hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,503 Commits 1,671 Branches 157 Tags
3cf1a16a13f115f5fcbcfb014c4c16d767f95bb4
Commit Graph

82503 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Simon Friis Vindum
3cf1a16a13 Cargo: upgrade dependencies 2025-09-12 15:45:37 +02:00
Simon Friis Vindum
f48b643375 Bazel: regenerate vendored cargo dependencies 2025-09-12 15:38:18 +02:00
Simon Friis Vindum
50b3571124 Cargo: Revert changes to the Ruby extractors Cargo file 2025-09-11 11:35:33 +02:00
Simon Friis Vindum
61eea66c51 Bazel: regenerate vendored cargo dependencies 2025-09-11 11:35:15 +02:00
Simon Friis Vindum
55d022f6eb Cargo: upgrade dependencies 2025-09-11 10:47:26 +02:00
Mathias Vorreiter Pedersen
4227dd7d73 Merge pull request #20400 from MathiasVP/cleanup-incorrect-scanf-query 
C++: Cleanup `ScanfChecks.qll`
 2025-09-10 16:31:49 +01:00
Mathias Vorreiter Pedersen
edec76ae10 Merge pull request #20370 from MathiasVP/source-bounded-fast-tc-in-typetracking 
Shared: Use `sourceBoundedFastTC` in TypeTracking
 2025-09-10 13:04:49 +01:00
Asger F
d39263dcac Merge pull request #20317 from asgerf/js/xunit 
JS: Avoid overriding Expr predicates in xUnit.qll
 2025-09-10 13:41:21 +02:00
Mathias Vorreiter Pedersen
72d7223fd0 C++: Small drive by cleanup. Delete unnecessary nested 'exists'. 2025-09-10 12:35:59 +01:00
Mathias Vorreiter Pedersen
d097946e1f C++: No need for this additional case. 2025-09-10 12:35:24 +01:00
Mathias Vorreiter Pedersen
5a9b562f19 Merge branch 'main' into source-bounded-fast-tc-in-typetracking 2025-09-10 12:14:01 +01:00
Mathias Vorreiter Pedersen
f8bdf924db Shared: Make 'standardFlowsTo' private. 2025-09-10 11:26:36 +01:00
Mathias Vorreiter Pedersen
b7bc94b987 Update shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2025-09-10 11:21:25 +01:00
Michael Nebel
046d0d4938 Merge pull request #20396 from michaelnebel/csharp/improveintegrationteststability 
C#: Increase attempts to reach nuget.org in integration tests to reduce flakiness.
 2025-09-10 12:19:49 +02:00
Michael Nebel
e5ba1c7a84 Merge pull request #20352 from michaelnebel/csharp/dotnet908 
C#: Update to .NET SDK 9.0.300 and .NET Runtime 9.0.5.
 2025-09-10 12:09:35 +02:00
Idriss Riouak
b89b68dfdb Merge pull request #20339 from github/idrissrio/scoped-values 
Java: Add MaDs for `java.lang.ScopedValue`
 2025-09-10 11:21:34 +02:00
Idriss Riouak
166c77d776 Merge pull request #20345 from github/idrissrio/java-kdf 
Java: Add MaDs for `java.crypto.KDF`
 2025-09-10 11:21:19 +02:00
Asger F
09edc29979 Merge pull request #20322 from asgerf/js/react-no-override 
JS: Do not override AST methods in React model
 2025-09-10 10:42:59 +02:00
Michael Nebel
fbc4f0b84f C#: Increase attempts to reach nuget.org in integration tests to reduce flakiness. 2025-09-10 09:03:11 +02:00
Asger F
d575d3c9e4 Merge pull request #20374 from asgerf/js/typescript-5.9 
JS: Support TypeScript 5.9 and support 'import defer' syntax
 2025-09-09 20:50:04 +02:00
Jeroen Ketema
174f89fbcb Merge pull request #20384 from jketema/swift-6.1.3 
Swift: Update to Swift 6.1.3
 2025-09-09 17:06:12 +02:00
Tom Hvitved
125cc91ba6 Merge pull request #20358 from hvitved/shared/type-inference-generalize 
Shared: Make some generalizations in type inference library
 2025-09-09 16:08:30 +02:00
Tom Hvitved
e3e1bcd63f Rename Environment -> AccessEnvironment 2025-09-09 15:06:56 +02:00
Tom Hvitved
2e90499df4 Rename State -> Environment 2025-09-09 15:05:58 +02:00
Tom Hvitved
a1980ee23c Shared: Make some generalizations in type inference library 2025-09-09 15:05:56 +02:00
Simon Friis Vindum
b34fa7abc0 Merge pull request #20393 from paldepind/rust/impl-to-string 
Rust: Improve `toString` for `impl`
