hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 14:04:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
83,357 Commits 1,740 Branches 165 Tags
66f95bcbcdd9ddfde1719396f3df424c4052bb27
Commit Graph

83357 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
66f95bcbcd Merge pull request #20603 from owen-mc/update-broken-algo-qhelp 
Many languages: Update broken algo qhelp
 2025-10-17 12:30:43 +01:00
Nora Dimitrijević
e120e5c3ba Merge pull request #20337 from d10c/d10c/python-overlay-compilation-plus-extractor 
Python: enable overlay compilation + extractor overlay support
 2025-10-16 14:49:01 +02:00
Geoffrey White
75a34a4881 Merge pull request #20631 from geoffw0/mysql 
Rust: Model mysql and mysql_async query sinks
 2025-10-16 11:42:33 +01:00
Geoffrey White
1936abaaee Merge pull request #20650 from geoffw0/mv2 
Rust: Rename stdlib model files to be consistent with others.
 2025-10-16 08:47:47 +01:00
Simon Friis Vindum
744b11e421 Merge pull request #20543 from paldepind/rust/model-actix-web 
Rust: Add models for actix-web
 2025-10-16 08:48:06 +02:00
Geoffrey White
072eca233d Rust: Update consistency check .expected. 2025-10-15 16:50:47 +01:00
Geoffrey White
f4a6efa9e0 Rust: Rename stdlib model files to be consistent with others. 2025-10-15 16:02:42 +01:00
Geoffrey White
48ca04bc40 Rust: Repair test annotations following format and accept .expected changes. 2025-10-15 15:00:28 +01:00
Geoffrey White
28c139abfb Rust: Format the test. 2025-10-15 14:42:12 +01:00
Geoffrey White
5544dfff6d Update rust/ql/test/query-tests/security/CWE-089/mysql.rs 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-10-15 14:31:10 +01:00
Jeroen Ketema
129c8bf2e0 Merge pull request #20639 from jketema/swift-trace 
Swift: Make tracer config handle resource-dirs passed to clang
 2025-10-15 13:16:15 +02:00
Joe Farebrother
f57526eedc Merge pull request #20572 from joefarebrother/java-httponly-cookie-promote 
Java: Promote Sensitive Cookie without HttpOnly query from experimental
 2025-10-15 10:28:40 +01:00
Jeroen Ketema
9fc8faa048 Swift: Address review comments 2025-10-15 10:09:13 +02:00
Napalys Klicius
7bf677d056 Merge pull request #20644 from Napalys/napalys/remove_quality_syntax_err 
JS: remove quality tag from SyntaxError query
 2025-10-15 09:45:02 +02:00
Napalys Klicius
45e8164f14 JS: remove quality tag from SyntaxError query 2025-10-15 09:07:11 +02:00
Joe Farebrother
e95e1a0386 Update integration test 2025-10-14 16:27:28 +01:00
Joe Farebrother
d8b37d0cde Review suggestions - update comments and description 2025-10-14 16:03:40 +01:00
Henry Mercer
c2309a9aca Merge pull request #20638 from github/post-release-prep/codeql-cli-2.23.3 
Post-release preparation for codeql-cli-2.23.3
 2025-10-14 13:03:22 +01:00
Jeroen Ketema
b6b3767460 Swift: Make tracer config handle resource-dirs passed to clang 2025-10-14 13:50:36 +02:00
Anders Schack-Mulligen
da0b168b2e Merge pull request #20627 from hvitved/csharp/property-descriptor-get-value-neutral 
C#: Add neutral model for `System.ComponentModel.PropertyDescriptor.GetValue`
 2025-10-14 13:31:40 +02:00
github-actions[bot]
6dd07790ac Post-release preparation for codeql-cli-2.23.3 2025-10-14 11:16:33 +00:00
Henry Mercer
aa3000df13 Merge pull request #20637 from github/henrymercer/update-expected-output 
Actions: Update `SecretExfiltration` output for typo fix
codeql-cli/v2.23.3 		2025-10-14 11:47:18 +01:00
Henry Mercer
b737bccb07 Python: Fix "be be" typos in qhelp 2025-10-14 11:33:24 +01:00
Henry Mercer
5310469d69 Actions: Update SecretExfiltration output for typo fix 2025-10-14 11:33:01 +01:00
Henry Mercer
836e3958a9 Merge pull request #20635 from github/release-prep/2.23.3 
Release preparation for version 2.23.3
 2025-10-14 11:17:48 +01:00
Henry Mercer
17352a101d Rephrase C++ BMN changelog note 2025-10-14 11:13:23 +01:00
Henry Mercer
9466279909 Prefer code quotes for BMN 2025-10-14 11:10:42 +01:00
Henry Mercer
9507ec0853 Fix "be be" typos 2025-10-14 11:09:43 +01:00
github-actions[bot]
33542f7d40 Release preparation for version 2.23.3 2025-10-14 09:30:24 +00:00
Geoffrey White
93eb7ce1af Rust: Accept test changes following suggested edit. 2025-10-13 19:28:40 +01:00
Geoffrey White
35f3fbf357 Rust: Accept consistency regressions. 2025-10-13 19:19:18 +01:00
Geoffrey White
1d7ccb6f2b Update rust/ql/lib/codeql/rust/frameworks/mysql.model.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-10-13 16:42:36 +01:00
yoff
ab78f2b724 Merge pull request #20630 from github/tausbn/python-fix-importerror-in-imp 
Python: Fix `ImportError` in `imp.py` under Python 3.14
 2025-10-13 17:31:47 +02:00
Simon Friis Vindum
d9c76f258e Rust: Add suggested model for into_inner for tuples 2025-10-13 16:22:03 +02:00
Simon Friis Vindum
9e2ee04879 Merge branch 'main' into rust/model-actix-web 2025-10-13 16:04:12 +02:00
Joe Farebrother
9cb593b020 Update tests 2025-10-13 14:51:37 +01:00
Joe Farebrother
093b04f79f Update comments 2025-10-13 14:51:30 +01:00
Joe Farebrother
696ec29dae Upgrade integration tests 2025-10-13 14:51:24 +01:00
Joe Farebrother
1c54296545 Add change note 2025-10-13 14:51:17 +01:00
Joe Farebrother
c4781146c0 Remove experimental query and tests 2025-10-13 14:51:10 +01:00
Joe Farebrother
c799f93811 Update tests and add inline expectations 2025-10-13 14:51:04 +01:00
Joe Farebrother
e1cf3d30d2 Update documentation, rename things and add more comments to explain how the implementation works, remove filter for test code (prefer to filter in code scanning ui than in query logic) 2025-10-13 14:50:57 +01:00
Joe Farebrother
54aefe0dce Copy experimental query to main 2025-10-13 14:50:51 +01:00
Taus
c4b27d5f28 Python: Fix ImportError in imp.py under Python 3.14 
It seems `_ERR_MSG` was silently removed in Python 3.14, leading to an
`ImportError` when running the extractor.

