hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 14:04:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,731 Commits 1,740 Branches 165 Tags
628f85aebcf23ee9a7a944c8ca8d00aefc00b8eb
Commit Graph

86731 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Taus
fa8e4f7314 Python: Port DocStrings.ql 2026-03-20 13:28:45 +00:00
Taus
c04b615a07 Python: Extend DuckTyping module 
Adds `overridesMethod` and `isPropertyAccessor`.
 2026-03-20 13:28:45 +00:00
Taus
283231bdbc Python: Port ShouldBeContextManager.ql 
Only trivial test changes.
 2026-03-20 13:28:45 +00:00
Taus
025a7d0cca Python: Port UselessClass.ql 
No test changes.
 2026-03-20 13:28:45 +00:00
Taus
8cfdea2001 Python: Port PropertyInOldStyleClass.ql 
Only trivial test changes.
 2026-03-20 13:28:45 +00:00
Taus
e860d706c9 Python: Port SuperInOldStyleClass.ql 2026-03-20 13:28:45 +00:00
Taus
3d20050c0a Python: Port SlotsInOldStyleClass.ql 
Only trivial test changes.
 2026-03-20 13:28:45 +00:00
Taus
b57e92164c Python: Add declares/getAttribute API 
These could arguably be moved to `Class` itself, but for now I'm
choosing to limit the changes to the `DuckTyping` module (until we
decide on a proper API).
 2026-03-20 13:28:45 +00:00
Taus
cd92162920 Python: Add DuckTyping::isNewStyle 
Approximates the behaviour of `Types::isNewStyle` but without depending
on points-to
 2026-03-20 13:28:45 +00:00
Taus
33ed6034f6 Python: Introduce DuckTyping module 
This module (which for convenience currently resides inside
`DataFlowDispatch`, but this may change later) contains convenience
predicates for bridging the gap between the data-flow layer and the old
points-to analysis.
 2026-03-20 13:28:44 +00:00
Taus
1dcc76996d Python: Port py/print-during-import 
Uses a (perhaps) slightly coarser approximation of what modules are
imported, but it's probably fine.
 2026-03-20 13:28:44 +00:00
Taus
f4841e1f39 Python: Use API graphs instead of points-to for simple built-ins 
Also extends the list of known built-ins slightly, to add some that were
missing.
 2026-03-20 13:28:44 +00:00
Simon Friis Vindum
f6c81ff30a Merge pull request #21512 from paldepind/cpp/extraction-information 
C++: Add `cpp/extraction-information` query
 2026-03-20 14:12:59 +01:00
Tom Hvitved
4b364639a2 Ruby: Fix join orders following DB stats removal 2026-03-20 13:13:38 +01:00
Owen Mansel-Chan
bde9378cee Update MaD barrier guard test output 2026-03-20 11:10:08 +00:00
Owen Mansel-Chan
769b3a6aae Instantiate flow barrier guards from MaD 2026-03-20 11:08:53 +00:00
Owen Mansel-Chan
7d65baccb2 Add FlowBarrierGuard to FlowBarrier.qll 2026-03-20 11:08:33 +00:00
Owen Mansel-Chan
77cb35380c Add MaD barrier guard model to make test pass 2026-03-20 11:06:41 +00:00
Owen Mansel-Chan
c5457d3e30 Add (failing) test for MaD barrier guard 2026-03-20 11:06:39 +00:00
Owen Mansel-Chan
2f0d3288ce Misc: fix typos in QLDocs 2026-03-20 11:06:38 +00:00
Owen Mansel-Chan
93c656065d Add test for MaD barriers 2026-03-20 11:06:36 +00:00
Owen Mansel-Chan
e86ce8feed Instantiate flow barriers from MaD 2026-03-20 11:06:35 +00:00
Owen Mansel-Chan
d3177b9e82 Add FlowBarrier.qll 2026-03-20 11:06:33 +00:00
Owen Mansel-Chan
f4550544ce Shared: Add barrierElement in FlowSummaryImpl.qll 2026-03-20 11:06:32 +00:00
Owen Mansel-Chan
f9521e9e88 Update interpretModelForTest 2026-03-20 11:06:30 +00:00
Owen Mansel-Chan
f342bae962 Update empty.model.yml 2026-03-20 11:06:29 +00:00
Owen Mansel-Chan
bceab0b44e Add extensible predicates 2026-03-20 11:06:26 +00:00
Jeroen Ketema
02f8984aff Merge pull request #21522 from jketema/swift-linux-test 
Swift: Fix typo
 2026-03-20 12:04:27 +01:00
Jeroen Ketema
b63e34d467 Swift: Fix typo 2026-03-20 11:34:19 +01:00
Óscar San José
ec726f5941 Merge pull request #21486 from github/post-release-prep/codeql-cli-2.25.0 
Post-release preparation for codeql-cli-2.25.0
 2026-03-20 11:23:20 +01:00
Geoffrey White
208ae7aa01 Merge pull request #21514 from geoffw0/suspicioussizeof 
C++: Fix an issue with cpp/suspicious-add-sizeof in BMN databases
 2026-03-20 09:41:39 +00:00
Geoffrey White
be746b775b Merge pull request #21493 from MarkLee131/fix/format-string-fp-in-printf-impl 
C++: exclude printf implementation internals from uncontrolled format string sinks
 2026-03-20 09:21:48 +00:00
Simon Friis Vindum
bc518c08c7 C++: Fix grammar in comment 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-20 09:19:59 +01:00
Paolo Tranquilli
06ea72ccc7 Merge pull request #21517 from github/dependabot/bazel/bazel_skylib-1.9.0 
Bump bazel_skylib from 1.8.1 to 1.9.0
 2026-03-20 09:18:44 +01:00
Paolo Tranquilli
57086f60b9 Merge pull request #21518 from github/dependabot/bazel/rules_java-9.6.1 
Bump rules_java from 9.0.3 to 9.6.1
 2026-03-20 09:18:16 +01:00
Kaixuan Li
6452cc549f Merge branch 'github:main' into fix/format-string-fp-in-printf-impl 2026-03-20 10:15:56 +08:00
Kaixuan Li
f59bacab30 Merge pull request #1 from geoffw0/changenote 
C++: Change note.
 2026-03-20 10:14:24 +08:00
Jeongsoo Lee
356905ba36 Merge branch 'jeongsoolee09/add-getIndirectionIndex' of github.com:github/codeql into jeongsoolee09/add-getIndirectionIndex 2026-03-19 15:51:37 -07:00
Jeongsoo Lee
dc291ffad7 Address code review 2026-03-19 15:51:00 -07:00
Jeongsoo Lee
d191d09c55 Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2026-03-19 15:48:47 -07:00
Geoffrey White
9c6276ef48 C++: Change note. 2026-03-19 16:24:35 +00:00
Tom Hvitved
21f2c81f24 Merge pull request #21509 from hvitved/ci/remove-compile-queries 
CI: Remove `compile-queries.yml`
 2026-03-19 17:21:09 +01:00
Óscar San José
d30aab47ea Merge branch 'main' into post-release-prep/codeql-cli-2.25.0 2026-03-19 16:57:20 +01:00
dependabot[bot]
fef758998c Bump rules_java from 9.0.3 to 9.6.1 
Bumps [rules_java](https://github.com/bazelbuild/rules_java) from 9.0.3 to 9.6.1.
- [Release notes](https://github.com/bazelbuild/rules_java/releases)
- [Commits](https://github.com/bazelbuild/rules_java/compare/9.0.3...9.6.1)

