Josh Brown
c6ab9412b6
Merge tag 'codeql-cli/v2.22.3' into jb1/2.22.3
...
Compatible with CodeQL CLI 2.22.3
2025-08-11 12:56:34 -07:00
Josh Brown
09365313ef
merge upstream v2.22.2
2025-08-11 12:45:33 -07:00
Josh Brown
f39c1141d8
Revert "Merge pull request #257 from microsoft/jb1/reapply-22.1-tmp"
...
This reverts commit 6d496ee073866977b6c5
2025-08-11 12:45:01 -07:00
github-actions[bot]
fd82aeb1f8
Release preparation for version 2.22.3
2025-08-04 15:47:57 +00:00
Geoffrey White
199f2473e5
Merge pull request #20024 from geoffw0/moresensitive2
...
Shared: Improve sensitive data heuristics
2025-07-23 15:38:24 +01:00
github-actions[bot]
26296c44d3
Release preparation for version 2.22.2
2025-07-23 09:32:53 +00:00
Nick Rolfe
12ebf717eb
Revert "Release preparation for version 2.22.2"
2025-07-23 10:09:23 +01:00
Geoffrey White
4f6b698ca3
Merge branch 'main' into moresensitive2
2025-07-23 08:50:25 +01:00
github-actions[bot]
37cc78255a
Post-release preparation for codeql-cli-2.22.2
2025-07-22 14:22:20 +00:00
github-actions[bot]
997547b8ef
Release preparation for version 2.22.2
2025-07-22 14:04:14 +00:00
Nick Rolfe
825c813095
Revert "Release preparation for version 2.22.2"
2025-07-22 14:33:45 +01:00
github-actions[bot]
c8632b70b7
Release preparation for version 2.22.2
2025-07-21 16:45:45 +00:00
Nick Rolfe
ad9b637bec
Revert "Merge pull request #19994 from github/post-release-prep/codeql-cli-2.22.2"
...
This reverts commit e5b4a15e3533e63109bb
2025-07-21 15:18:59 +01:00
Nora Dimitrijević
4342b2b799
[DIFF-INFORMED] Swift: UnsafeWebViewFetch
...
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql#L24
2025-07-17 14:59:09 +02:00
Nora Dimitrijević
b1e723991e
[DIFF-INFORMED] Swift: InsecureTLS
...
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/swift/ql/src/queries/Security/CWE-757/InsecureTLS.ql#L18
2025-07-17 14:59:07 +02:00
Nora Dimitrijević
6dea73b081
[DIFF-INFORMED] Swift: CleartextStoragePreferences
...
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql#L32
2025-07-17 14:59:05 +02:00
Nora Dimitrijević
cd3fa64ee3
[DIFF-INFORMED] Swift: CleartextStorageDatabase
...
https://github.com/d10c/codeql/blob/d10c/diff-informed-phase-3/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql#L33
2025-07-17 14:59:03 +02:00
Geoffrey White
30c6082b5d
Sync identical files.
2025-07-14 11:45:34 +01:00
Jeroen Ketema
c582a9ccd6
Remove duplicate copies of SensitiveDataHeuristics
2025-07-14 11:38:52 +02:00
Jeroen Ketema
8b828cecf1
Use shared SensitiveDataHeuristics
2025-07-14 11:38:47 +02:00
Geoffrey White
8f6f9f4359
Add change notes.
2025-07-11 11:54:59 +01:00
Josh Brown
4c5945f4aa
Manual merge
2025-07-10 15:08:14 -07:00
Josh Brown
5fb45c89e9
Revert "Merge pull request #251 from microsoft/jb1/upstream-zipslip"
...
This reverts commit 4dfa5d28588cd58aa6e8
2025-07-10 14:57:38 -07:00
Geoffrey White
123458fd21
Sync identical files.
2025-07-10 18:10:24 +01:00
github-actions[bot]
24a0ac1223
Post-release preparation for codeql-cli-2.22.2
2025-07-07 18:15:04 +00:00
github-actions[bot]
f12daefabe
Release preparation for version 2.22.2
2025-07-07 14:00:26 +00:00
Josh Brown
4122283ec8
Manual merge
2025-07-01 16:10:55 -07:00
Paolo Tranquilli
de72e68d2c
Merge branch 'main' into redsun82/codegen-new-parent-child
2025-06-26 12:14:53 +02:00
Paolo Tranquilli
355fd85c23
Codegen: remove unneeded has|getNumberOf in instance tests
2025-06-25 12:02:13 +02:00
Paolo Tranquilli
6bbf1e3bc1
Codegen: use one generated test file per directory
...
