         "//csharp/autobuilder/Semmle.Autobuild.Cpp:bin/Semmle.Autobuild.Cpp",
         "//csharp/autobuilder/Semmle.Autobuild.Shared",
         "@paket.main//microsoft.net.test.sdk",
-        "@paket.main//system.io.filesystem",
     ],
 )

csharp/autobuilder/Semmle.Autobuild.Cpp.Tests/paket.references

@@ -1,4 +1,3 @@
-System.IO.FileSystem
 xunit
 xunit.runner.visualstudio
 Microsoft.NET.Test.Sdk

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/BUILD.bazel

@@ -16,5 +16,6 @@ codeql_csharp_library(
         "//csharp/extractor/Semmle.Extraction.CSharp",
         "//csharp/extractor/Semmle.Util",
         "@paket.main//newtonsoft.json",
+        "@paket.main//nuget.versioning",
     ],
 )

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DependencyManager.cs

@@ -283,7 +283,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             {
                 foreach (var fp in frameworkPaths)
                 {
-                    dotnetFrameworkVersionVariantCount += NugetPackageRestorer.GetOrderedPackageVersionSubDirectories(fp.Path!).Length;
+                    dotnetFrameworkVersionVariantCount += nugetPackageRestorer.GetOrderedPackageVersionSubDirectories(fp.Path!).Length;
                 }
 
                 var folder = nugetPackageRestorer.GetNewestNugetPackageVersionFolder(frameworkPath.Path, ".NET Framework");

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DotNet.cs

@@ -3,6 +3,7 @@ using System.Collections.Generic;
 using System.Collections.ObjectModel;
 using System.IO;
 using System.Linq;
+using System.Threading;
 using Newtonsoft.Json.Linq;
 
 using Semmle.Util;
@@ -36,12 +37,29 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
 
         public static IDotNet Make(ILogger logger, string? dotNetPath, TemporaryDirectory tempWorkingDirectory, DependabotProxy? dependabotProxy) => new DotNet(logger, dotNetPath, tempWorkingDirectory, dependabotProxy);
 
+        private static void HandleRetryExitCode143(string dotnet, int attempt, ILogger logger)
+        {
+            logger.LogWarning($"Running '{dotnet} --info' failed with exit code 143. Retrying...");
+            var sleep = Math.Pow(2, attempt) * 1000;
+            Thread.Sleep((int)sleep);
+        }
+
         private void Info()
         {
-            var res = dotnetCliInvoker.RunCommand("--info", silent: false);
+            // Allow up to four attempts (with up to three retries) to run `dotnet --info`, to mitigate transient issues
-            if (!res)
+            for (int attempt = 0; attempt < 4; attempt++)
             {
-                throw new Exception($"{dotnetCliInvoker.Exec} --info failed.");
+                var exitCode = dotnetCliInvoker.RunCommandExitCode("--info", silent: false);
+                switch (exitCode)
+                {
+                    case 0:
+                        return;
+                    case 143 when attempt < 3:
+                        HandleRetryExitCode143(dotnetCliInvoker.Exec, attempt, logger);
+                        continue;
+                    default:
+                        throw new Exception($"{dotnetCliInvoker.Exec} --info failed with exit code {exitCode}.");
+                }
             }
         }
 
@@ -59,7 +77,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
                     Directory.CreateDirectory(path);
                 }
 
-                args += $" /p:TargetFrameworkRootPath=\"{path}\" /p:NetCoreTargetingPackRoot=\"{path}\"";
+                args += $" /p:TargetFrameworkRootPath=\"{path}\" /p:NetCoreTargetingPackRoot=\"{path}\" /p:AllowMissingPrunePackageData=true";
             }
 
             if (restoreSettings.PathToNugetConfig != null)
@@ -139,7 +157,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         }
 
         // The version number should be kept in sync with the version .NET version used for building the application.
-        public const string LatestDotNetSdkVersion = "9.0.300";
+        public const string LatestDotNetSdkVersion = "10.0.100";
 
         public static ReadOnlyDictionary<string, string> MinimalEnvironment => IDotNetCliInvoker.MinimalEnvironment;
 
@@ -193,6 +211,35 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             return BuildScript.Failure;
         }
 
+        /// <summary>
+        /// Returns a script for running `dotnet --info`, with retries on exit code 143.
+        /// </summary>
+        public static BuildScript InfoScript(IBuildActions actions, string dotnet, IDictionary<string, string>? environment, ILogger logger)
+        {
+            var info = new CommandBuilder(actions, null, environment).
+                RunCommand(dotnet).
+                Argument("--info");
+            var script = info.Script;
+            for (var attempt = 0; attempt < 4; attempt++)
+            {
+                var attemptCopy = attempt; // Capture in local variable
+                script = BuildScript.Bind(script, ret =>
+                    {
+                        switch (ret)
+                        {
+                            case 0:
+                                return BuildScript.Success;
+                            case 143 when attemptCopy < 3:
+                                HandleRetryExitCode143(dotnet, attemptCopy, logger);
+                                return info.Script;
+                            default:
+                                return BuildScript.Failure;
+                        }
+                    });
+            }
+            return script;
+        }
+
         /// <summary>
         /// Returns a script for downloading specific .NET SDK versions, if the
         /// versions are not already installed.
@@ -292,9 +339,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
                     };
                 }
 
-                var dotnetInfo = new CommandBuilder(actions, environment: MinimalEnvironment).
+                var dotnetInfo = InfoScript(actions, actions.PathCombine(path, "dotnet"), MinimalEnvironment.ToDictionary(), logger);
-                    RunCommand(actions.PathCombine(path, "dotnet")).
-                    Argument("--info").Script;
 
                 Func<string, BuildScript> getInstallAndVerify = version =>
                     // run `dotnet --info` after install, to check that it executes successfully

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DotNetCliInvoker.cs

@@ -57,15 +57,21 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             return startInfo;
         }
 
-        private bool RunCommandAux(string args, string? workingDirectory, out IList<string> output, bool silent)
+        private int RunCommandExitCodeAux(string args, string? workingDirectory, out IList<string> output, out string dirLog, bool silent)
         {
-            var dirLog = string.IsNullOrWhiteSpace(workingDirectory) ? "" : $" in {workingDirectory}";
+            dirLog = string.IsNullOrWhiteSpace(workingDirectory) ? "" : $" in {workingDirectory}";
             var pi = MakeDotnetStartInfo(args, workingDirectory);
             var threadId = Environment.CurrentManagedThreadId;
             void onOut(string s) => logger.Log(silent ? Severity.Debug : Severity.Info, s, threadId);
             void onError(string s) => logger.LogError(s, threadId);
             logger.LogInfo($"Running '{Exec} {args}'{dirLog}");
             var exitCode = pi.ReadOutput(out output, onOut, onError);
+            return exitCode;
+        }
+
+        private bool RunCommandAux(string args, string? workingDirectory, out IList<string> output, bool silent)
+        {
+            var exitCode = RunCommandExitCodeAux(args, workingDirectory, out output, out var dirLog, silent);
             if (exitCode != 0)
             {
                 logger.LogError($"Command '{Exec} {args}'{dirLog} failed with exit code {exitCode}");
@@ -77,6 +83,9 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         public bool RunCommand(string args, bool silent = true) =>
             RunCommandAux(args, null, out _, silent);
 