---
updated-dependencies:
- dependency-name: rules_java
  dependency-version: 9.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-19 15:48:18 +00:00
dependabot[bot]
b9592fef2d Bump bazel_skylib from 1.8.1 to 1.9.0 
Bumps [bazel_skylib](https://github.com/bazelbuild/bazel-skylib) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/bazelbuild/bazel-skylib/releases)
- [Changelog](https://github.com/bazelbuild/bazel-skylib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bazelbuild/bazel-skylib/compare/1.8.1...1.9.0)

---
updated-dependencies:
- dependency-name: bazel_skylib
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-19 15:48:11 +00:00
Paolo Tranquilli
7a33e2f539 Merge pull request #21508 from github/dependabot/bazel/rules_pkg-1.2.0 
Bump rules_pkg from 1.0.1 to 1.2.0
 2026-03-19 16:27:45 +01:00
Paolo Tranquilli
34101b5ca0 Merge pull request #21448 from github/redsun82/update-rules-rust 
Update `rules_rust` 0.68.1.codeql.1 → 0.69.0, drop local patch
 2026-03-19 16:16:34 +01:00
Geoffrey White
07db9cf3c4 Merge pull request #21421 from geoffw0/wrongtypeformat 
C++: Add some test cases for cpp/wrong-type-format-argument
 2026-03-19 14:25:33 +00:00
Geoffrey White
92c9a8e146 Update cpp/ql/test/query-tests/Security/CWE/CWE-468/semmle/SuspiciousAddWithSizeof/buildless.cpp 2026-03-19 13:51:03 +00:00
Geoffrey White
21cb11ea5d C++: Change note. 2026-03-19 13:29:41 +00:00