This collapses all generated test QL sources into a single one per
directory, using query predicates to run the different tests.
This should improve the time required to run generated tests.
2025-06-25 11:44:54 +02:00
Paolo Tranquilli
1dcd60527c
Codegen: improve implementation of generated parent/child relationship
...
This improves the implementation of the generated parent/child
relationship by adding a new `all_children` field to `ql.Class` which
lists all children (both direct and inherited) of a class, carefully
avoiding duplicating children in case of diamond inheritance. This:
* simplifies the generated code,
* avoid children ambiguities in case of diamond inheritance.
This only comes with some changes in the order of children in the
generated tests (we were previously sorting bases alphabetically there).
For the rest this should be a non-functional change.
2025-06-24 17:26:24 +02:00
Nora Dimitrijević
c4a385fa6a
Merge pull request #19817 from d10c/d10c/convert-tests-to-qlref
...
Convert remaining `{go,swift,ruby}-code-scanning.qls` query tests to `.qlref`
2025-06-24 16:31:13 +02:00
Nora Dimitrijević
35a48e7f41
Swift: convert XXE test to .qlref
2025-06-24 14:58:16 +02:00
Nora Dimitrijević
aa3e0116c1
Swift: convert PathInjection test to .qlref
2025-06-24 14:58:12 +02:00
Nora Dimitrijević
895a8fcb0f
Swift: convert CleartextLogging test to .qlref
2025-06-24 14:58:08 +02:00
Nora Dimitrijević
7615ec7a24
Swift: convert PredicateInjection test to .qlref
2025-06-24 14:58:03 +02:00
github-actions[bot]
6972c7a872
Post-release preparation for codeql-cli-2.22.1
2025-06-24 12:55:14 +00:00
github-actions[bot]
3e074b2425
Release preparation for version 2.22.1
2025-06-24 08:55:31 +00:00
Nora Dimitrijević
687e8d21a1
Merge pull request #19761 from d10c/d10c/swift/diff-informed-2
...
Swift: mass-enable diff-informed queries phase 2 - `getASelected{Source,Sink}Location() { none() }`
2025-06-19 10:54:49 +02:00
Tamas Vajk
e6a9ff08a3
Adjust query-suite integration test expected files
2025-06-18 13:10:34 +02:00
Tamas Vajk
40274dcd69
Add code-quality-extended query suites
2025-06-18 13:10:34 +02:00
Nora Dimitrijević
67bccc3d05
Swift: mass-add none() location overrides
2025-06-17 17:03:25 +02:00
Nora Dimitrijević
781f78813f
Merge pull request #19662 from d10c/d10c/swift/diff-informed
...
Swift: mass enable diff-informed data flow
2025-06-17 14:53:15 +02:00
Owen Mansel-Chan
538a5af1d1
Merge pull request #19738 from owen-mc/pr/felickz/19530
...
Set CWE-134 from 9.3 to 7.3 CVSS score for memory safe languages (#2 )
2025-06-12 10:27:28 +01:00
Chad Bentz
0135cf661f
Attempt to edit swift change notes for CI failure
2025-06-11 21:49:26 +01:00
dilanbhalla
7bfefefbf7
Merge tag 'codeql-cli/latest' into auto/sync-main-pr
...
Compatible with the latest released version of the CodeQL CLI
2025-06-11 17:00:14 +00:00
Nora Dimitrijević
2078a34763
Disable diff-informed on InsecureTLSQuery due to DIFF-INFORMED test failures
2025-06-11 18:36:32 +02:00
Nora Dimitrijević
afec8b3153
Swift: mass enable diff-informed data flow
...
An auto-generated patch that enables diff-informed data flow in the obvious cases.
Builds on https://github.com/github/codeql/pull/18343 and https://github.com/github/codeql-patch/pull/88
2025-06-11 18:34:33 +02:00
github-actions[bot]
21463a9653
Post-release preparation for codeql-cli-2.22.0
2025-06-09 18:50:20 +00:00
github-actions[bot]
88ba02edf8
Release preparation for version 2.22.0
2025-06-09 18:14:51 +00:00