+        public int RunCommandExitCode(string args, bool silent = true) =>
+            RunCommandExitCodeAux(args, null, out _, out _, silent);
+
         public bool RunCommand(string args, out IList<string> output, bool silent = true) =>
             RunCommandAux(args, null, out output, silent);
 

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DotNetVersion.cs

@@ -1,24 +1,16 @@
 using System;
 using System.IO;
+using NuGet.Versioning;
 
 namespace Semmle.Extraction.CSharp.DependencyFetching
 {
     internal record DotNetVersion : IComparable<DotNetVersion>
     {
         private readonly string dir;
-        private readonly Version version;
+        private readonly NuGetVersion version;
-        private readonly Version? preReleaseVersion;
-        private readonly string? preReleaseVersionType;
-        private bool IsPreRelease => preReleaseVersionType is not null && preReleaseVersion is not null;
 
-        private string FullVersion
+        private string FullVersion =>
-        {
+            version.ToString();
-            get
-            {
-                var preRelease = IsPreRelease ? $"-{preReleaseVersionType}.{preReleaseVersion}" : "";
-                return this.version + preRelease;
-            }
-        }
 
         public string FullPath => Path.Combine(dir, FullVersion);
 
@@ -48,37 +40,14 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         }
 
 
-        public DotNetVersion(string dir, string version, string preReleaseVersionType, string preReleaseVersion)
+        public DotNetVersion(string dir, NuGetVersion version)
         {
             this.dir = dir;
-            this.version = Version.Parse(version);
+            this.version = version;
-            if (!string.IsNullOrEmpty(preReleaseVersion) && !string.IsNullOrEmpty(preReleaseVersionType))
-            {
-                this.preReleaseVersionType = preReleaseVersionType;
-                this.preReleaseVersion = Version.Parse(preReleaseVersion);
-            }
         }
 
-        public int CompareTo(DotNetVersion? other)
+        public int CompareTo(DotNetVersion? other) =>
-        {
+            version.CompareTo(other?.version);
-            var c = version.CompareTo(other?.version);
-            if (c == 0 && IsPreRelease)
-            {
-                if (!other!.IsPreRelease)
-                {
-                    return -1;
-                }
-
-                // Both are pre-release like runtime versions.
-                // The pre-release version types are sorted alphabetically (e.g. alpha, beta, preview, rc)
-                // and the pre-release version types are more important that the pre-release version numbers.
-                return preReleaseVersionType != other!.preReleaseVersionType
-                    ? preReleaseVersionType!.CompareTo(other!.preReleaseVersionType)
-                    : preReleaseVersion!.CompareTo(other!.preReleaseVersion);
-            }
-
-            return c;
-        }
 
         public override string ToString() => FullPath;
     }

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FilePathFilter.cs

@@ -55,12 +55,12 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
                 }
                 else
                 {
-                    logger.LogInfo($"Invalid filter: {filter}");
+                    logger.LogWarning($"Invalid filter: {filter}");
                     continue;
                 }
 
                 var regex = new FilePattern(filterText).RegexPattern;
-                logger.LogInfo($"Filtering {(include ? "in" : "out")} files matching '{regex}'. Original glob filter: '{filter}'");
+                logger.LogDebug($"Filtering {(include ? "in" : "out")} files matching '{regex}'. Original glob filter: '{filter}'");
                 pathFilters.Add(new PathFilter(new Regex(regex, RegexOptions.IgnoreCase | RegexOptions.Compiled | RegexOptions.Singleline), include));
             }
 
@@ -91,7 +91,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
 
                 if (!include)
                 {
-                    logger.LogInfo($"Excluding '{f.FileInfo.FullName}'");
+                    logger.LogDebug($"Excluding '{f.FileInfo.FullName}'");
                 }
 
                 return include;

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/IDotNetCliInvoker.cs

@@ -30,6 +30,12 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
         /// </summary>
         bool RunCommand(string args, bool silent = true);
 
+        /// <summary>
+        /// Execute `dotnet <paramref name="args"/>` and return the exit code.
+        /// If `silent` is true the output of the command is logged as `debug` otherwise as `info`.
+        /// </summary>
+        int RunCommandExitCode(string args, bool silent = true);
+
         /// <summary>
         /// Execute `dotnet <paramref name="args"/>` and return true if the command succeeded, otherwise false.
         /// The output of the command is returned in `output`.

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackageRestorer.cs

@@ -10,6 +10,7 @@ using System.Text;
 using System.Text.RegularExpressions;
 using System.Threading;
 using System.Threading.Tasks;
+using NuGet.Versioning;
 using Semmle.Util;
 using Semmle.Util.Logging;
 
@@ -87,11 +88,22 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             return selectedFrameworkFolder;
         }
 
-        public static DirectoryInfo[] GetOrderedPackageVersionSubDirectories(string packagePath)
+        public DirectoryInfo[] GetOrderedPackageVersionSubDirectories(string packagePath)
         {
+            // Only consider directories with valid NuGet version names.
             return new DirectoryInfo(packagePath)
                 .EnumerateDirectories("*", new EnumerationOptions { MatchCasing = MatchCasing.CaseInsensitive, RecurseSubdirectories = false })
-                .OrderByDescending(d => d.Name) // TODO: Improve sorting to handle pre-release versions.
+                .SelectMany(d =>
+                {
+                    if (NuGetVersion.TryParse(d.Name, out var version))
+                    {
+                        return new[] { new { Directory = d, NuGetVersion = version } };
+                    }
+                    logger.LogInfo($"Ignoring package directory '{d.FullName}' as it does not have a valid NuGet version name.");
+                    return [];
+                })
+                .OrderByDescending(dw => dw.NuGetVersion)
+                .Select(dw => dw.Directory)
                 .ToArray();
         }
 

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/Runtime.cs

@@ -4,6 +4,7 @@ using System.IO;
 using System.Linq;
 using System.Runtime.InteropServices;
 using System.Text.RegularExpressions;
+using NuGet.Versioning;
 using Semmle.Util;
 using Semmle.Util.Logging;
 
@@ -27,7 +28,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             this.newestRuntimes = new(GetNewestRuntimes);
         }
 
-        [GeneratedRegex(@"^(\S+)\s(\d+\.\d+\.\d+)(-([a-z]+)\.(\d+\.\d+\.\d+))?\s\[(.+)\]$")]
+        [GeneratedRegex(@"^(\S+)\s(\d+\.\d+\.\d+(-[a-z]+\.\d+\.\d+\.\d+)?)\s\[(.+)\]$")]
         private static partial Regex RuntimeRegex();
 
         /// <summary>
@@ -44,9 +45,9 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             listed.ForEach(r =>
             {
                 var match = regex.Match(r);
-                if (match.Success)
+                if (match.Success && NuGetVersion.TryParse(match.Groups[2].Value, out var version))
                 {
-                    runtimes.AddOrUpdateToLatest(match.Groups[1].Value, new DotNetVersion(match.Groups[6].Value, match.Groups[2].Value, match.Groups[4].Value, match.Groups[5].Value));
+                    runtimes.AddOrUpdateToLatest(match.Groups[1].Value, new DotNetVersion(match.Groups[4].Value, version));
                 }
             });
 