 2025-09-09 14:16:01 +02:00
Simon Friis Vindum
f7c74664fa Rust: Improve a few toString implementations 2025-09-09 13:46:51 +02:00
Mathias Vorreiter Pedersen
417e79c3c0 Merge pull request #20382 from MathiasVP/simplify-ssl-result-not-checked 
C++: Simplify `cpp/certificate-not-checked`
 2025-09-09 12:23:39 +01:00
Mathias Vorreiter Pedersen
3aee4a88aa Shared: Cache the sourceBoundedFastTC structure instead of the resulting materialized relation. 2025-09-09 12:22:37 +01:00
Mathias Vorreiter Pedersen
fd7d216fe3 Shared: Replace explicit recursion with a HOP. 2025-09-09 12:22:36 +01:00
Michael B. Gale
4b9d102f46 Merge pull request #20389 from github/dependabot/go_modules/go/extractor/extractor-dependencies-ee4a90dc36 
Bump golang.org/x/mod from 0.27.0 to 0.28.0 in /go/extractor in the extractor-dependencies group
 2025-09-09 11:12:31 +01:00
Michael Nebel
a0f8b5829a C#: Update integration tests expected output. 2025-09-09 12:04:21 +02:00
Michael Nebel
30b93d18b7 C#: Update global.json files for most integration tests to se .NET SDK 9.0.304. 2025-09-09 12:04:19 +02:00
Paolo Tranquilli
51052c74bb Bazel: patch rules_dotnet to avoid unit test failure 2025-09-09 12:04:18 +02:00
Paolo Tranquilli
6ea6f30cc5 Bazel: fix codeql_csharp_binary 
A `publish` directory for a C# binary contains copies of some DLLs
inside localized subdirectories (e.g. `ru`). We want to ignore those, as
otherwise our packaging machinery now goes haywire, with the newer
version of `rules_csharp`. In any case we never shipped those.
 2025-09-09 12:04:16 +02:00
Michael Nebel
91f9247c2b C#: Update extractor to use .NET Runtime 9.0.5 and .NET SDK 9.0.300. 2025-09-09 12:04:15 +02:00
Jeroen Ketema
c4633c7e23 Swift: Update LFS 2025-09-09 10:12:43 +02:00
Simon Friis Vindum
aa9d299230 Merge pull request #20348 from paldepind/rust/certain-shorthand-self 
Rust: Infer certain type for shorthand `self`
 2025-09-09 09:40:18 +02:00
Asger F
d8e943ea05 Update javascript/ql/lib/semmle/javascript/frameworks/React.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-09 08:36:25 +02:00
dependabot[bot]
f104205538 Bump golang.org/x/mod 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/mod](https://github.com/golang/mod).


Updates `golang.org/x/mod` from 0.27.0 to 0.28.0
- [Commits](https://github.com/golang/mod/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-09 03:08:18 +00:00
Asger F
0752dbea9b Merge pull request #20360 from asgerf/js/remove-angularjs-string-special-case 
JS: Remove special treatment of strings in AngularJS code
 2025-09-08 22:48:23 +02:00
Asger F
b5045b3407 Merge pull request #20363 from asgerf/js/remove-fallback-type 
JS: Remove unused getFallbackTypeAnnotation()
 2025-09-08 22:48:07 +02:00
Jon Janego
d51361cd35 Merge pull request #20387 from github/changedocs-2.23.0 
Changedocs 2.23.0
 2025-09-08 13:24:26 -05:00
Jon Janego
2505272af7 Changedocs for 2.23.0 - updating 2.22.4 golang note 2025-09-08 13:07:20 -05:00
Jon Janego
2d84f8a739 Changedocs for 2.23.0 2025-09-08 13:01:03 -05:00
Mathias Vorreiter Pedersen
702d6d80c4 Update cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-08 16:19:33 +01:00
Idriss Riouak
dc247e03e0 Merge pull request #20383 from aschackmull/java/fix-more-broken-perf 
Java: Fix more broken performance.
 2025-09-08 14:49:43 +02:00
Michael Nebel
84df8f91a9 Merge pull request #20366 from michaelnebel/csharp/improvedatabasequalitydiagnostics 
C#/Java/Rust: Improve database quality diagnostics query.
 2025-09-08 14:43:57 +02:00
Jeroen Ketema
40c8c3a526 Swift: Update to Swift 6.1.3 2025-09-08 14:42:53 +02:00
Anders Schack-Mulligen
4c1fa58367 Java: Fix more broken performance. 2025-09-08 14:12:00 +02:00