hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-30 20:28:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,406 Commits 1,724 Branches 164 Tags
7ef60a864974c8c790766fa0fbd877cbb5bd63e3
Commit Graph

86406 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
7ef60a8649 Update the overlay annotation script for go 
The Go libraries follow their own naming convention for "query
libraries". These need to be exempted from automatic `overlay[local?]`
annotations since otherwise it appears that too many predicates are
evaluated, possibly because of inadequate use of sentinels.
 2026-03-13 15:02:58 +00:00
Anders Schack-Mulligen
f11815c633 Merge pull request #21471 from aschackmull/csharp/rm-prebasicblock 
C#: Delete PreBasicBlocks.
 2026-03-13 08:54:06 +01:00
Owen Mansel-Chan
52cfd49087 Merge pull request #21469 from github/dependabot/go_modules/go/extractor/extractor-dependencies-7af763c229 
Bump the extractor-dependencies group across 1 directory with 2 updates
 2026-03-13 07:06:44 +00:00
Anders Schack-Mulligen
8c1c039edf C#: Delete PreBasicBlocks. 2026-03-13 08:00:08 +01:00
dependabot[bot]
c9e0927992 Bump the extractor-dependencies group across 1 directory with 2 updates 
Bumps the extractor-dependencies group with 2 updates in the /go/extractor directory: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.33.0 to 0.34.0
- [Commits](https://github.com/golang/mod/compare/v0.33.0...v0.34.0)

Updates `golang.org/x/tools` from 0.42.0 to 0.43.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.42.0...v0.43.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-13 03:04:44 +00:00
Jeroen Ketema
d5f667e585 Merge pull request #21467 from jketema/jketema/swift-linux 
Swift: Disable stack protector pass
 2026-03-12 22:42:51 +01:00
Jeroen Ketema
b758732a28 Merge pull request #21468 from jketema/jketema/swift-lines 
Swift: Limit successfully extracted lines
 2026-03-12 17:24:28 +01:00
Jeroen Ketema
ba3fadbf20 Swift: Rename function 2026-03-12 16:37:13 +01:00
Owen Mansel-Chan
d7d1554461 Merge pull request #21465 from owen-mc/go/small-tweaks 
Go: improve detection of type expressions when database is missing some type information
 2026-03-12 14:58:16 +00:00
Jeroen Ketema
12e0f3f359 Swift: Limit successfully extracted lines 2026-03-12 15:46:23 +01:00
Owen Mansel-Chan
0bb6ff58cc Merge pull request #21466 from owen-mc/go/add-nil-helper-predicate 
Go: Add and use `exprRefersToNil` predicate
 2026-03-12 14:36:03 +00:00
Jeroen Ketema
b9c0aca11a Swift: Fix formatting 2026-03-12 15:00:18 +01:00
Jeroen Ketema
ee3674cb80 Swift: Disable stack protector pass 2026-03-12 14:43:05 +01:00
Owen Mansel-Chan
c271755985 Add and use exprRefersToNil predicate 2026-03-12 13:28:57 +00:00
Owen Mansel-Chan
a16c43881b Use "database" instead of "snapshot" in QLDocs 2026-03-12 13:28:06 +00:00
Owen Mansel-Chan
39e0382089 Improve QLDoc for isTypeExprTopDown 2026-03-12 13:28:05 +00:00
Owen Mansel-Chan
22e012c6f4 Expand isTypeExprTopDown 
We should be using all subtypes of `FieldBase`. This allows us to find
more type expressions, and is also simpler to evaluate.
 2026-03-12 13:28:03 +00:00
Mario Campos
f2e7dca65c Merge pull request #21454 from github/mario-campos-patch-1 
Correct comment about AES crypto algorithm strength
 2026-03-11 22:43:21 -05:00
Mario Campos
b9b3b3a0b5 Empty commit for missed Green Check 2026-03-11 22:37:20 -05:00
Mario Campos
6fb10555ff Correct comment about AES crypto algorithm strength 2026-03-11 09:27:03 -05:00
Ian Lynagh
bbd02b855b Merge pull request #21424 from github/idrissrio/cpp/overlay/discard 
C/C++ overlay: update discard mechanism
 2026-03-11 13:45:52 +00:00
Idriss Riouak
48a03e2a04 Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-11 14:25:53 +01:00
idrissrio
a92d97744f C/C++ overlay: address review comment 2026-03-11 14:25:52 +01:00
idrissrio
ef6c1a9968 C/C++ overlay: fix failing header_dependency test 2026-03-11 14:25:50 +01:00
idrissrio
72142b51f7 C/C++ overlay: switch to updated discard strategy 2026-03-11 14:25:49 +01:00
Tom Hvitved
c06d4d2647 Merge pull request #21422 from hvitved/rust/type-mention-refactor 
Rust: Small refactor in `TypeMention.qll`
 2026-03-11 14:01:03 +01:00
Ian Lynagh
68dfa5c83b Merge pull request #21451 from igfoo/igfoo/fix-build 
Revert "Bump rules_android from 0.6.4 to 0.7.1"
 2026-03-11 12:27:20 +00:00
Ian Lynagh
25a20f74f0 Revert "Bump rules_android from 0.6.4 to 0.7.1" 
This reverts commit c7349740f0.