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/Sdk.cs

@@ -3,6 +3,7 @@ using System.Collections.Generic;
 using System.IO;
 using System.Linq;
 using System.Text.RegularExpressions;
+using NuGet.Versioning;
 using Semmle.Util;
 using Semmle.Util.Logging;
 
@@ -27,7 +28,7 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             cscPath = new Lazy<string?>(GetCscPath);
         }
 
-        [GeneratedRegex(@"^(\d+\.\d+\.\d+)(-([a-z]+)\.(\d+\.\d+\.\d+))?\s\[(.+)\]$")]
+        [GeneratedRegex(@"^(\d+\.\d+\.\d+(-[a-z]+\.\d+\.\d+\.\d+)?)\s\[(.+)\]$")]
         private static partial Regex SdkRegex();
 
         private static HashSet<DotNetVersion> ParseSdks(IList<string> listed)
@@ -37,9 +38,9 @@ namespace Semmle.Extraction.CSharp.DependencyFetching
             listed.ForEach(r =>
             {
                 var match = regex.Match(r);
-                if (match.Success)
+                if (match.Success && NuGetVersion.TryParse(match.Groups[1].Value, out var version))
                 {
-                    sdks.Add(new DotNetVersion(match.Groups[5].Value, match.Groups[1].Value, match.Groups[3].Value, match.Groups[4].Value));
+                    sdks.Add(new DotNetVersion(match.Groups[3].Value, version));
                 }
             });
 

csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/paket.references

@@ -1 +1,2 @@
 Newtonsoft.Json
+NuGet.Versioning

csharp/extractor/Semmle.Extraction.CSharp.DependencyStubGenerator/Semmle.Extraction.CSharp.DependencyStubGenerator.csproj

@@ -2,7 +2,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <AssemblyName>Semmle.Extraction.CSharp.DependencyStubGenerator</AssemblyName>
     <RootNamespace>Semmle.Extraction.CSharp.DependencyStubGenerator</RootNamespace>
     <ImplicitUsings>enable</ImplicitUsings>

csharp/extractor/Semmle.Extraction.CSharp.Standalone/paket.references

@@ -1,5 +1 @@
 Microsoft.Build
-Microsoft.Win32.Primitives
-System.Net.Primitives
-System.Security.Principal
-System.Threading.ThreadPool

csharp/extractor/Semmle.Extraction.CSharp/Entities/Constructor.cs

@@ -74,6 +74,7 @@ namespace Semmle.Extraction.CSharp.Entities
                 {
                     case SyntaxKind.BaseConstructorInitializer:
                         initializerType = Symbol.ContainingType.BaseType!;
+                        ExtractObjectInitCall(trapFile);
                         break;
                     case SyntaxKind.ThisConstructorInitializer:
                         initializerType = Symbol.ContainingType;
@@ -90,10 +91,12 @@ namespace Semmle.Extraction.CSharp.Entities
                 var primaryInfo = Context.GetSymbolInfo(primaryInitializer);
                 var primarySymbol = primaryInfo.Symbol;
 
+                ExtractObjectInitCall(trapFile);
                 ExtractSourceInitializer(trapFile, primarySymbol?.ContainingType, (IMethodSymbol?)primarySymbol, primaryInitializer.ArgumentList, primaryInitializer.GetLocation());
             }
             else if (Symbol.MethodKind is MethodKind.Constructor)
             {
+                ExtractObjectInitCall(trapFile);
                 var baseType = Symbol.ContainingType.BaseType;
                 if (baseType is null)
                 {
@@ -127,6 +130,27 @@ namespace Semmle.Extraction.CSharp.Entities
             }
         }
 
+        private void ExtractObjectInitCall(TextWriter trapFile)
+        {
+            var target = ObjectInitMethod.Create(Context, ContainingType!);
+
+            var type = Context.Compilation.GetSpecialType(SpecialType.System_Void);
+
+            var info = new ExpressionInfo(Context,
+                AnnotatedTypeSymbol.CreateNotAnnotated(type),
+                Location,
+                Kinds.ExprKind.METHOD_INVOCATION,
+                this,
+                -2,
+                isCompilerGenerated: true,
+                null);
+            var obinitCall = new Expression(info);
+
+            trapFile.expr_call(obinitCall, target);
+
+            Expressions.This.CreateImplicit(Context, Symbol.ContainingType, Location, obinitCall, -1);
+        }
+
         private void ExtractSourceInitializer(TextWriter trapFile, ITypeSymbol? type, IMethodSymbol? symbol, ArgumentListSyntax arguments, Microsoft.CodeAnalysis.Location location)
         {
             var initInfo = new ExpressionInfo(Context,

csharp/extractor/Semmle.Extraction.CSharp/Entities/IMethodEntity.cs

@@ -0,0 +1,9 @@
+namespace Semmle.Extraction.CSharp.Entities
+{
+    /// <summary>
+    /// Marker interface for method entities.
+    /// </summary>
+    public interface IMethodEntity : IEntity
+    {
+    }
+}

csharp/extractor/Semmle.Extraction.CSharp/Entities/Method.cs

@@ -9,7 +9,7 @@ using Semmle.Extraction.CSharp.Populators;
 
 namespace Semmle.Extraction.CSharp.Entities
 {
-    internal abstract class Method : CachedSymbol<IMethodSymbol>, IExpressionParentEntity, IStatementParentEntity
+    internal abstract class Method : CachedSymbol<IMethodSymbol>, IExpressionParentEntity, IStatementParentEntity, IMethodEntity
     {
         protected Method(Context cx, IMethodSymbol init)
             : base(cx, init) { }

csharp/extractor/Semmle.Extraction.CSharp/Entities/ObjectInitMethod.cs

@@ -0,0 +1,56 @@
+using System.IO;
+using Microsoft.CodeAnalysis;
+
+namespace Semmle.Extraction.CSharp.Entities
+{
+    internal sealed class ObjectInitMethod : CachedEntity, IMethodEntity
+    {
+        private Type ContainingType { get; }
+
+        private ObjectInitMethod(Context cx, Type containingType)
+            : base(cx)
+        {
+            this.ContainingType = containingType;
+        }
+
+        private static readonly string Name = "<object initializer>";
+
+        public static ObjectInitMethod Create(Context cx, Type containingType)
+        {
+            return ObjectInitMethodFactory.Instance.CreateEntity(cx, (typeof(ObjectInitMethod), containingType), containingType);
+        }
+
+        public override void Populate(TextWriter trapFile)
+        {
+            var returnType = Type.Create(Context, Context.Compilation.GetSpecialType(SpecialType.System_Void));
+
+            trapFile.methods(this, Name, ContainingType, returnType.TypeRef, this);
+
+            trapFile.compiler_generated(this);
+
+            trapFile.method_location(this, Context.CreateLocation(ReportingLocation));
+        }
+
+        public override void WriteId(EscapingTextWriter trapFile)
+        {
+            trapFile.WriteSubId(ContainingType);
+            trapFile.Write(".");
+            trapFile.Write(Name);
+            trapFile.Write(";method");
+        }
+
+        public override Microsoft.CodeAnalysis.Location? ReportingLocation => ContainingType.ReportingLocation;
+
+        public override bool NeedsPopulation => true;
+
+        public override TrapStackBehaviour TrapStackBehaviour => TrapStackBehaviour.NoLabel;
+
+        private class ObjectInitMethodFactory : CachedEntityFactory<Type, ObjectInitMethod>
+        {
+            public static ObjectInitMethodFactory Instance { get; } = new ObjectInitMethodFactory();
+
+            public override ObjectInitMethod Create(Context cx, Type containingType) =>
+                new ObjectInitMethod(cx, containingType);
+        }
+    }
+}

