hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 12:48:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,557 Commits 1,723 Branches 164 Tags
8cebf510dc9964c40121dd89cf43dedbb3be2b73
Commit Graph

86557 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
8cebf510dc C++: Reword the change note from #21458. 2026-03-23 13:45:46 +00:00
Mathias Vorreiter Pedersen
b5723bd75d Merge branch 'main' into more-public-dataflow-apis 2026-03-23 13:43:01 +00:00
Mathias Vorreiter Pedersen
fef314e27f C++: Add change note. 2026-03-23 13:39:15 +00:00
Mathias Vorreiter Pedersen
1363c54a9f C++: Add 'asIndirectInstruction' as a public predicate. 2026-03-23 13:28:33 +00:00
Mathias Vorreiter Pedersen
09caeca7e9 C++: Move parameter indirection nodes into the public API. 2026-03-23 13:27:20 +00:00
Tom Hvitved
0d0d34cc71 Merge pull request #21498 from Gregro/csharp/fix-log-forging-extension-methods 
C#: Fix false positives in cs/log-forging for extension methods
 2026-03-23 11:24:12 +01:00
Jeroen Ketema
be245357cc Merge pull request #21458 from github/jeongsoolee09/add-getIndirectionIndex 
Add `IndirectUninitializedNode` and related helper predicates
 2026-03-23 11:03:57 +01:00
Jeroen Ketema
ee00b98476 Update cpp/ql/lib/change-notes/2026-03-20-add-indirect-uninitialized-node.md 2026-03-23 10:44:21 +01:00
Jeongsoo Lee
6ae32f22a8 Merge branch 'main' into jeongsoolee09/add-getIndirectionIndex 2026-03-22 11:51:14 -04:00
Gregro
a59c865328 let interprocedural analysis handle source-available extension methods for LogForgingLogMessageSink's 2026-03-21 20:05:08 +00:00
Gregro
d0c48893f5 update test helper to use more robust .ReplaceLineEndings() sanitizer 2026-03-21 20:05:08 +00:00
Gregro
d99247cf13 Clarify static extension method class name 2026-03-21 20:05:08 +00:00
Gregro
a9eb801fea C#: Fix false positives in cs/log-forging for extension methods 2026-03-21 20:05:08 +00:00
Tom Hvitved
9a4bc69843 Merge pull request #21510 from hvitved/ci/remove-ruby-checks 
CI: Remove Ruby checks
 2026-03-21 08:04:17 +01:00
Jeongsoo Lee
d4fef1c68e Merge branch 'main' into jeongsoolee09/add-getIndirectionIndex 2026-03-20 10:01:05 -07:00
Jeongsoo Lee
d2fcced5ad Add a feature change note 2026-03-20 09:59:12 -07:00
Tom Hvitved
f99f26f908 Merge pull request #21464 from hvitved/rust/type-inference-trait-bound-impl-overlap 
Rust: Disambiguate types inferred from trait bounds
 2026-03-20 15:14:24 +01:00
Simon Friis Vindum
f6c81ff30a Merge pull request #21512 from paldepind/cpp/extraction-information 
C++: Add `cpp/extraction-information` query
 2026-03-20 14:12:59 +01:00
Jeroen Ketema
02f8984aff Merge pull request #21522 from jketema/swift-linux-test 
Swift: Fix typo
 2026-03-20 12:04:27 +01:00
Jeroen Ketema
b63e34d467 Swift: Fix typo 2026-03-20 11:34:19 +01:00
Óscar San José
ec726f5941 Merge pull request #21486 from github/post-release-prep/codeql-cli-2.25.0 
Post-release preparation for codeql-cli-2.25.0
 2026-03-20 11:23:20 +01:00
Geoffrey White
208ae7aa01 Merge pull request #21514 from geoffw0/suspicioussizeof 
C++: Fix an issue with cpp/suspicious-add-sizeof in BMN databases
 2026-03-20 09:41:39 +00:00
Geoffrey White
be746b775b Merge pull request #21493 from MarkLee131/fix/format-string-fp-in-printf-impl 
C++: exclude printf implementation internals from uncontrolled format string sinks
 2026-03-20 09:21:48 +00:00
Simon Friis Vindum
bc518c08c7 C++: Fix grammar in comment 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-20 09:19:59 +01:00
Paolo Tranquilli
06ea72ccc7 Merge pull request #21517 from github/dependabot/bazel/bazel_skylib-1.9.0 
Bump bazel_skylib from 1.8.1 to 1.9.0
 2026-03-20 09:18:44 +01:00
Paolo Tranquilli
57086f60b9 Merge pull request #21518 from github/dependabot/bazel/rules_java-9.6.1 
Bump rules_java from 9.0.3 to 9.6.1
 2026-03-20 09:18:16 +01:00
Kaixuan Li
6452cc549f Merge branch 'github:main' into fix/format-string-fp-in-printf-impl 2026-03-20 10:15:56 +08:00
Kaixuan Li
f59bacab30 Merge pull request #1 from geoffw0/changenote 
C++: Change note.
 2026-03-20 10:14:24 +08:00
Jeongsoo Lee
356905ba36 Merge branch 'jeongsoolee09/add-getIndirectionIndex' of github.com:github/codeql into jeongsoolee09/add-getIndirectionIndex 2026-03-19 15:51:37 -07:00
Jeongsoo Lee
dc291ffad7 Address code review 2026-03-19 15:51:00 -07:00
Jeongsoo Lee
d191d09c55 Apply suggestions from code review 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2026-03-19 15:48:47 -07:00
Geoffrey White
9c6276ef48 C++: Change note. 2026-03-19 16:24:35 +00:00
Tom Hvitved
21f2c81f24 Merge pull request #21509 from hvitved/ci/remove-compile-queries 
CI: Remove `compile-queries.yml`
 2026-03-19 17:21:09 +01:00
Óscar San José
d30aab47ea Merge branch 'main' into post-release-prep/codeql-cli-2.25.0 2026-03-19 16:57:20 +01:00
dependabot[bot]
fef758998c Bump rules_java from 9.0.3 to 9.6.1 
Bumps [rules_java](https://github.com/bazelbuild/rules_java) from 9.0.3 to 9.6.1.
- [Release notes](https://github.com/bazelbuild/rules_java/releases)
- [Commits](https://github.com/bazelbuild/rules_java/compare/9.0.3...9.6.1)

