hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-22 15:17:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,971 Commits 1,759 Branches 168 Tags
codeql-cli-2.25.3
Commit Graph

86971 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
503a1b5d0c Merge pull request #21107 from geoffw0/rusttest 
Rust: Additional test cases for tuple content.
 2026-01-07 09:37:14 +00:00
Michael Nebel
8fe31a1fd6 C#: Add some more testcases and update test expected output. 2026-01-07 09:56:02 +01:00
Michael Nebel
a991afdf69 C#: Use ref conversions (including variance conversions) for element types of span conversions. 2026-01-07 09:55:10 +01:00
Michael Nebel
77b0c4bbe4 Merge pull request #21111 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2026-01-07 09:41:21 +01:00
github-actions[bot]
53a0b8dd47 Add changed framework coverage reports 2026-01-07 00:25:25 +00:00
Owen Mansel-Chan
a7c4ba503e Add missing qldoc 2026-01-06 23:41:33 +00:00
Owen Mansel-Chan
8602c4c57c Rename Default* to External* for MaD classes 2026-01-06 22:57:01 +00:00
Owen Mansel-Chan
7fff3534fa Convert 3 barriers for path injection to MaD 2026-01-06 22:56:59 +00:00
Owen Mansel-Chan
1e18fce300 Convert xss sanitizer to MaD 2026-01-06 22:56:57 +00:00
Owen Mansel-Chan
1e6410804f Allow non-query-specific MaD sanitizers 2026-01-06 22:56:55 +00:00
Anders Schack-Mulligen
1fbc28b753 Go: Add support for MaD barriers and barrier guards. 2026-01-06 22:51:32 +00:00
Jeroen Ketema
c567197f29 C++: Simplify expression 2026-01-06 21:58:43 +01:00
Ian Lynagh
70cc153cf5 Merge pull request #21104 from github/post-release-prep/codeql-cli-2.23.9 
Post-release preparation for codeql-cli-2.23.9
 2026-01-06 18:25:18 +00:00
Geoffrey White
13df23630b Rust: Effect of lifting content reads as taint steps. 2026-01-06 16:47:07 +00:00
Jeroen Ketema
063e5d300e C++: Remove redundant SSA branch after IR fix 2026-01-06 17:40:52 +01:00
Geoffrey White
6e2702c3af Rust: Add some taint tests involving tuples. 2026-01-06 16:38:36 +00:00
Jeroen Ketema
3cd9938ebe C++: Update expected test results after IR changes 2026-01-06 17:37:22 +01:00
Jeroen Ketema
740518d23f C++: Use the loaded this instead of the this initialization 2026-01-06 17:11:22 +01:00
github-actions[bot]
2cb932cf5d Post-release preparation for codeql-cli-2.23.9 2026-01-06 15:42:16 +00:00
Ian Lynagh
b4f4b0e6b0 Merge pull request #21092 from github/release-prep/2.23.9 
Release preparation for version 2.23.9
codeql-cli/v2.23.9 		2026-01-06 15:06:25 +00:00
Owen Mansel-Chan
766e908c79 Accept MaD sanitizers for existing sink kinds 2026-01-06 14:38:27 +00:00
Owen Mansel-Chan
81667d741a Rename classes for external sanitizers 2026-01-06 14:36:54 +00:00
Michael Nebel
b686890ba6 C#: Address review comments. 2026-01-06 15:08:13 +01:00
Tom Hvitved
1a2f72252a Merge pull request #21072 from hvitved/rust/mad-provenance-refactor 
Rust: Refactor MaD provenance-based filtering
 2026-01-06 14:59:42 +01:00
Taus
4a567ad75e Python: Add change note 2026-01-06 13:40:38 +00:00
Taus
2c83b296a4 Python: Add parser test 
Note in particular that the `exceptions.py` test is unaffected.
 2026-01-06 13:40:38 +00:00
Taus
4db60df9dd Python: Regenerate parser files 2026-01-06 13:40:38 +00:00
Taus
2380bfd459 Python: Add support for PEP-758 exception syntax 
See https://peps.python.org/pep-0758/ for more details.

We implement this by extending the syntax for exceptions and exception
groups so that the `type` field can now contain either an expression
(which matches the old behaviour), or a comma-separated list of at least
two elements (representing the new behaviour).

We model the latter case using a new node type `exception_list`, which
in `tsg-python` is simply mapped to a tuple. This means it matches the
existing behaviour (when the tuple is surrounded by parentheses)
exactly, hence we don't need to change any other code.

