hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 12:48:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,698 Commits 1,723 Branches 164 Tags
59eec7ffa2ec135cd91347e8868eaeb65ef1c45f
Commit Graph

14064 Commits

Author SHA1 Message Date
Óscar San José
59eec7ffa2 Merge branch 'main' of https://github.com/github/codeql into post-release-prep/codeql-cli-2.25.1 2026-03-30 10:51:12 +02:00
github-actions[bot]
ce6e6d5db3 Post-release preparation for codeql-cli-2.25.1 2026-03-30 08:43:48 +00:00
Owen Mansel-Chan
a8b52acaa9 Merge pull request #21585 from github/copilot/convert-models-to-yml 
C++: Convert remaining CSV models to .model.yml and remove CSV model infrastructure
 2026-03-27 20:48:34 +00:00
Owen Mansel-Chan
c07a814515 Add comments to converted MaD file 2026-03-27 11:23:33 +00:00
Owen Mansel-Chan
7e1ad825c3 Fix model row with misaligned columns 
The original CSV had too many columns, and copilot cut off the last one, before adding the provenance column at the end.
 2026-03-27 11:17:15 +00:00
Owen Mansel-Chan
f897575d3f Update change note 2026-03-27 10:11:13 +00:00
Mathias Vorreiter Pedersen
56153d583e C++: Switch to doublyBoundedFastTC when computing virtual dispatch edges and inline pairCand to avoid a giant tuple explosion. 2026-03-26 17:31:18 +00:00
Owen Mansel-Chan
8a99ef4531 Update csv model tests to use MaD 2026-03-26 16:44:58 +00:00
Owen Mansel-Chan
21ecf230ce Small tweaks 2026-03-26 16:39:10 +00:00
Owen Mansel-Chan
de4fe6d25c Use inline expectations for query test 2026-03-26 15:27:17 +00:00
copilot-swe-agent[bot]
d69bcca687 Remove CSV model infrastructure from ExternalFlow.qll 
Remove SourceModelCsv, SinkModelCsv, SummaryModelCsv classes,
single-argument CSV predicates, CSV parsing in MadInput, and
CSV-specific validation checks. Simplify MadInput to only contain
the namespace separator. Convert test models to .ext.yml format.

Agent-Logs-Url: https://github.com/github/codeql/sessions/89ff81fe-5585-446d-99e2-6fe6966495c5

Co-authored-by: owen-mc <62447351+owen-mc@users.noreply.github.com>
 2026-03-26 15:07:39 +00:00
Owen Mansel-Chan
64a52ba07f Update test that uses zmq models 2026-03-26 14:53:33 +00:00
Owen Mansel-Chan
6769f08f93 Remove blank line at end of file 2026-03-26 14:10:15 +00:00
copilot-swe-agent[bot]
a6377145ac Convert C++ CSV models from QL files to .model.yml data extensions 
Migrate ZeroMQ models from ZMQ.qll and getc-family source models
from Gets.qll into new .model.yml files in the ext/ directory.

Agent-Logs-Url: https://github.com/github/codeql/sessions/da8f5e5b-35f7-47a4-afa0-750616e3df5b

