9012 Commits

Author	SHA1	Message	Date
Michael Nebel	4b0c725367	C#: Add change note.	2025-08-18 12:56:15 +02:00
Michael Nebel	7431ee8df9	C#: Update the barrier in HashWithoutSalt to avoid an FP. It worked by accident before as we didn't allow implicit element reads at sinks.	2025-08-18 12:56:13 +02:00
Michael Nebel	1d25a20c9c	C#: Update the external flow test and expected test output.	2025-08-18 12:56:12 +02:00
Michael Nebel	abd0b2e2f9	C#: Update test expected output.	2025-08-18 12:56:10 +02:00
Michael Nebel	81751ea591	C#: Allow implicit reads from collections in argument nodes (sinks and additional flow steps) for default taint tracking configurations.	2025-08-18 12:56:09 +02:00
Michael Nebel	d8215a35c0	C#: Add example of failing taint flow for collections in sinks.	2025-08-18 12:56:07 +02:00
Nora Dimitrijević	8000e7c442	Merge pull request #20074 from d10c/d10c/diff-informed-phase-3-csharp ... C#: Diff-informed queries: phase 3 (non-trivial locations)	2025-08-15 12:07:47 +02:00
Michael B. Gale	e1ffb323a0	C#: Replace input interpolation with environment variable	2025-08-15 09:00:28 +01:00
Tom Hvitved	6e90823bd9	Merge pull request #20158 from hvitved/csharp/has-callable-constructor ... C#: Include constructors in `ValueOrRefType.hasCallable`	2025-08-05 12:59:29 +02:00
github-actions[bot]	fb4b0aac53	Post-release preparation for codeql-cli-2.22.3	2025-08-04 17:18:08 +00:00
github-actions[bot]	fd82aeb1f8	Release preparation for version 2.22.3	2025-08-04 15:47:57 +00:00
Tom Hvitved	361ef0f50d	C#: Include constructors in ValueOrRefType.hasCallable	2025-08-04 13:51:17 +02:00
Anders Schack-Mulligen	3b8234ecec	SSA: Update data flow integration and BarrierGuard interface to use GuardValue.	2025-07-28 11:29:12 +02:00
github-actions[bot]	37cc78255a	Post-release preparation for codeql-cli-2.22.2	2025-07-22 14:22:20 +00:00
Nick Rolfe	43d14c28c2	Tweak changenotes	2025-07-22 15:06:09 +01:00
github-actions[bot]	997547b8ef	Release preparation for version 2.22.2	2025-07-22 14:04:14 +00:00
Nick Rolfe	825c813095	Revert "Release preparation for version 2.22.2"	2025-07-22 14:33:45 +01:00
Nick Rolfe	74cd982aca	Tweak changenotes	2025-07-22 09:51:52 +01:00
github-actions[bot]	c8632b70b7	Release preparation for version 2.22.2	2025-07-21 16:45:45 +00:00
Nick Rolfe	ad9b637bec	Revert "Merge pull request #19994 from github/post-release-prep/codeql-cli-2.22.2" ... This reverts commit e5b4a15e35, reversing changes made to 33e63109bb.	2025-07-21 15:18:59 +01:00
Nora Dimitrijević	218fcbbec5	[DIFF-INFORMED] C#: HardcodedConnectionString	2025-07-21 11:28:55 +02:00
Nora Dimitrijević	b2fd58eea4	[DIFF-INFORMED] C#: ThreadUnsafeCryptoTransformLambda	2025-07-21 11:28:53 +02:00
Nora Dimitrijević	7f085e6bd9	[DIFF-INFORMED] C#: UnsafeDeserializationQuery ... 57c8b6e229/csharp/ql/src/Security%20Features/CWE-502/UnsafeDeserializationUntrustedInput.ql (L59)	2025-07-21 11:28:50 +02:00
Nora Dimitrijević	793f921291	[DIFF-INFORMED] C#: ConditionalBypass ... https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/csharp/ql/src/Security%20Features/CWE-807/ConditionalBypass.ql#L22	2025-07-21 11:28:48 +02:00