---
updated-dependencies:
- dependency-name: rules_java
  dependency-version: 9.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-19 15:48:18 +00:00
dependabot[bot]
b9592fef2d Bump bazel_skylib from 1.8.1 to 1.9.0 
Bumps [bazel_skylib](https://github.com/bazelbuild/bazel-skylib) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/bazelbuild/bazel-skylib/releases)
- [Changelog](https://github.com/bazelbuild/bazel-skylib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bazelbuild/bazel-skylib/compare/1.8.1...1.9.0)

---
updated-dependencies:
- dependency-name: bazel_skylib
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-19 15:48:11 +00:00
Paolo Tranquilli
7a33e2f539 Merge pull request #21508 from github/dependabot/bazel/rules_pkg-1.2.0 
Bump rules_pkg from 1.0.1 to 1.2.0
 2026-03-19 16:27:45 +01:00
Paolo Tranquilli
34101b5ca0 Merge pull request #21448 from github/redsun82/update-rules-rust 
Update `rules_rust` 0.68.1.codeql.1 → 0.69.0, drop local patch
 2026-03-19 16:16:34 +01:00
Geoffrey White
07db9cf3c4 Merge pull request #21421 from geoffw0/wrongtypeformat 
C++: Add some test cases for cpp/wrong-type-format-argument
 2026-03-19 14:25:33 +00:00
Geoffrey White
92c9a8e146 Update cpp/ql/test/query-tests/Security/CWE/CWE-468/semmle/SuspiciousAddWithSizeof/buildless.cpp 2026-03-19 13:51:03 +00:00
Geoffrey White
21cb11ea5d C++: Change note. 2026-03-19 13:29:41 +00:00
Simon Friis Vindum
4c525ce7ab C++: Add cpp/extraction-information query 2026-03-19 14:29:31 +01:00
Geoffrey White
0f794b57ed C++: Fix the issue. 2026-03-19 13:16:16 +00:00
Geoffrey White
2e987f8d78 C++: Add test cases emulating cpp/suspicious-add-sizeof in buildless mode. 2026-03-19 13:00:58 +00:00
Óscar San José
2139b97628 Merge branch 'main' into post-release-prep/codeql-cli-2.25.0 2026-03-19 13:07:00 +01:00
Tom Hvitved
7fc1d53ede Rust: Disambiguate types inferred from trait bounds 2026-03-19 12:57:22 +01:00
Paolo Tranquilli
50d83ada95 Merge branch 'main' into redsun82/update-rules-rust 2026-03-19 12:50:00 +01:00
dependabot[bot]
10678d3a42 Bump rules_pkg from 1.0.1 to 1.2.0 
Bumps [rules_pkg](https://github.com/bazelbuild/rules_pkg) from 1.0.1 to 1.2.0.
- [Release notes](https://github.com/bazelbuild/rules_pkg/releases)
- [Changelog](https://github.com/bazelbuild/rules_pkg/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bazelbuild/rules_pkg/compare/1.0.1...1.2.0)

---
updated-dependencies:
- dependency-name: rules_pkg
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-19 11:31:03 +00:00
Paolo Tranquilli
7d538988a6 Merge pull request #21507 from github/dependabot/bazel/rules_go-0.60.0 
Bump rules_go from 0.59.0 to 0.60.0
 2026-03-19 12:29:17 +01:00
dependabot[bot]
7f17b7716d Bump rules_go from 0.59.0 to 0.60.0 
Bumps [rules_go](https://github.com/bazel-contrib/rules_go) from 0.59.0 to 0.60.0.
- [Release notes](https://github.com/bazel-contrib/rules_go/releases)
- [Commits](https://github.com/bazel-contrib/rules_go/compare/v0.59.0...v0.60.0)

---
updated-dependencies:
- dependency-name: rules_go
  dependency-version: 0.60.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-19 10:43:19 +00:00