csharp/extractor/Semmle.Extraction.CSharp/Trap/Tuples.cs

@@ -175,7 +175,7 @@ namespace Semmle.Extraction.CSharp
         internal static void expr_argument_name(this TextWriter trapFile, Expression expr, string name) =>
             trapFile.WriteTuple("expr_argument_name", expr, name);
 
-        internal static void expr_call(this TextWriter trapFile, Expression expr, Method target) =>
+        internal static void expr_call(this TextWriter trapFile, Expression expr, IMethodEntity target) =>
             trapFile.WriteTuple("expr_call", expr, target);
 
         internal static void expr_flowstate(this TextWriter trapFile, Expression expr, int flowState) =>
@@ -247,10 +247,10 @@ namespace Semmle.Extraction.CSharp
         internal static void localvars(this TextWriter trapFile, LocalVariable key, VariableKind kind, string name, int @var, Type type, Expression expr) =>
             trapFile.WriteTuple("localvars", key, (int)kind, name, @var, type, expr);
 
-        internal static void method_location(this TextWriter trapFile, Method method, Location location) =>
+        internal static void method_location(this TextWriter trapFile, IMethodEntity method, Location location) =>
             trapFile.WriteTuple("method_location", method, location);
 
-        internal static void methods(this TextWriter trapFile, Method method, string name, Type declType, Type retType, Method originalDefinition) =>
+        internal static void methods(this TextWriter trapFile, IMethodEntity method, string name, Type declType, Type retType, IMethodEntity originalDefinition) =>
             trapFile.WriteTuple("methods", method, name, declType, retType, originalDefinition);
 
         internal static void modifiers(this TextWriter trapFile, Label entity, string modifier) =>

csharp/extractor/Semmle.Extraction.Tests/BUILD.bazel

@@ -16,6 +16,5 @@ codeql_xunit_test(
         "//csharp/extractor/Semmle.Extraction.CSharp.StubGenerator",
         "//csharp/extractor/Semmle.Util",
         "@paket.main//microsoft.net.test.sdk",
-        "@paket.main//system.io.filesystem",
     ],
 )

csharp/extractor/Semmle.Extraction.Tests/DotNet.cs

@@ -12,6 +12,7 @@ namespace Semmle.Extraction.Tests
         private string lastArgs = "";
         public string WorkingDirectory { get; private set; } = "";
         public bool Success { get; set; } = true;
+        public int ExitCode { get; set; } = 0;
 
         public DotNetCliInvokerStub(IList<string> output)
         {
@@ -26,6 +27,12 @@ namespace Semmle.Extraction.Tests
             return Success;
         }
 
+        public int RunCommandExitCode(string args, bool silent)
+        {
+            lastArgs = args;
+            return ExitCode;
+        }
+
         public bool RunCommand(string args, out IList<string> output, bool silent)
         {
             lastArgs = args;
@@ -83,7 +90,7 @@ namespace Semmle.Extraction.Tests
         public void TestDotnetInfoFailure()
         {
             // Setup
-            var dotnetCliInvoker = new DotNetCliInvokerStub(new List<string>()) { Success = false };
+            var dotnetCliInvoker = new DotNetCliInvokerStub(new List<string>()) { ExitCode = 1 };
 
             // Execute
             try
@@ -94,7 +101,7 @@ namespace Semmle.Extraction.Tests
             // Verify
             catch (Exception e)
             {
-                Assert.Equal("dotnet --info failed.", e.Message);
+                Assert.Equal("dotnet --info failed with exit code 1.", e.Message);
                 return;
             }
             Assert.Fail("Expected exception");

csharp/extractor/Semmle.Extraction.Tests/paket.references

@@ -1,4 +1,3 @@
-System.IO.FileSystem
 xunit
 xunit.runner.visualstudio
 Microsoft.NET.Test.Sdk

csharp/paket.dependencies

@@ -1,21 +1,17 @@
-framework: net9.0
+framework: net10.0
 storage: none
 source https://api.nuget.org/v3/index.json
 # behave like nuget in choosing transitive dependency versions
 strategy: max
 
-nuget Basic.CompilerLog.Util 0.9.21
+nuget Basic.CompilerLog.Util 0.9.25
 nuget Mono.Posix.NETStandard
 nuget Newtonsoft.Json
+nuget NuGet.Versioning
 nuget xunit
 nuget xunit.runner.visualstudio
 nuget xunit.runner.utility
 nuget Microsoft.NET.Test.Sdk
-nuget Microsoft.CodeAnalysis.CSharp 4.14.0
+nuget Microsoft.CodeAnalysis.CSharp 5.0.0
-nuget Microsoft.CodeAnalysis 4.14.0
+nuget Microsoft.CodeAnalysis 5.0.0
-nuget Microsoft.Build 17.14.28
+nuget Microsoft.Build 18.0.2
-nuget Microsoft.Win32.Primitives
-nuget System.Net.Primitives
-nuget System.Security.Principal
-nuget System.Threading.ThreadPool
-nuget System.IO.FileSystem