To fix this, we explicitly set `_ERR_MSG` when the existing import fails
(using `_ERR_MSG_PREFIX` which is available in Python 3.14+, along with
the bits that make up the difference between this and `_ERR_MSG`).
 2025-10-13 13:50:43 +00:00
Mathias Vorreiter Pedersen
b57243e073 Merge pull request #20579 from aschackmull/shared/rangeanalysis-joinorder 
Rangeanalysis: Fix a bad join-order in boundedPhiRankStep.
 2025-10-13 14:46:48 +02:00
Michael B. Gale
e65f8eacbc Merge pull request #20609 from github/dependabot/go_modules/go/extractor/extractor-dependencies-5148baeadc 
Bump the extractor-dependencies group in /go/extractor with 2 updates
 2025-10-13 10:33:14 +01:00
dependabot[bot]
500421d891 Bump the extractor-dependencies group in /go/extractor with 2 updates 
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.28.0 to 0.29.0
- [Commits](https://github.com/golang/mod/compare/v0.28.0...v0.29.0)

Updates `golang.org/x/tools` from 0.37.0 to 0.38.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-13 03:14:48 +00:00
Tom Hvitved
2577452849 C#: Add neutral model for System.ComponentModel.PropertyDescriptor.GetValue 2025-10-12 09:06:54 +02:00
Geoffrey White
106bad2764 Rust: Add test cases for bad use of prepared statements as well. 2025-10-10 17:17:08 +01:00
Geoffrey White
c102ce41b7 Rust: Claim support for the two libraries. 2025-10-10 17:12:48 +01:00