hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-05 21:47:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,811 Commits 1,777 Branches 169 Tags
284f42bb9ede056a6c9230bfbeae5f8524e53dd2
Commit Graph

14472 Commits

Author SHA1 Message Date
Owen Mansel-Chan
cd2398aeea Merge pull request #21936 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2026-06-04 12:45:21 +01:00
Sotiris Dragonas
d6892eaf0d Merge pull request #21900 from github/bazookamusic/range-analysis-bound-move-to-shared 
Bound.qll - Replace utility for range analysis duplicate across java and cs with shared file
 2026-06-04 12:45:11 +02:00
BazookaMusic
d2972cb53f Add back alias for module 2026-06-04 11:08:49 +02:00
github-actions[bot]
5576d30780 Add changed framework coverage reports 2026-06-04 01:04:50 +00:00
Owen Mansel-Chan
52f2a5825a Merge pull request #21804 from github/copilot/add-tests-for-models 
Java: Update CWE-918 model coverage for Apache HttpClient `execute` sinks
 2026-06-03 12:55:56 +01:00
BazookaMusic
f34275636c No duplicate Ssa and remove release changenot 2026-06-03 11:54:24 +02:00
BazookaMusic
0a801440b9 review comments 2026-06-03 10:48:50 +02:00
Sotiris Dragonas
019a5c01ad Merge branch 'main' into bazookamusic/range-analysis-bound-move-to-shared 2026-06-01 18:10:02 +02:00
BazookaMusic
71a363545a formatting 2026-06-01 15:24:06 +02:00
github-actions[bot]
cfb18c2477 Post-release preparation for codeql-cli-2.25.6 2026-05-29 12:04:35 +00:00
github-actions[bot]
8b6f969cdb Release preparation for version 2.25.6 2026-05-29 11:27:54 +00:00
Henry Mercer
9bc0c1b1ab Revert "Release preparation for version 2.25.6" 2026-05-29 12:13:50 +01:00
Owen Mansel-Chan
d95d99848c Build RequestBuilder more realistically 2026-05-28 11:05:40 +01:00
Owen Mansel-Chan
8937e22735 Add summary models for org.apache.http.client.methods.RequestBuilder 
Generated by GPT 5.3-codex, verified by me.
 2026-05-28 10:56:37 +01:00
Owen Mansel-Chan
37589dd8a0 Improve how org.apache.http.client.HttpClient is created in test 2026-05-28 10:30:43 +01:00
Owen Mansel-Chan
a159dc1c66 Change variable name in test 2026-05-28 10:28:14 +01:00
BazookaMusic
acb5c0e70f missed changes 2026-05-27 17:23:45 +02:00
BazookaMusic
6042adebae move identical java and cs bound.qll to shared library 2026-05-27 17:23:28 +02:00
github-actions[bot]
44a914e40f Release preparation for version 2.25.6 2026-05-25 10:23:26 +00:00
Óscar San José
996e79131e Merge branch 'main' into post-release-prep/codeql-cli-2.25.5 2026-05-22 16:32:30 +02:00
Óscar San José
c25398ea0c Merge pull request #21868 from github/copilot/bump-jackson-core-to-2150 
Bump jackson-core to 2.18.6 in ferstl-depgraph-dependencies (CVE-2025-52999)
 2026-05-21 16:18:15 +02:00
Owen Mansel-Chan
2070dafeb2 Java: add ForStmt wrapper class 2026-05-21 13:41:29 +01:00
copilot-swe-agent[bot]
0f3c9ab483 Fix remaining macOS bash 3.2 portability issues in update script (step 5) 2026-05-21 12:07:45 +00:00
copilot-swe-agent[bot]
8170c207bd Fix macOS bash 3.2 heredoc-in-$() portability issue in update script 2026-05-21 09:57:10 +00:00
copilot-swe-agent[bot]
38a2101e11 update-ferstl-depgraph-dependencies.sh: address review feedback 
- Use BUILD_REPO/DIST_REPO split so zip contains only runtime deps
  (build-lifecycle plugins, test jars, etc. stay in throwaway BUILD_REPO)
- Minimal inline stub pom.xml (no deps) instead of archetype:generate
  to avoid polluting DIST_REPO with stub project's own dependencies