csharp/paket.lock

@@ -1,9 +1,9 @@
 STORAGE: NONE
 STRATEGY: MAX
-RESTRICTION: == net9.0
+RESTRICTION: == net10.0
 NUGET
   remote: https://api.nuget.org/v3/index.json
-    Basic.CompilerLog.Util (0.9.21)
+    Basic.CompilerLog.Util (0.9.25)
       MessagePack (>= 3.1.4)
       Microsoft.Bcl.Memory (>= 9.0.10)
       Microsoft.CodeAnalysis (>= 4.8)
@@ -12,197 +12,132 @@ NUGET
       Microsoft.Extensions.ObjectPool (>= 9.0.10)
       MSBuild.StructuredLogger (>= 2.3.71)
       NaturalSort.Extension (>= 4.4)
-    Humanizer.Core (2.14.1)
+      NuGet.Versioning (>= 6.14)
+    Humanizer.Core (3.0.1)
     MessagePack (3.1.4)
       MessagePack.Annotations (>= 3.1.4)
       MessagePackAnalyzer (>= 3.1.4)
       Microsoft.NET.StringTools (>= 17.11.4)
     MessagePack.Annotations (3.1.4)
     MessagePackAnalyzer (3.1.4)
-    Microsoft.Bcl.AsyncInterfaces (9.0.10)
+    Microsoft.Bcl.AsyncInterfaces (10.0)
-    Microsoft.Bcl.Memory (9.0.10)
+    Microsoft.Bcl.Memory (10.0)
-    Microsoft.Build (17.14.28)
+    Microsoft.Build (18.0.2)
-      Microsoft.Build.Framework (>= 17.14.28)
+      Microsoft.Build.Framework (>= 18.0.2)
-      Microsoft.NET.StringTools (>= 17.14.28)
+      Microsoft.NET.StringTools (>= 18.0.2)
       System.Configuration.ConfigurationManager (>= 9.0)
       System.Diagnostics.EventLog (>= 9.0)
       System.Reflection.MetadataLoadContext (>= 9.0)
-      System.Security.Cryptography.ProtectedData (>= 9.0)
+      System.Security.Cryptography.ProtectedData (>= 9.0.6)
-    Microsoft.Build.Framework (17.14.28)
+    Microsoft.Build.Framework (18.0.2)
-    Microsoft.Build.Utilities.Core (17.14.28)
+    Microsoft.Build.Utilities.Core (18.0.2)
-      Microsoft.Build.Framework (>= 17.14.28)
+      Microsoft.Build.Framework (>= 18.0.2)
-      Microsoft.NET.StringTools (>= 17.14.28)
+      Microsoft.NET.StringTools (>= 18.0.2)
-      System.Collections.Immutable (>= 9.0)
       System.Configuration.ConfigurationManager (>= 9.0)
       System.Diagnostics.EventLog (>= 9.0)
-      System.Security.Cryptography.ProtectedData (>= 9.0)
+      System.Security.Cryptography.ProtectedData (>= 9.0.6)
-    Microsoft.CodeAnalysis (4.14)
+    Microsoft.CodeAnalysis (5.0)
       Humanizer.Core (>= 2.14.1)
       Microsoft.Bcl.AsyncInterfaces (>= 9.0)
       Microsoft.CodeAnalysis.Analyzers (>= 3.11)
-      Microsoft.CodeAnalysis.CSharp.Workspaces (4.14)
+      Microsoft.CodeAnalysis.CSharp.Workspaces (5.0)
-      Microsoft.CodeAnalysis.VisualBasic.Workspaces (4.14)
+      Microsoft.CodeAnalysis.VisualBasic.Workspaces (5.0)
-      System.Buffers (>= 4.5.1)
+      System.Buffers (>= 4.6)
       System.Collections.Immutable (>= 9.0)
       System.Composition (>= 9.0)
       System.IO.Pipelines (>= 9.0)
-      System.Memory (>= 4.5.5)
+      System.Memory (>= 4.6)
-      System.Numerics.Vectors (>= 4.5)
+      System.Numerics.Vectors (>= 4.6)
       System.Reflection.Metadata (>= 9.0)
-      System.Runtime.CompilerServices.Unsafe (>= 6.0)
+      System.Runtime.CompilerServices.Unsafe (>= 6.1)
-      System.Text.Encoding.CodePages (>= 7.0)
+      System.Text.Encoding.CodePages (>= 8.0)
-      System.Threading.Channels (>= 7.0)
+      System.Threading.Channels (>= 8.0)
-      System.Threading.Tasks.Extensions (>= 4.5.4)
+      System.Threading.Tasks.Extensions (>= 4.6)
     Microsoft.CodeAnalysis.Analyzers (3.11)
-    Microsoft.CodeAnalysis.Common (4.14)
+    Microsoft.CodeAnalysis.Common (5.0)
       Microsoft.CodeAnalysis.Analyzers (>= 3.11)
-      System.Collections.Immutable (>= 9.0)
+    Microsoft.CodeAnalysis.CSharp (5.0)
-      System.Reflection.Metadata (>= 9.0)
-    Microsoft.CodeAnalysis.CSharp (4.14)
       Microsoft.CodeAnalysis.Analyzers (>= 3.11)
-      Microsoft.CodeAnalysis.Common (4.14)
+      Microsoft.CodeAnalysis.Common (5.0)
-      System.Collections.Immutable (>= 9.0)
+    Microsoft.CodeAnalysis.CSharp.Workspaces (5.0)
-      System.Reflection.Metadata (>= 9.0)
-    Microsoft.CodeAnalysis.CSharp.Workspaces (4.14)
       Humanizer.Core (>= 2.14.1)
       Microsoft.CodeAnalysis.Analyzers (>= 3.11)
-      Microsoft.CodeAnalysis.Common (4.14)
+      Microsoft.CodeAnalysis.Common (5.0)
-      Microsoft.CodeAnalysis.CSharp (4.14)
+      Microsoft.CodeAnalysis.CSharp (5.0)
-      Microsoft.CodeAnalysis.Workspaces.Common (4.14)
+      Microsoft.CodeAnalysis.Workspaces.Common (5.0)
-      System.Collections.Immutable (>= 9.0)
       System.Composition (>= 9.0)
-      System.IO.Pipelines (>= 9.0)
+    Microsoft.CodeAnalysis.VisualBasic (5.0)
-      System.Reflection.Metadata (>= 9.0)
-      System.Threading.Channels (>= 7.0)
-    Microsoft.CodeAnalysis.VisualBasic (4.14)
       Microsoft.CodeAnalysis.Analyzers (>= 3.11)
-      Microsoft.CodeAnalysis.Common (4.14)
+      Microsoft.CodeAnalysis.Common (5.0)
-      System.Collections.Immutable (>= 9.0)
+    Microsoft.CodeAnalysis.VisualBasic.Workspaces (5.0)
-      System.Reflection.Metadata (>= 9.0)
-    Microsoft.CodeAnalysis.VisualBasic.Workspaces (4.14)
       Humanizer.Core (>= 2.14.1)
       Microsoft.CodeAnalysis.Analyzers (>= 3.11)
-      Microsoft.CodeAnalysis.Common (4.14)
+      Microsoft.CodeAnalysis.Common (5.0)
-      Microsoft.CodeAnalysis.VisualBasic (4.14)
+      Microsoft.CodeAnalysis.VisualBasic (5.0)
-      Microsoft.CodeAnalysis.Workspaces.Common (4.14)
+      Microsoft.CodeAnalysis.Workspaces.Common (5.0)
-      System.Collections.Immutable (>= 9.0)
       System.Composition (>= 9.0)
-      System.IO.Pipelines (>= 9.0)
+    Microsoft.CodeAnalysis.Workspaces.Common (5.0)
-      System.Reflection.Metadata (>= 9.0)
-      System.Threading.Channels (>= 7.0)
-    Microsoft.CodeAnalysis.Workspaces.Common (4.14)
       Humanizer.Core (>= 2.14.1)
       Microsoft.CodeAnalysis.Analyzers (>= 3.11)
-      Microsoft.CodeAnalysis.Common (4.14)
+      Microsoft.CodeAnalysis.Common (5.0)
-      System.Collections.Immutable (>= 9.0)
       System.Composition (>= 9.0)
-      System.IO.Pipelines (>= 9.0)
+    Microsoft.CodeCoverage (18.0.1)
-      System.Reflection.Metadata (>= 9.0)
