Commit Graph

88433 Commits

Author SHA1 Message Date
Sotiris Dragonas
2bee6b845c Merge branch 'bazookamusic/python-prompt-injection' of https://github.com/github/codeql into bazookamusic/python-prompt-injection 2026-07-02 16:12:33 +02:00
Sotiris Dragonas
49e0d6d791 Delete summary 2026-07-02 16:00:15 +02:00
Sotiris Dragonas
2eb2d623a6 Add proper coverage of tools 2026-07-02 15:59:39 +02:00
Sotiris Dragonas
27d2a2b16e Fix google genai models 2026-07-02 15:42:18 +02:00
Sotiris Dragonas
4c965e72e5 Merge branch 'main' into bazookamusic/python-prompt-injection 2026-07-02 15:04:51 +03:00
Mathias Vorreiter Pedersen
4f4cdf434b Merge pull request #22061 from MathiasVP/mad-write-through-model
Shared: Support flow summaries from `ReturnValue`s
2026-07-02 12:38:44 +01:00
Tom Hvitved
797f58b5d5 Merge pull request #22052 from hvitved/rust/type-constraint-base-type-match-gen
Type inference: Generalize `typeConstraintBaseTypeMatch`
2026-07-02 11:57:28 +02:00
Geoffrey White
9aaf3f15eb Merge pull request #22105 from geoffw0/rubyinline3
Ruby: Address testFailures in inline expectations tests (part 3)
2026-07-02 08:29:39 +01:00
Tom Hvitved
6c3c5ea8af Merge pull request #22101 from hvitved/python/flow-summaries-improvements
Python: Improve some flow summaries
2026-07-01 19:36:13 +02:00
Geoffrey White
226efb3ad7 Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-07-01 16:52:38 +01:00
Geoffrey White
73ec4b8d02 Ruby: Fix one last inline expectations testFailure. 2026-07-01 16:44:12 +01:00
Owen Mansel-Chan
cb4a1d0929 Merge pull request #22103 from owen-mc/java/fix-mad-file-names
Java: Fix misnamed MaD models files
2026-07-01 14:04:44 +01:00
Jeroen Ketema
d664d17a11 Merge pull request #22087 from jketema/subst
Add Windows integration tests showing that `subst` is handled inconsistently
2026-07-01 14:48:22 +02:00
Owen Mansel-Chan
7263c00b00 Fix misnamed MaD models files 2026-07-01 13:13:01 +01:00
Geoffrey White
e9766086cd Merge pull request #22079 from geoffw0/kotlininline
Kotlin: Address inline expectations testFailures.
2026-07-01 12:39:11 +01:00
Jeroen Ketema
d551ab3afb Fix expected file 2026-07-01 13:24:05 +02:00
Tom Hvitved
2bf6031c0f Python: Update inline test expectations 2026-07-01 13:10:41 +02:00
Jeroen Ketema
daf97f7139 Add Windows integration tests showing that subst is handled inconsistently 2026-07-01 12:51:05 +02:00
Tom Hvitved
a5444b573a Python: Improve some flow summaries 2026-07-01 12:05:53 +02:00
Mathias Vorreiter Pedersen
3410f39b3c Merge pull request #22089 from MathiasVP/remove-mad-support-for-variables
C++: Remove support for global variables as sources and sinks in MaD
2026-07-01 10:31:59 +01:00
Owen Mansel-Chan
cf51664d69 Merge pull request #22099 from github/workflow/coverage/update
Update CSV framework coverage reports
2026-07-01 10:03:46 +01:00
github-actions[bot]
3cbb8ba87e Add changed framework coverage reports 2026-07-01 00:58:10 +00:00
Asger F
11e75c12a8 Merge pull request #22090 from asgerf/unified/inline-test-expectations
unified: Add inline expectation test library
2026-06-30 19:55:15 +02:00
Mathias Vorreiter Pedersen
dbbcc1741c C++: Delete now-unsupported MaD rows. 2026-06-30 17:48:31 +01:00
Mathias Vorreiter Pedersen
f37b3e77ff Merge branch 'main' into remove-mad-support-for-variables 2026-06-30 17:38:37 +01:00
Mathias Vorreiter Pedersen
b7b731bab7 Merge branch 'main' into mad-write-through-model 2026-06-30 15:12:02 +01:00
Mathias Vorreiter Pedersen
c045da01a1 Merge pull request #22088 from MathiasVP/cpp-support-fully-qualified-field-names-in-mad
C++: Support fully qualified field names in MaD
2026-06-30 15:02:16 +01:00
Asger F
a9617f18a1 Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-06-30 15:48:15 +02:00
Asger F
8a46f03308 Merge pull request #22083 from asgerf/unified/suites
Unified: add default_queries and standard qls files and a dummy query
2026-06-30 15:37:53 +02:00
Asger F
fc94d1c035 unified: Add a dummy query
This is just to test DCA
2026-06-30 15:26:22 +02:00
Michael Nebel
a93501a1eb Merge pull request #22033 from michaelnebel/csharp/usefeedmanager
C#: Use the feed manager in the `NugetExeWrapper`.