- Replace grep -oP (PCRE, unavailable on macOS BSD grep) with Python re
- Use version-aware Python version_key() for max POM version selection
  (lexicographic sort fails for e.g. 2.18.10 vs 2.18.6; release > snapshot)
- Write zip to caller's working directory; keep cleanup trap active;
  remove `trap - EXIT` which was leaving WORK_DIR behind
 2026-05-21 09:41:57 +00:00
github-actions[bot]
fb04cd2212 Add changed framework coverage reports 2026-05-21 00:54:55 +00:00
Óscar San José
b9bf81e463 Merge branch 'main' into copilot/bump-jackson-core-to-2150 2026-05-20 13:09:04 +02:00
Jack Nørskov Jørgensen
aa136a3282 Add change note entry 2026-05-19 16:09:05 +02:00
Óscar San José
8b799f84ed Do not remove zip file if the process succeeds 2026-05-19 14:30:50 +02:00
copilot-swe-agent[bot]
b1615312b8 Bump jackson-core to 2.18.6 in ferstl-depgraph-dependencies (CVE-2025-52999) 
- Update 3 maven-fetches.expected files: jackson 2.14.1→2.18.6,
  jackson-parent 2.14→2.18.4, oss-parent 48→69,
  plugin version 4.0.3-CodeQL→4.0.3-CodeQL-2
- Update 2 diagnostics.expected files: plugin version reference
  4.0.3-CodeQL→4.0.3-CodeQL-2
- Add update-ferstl-depgraph-dependencies.sh auto-update script
 2026-05-19 11:52:46 +00:00
Jack Nørskov Jørgensen
3119ef6c1a Add MaDs for Apache Avro 2026-05-19 09:27:32 +02:00
github-actions[bot]
9f64000962 Post-release preparation for codeql-cli-2.25.5 2026-05-18 15:20:31 +00:00
github-actions[bot]
e38616a2ef Release preparation for version 2.25.5 2026-05-18 12:05:32 +00:00
github-actions[bot]
b0e23a73d2 Add changed framework coverage reports 2026-05-13 00:50:12 +00:00
Owen Mansel-Chan
0b808e1170 Merge pull request #21807 from owen-mc/java/improve-qhelp-unsafe-deserialization 
Shared: improve qhelp for unsafe deserialization queries
 2026-05-12 22:22:49 +01:00
Owen Mansel-Chan
ec8ff6ff68 Use all path injection sinks when generating docs 2026-05-11 09:56:02 +01:00
Owen Mansel-Chan
a5ef036465 Note that common standard library types can be vulnerable to gadget-chain attacks 2026-05-08 14:18:54 +01:00
Owen Mansel-Chan
36554d160c Merge pull request #21741 from MarkLee131/fix/path-injection-read-subkind 
Fix/path injection read subkind
 2026-05-08 12:38:16 +01:00
Anders Schack-Mulligen
81e1ab7aab Merge pull request #21808 from aschackmull/cfg/switch-pattern-eval 
Cfg: Rework CFG for switch case patterns.
 2026-05-08 12:48:44 +02:00
MarkLee131
26af52897d Merge branch 'main' into fix/path-injection-read-subkind 2026-05-07 23:48:42 +08:00
Owen Mansel-Chan
f9240e7058 Fix QL formatting 2026-05-07 15:57:33 +01:00
Anders Schack-Mulligen
6b6df374fa C#/Java: Accept test changes. 2026-05-07 15:07:31 +02:00
Anders Schack-Mulligen
072166ba88 C#/Java: Adjust Guards instantiations. 2026-05-07 13:46:52 +02:00
Anders Schack-Mulligen
48785a0a76 Cfg: Rework CFG for switch case patterns. 2026-05-07 13:07:07 +02:00
Owen Mansel-Chan
33035dbfc8 Fix yaml formatting 2026-05-07 11:06:43 +01:00
Owen Mansel-Chan
f2ea3b98d8 Do not make such a strong security claim 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-05-07 10:58:35 +01:00
Owen Mansel-Chan
427b73ec9d Clarify that deserialization that follows a schema is safe 2026-05-07 10:51:20 +01:00
Owen Mansel-Chan
7aa3fd859a Remove double spaces from qhelp 2026-05-07 10:42:50 +01:00
Owen Mansel-Chan
dc864762c3 Add change note 2026-05-07 10:23:50 +01:00
Owen Mansel-Chan
dd35bc0722 Update test output 2026-05-07 10:17:47 +01:00