+    Microsoft.Extensions.ObjectPool (10.0)
-      System.Threading.Channels (>= 7.0)
+    Microsoft.NET.StringTools (18.0.2)
-    Microsoft.CodeCoverage (18.0)
+    Microsoft.NET.Test.Sdk (18.0.1)
-    Microsoft.Extensions.ObjectPool (9.0.10)
+      Microsoft.CodeCoverage (>= 18.0.1)
-    Microsoft.NET.StringTools (17.14.28)
+      Microsoft.TestPlatform.TestHost (>= 18.0.1)
-    Microsoft.NET.Test.Sdk (18.0)
+    Microsoft.TestPlatform.ObjectModel (18.0.1)
-      Microsoft.CodeCoverage (>= 18.0)
-      Microsoft.TestPlatform.TestHost (>= 18.0)
-    Microsoft.NETCore.Platforms (7.0.4)
-    Microsoft.NETCore.Targets (5.0)
-    Microsoft.TestPlatform.ObjectModel (18.0)
       System.Reflection.Metadata (>= 8.0)
-    Microsoft.TestPlatform.TestHost (18.0)
+    Microsoft.TestPlatform.TestHost (18.0.1)
-      Microsoft.TestPlatform.ObjectModel (>= 18.0)
+      Microsoft.TestPlatform.ObjectModel (>= 18.0.1)
       Newtonsoft.Json (>= 13.0.3)
-    Microsoft.Win32.Primitives (4.3)
-      Microsoft.NETCore.Platforms (>= 1.1)
-      Microsoft.NETCore.Targets (>= 1.1)
-      System.Runtime (>= 4.3)
     Mono.Posix.NETStandard (1.0)
-    MSBuild.StructuredLogger (2.3.71)
+    MSBuild.StructuredLogger (2.3.113)
       Microsoft.Build.Framework (>= 17.5)
       Microsoft.Build.Utilities.Core (>= 17.5)
       System.Collections.Immutable (>= 8.0)
-    NaturalSort.Extension (4.4)
+    NaturalSort.Extension (4.4.1)
     Newtonsoft.Json (13.0.4)
+    NuGet.Versioning (7.0.1)
     System.Buffers (4.6.1)
-    System.Collections.Immutable (9.0.10)
+    System.Collections.Immutable (10.0)
-    System.Composition (9.0.10)
+    System.Composition (10.0)
-      System.Composition.AttributedModel (>= 9.0.10)
+      System.Composition.AttributedModel (>= 10.0)
-      System.Composition.Convention (>= 9.0.10)
+      System.Composition.Convention (>= 10.0)
-      System.Composition.Hosting (>= 9.0.10)
+      System.Composition.Hosting (>= 10.0)
-      System.Composition.Runtime (>= 9.0.10)
+      System.Composition.Runtime (>= 10.0)
-      System.Composition.TypedParts (>= 9.0.10)
+      System.Composition.TypedParts (>= 10.0)
-    System.Composition.AttributedModel (9.0.10)
+    System.Composition.AttributedModel (10.0)
-    System.Composition.Convention (9.0.10)
+    System.Composition.Convention (10.0)
-      System.Composition.AttributedModel (>= 9.0.10)
+      System.Composition.AttributedModel (>= 10.0)
-    System.Composition.Hosting (9.0.10)
+    System.Composition.Hosting (10.0)
-      System.Composition.Runtime (>= 9.0.10)
+      System.Composition.Runtime (>= 10.0)
-    System.Composition.Runtime (9.0.10)
+    System.Composition.Runtime (10.0)
-    System.Composition.TypedParts (9.0.10)
+    System.Composition.TypedParts (10.0)
-      System.Composition.AttributedModel (>= 9.0.10)
+      System.Composition.AttributedModel (>= 10.0)
-      System.Composition.Hosting (>= 9.0.10)
+      System.Composition.Hosting (>= 10.0)
-      System.Composition.Runtime (>= 9.0.10)
+      System.Composition.Runtime (>= 10.0)
-    System.Configuration.ConfigurationManager (9.0.10)
+    System.Configuration.ConfigurationManager (10.0)
-      System.Diagnostics.EventLog (>= 9.0.10)
+      System.Diagnostics.EventLog (>= 10.0)
-      System.Security.Cryptography.ProtectedData (>= 9.0.10)
+      System.Security.Cryptography.ProtectedData (>= 10.0)
-    System.Diagnostics.EventLog (9.0.10)
+    System.Diagnostics.EventLog (10.0)
-    System.IO (4.3)
+    System.IO.Pipelines (10.0)
-      Microsoft.NETCore.Platforms (>= 1.1)
-      Microsoft.NETCore.Targets (>= 1.1)
-      System.Runtime (>= 4.3)
-      System.Text.Encoding (>= 4.3)
-      System.Threading.Tasks (>= 4.3)
-    System.IO.FileSystem (4.3)
-      Microsoft.NETCore.Platforms (>= 1.1)
-      Microsoft.NETCore.Targets (>= 1.1)
-      System.IO (>= 4.3)
-      System.IO.FileSystem.Primitives (>= 4.3)
-      System.Runtime (>= 4.3)
-      System.Runtime.Handles (>= 4.3)
-      System.Text.Encoding (>= 4.3)
-      System.Threading.Tasks (>= 4.3)
-    System.IO.FileSystem.Primitives (4.3)
-      System.Runtime (>= 4.3)
-    System.IO.Pipelines (9.0.10)
     System.Memory (4.6.3)
-    System.Net.Primitives (4.3.1)
-      Microsoft.NETCore.Platforms (>= 1.1.1)
-      Microsoft.NETCore.Targets (>= 1.1.3)
-      System.Runtime (>= 4.3.1)
-      System.Runtime.Handles (>= 4.3)
     System.Numerics.Vectors (4.6.1)
-    System.Reflection.Metadata (9.0.10)
+    System.Reflection.Metadata (10.0)
-    System.Reflection.MetadataLoadContext (9.0.10)
+    System.Reflection.MetadataLoadContext (10.0)
-    System.Runtime (4.3.1)
-      Microsoft.NETCore.Platforms (>= 1.1.1)
-      Microsoft.NETCore.Targets (>= 1.1.3)
     System.Runtime.CompilerServices.Unsafe (6.1.2)
-    System.Runtime.Handles (4.3)
+    System.Security.Cryptography.ProtectedData (10.0)
-      Microsoft.NETCore.Platforms (>= 1.1)
+    System.Text.Encoding.CodePages (10.0)
-      Microsoft.NETCore.Targets (>= 1.1)
+    System.Threading.Channels (10.0)
-      System.Runtime (>= 4.3)
-    System.Security.Cryptography.ProtectedData (9.0.10)
-    System.Security.Principal (4.3)
-      System.Runtime (>= 4.3)
-    System.Text.Encoding (4.3)
-      Microsoft.NETCore.Platforms (>= 1.1)
-      Microsoft.NETCore.Targets (>= 1.1)
-      System.Runtime (>= 4.3)
-    System.Text.Encoding.CodePages (9.0.10)
-    System.Threading.Channels (9.0.10)
-    System.Threading.Tasks (4.3)
-      Microsoft.NETCore.Platforms (>= 1.1)
-      Microsoft.NETCore.Targets (>= 1.1)
-      System.Runtime (>= 4.3)
     System.Threading.Tasks.Extensions (4.6.3)
-    System.Threading.ThreadPool (4.3)
-      System.Runtime (>= 4.3)
-      System.Runtime.Handles (>= 4.3)
     xunit (2.9.3)
       xunit.analyzers (>= 1.18)
       xunit.assert (>= 2.9.3)
       xunit.core (2.9.3)
     xunit.abstractions (2.0.3)
-    xunit.analyzers (1.24)
+    xunit.analyzers (1.26)
     xunit.assert (2.9.3)
     xunit.core (2.9.3)
       xunit.extensibility.core (2.9.3)