It was making the build fail
 2026-03-11 11:54:18 +00:00
Taus
5a65282241 Merge pull request #21429 from github/tausbn/fix-bad-join-in-method-call-order 
Python: Fix bad join in method call order computation
 2026-03-10 18:17:35 +01:00
Paolo Tranquilli
79499c240a Merge pull request #21444 from github/dependabot/bazel/googletest-1.17.0.bcr.2 
Bump googletest from 1.14.0.bcr.1 to 1.17.0.bcr.2
 2026-03-10 16:41:38 +01:00
Paolo Tranquilli
267a46d01b Merge pull request #21445 from github/dependabot/bazel/rules_shell-0.6.1 
Bump rules_shell from 0.5.0 to 0.6.1
 2026-03-10 16:41:24 +01:00
Ian Lynagh
341059d2d0 Merge pull request #21437 from igfoo/igfoo/onemk 
C++: Small simplification
 2026-03-10 15:36:38 +00:00
Paolo Tranquilli
3c3c58b0a9 Merge pull request #21443 from github/dependabot/bazel/rules_android-0.7.1 
Bump rules_android from 0.6.4 to 0.7.1
 2026-03-10 16:06:40 +01:00
Paolo Tranquilli
9bf1072a01 Merge pull request #21447 from github/revert-21414-redsun82/rerun-slash-command 
Revert "Add `/rerun` slash command for failed internal checks"
 2026-03-10 15:55:45 +01:00
Paolo Tranquilli
a5f23ade8c Revert "Add /rerun slash command for failed internal checks" 2026-03-10 14:43:59 +01:00
Paolo Tranquilli
017b6f2e44 Merge pull request #21414 from github/redsun82/rerun-slash-command 
Add `/rerun` slash command for failed internal checks
 2026-03-10 14:01:03 +01:00
Anders Schack-Mulligen
6a6bb5ebf9 Merge pull request #21441 from aschackmull/cfg/switch-sharing 
Cfg: Share more code for switch statements.
 2026-03-10 13:50:21 +01:00
dependabot[bot]
b631138b63 Bump rules_shell from 0.5.0 to 0.6.1 
Bumps [rules_shell](https://github.com/bazelbuild/rules_shell) from 0.5.0 to 0.6.1.
- [Release notes](https://github.com/bazelbuild/rules_shell/releases)
- [Commits](https://github.com/bazelbuild/rules_shell/compare/v0.5.0...v0.6.1)

---
updated-dependencies:
- dependency-name: rules_shell
  dependency-version: 0.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-10 11:21:40 +00:00
dependabot[bot]
093d36ebe6 Bump googletest from 1.14.0.bcr.1 to 1.17.0.bcr.2 
Bumps [googletest](https://github.com/google/googletest) from 1.14.0.bcr.1 to 1.17.0.bcr.2.
- [Release notes](https://github.com/google/googletest/releases)
- [Commits](https://github.com/google/googletest/commits)

---
updated-dependencies:
- dependency-name: googletest
  dependency-version: 1.17.0.bcr.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-10 11:21:37 +00:00
dependabot[bot]
c7349740f0 Bump rules_android from 0.6.4 to 0.7.1 
Bumps [rules_android](https://github.com/bazelbuild/rules_android) from 0.6.4 to 0.7.1.
- [Release notes](https://github.com/bazelbuild/rules_android/releases)
- [Commits](https://github.com/bazelbuild/rules_android/compare/v0.6.4...v0.7.1)

---
updated-dependencies:
- dependency-name: rules_android
  dependency-version: 0.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-10 11:21:34 +00:00
Anders Schack-Mulligen
efa797a21d Update shared/controlflow/codeql/controlflow/ControlFlowGraph.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-10 11:22:15 +01:00
Anders Schack-Mulligen
77d4f5a2dc Cfg: Update fallsThrough default. 2026-03-10 11:10:24 +01:00
Anders Schack-Mulligen
edf88b34da Cfg: Move Case.getBodyElement to shared code. 2026-03-10 11:02:58 +01:00
Owen Mansel-Chan
0215ea3ee3 Merge pull request #21426 from owen-mc/cpp/validate-constructor-summary-models 
C++: Add model validation for constructor summary models
 2026-03-10 09:42:24 +00:00
Anders Schack-Mulligen
35ac66d3aa Cfg: Move getCaseControlFlowOrder to shared code. 2026-03-10 10:39:32 +01:00
Anders Schack-Mulligen
219fe03637 Merge pull request #21430 from aschackmull/csharp/switch-ast-simplify 
C#: Disentangle SwitchStmt AST and CFG.
 2026-03-10 10:23:37 +01:00
Ian Lynagh
dbb8bb86ba C++: Small simplification 2026-03-09 17:45:38 +00:00
Paolo Tranquilli
afb2243984 Merge pull request #21433 from github/dependabot/bazel/abseil-cpp-20260107.1 
Bump abseil-cpp from 20240116.1 to 20260107.1
 2026-03-09 17:14:33 +01:00
Paolo Tranquilli
a7e426d89f Merge pull request #21432 from github/dependabot/bazel/zstd-1.5.7.bcr.1 
Bump zstd from 1.5.5.bcr.1 to 1.5.7.bcr.1
 2026-03-09 17:13:29 +01:00
Paolo Tranquilli
fde51e0c29 Merge pull request #21436 from github/dependabot/bazel/rules_python-1.9.0 
Bump rules_python from 0.40.0 to 1.9.0
 2026-03-09 17:12:58 +01:00