2026-06-30 15:03:25 +02:00
Mathias Vorreiter Pedersen
06f54d1bbb C++: Add a TODO comment to remove support for unqualified field names. 2026-06-30 13:55:26 +01:00
Mathias Vorreiter Pedersen
396bea6e6a Update cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowSummaryImpl.qll
Co-authored-by: Tom Hvitved <hvitved@github.com>
2026-06-30 13:44:14 +01:00
Asger F
a43c5cee61 unified: Add inline expectation test library 2026-06-30 14:29:04 +02:00
Mathias Vorreiter Pedersen
0e05ea5153 C++: Remove whitespace. 2026-06-30 12:41:29 +01:00
Mathias Vorreiter Pedersen
8657c8b26e C++: Add change note. 2026-06-30 12:39:34 +01:00
Mathias Vorreiter Pedersen
449a3ac870 C++: Delete tests which are no longer relevant. 2026-06-30 12:39:31 +01:00
Mathias Vorreiter Pedersen
fc954c3e1a C++: Remove support for marking variables as sources and sinks in MaD. 2026-06-30 12:30:40 +01:00
Mathias Vorreiter Pedersen
81ed5c59d7 C++: Add change note. 2026-06-30 11:54:58 +01:00
Asger F
8d564d31e6 unified: Add default_queries 2026-06-30 12:34:45 +02:00
Asger F
cbcf85a953 unified: Add standard query suites
The suites include 'Unified' in their name. It sounds a bit off but
it might cause confusion if we don't include some kind of language name
in there.
2026-06-30 12:34:43 +02:00
Geoffrey White
c0871defe9 Merge pull request #22077 from geoffw0/javainline
Java: Address testFailures in inline expectations tests
2026-06-30 10:49:24 +01:00
Asger F
be39051c29 Merge pull request #22086 from asgerf/asgerf-unified-corpus-test-split
Unified: Split up corpus tests and their generated outputs
2026-06-30 11:49:10 +02:00
Owen Mansel-Chan
8447b76c12 Merge pull request #22006 from owen-mc/go/more-slog-models
Go: more models for `log.slog`
2026-06-30 10:39:48 +01:00
Owen Mansel-Chan
3d8991a4db Update change note 2026-06-30 09:35:23 +01:00
Owen Mansel-Chan
4a7afb7aeb Add data flow consistency test output 2026-06-30 09:35:19 +01:00
Tom Hvitved
37d2224b9d Merge pull request #22082 from hvitved/shared/final-tree-sitter-classes
Shared: Generate `final` tree-sitter classes
2026-06-30 09:09:42 +02:00
Owen Mansel-Chan
0a737c97f3 Expand log.slog models and add more tests 2026-06-30 08:01:06 +01:00
Asger F
28f0be5c67 Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-06-30 07:17:23 +02:00
Geoffrey White
f353a17431 Merge pull request #22081 from geoffw0/rubyinline2
Ruby: Address testFailures in inline expectations tests (part 2)
2026-06-29 19:37:28 +01:00