csharp/ql/integration-tests/all-platforms/autobuild/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/binlog/Files.expected

@@ -1,10 +1,10 @@
 | a/A.cs:0:0:0:0 | a/A.cs |
-| a/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs:0:0:0:0 | a/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs |
+| a/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs:0:0:0:0 | a/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs |
-| a/obj/Debug/net9.0/test.AssemblyInfo.cs:0:0:0:0 | a/obj/Debug/net9.0/test.AssemblyInfo.cs |
+| a/obj/Debug/net10.0/test.AssemblyInfo.cs:0:0:0:0 | a/obj/Debug/net10.0/test.AssemblyInfo.cs |
-| a/obj/Debug/net9.0/test.GlobalUsings.g.cs:0:0:0:0 | a/obj/Debug/net9.0/test.GlobalUsings.g.cs |
+| a/obj/Debug/net10.0/test.GlobalUsings.g.cs:0:0:0:0 | a/obj/Debug/net10.0/test.GlobalUsings.g.cs |
 | b/B.cs:0:0:0:0 | b/B.cs |
-| b/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs:0:0:0:0 | b/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs |
+| b/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs:0:0:0:0 | b/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs |
-| b/obj/Debug/net9.0/test.AssemblyInfo.cs:0:0:0:0 | b/obj/Debug/net9.0/test.AssemblyInfo.cs |
+| b/obj/Debug/net10.0/test.AssemblyInfo.cs:0:0:0:0 | b/obj/Debug/net10.0/test.AssemblyInfo.cs |
-| b/obj/Debug/net9.0/test.GlobalUsings.g.cs:0:0:0:0 | b/obj/Debug/net9.0/test.GlobalUsings.g.cs |
+| b/obj/Debug/net10.0/test.GlobalUsings.g.cs:0:0:0:0 | b/obj/Debug/net10.0/test.GlobalUsings.g.cs |
-| generated/a/test.csproj (net9.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs:0:0:0:0 | generated/a/test.csproj (net9.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs |
+| generated/a/test.csproj (net10.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs:0:0:0:0 | generated/a/test.csproj (net10.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs |
-| generated/b/test.csproj (net9.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs:0:0:0:0 | generated/b/test.csproj (net9.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs |
+| generated/b/test.csproj (net10.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs:0:0:0:0 | generated/b/test.csproj (net10.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs |

csharp/ql/integration-tests/all-platforms/binlog/a/test.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/binlog/b/test.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/binlog/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/binlog_multiple/Files.expected

@@ -1,10 +1,10 @@
 | a/A.cs:0:0:0:0 | a/A.cs |
-| a/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs:0:0:0:0 | a/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs |
+| a/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs:0:0:0:0 | a/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs |
-| a/obj/Debug/net9.0/test.AssemblyInfo.cs:0:0:0:0 | a/obj/Debug/net9.0/test.AssemblyInfo.cs |
+| a/obj/Debug/net10.0/test.AssemblyInfo.cs:0:0:0:0 | a/obj/Debug/net10.0/test.AssemblyInfo.cs |
-| a/obj/Debug/net9.0/test.GlobalUsings.g.cs:0:0:0:0 | a/obj/Debug/net9.0/test.GlobalUsings.g.cs |
+| a/obj/Debug/net10.0/test.GlobalUsings.g.cs:0:0:0:0 | a/obj/Debug/net10.0/test.GlobalUsings.g.cs |
 | b/B.cs:0:0:0:0 | b/B.cs |
-| b/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs:0:0:0:0 | b/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs |
+| b/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs:0:0:0:0 | b/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs |
-| b/obj/Debug/net9.0/test.AssemblyInfo.cs:0:0:0:0 | b/obj/Debug/net9.0/test.AssemblyInfo.cs |
+| b/obj/Debug/net10.0/test.AssemblyInfo.cs:0:0:0:0 | b/obj/Debug/net10.0/test.AssemblyInfo.cs |
-| b/obj/Debug/net9.0/test.GlobalUsings.g.cs:0:0:0:0 | b/obj/Debug/net9.0/test.GlobalUsings.g.cs |
+| b/obj/Debug/net10.0/test.GlobalUsings.g.cs:0:0:0:0 | b/obj/Debug/net10.0/test.GlobalUsings.g.cs |
-| generated/a/test.csproj (net9.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs:0:0:0:0 | generated/a/test.csproj (net9.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs |
+| generated/a/test.csproj (net10.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs:0:0:0:0 | generated/a/test.csproj (net10.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs |
-| generated/b/test.csproj (net9.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs:0:0:0:0 | generated/b/test.csproj (net9.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs |
+| generated/b/test.csproj (net10.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs:0:0:0:0 | generated/b/test.csproj (net10.0)/System.Text.RegularExpressions.Generator/System.Text.RegularExpressions.Generator.RegexGenerator/RegexGenerator.g.cs |

csharp/ql/integration-tests/all-platforms/binlog_multiple/a/test.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/binlog_multiple/b/test.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/binlog_multiple/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/BlazorTest.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/blazor/BlazorTest/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/blazor/Files.expected

@@ -8,15 +8,18 @@
 | BlazorTest/Components/Routes.razor:0:0:0:0 | BlazorTest/Components/Routes.razor |
 | BlazorTest/Components/_Imports.razor:0:0:0:0 | BlazorTest/Components/_Imports.razor |
 | BlazorTest/Program.cs:0:0:0:0 | BlazorTest/Program.cs |
-| BlazorTest/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs |
+| BlazorTest/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs |
-| BlazorTest/obj/Debug/net9.0/BlazorTest.AssemblyInfo.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/BlazorTest.AssemblyInfo.cs |
+| BlazorTest/obj/Debug/net10.0/BlazorTest.AssemblyInfo.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/BlazorTest.AssemblyInfo.cs |
-| BlazorTest/obj/Debug/net9.0/BlazorTest.GlobalUsings.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/BlazorTest.GlobalUsings.g.cs |
+| BlazorTest/obj/Debug/net10.0/BlazorTest.GlobalUsings.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/BlazorTest.GlobalUsings.g.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_App_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_App_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/EmbeddedAttribute.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/EmbeddedAttribute.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Layout_MainLayout_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Layout_MainLayout_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/ValidatableTypeAttribute.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/ValidatableTypeAttribute.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Layout_NavMenu_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Layout_NavMenu_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.AspNetCore.App.SourceGenerators/Microsoft.AspNetCore.SourceGenerators.PublicProgramSourceGenerator/PublicTopLevelProgram.Generated.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.AspNetCore.App.SourceGenerators/Microsoft.AspNetCore.SourceGenerators.PublicProgramSourceGenerator/PublicTopLevelProgram.Generated.g.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_MyInput_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_MyInput_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_App_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_App_razor.g.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_MyOutput_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_MyOutput_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Layout_MainLayout_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Layout_MainLayout_razor.g.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_Error_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_Error_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Layout_NavMenu_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Layout_NavMenu_razor.g.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_MyInput_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_MyInput_razor.g.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Routes_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Routes_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_MyOutput_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_MyOutput_razor.g.cs |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components__Imports_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components__Imports_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_Error_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_Error_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Routes_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Routes_razor.g.cs |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components__Imports_razor.g.cs:0:0:0:0 | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components__Imports_razor.g.cs |

