hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-27 01:21:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,604 Commits 1,761 Branches 168 Tags
9bb1081dc1d77cee7d6500fe4417fc36c19d1a36
Commit Graph

87604 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
idrissrio
9bb1081dc1 C++: accept test results 2026-05-26 12:03:17 +02:00
idrissrio
2e9ee3b5d9 C++: accept test results 2026-05-26 12:03:16 +02:00
Óscar San José
491c373e07 Merge pull request #21864 from github/post-release-prep/codeql-cli-2.25.5 
Post-release preparation for codeql-cli-2.25.5
 2026-05-22 17:41:38 +02:00
Óscar San José
996e79131e Merge branch 'main' into post-release-prep/codeql-cli-2.25.5 2026-05-22 16:32:30 +02:00
Tom Hvitved
688695cd57 Merge pull request #21876 from hvitved/dense-rank-short-circuit 
Util: Short-circuit `rank` usage in dense ranking library
 2026-05-22 16:08:45 +02:00
Jeroen Ketema
3c4e22a8ba Merge pull request #21870 from jketema/jketema/generated 
C++: Add ability to see if one template was generated from another
 2026-05-22 15:46:06 +02:00
Tom Hvitved
c70007607a Merge pull request #21850 from hvitved/type-inference-unify-base-type 
Type inference: Unify `getABaseTypeMention` and `conditionSatisfiesConstraint`
 2026-05-22 13:44:18 +02:00
Tom Hvitved
9685755479 Merge pull request #21865 from hvitved/csharp/compilation-cwd-folder 
C#: Ensure that `Folder` entities exist for `Compilation` entities
 2026-05-22 13:42:35 +02:00
Mathias Vorreiter Pedersen
a7405bddaa Merge pull request #21856 from MathiasVP/scanf-safe-functions 
C++: Model secure versions of `scanf` as flow sources
 2026-05-22 12:34:54 +01:00
Jeroen Ketema
8ad461be98 C++: Add change note 2026-05-22 13:13:27 +02:00
Jeroen Ketema
0e6257de2d C++: Fix QLDoc wording 2026-05-22 13:13:25 +02:00
Jeroen Ketema
77f6caca00 C++: Update stats file 2026-05-22 13:13:24 +02:00
Jeroen Ketema
f98dfcd0a5 C++: Add upgrade and downgrade scripts 2026-05-22 13:13:22 +02:00
Jeroen Ketema
a027665ab4 C++: Add ability to see if one template was generated from another 2026-05-22 13:13:21 +02:00
Óscar San José
de1cb26a93 Merge pull request #21890 from github/codeql-spark-run-26283874463 
Update changelog documentation site for codeql-cli-2.25.5
 2026-05-22 13:11:25 +02:00
github-actions[bot]
9599f01ae0 update codeql documentation 2026-05-22 11:02:30 +00:00
Michael Nebel
5a219d1527 Merge pull request #21845 from michaelnebel/csharp/unaryoperatorcleanup 
C#: Unary expression cleanup in the extractor.
 2026-05-22 11:06:02 +02:00
Tom Hvitved
ec7e38cd4d C#: Ensure that Folder entities exist for Compilation entities 2026-05-22 11:03:15 +02:00
Michael Nebel
871f307fa4 Merge pull request #21871 from michaelnebel/csharp14/updatedocumentation 
C# 14: Update documentation and claim C# 14 / .NET 10 support.