As a consequence of this, however, we cannot directly parse the Python
2.7 syntax `except Foo, e: ...` as `except Foo as e: ...`, as this would
introduce an ambiguity in the grammar. Thus, we have removed support for
the (deprecated) 2.7-style syntax, and only allow `as` to indicate
binding of the exception. The syntax `except Foo, e: ...` continues to
be parsed (in particular, it's not suddenly a syntax error), but it will
be parsed as if it were `except (Foo, e): ...`, which may not give the
correct results.

In principle we could extend the QL libraries to account for this case
(specifically when analysing Python 2 code). In practice, however, I
expect this to have a minor impact on results, and not worth the
additional investment at this time.
 2026-01-06 13:40:37 +00:00
Tom Hvitved
da6d0abe31 Address review comment 2026-01-06 14:35:07 +01:00
Taus
72f9e34318 Merge pull request #20708 from github/tausbn/python-add-support-for-template-string-literals 
Python: Add support for template string literals
 2026-01-06 14:33:51 +01:00
Ian Lynagh
c233e36d4f Merge pull request #21103 from igfoo/igfoo/css 
Fix header link color and hover effect in query help documentation
 2026-01-06 13:30:40 +00:00
Jeroen Ketema
4ede207c1f Merge pull request #20926 from jketema/jketema/frontend-update 
C++: Update expected test results after frontend update
 2026-01-06 14:25:40 +01:00
Chris Smowton
6ed24f22b5 Change notes 2026-01-06 13:01:37 +00:00
Jeroen Ketema
d02ef7c6b1 C++: Add change notes 2026-01-06 13:53:47 +01:00
Jeroen Ketema
17b22bc088 C++: Update expected test results after frontend _Generic fix 2026-01-06 13:53:45 +01:00
Jeroen Ketema
5117b5906b C++: Exclude comparisons from enum constants in `cpp/constant-comparison 2026-01-06 13:53:44 +01:00
Jeroen Ketema
112eaadfae C++: Add another cpp/constant-comparison FP test case 2026-01-06 13:53:43 +01:00
Jeroen Ketema
1f10cddef5 C++: Accept test changes after frontend update and uncomment test case 
The new frontend version does less constant folding.
 2026-01-06 13:53:41 +01:00
Jeroen Ketema
90d6c9fc56 C++: Exclude more comparisons from cpp/constant-comparison 2026-01-06 13:53:40 +01:00
Jeroen Ketema
509cbf7049 C++: Add cpp/constant-comparison FP test cases after frontend update 2026-01-06 13:53:38 +01:00
Jeroen Ketema
2615dab2e2 C++: Update supported compiler versions 2026-01-06 13:53:35 +01:00
Jeroen Ketema
87a9065d61 C++: Update expected test results after frontend update 2026-01-06 13:53:34 +01:00
Chris Smowton
af36eae002 All languages: account for paths and paths-ignore in XML and other ancillary extraction 2026-01-06 12:48:01 +00:00
Tom Hvitved
eca451ea05 Merge pull request #21101 from hvitved/ruby/fix-bad-join 
Ruby: Fix bad join
 2026-01-06 13:44:29 +01:00
Tom Hvitved
5359b3d6e7 Merge pull request #21099 from hvitved/rust/fix-todo 
Rust: Improve `TuplePositionContent.getAnAccess`
 2026-01-06 13:16:15 +01:00
Ian Lynagh
0465dbe02b Fix header link color and hover effect in query help documentation 
Fix from Oscar, who wrote:

The Alabaster theme's global `a { color: #2F1695 }` rule was overriding
header link colors, rendering them purple instead of white.
 2026-01-06 12:15:50 +00:00
Chris Smowton
bfcd36002a Merge pull request #21049 from smowton/smowton/admin/java-buildless-paths-test 
Add integration test for paths and paths-ignore vs. Java buildless mode
 2026-01-06 12:01:09 +00:00
Michael Nebel
f32860b2d2 Merge pull request #21100 from michaelnebel/csharp14/nameofgenerictype 
C# 14: [TEST ONLY] Test for `nameof` generic type.
 2026-01-06 12:37:10 +01:00
Chris Smowton
6fb6923f63 Change note 2026-01-06 10:59:06 +00:00
Chris Smowton
102cfd06a7 Add integration test for paths and paths-ignore vs. Java buildless mode 2026-01-06 10:59:04 +00:00