hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-30 02:51:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,628 Commits 1,763 Branches 168 Tags
b05c52cba821e1012fdd5dcaf5cf174f0619eb4e
Commit Graph

87628 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paolo Tranquilli
b05c52cba8 Rust: Split downgrade preservation test 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-28 09:00:56 +02:00
Paolo Tranquilli
d8d546c0be Rust: Test dbscheme downgrade preservation 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-28 09:00:56 +02:00
Paolo Tranquilli
e04aacc256 Rust: Move upgrade test to separate upgrade-tests directory 
Avoids issues with nested qlpack.yml breaking `codeql pack create` for the lib pack.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-28 09:00:56 +02:00
Paolo Tranquilli
76047ad883 Fix unsafe stash handling in run-test.sh 
Only stash when there are actual changes (including untracked files),
and only pop the specific stash entry we created.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-28 09:00:55 +02:00
Paolo Tranquilli
5fe938a534 Fix REPO_ROOT computation in run-test.sh 
Use `git rev-parse --show-toplevel` instead of fragile relative path.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-28 09:00:55 +02:00
Paolo Tranquilli
ac4dcd536a Rust: Add manual regression test for dbscheme upgrade 
Adds a test directory with queries that verify properties are preserved
when upgrading databases from rust-analyzer 0.0.301 to 0.0.328.

This is a one-off manual test (not yet in CI), but could serve as the
foundation for a general upgrade testing strategy.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-28 09:00:55 +02:00
Paolo Tranquilli
63d8bb7d5b Rust: Format downgrade query 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-28 09:00:54 +02:00
Paolo Tranquilli
b89d9ad1e0 Rust: Drop locations for downgraded comments 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-27 10:34:58 +02:00
Paolo Tranquilli
f4faf4cd45 Rust: Filter downgraded comments on removed nodes 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-27 10:32:22 +02:00
Paolo Tranquilli
25ab2e0280 Rust: Add full downgrade script for dbscheme migration 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-27 09:33:18 +02:00
Paolo Tranquilli
7f2bda1066 Rust: Add full upgrade script for dbscheme migration 
Adds upgrade.ql with transformations for all schema changes from
rust-analyzer 0.0.301 to 0.0.328:
- Meta split into PathMeta/KeyValueMeta/TokenTreeMeta/UnsafeMeta
- TraitAlias merged into Trait
- BlockExpr.isTry() -> TryBlockModifier
- StructField.getDefault() -> getDefaultVal() returning ConstArg
- Variant.getDiscriminant() -> getConstArg() returning ConstArg
- FormatArgsArg.getName() -> getArgName() returning FormatArgsArgName