 2026-05-22 10:54:36 +02:00
Tom Hvitved
3ee45ff4b9 Apply suggestion from @geoffw0 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2026-05-22 10:07:52 +02:00
Tom Hvitved
6d6e9c0d47 Util: Only compute dense ranks when needed 2026-05-22 08:59:01 +02:00
Owen Mansel-Chan
0ef59dffb4 Merge pull request #21852 from knewbury01/knewbury01/adjust-actions-queries-untrusted-checkout-second-iteration 
Actions: Improve actions/ql/src/Security/CWE-829/UntrustedCheckoutX queries further iteration
 2026-05-21 17:20:33 +01:00
Kristen Newbury
5503140318 Merge branch 'main' into knewbury01/adjust-actions-queries-untrusted-checkout-second-iteration 2026-05-21 10:49:36 -04:00
Kristen Newbury
a094a8e460 Fix merge conflicts 2026-05-21 10:48:24 -04:00
Kristen Newbury
2f8c0df537 Address review feedback 2026-05-21 10:40:52 -04:00
Óscar San José
c25398ea0c Merge pull request #21868 from github/copilot/bump-jackson-core-to-2150 
Bump jackson-core to 2.18.6 in ferstl-depgraph-dependencies (CVE-2025-52999)
 2026-05-21 16:18:15 +02:00
Owen Mansel-Chan
7e6b10e8cf Merge pull request #21879 from owen-mc/shared/cfg/simpleleafnode 
Shared CFG: update `simpleLeafNode` to exclude those with additional leaf nodes
 2026-05-21 14:58:04 +01:00
Owen Mansel-Chan
149bfd19d3 Merge pull request #21880 from owen-mc/shared/cfg/for-loop-stmt-init-update 
Shared CFG: Make the init and update parts of a for loop statements
 2026-05-21 14:57:44 +01:00
Paolo Tranquilli
153fbb0378 Merge pull request #21878 from github/redsun82/windows-diagnostic-path-tests 
Add Windows file path tests for `relativize_for_diagnostic`
 2026-05-21 15:30:25 +02:00
Owen Mansel-Chan
039b5927f0 C#: update ForStmt wrapper class 2026-05-21 13:45:30 +01:00
Owen Mansel-Chan
2070dafeb2 Java: add ForStmt wrapper class 2026-05-21 13:41:29 +01:00
Owen Mansel-Chan
c3bafc75ab Shared CFG: allow statements for init and update of for loop 2026-05-21 13:40:26 +01:00
Owen Mansel-Chan
19f93cd18b Shared CFG: update simpleLeafNode to exclude those with additional nodes 2026-05-21 13:31:56 +01:00
Paolo Tranquilli
39becfd7e5 Add Windows file path tests for relativize_for_diagnostic 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-21 14:08:50 +02:00
copilot-swe-agent[bot]
0f3c9ab483 Fix remaining macOS bash 3.2 portability issues in update script (step 5) 2026-05-21 12:07:45 +00:00
Paolo Tranquilli
a84043b627 Merge pull request #21844 from github/redsun82/issue-21802-ruby-absolute-paths-in-sarif-diagnostics-a02887 
Use relative paths in tree-sitter extractor diagnostics
 2026-05-21 14:00:32 +02:00
Owen Mansel-Chan
2280955136 Merge pull request #21800 from knewbury01/knewbury01/adjust-actions-queries-untrusted-checkout-critical-alert 
Actions: Adjust alert location UntrustedCheckoutCritical
 2026-05-21 12:40:29 +01:00
Owen Mansel-Chan
4897757b96 Merge pull request #21875 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2026-05-21 11:09:26 +01:00
copilot-swe-agent[bot]
8170c207bd Fix macOS bash 3.2 heredoc-in-$() portability issue in update script 2026-05-21 09:57:10 +00:00
copilot-swe-agent[bot]
38a2101e11 update-ferstl-depgraph-dependencies.sh: address review feedback 
- Use BUILD_REPO/DIST_REPO split so zip contains only runtime deps
  (build-lifecycle plugins, test jars, etc. stay in throwaway BUILD_REPO)
- Minimal inline stub pom.xml (no deps) instead of archetype:generate
  to avoid polluting DIST_REPO with stub project's own dependencies
- Replace grep -oP (PCRE, unavailable on macOS BSD grep) with Python re
- Use version-aware Python version_key() for max POM version selection
  (lexicographic sort fails for e.g. 2.18.10 vs 2.18.6; release > snapshot)
- Write zip to caller's working directory; keep cleanup trap active;
  remove `trap - EXIT` which was leaving WORK_DIR behind
 2026-05-21 09:41:57 +00:00
github-actions[bot]
fb04cd2212 Add changed framework coverage reports 2026-05-21 00:54:55 +00:00
Mathias Vorreiter Pedersen
a33af09244 C++: Add models for _fscanf_s_l, fwscanf_s and _fwscanf_s_l. 2026-05-20 18:59:04 +01:00
Mathias Vorreiter Pedersen
25d20399f3 C++: Add models for _scanf_s_l, wscanf_s and _wscanf_s_l. 2026-05-20 18:43:07 +01:00
Mathias Vorreiter Pedersen
e6c5f944ba C++: Add missing format string part in test. 2026-05-20 18:13:35 +01:00
Mathias Vorreiter Pedersen
157424cca3 Merge pull request #21836 from MathiasVP/uncertain-def-more-complete 
C++: Support reasoning about whether a phi node overwrites the entire buffer
 2026-05-20 13:04:37 +01:00
Óscar San José
b9bf81e463 Merge branch 'main' into copilot/bump-jackson-core-to-2150 2026-05-20 13:09:04 +02:00
Michael Nebel
e408540d36 Potential fix for pull request finding 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-05-20 11:08:41 +02:00
Michael Nebel
462a7bc423 C#: Add change-note. 2026-05-20 10:59:52 +02:00
Michael Nebel
422a6bd670 C#: Remove the prelim C# 14 footnote from the documentation. 2026-05-20 10:59:10 +02:00
Jack Nørskov Jørgensen
4b095f3129 Merge pull request #21754 from github/jacknojo/add_llm_generated_mads_for_avro 
Add MaDs for Apache Avro
 2026-05-20 08:24:06 +02:00