github-actions[bot]	2f84a4a5b5	Add changed framework coverage reports	2025-07-18 00:25:03 +00:00
Michael Nebel	01738c2e42	Merge pull request #19940 from michaelnebel/csharp/fixmodels ... C#: Improve some existing manual models.	2025-07-17 07:58:14 +02:00
Michael Nebel	e9fdca7d39	C#: Address review comments.	2025-07-16 11:12:25 +02:00
Chris Smowton	d6a3b2e91f	Merge pull request #20065 from smowton/smowton/fix/web.config ... C#: Make web.config match case insensitive (with change note)	2025-07-16 09:52:34 +01:00
Chris Smowton	a537c0091e	change note	2025-07-16 09:06:38 +01:00
Michael Nebel	70bf61dc57	C#: Convert Deserialization tests to use inline expectations.	2025-07-16 08:41:58 +02:00
Michael Nebel	8f8b0428ab	C#: Add change-note.	2025-07-16 08:41:56 +02:00
Michael Nebel	eba901f610	C#: Update flow summaries expected output.	2025-07-16 08:41:55 +02:00
Michael Nebel	95763dd225	C#: Add some models for SerializationInto and SerializationInfoEnumerator.	2025-07-16 08:41:53 +02:00
Michael Nebel	5c05ff843a	C#: Improve the models for System.Text.Encoding.[GetBytes|GetChars].	2025-07-16 08:41:52 +02:00
Michael Nebel	064c4fca12	C#: Add models for the remaining overloads of System.Xml.XmlDictionaryReader.CreateBinaryReader.	2025-07-16 08:41:50 +02:00
Michael Nebel	3ae69d5f3d	C#: Promote the generated System.Xml.XmlDictionaryReader.CreateBinaryReader models to manual models.	2025-07-16 08:41:49 +02:00
Michael Nebel	8ee16f68a7	C#: Update test expected output.	2025-07-16 08:41:48 +02:00
Michael Nebel	13b40bbab4	C#: Fix erroneous model the MemoryStream constructor (and align with the other models).	2025-07-16 08:41:46 +02:00
Michael Nebel	4036140f4b	C#: Add Deserialize testcase.	2025-07-16 08:41:45 +02:00
Hugo	8c82405b5b	Update 2025-06-10-getasupertype.md	2025-07-16 00:35:30 +02:00
Hugo	6384cf2e4f	Update predicate name	2025-07-16 00:35:14 +02:00
James Frank	b9acaa0cbd	Make web.config match case insensitive	2025-07-15 15:34:42 -04:00
Hugo	c3c8d5db13	Create 2025-06-10-getasupertype.md ... Create 2025-06-10-getasupertype.md	2025-07-10 05:48:52 +02:00
Hugo	fb693837e4	feat: add getASupertype() predicate in ValueOrRefType. ... Add the getASupertype() predicate in ValueOrRefType.	2025-07-10 02:19:17 +02:00
github-actions[bot]	24a0ac1223	Post-release preparation for codeql-cli-2.22.2	2025-07-07 18:15:04 +00:00
github-actions[bot]	f12daefabe	Release preparation for version 2.22.2	2025-07-07 14:00:26 +00:00
Michael Nebel	233b54c7fa	Merge pull request #19891 from michaelnebel/michaelnebel/freezemoresuites ... Go/Ruby/Python: Freeze quality queries in `security-and-quality`.	2025-07-01 09:04:19 +02:00
github-actions[bot]	81ec3b6566	Add changed framework coverage reports	2025-06-30 00:26:21 +00:00
Michael Nebel	2f208bddb6	Merge pull request #19877 from michaelnebel/csharp/microsoftdatasqlclient ... C#: Models for Microsoft.Data.SqlClient.	2025-06-27 10:24:38 +02:00
Michael Nebel	145ada53f2	C#/Java/JavaScript: Re-factor query suites to use the new selector.	2025-06-26 14:19:27 +02:00