csharp/ql/integration-tests/all-platforms/blazor/XSS.expected

@@ -3,8 +3,8 @@
 | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | User-provided value |
 | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | $@ flows to here and is written to HTML or JavaScript. | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | User-provided value |
 edges
-| BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:553:16:561:13 | call to method TypeCheck<String> : String | provenance | Src:MaD:2 MaD:3 |
+| BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:553:16:561:13 | call to method TypeCheck<String> : String | provenance | Src:MaD:2 MaD:3 |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:553:16:561:13 | call to method TypeCheck<String> : String | BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | provenance | Sink:MaD:1 |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:553:16:561:13 | call to method TypeCheck<String> : String | BlazorTest/Components/MyOutput.razor:5:53:5:57 | access to property Value | provenance | Sink:MaD:1 |
 models
 | 1 | Sink: Microsoft.AspNetCore.Components; MarkupString; false; MarkupString; (System.String); ; Argument[0]; html-injection; manual |
 | 2 | Source: Microsoft.AspNetCore.Components; SupplyParameterFromQueryAttribute; false; ; ; Attribute.Getter; ReturnValue; remote; manual |
@@ -14,5 +14,5 @@ nodes
 | BlazorTest/Components/Pages/TestPage.razor:11:48:11:55 | access to property UrlParam | semmle.label | access to property UrlParam |
 | BlazorTest/Components/Pages/TestPage.razor:20:60:20:69 | access to property QueryParam | semmle.label | access to property QueryParam |
 | BlazorTest/Components/Pages/TestPage.razor:85:23:85:32 | access to property QueryParam : String | semmle.label | access to property QueryParam : String |
-| BlazorTest/obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:553:16:561:13 | call to method TypeCheck<String> : String | semmle.label | call to method TypeCheck<String> : String |
+| BlazorTest/obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Components_Pages_TestPage_razor.g.cs:553:16:561:13 | call to method TypeCheck<String> : String | semmle.label | call to method TypeCheck<String> : String |
 subpaths

csharp/ql/integration-tests/all-platforms/blazor/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/BlazorTest.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/BlazorTest/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/conditional_compilation/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/conditional_compilation/test.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/cshtml/Files.expected

@@ -1,7 +1,8 @@
 | Program.cs:0:0:0:0 | Program.cs |
 | Views/Home/Index.cshtml:0:0:0:0 | Views/Home/Index.cshtml |
-| obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs:0:0:0:0 | obj/Debug/net9.0/.NETCoreApp,Version=v9.0.AssemblyAttributes.cs |
+| obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs:0:0:0:0 | obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs |
-| obj/Debug/net9.0/cshtml.AssemblyInfo.cs:0:0:0:0 | obj/Debug/net9.0/cshtml.AssemblyInfo.cs |
+| obj/Debug/net10.0/cshtml.AssemblyInfo.cs:0:0:0:0 | obj/Debug/net10.0/cshtml.AssemblyInfo.cs |
-| obj/Debug/net9.0/cshtml.GlobalUsings.g.cs:0:0:0:0 | obj/Debug/net9.0/cshtml.GlobalUsings.g.cs |
+| obj/Debug/net10.0/cshtml.GlobalUsings.g.cs:0:0:0:0 | obj/Debug/net10.0/cshtml.GlobalUsings.g.cs |
-| obj/Debug/net9.0/cshtml.RazorAssemblyInfo.cs:0:0:0:0 | obj/Debug/net9.0/cshtml.RazorAssemblyInfo.cs |
+| obj/Debug/net10.0/cshtml.RazorAssemblyInfo.cs:0:0:0:0 | obj/Debug/net10.0/cshtml.RazorAssemblyInfo.cs |
-| obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs:0:0:0:0 | obj/Debug/net9.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs |
+| obj/Debug/net10.0/generated/Microsoft.AspNetCore.App.SourceGenerators/Microsoft.AspNetCore.SourceGenerators.PublicProgramSourceGenerator/PublicTopLevelProgram.Generated.g.cs:0:0:0:0 | obj/Debug/net10.0/generated/Microsoft.AspNetCore.App.SourceGenerators/Microsoft.AspNetCore.SourceGenerators.PublicProgramSourceGenerator/PublicTopLevelProgram.Generated.g.cs |
+| obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs:0:0:0:0 | obj/Debug/net10.0/generated/Microsoft.CodeAnalysis.Razor.Compiler/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs |

csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/cshtml/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/cshtml_standalone/cshtml.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/cshtml_standalone/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/cshtml.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/cshtml_standalone_flowsteps/cshtml.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/cshtml_standalone_flowsteps/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/diag_dotnet_incompatible/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/diag_missing_project_files/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/diag_missing_xamarin_sdk/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/diag_missing_xamarin_sdk/test.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
     <LanguageTargets>$(MSBuildExtensionsPath)\Xamarin\iOS\Xamarin.iOS.CSharp.targets</LanguageTargets>

csharp/ql/integration-tests/all-platforms/diag_recursive_generics/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/diag_recursive_generics/test.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
   </PropertyGroup>
 
  <Target Name="DeleteBinObjFolders" BeforeTargets="Clean">

csharp/ql/integration-tests/all-platforms/dotnet_10/test.py

@@ -1,9 +1,7 @@
 import pytest
 
-@pytest.mark.skip(reason=".NET 10 info command crashes")
 def test1(codeql, csharp):
     codeql.database.create()
 
-@pytest.mark.skip(reason=".NET 10 info command crashes")
 def test2(codeql, csharp):
     codeql.database.create(build_mode="none")

csharp/ql/integration-tests/all-platforms/dotnet_build/dotnet_build.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/dotnet_build/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/dotnet_no_args_inject/dotnet_build.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/dotnet_no_args_inject/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/dotnet_pack/dotnet_pack.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/dotnet_pack/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/dotnet_publish/dotnet_publish.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/dotnet_publish/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }

csharp/ql/integration-tests/all-platforms/dotnet_run/dotnet_run.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>

csharp/ql/integration-tests/all-platforms/dotnet_run/global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "9.0.304"
+        "version": "10.0.100"
     }
 }