Co-authored-by: owen-mc <62447351+owen-mc@users.noreply.github.com>
 2026-03-26 12:38:19 +00:00
github-actions[bot]
fb011842c9 Release preparation for version 2.25.1 2026-03-25 23:43:06 +00:00
github-actions[bot]
8cf0954796 Release preparation for version 2.25.1 2026-03-25 08:28:30 +00:00
Simon Friis Vindum
0ed037d667 Merge pull request #21544 from paldepind/cpp/extraction-information-expr-types 
C++: Add expressions with type data to `cpp/extraction-information`
 2026-03-24 17:16:47 +01:00
Simon Friis Vindum
8cb5380d84 C++: Remove unused find predicate 2026-03-24 15:54:46 +01:00
Taus
2e76f3471a C++: Fix bad join in callsVariadicFormatter 
On `wireshark` this reduces the intermediate tuple count from roughly 88
million tuples to roughly 3000 (with the new helper predicate
materialising ~300 tuples).
 2026-03-23 23:17:22 +00:00
Mathias Vorreiter Pedersen
8cebf510dc C++: Reword the change note from #21458. 2026-03-23 13:45:46 +00:00
Mathias Vorreiter Pedersen
b5723bd75d Merge branch 'main' into more-public-dataflow-apis 2026-03-23 13:43:01 +00:00
Mathias Vorreiter Pedersen
fef314e27f C++: Add change note. 2026-03-23 13:39:15 +00:00
Mathias Vorreiter Pedersen
1363c54a9f C++: Add 'asIndirectInstruction' as a public predicate. 2026-03-23 13:28:33 +00:00
Mathias Vorreiter Pedersen
09caeca7e9 C++: Move parameter indirection nodes into the public API. 2026-03-23 13:27:20 +00:00
Simon Friis Vindum
c67122b3f1 C++: Add expressions with type data to cpp/extraction-information 2026-03-23 12:14:11 +01:00
Jeroen Ketema
ee00b98476 Update cpp/ql/lib/change-notes/2026-03-20-add-indirect-uninitialized-node.md 2026-03-23 10:44:21 +01:00
Jeongsoo Lee
d4fef1c68e Merge branch 'main' into jeongsoolee09/add-getIndirectionIndex 2026-03-20 10:01:05 -07:00
Jeongsoo Lee
d2fcced5ad Add a feature change note 2026-03-20 09:59:12 -07:00
Simon Friis Vindum
f6c81ff30a Merge pull request #21512 from paldepind/cpp/extraction-information 
C++: Add `cpp/extraction-information` query
 2026-03-20 14:12:59 +01:00
Óscar San José
ec726f5941 Merge pull request #21486 from github/post-release-prep/codeql-cli-2.25.0 
Post-release preparation for codeql-cli-2.25.0
 2026-03-20 11:23:20 +01:00
Geoffrey White
208ae7aa01 Merge pull request #21514 from geoffw0/suspicioussizeof 
C++: Fix an issue with cpp/suspicious-add-sizeof in BMN databases
 2026-03-20 09:41:39 +00:00
Simon Friis Vindum
bc518c08c7 C++: Fix grammar in comment 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-20 09:19:59 +01:00
Kaixuan Li
6452cc549f Merge branch 'github:main' into fix/format-string-fp-in-printf-impl 2026-03-20 10:15:56 +08:00
Jeongsoo Lee
356905ba36 Merge branch 'jeongsoolee09/add-getIndirectionIndex' of github.com:github/codeql into jeongsoolee09/add-getIndirectionIndex 2026-03-19 15:51:37 -07:00
Jeongsoo Lee
dc291ffad7 Address code review 2026-03-19 15:51:00 -07:00
Jeongsoo Lee
d191d09c55 Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2026-03-19 15:48:47 -07:00
Geoffrey White
9c6276ef48 C++: Change note. 2026-03-19 16:24:35 +00:00
Óscar San José
d30aab47ea Merge branch 'main' into post-release-prep/codeql-cli-2.25.0 2026-03-19 16:57:20 +01:00
Geoffrey White
07db9cf3c4 Merge pull request #21421 from geoffw0/wrongtypeformat 
C++: Add some test cases for cpp/wrong-type-format-argument
 2026-03-19 14:25:33 +00:00
Geoffrey White
92c9a8e146 Update cpp/ql/test/query-tests/Security/CWE/CWE-468/semmle/SuspiciousAddWithSizeof/buildless.cpp 2026-03-19 13:51:03 +00:00
Geoffrey White
21cb11ea5d C++: Change note. 2026-03-19 13:29:41 +00:00
Simon Friis Vindum
4c525ce7ab C++: Add cpp/extraction-information query 2026-03-19 14:29:31 +01:00
Geoffrey White
0f794b57ed C++: Fix the issue. 2026-03-19 13:16:16 +00:00
Geoffrey White
2e987f8d78 C++: Add test cases emulating cpp/suspicious-add-sizeof in buildless mode. 2026-03-19 13:00:58 +00:00
Óscar San José
2139b97628 Merge branch 'main' into post-release-prep/codeql-cli-2.25.0 2026-03-19 13:07:00 +01:00
Kaixuan Li
1ddf81c58c Merge branch 'main' into fix/format-string-fp-in-printf-impl 2026-03-19 14:36:50 +08:00
Kaixuan Li
c155394f25 the [] syntax directly 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2026-03-19 14:36:28 +08:00
Kaixuan Li
2c76e6e637 use American spellings in documentation 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-03-19 14:35:45 +08:00
Owen Mansel-Chan
5b17d8cf76 Merge pull request #21472 from owen-mc/adjust-severity/xss-log-injection 
Adjust `@security-severity` metadata for XSS and log injection queries
 2026-03-18 16:51:14 +00:00
Geoffrey White
34f405f465 C++: Update test annotations. 2026-03-18 13:13:22 +00:00