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-26 18:17:38 +02:00
Paolo Tranquilli
e87c03463d Merge branch 'main' into tausbn/rust-upgrade-to-rust-analyzer-0.0.328 2026-05-26 15:06:15 +02:00
Óscar San José
491c373e07 Merge pull request #21864 from github/post-release-prep/codeql-cli-2.25.5 
Post-release preparation for codeql-cli-2.25.5
 2026-05-22 17:41:38 +02:00
Paolo Tranquilli
a2ecf65711 Rust: accept test changes 2026-05-22 17:14:42 +02:00
Óscar San José
996e79131e Merge branch 'main' into post-release-prep/codeql-cli-2.25.5 2026-05-22 16:32:30 +02:00
Tom Hvitved
688695cd57 Merge pull request #21876 from hvitved/dense-rank-short-circuit 
Util: Short-circuit `rank` usage in dense ranking library
 2026-05-22 16:08:45 +02:00
Jeroen Ketema
3c4e22a8ba Merge pull request #21870 from jketema/jketema/generated 
C++: Add ability to see if one template was generated from another
 2026-05-22 15:46:06 +02:00
Paolo Tranquilli
60bffd01ce Merge origin/main into rust analyzer upgrade 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-22 13:46:00 +02:00
Tom Hvitved
c70007607a Merge pull request #21850 from hvitved/type-inference-unify-base-type 
Type inference: Unify `getABaseTypeMention` and `conditionSatisfiesConstraint`
 2026-05-22 13:44:18 +02:00
Tom Hvitved
9685755479 Merge pull request #21865 from hvitved/csharp/compilation-cwd-folder 
C#: Ensure that `Folder` entities exist for `Compilation` entities
 2026-05-22 13:42:35 +02:00
Mathias Vorreiter Pedersen
a7405bddaa Merge pull request #21856 from MathiasVP/scanf-safe-functions 
C++: Model secure versions of `scanf` as flow sources
 2026-05-22 12:34:54 +01:00
Jeroen Ketema
8ad461be98 C++: Add change note 2026-05-22 13:13:27 +02:00
Jeroen Ketema
0e6257de2d C++: Fix QLDoc wording 2026-05-22 13:13:25 +02:00
Jeroen Ketema
77f6caca00 C++: Update stats file 2026-05-22 13:13:24 +02:00
Jeroen Ketema
f98dfcd0a5 C++: Add upgrade and downgrade scripts 2026-05-22 13:13:22 +02:00
Jeroen Ketema
a027665ab4 C++: Add ability to see if one template was generated from another 2026-05-22 13:13:21 +02:00
Óscar San José
de1cb26a93 Merge pull request #21890 from github/codeql-spark-run-26283874463 
Update changelog documentation site for codeql-cli-2.25.5
 2026-05-22 13:11:25 +02:00
github-actions[bot]
9599f01ae0 update codeql documentation 2026-05-22 11:02:30 +00:00
Michael Nebel
5a219d1527 Merge pull request #21845 from michaelnebel/csharp/unaryoperatorcleanup 
C#: Unary expression cleanup in the extractor.
 2026-05-22 11:06:02 +02:00
Tom Hvitved
ec7e38cd4d C#: Ensure that Folder entities exist for Compilation entities 2026-05-22 11:03:15 +02:00
Michael Nebel
871f307fa4 Merge pull request #21871 from michaelnebel/csharp14/updatedocumentation 
C# 14: Update documentation and claim C# 14 / .NET 10 support.
 2026-05-22 10:54:36 +02:00
Tom Hvitved
3ee45ff4b9 Apply suggestion from @geoffw0 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2026-05-22 10:07:52 +02:00
Tom Hvitved
6d6e9c0d47 Util: Only compute dense ranks when needed 2026-05-22 08:59:01 +02:00
Owen Mansel-Chan
0ef59dffb4 Merge pull request #21852 from knewbury01/knewbury01/adjust-actions-queries-untrusted-checkout-second-iteration 
Actions: Improve actions/ql/src/Security/CWE-829/UntrustedCheckoutX queries further iteration
 2026-05-21 17:20:33 +01:00
Kristen Newbury
5503140318 Merge branch 'main' into knewbury01/adjust-actions-queries-untrusted-checkout-second-iteration 2026-05-21 10:49:36 -04:00
Kristen Newbury
a094a8e460 Fix merge conflicts 2026-05-21 10:48:24 -04:00
Kristen Newbury
2f8c0df537 Address review feedback 2026-05-21 10:40:52 -04:00
Óscar San José
c25398ea0c Merge pull request #21868 from github/copilot/bump-jackson-core-to-2150 
Bump jackson-core to 2.18.6 in ferstl-depgraph-dependencies (CVE-2025-52999)
 2026-05-21 16:18:15 +02:00
Owen Mansel-Chan
7e6b10e8cf Merge pull request #21879 from owen-mc/shared/cfg/simpleleafnode 
Shared CFG: update `simpleLeafNode` to exclude those with additional leaf nodes
 2026-05-21 14:58:04 +01:00
Owen Mansel-Chan
149bfd19d3 Merge pull request #21880 from owen-mc/shared/cfg/for-loop-stmt-init-update 
Shared CFG: Make the init and update parts of a for loop statements
 2026-05-21 14:57:44 +01:00
Paolo Tranquilli
153fbb0378 Merge pull request #21878 from github/redsun82/windows-diagnostic-path-tests 
Add Windows file path tests for `relativize_for_diagnostic`
 2026-05-21 15:30:25 +02:00
Owen Mansel-Chan
039b5927f0 C#: update ForStmt wrapper class 2026-05-21 13:45:30 +01:00
Owen Mansel-Chan
2070dafeb2 Java: add ForStmt wrapper class 2026-05-21 13:41:29 +01:00
Owen Mansel-Chan
c3bafc75ab Shared CFG: allow statements for init and update of for loop 2026-05-21 13:40:26 +01:00
Owen Mansel-Chan
19f93cd18b Shared CFG: update simpleLeafNode to exclude those with additional nodes 2026-05-21 13:31:56 +01:00
Paolo Tranquilli
39becfd7e5 Add Windows file path tests for relativize_for_diagnostic 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-21 14:08:50 +02:00
copilot-swe-agent[bot]
0f3c9ab483 Fix remaining macOS bash 3.2 portability issues in update script (step 5) 2026-05-21 12:07:45 +00:00
Paolo Tranquilli
a84043b627 Merge pull request #21844 from github/redsun82/issue-21802-ruby-absolute-paths-in-sarif-diagnostics-a02887 
Use relative paths in tree-sitter extractor diagnostics
 2026-05-21 14:00:32 +02:00
Owen Mansel-Chan
2280955136 Merge pull request #21800 from knewbury01/knewbury01/adjust-actions-queries-untrusted-checkout-critical-alert 
Actions: Adjust alert location UntrustedCheckoutCritical
 2026-05-21 12:40:29 +01:00
Owen Mansel-Chan
4897757b96 Merge pull request #21875 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2026-05-21 11:09:26 +01:00