hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-19 11:51:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
88,023 Commits 1,782 Branches 169 Tags
b15a1afa244e8a8b1bbd901bbdd60bf22c351cd2
Commit Graph

88023 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sotiris Dragonas
b15a1afa24 Merge branch 'bazookamusic/cwe-1427' of https://github.com/github/codeql into bazookamusic/cwe-1427 2026-06-17 14:55:04 +03:00
Sotiris Dragonas
c444f41a3f 1. Enable inline expectations for tests 
2. Add annotations for sources
2. Fix a modelling issue in the openai library - missing coverage for a legacy method when moving to MaDs and a mistake in the assistants.create models
 2026-06-17 14:53:48 +03:00
Sotiris Dragonas
274f014d31 Merge branch 'main' into bazookamusic/cwe-1427 2026-06-17 12:53:03 +03:00
Sotiris Dragonas
b9025a54af Fix prompt injection severity 2026-06-17 12:52:33 +03:00
Jeroen Ketema
e6e5f0dffd Merge pull request #21992 from jketema/jketema/swift-filter 
Swift: Filter more clang options not recognized by off-the-shelf clang
 2026-06-17 11:32:58 +02:00
Anders Schack-Mulligen
3654205ae2 Merge pull request #21991 from github/copilot/change-ast-for-else-branches 
Ruby: Add CaseElseBranch AST node to distinguish else-branch from its body
 2026-06-17 09:52:39 +02:00
Anders Schack-Mulligen
027f302932 Ruby: improve return type 2026-06-17 08:47:14 +02:00
Jon Janego
72f34c2b3b Merge pull request #21971 from github/mario-campos/fix-changenote-grammar 
Fix changelog copy errors in change-notes and CHANGELOG.md files
 2026-06-16 10:15:25 -05:00
Jeroen Ketema
2eb9c54456 Swift: Update test to ensure stabilitry across Xcode versions 2026-06-16 16:57:01 +02:00
Owen Mansel-Chan
4d70c5f87e Merge pull request #21973 from github/copilot/convert-qlref-tests 
Swift: Convert .qlref security query tests to inline expectation tests
 2026-06-16 14:34:34 +01:00
Jeroen Ketema
4bfc2fd791 Potential fix for pull request finding 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-06-16 14:53:48 +02:00
Jeroen Ketema
7ef19112e4 Potential fix for pull request finding 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-06-16 14:53:18 +02:00
Jeroen Ketema
c5dc05483b Merge pull request #21990 from jketema/jketema/telemetry-prep 
Java: Use fixture for filtering diagnostics
 2026-06-16 13:53:33 +02:00
Owen Mansel-Chan
7f3181b145 Merge pull request #21972 from github/copilot/qlref-conversion-instructions 
Ruby: Convert CodeQL .qlref tests to inline expectations
 2026-06-16 12:31:17 +01:00
Michael Nebel
e94d279234 Merge pull request #21984 from forks-felickz/felickz/razor-page-handler-sources 
C#: Add Razor Page handler method parameters as remote flow sources
 2026-06-16 13:15:51 +02:00
Owen Mansel-Chan
48aefff964 Add SPURIOUS and MISSING to some comments 2026-06-16 10:40:39 +01:00
Owen Mansel-Chan
c5e020c68c Work around problem with comments in heredocs 2026-06-16 10:40:37 +01:00
Anders Schack-Mulligen
8778e881cb Ruby: Accept two more test changes for new AST node. 2026-06-16 11:14:15 +02:00
Anders Schack-Mulligen
36c1796ef7 Ruby: Fix data flow step. 2026-06-16 11:11:42 +02:00
Sotiris Dragonas
8f965a9614 Grammar 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-06-16 11:57:58 +03:00
Sotiris Dragonas
d72372c246 Fix system prompt injection description and title 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-06-16 11:57:37 +03:00
Jeroen Ketema
ef67311af2 Swift: Filter more clang options not recognized by off-the-shelf clang 2026-06-16 10:56:32 +02:00
Tom Hvitved
ae57ca7e65 Merge pull request #21907 from hvitved/ruby/implicit-local-fix 
Ruby: Fix bug in `implicitAssignmentNode`
 2026-06-16 09:41:12 +02:00
Tom Hvitved
d287f0cf0b Merge pull request #21987 from hvitved/type-flow-ranking 
Java: Fix performance issue in type flow library
 2026-06-16 09:39:30 +02:00
Tom Hvitved
f143dad1b2 Apply suggestions from code review 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-06-16 08:57:37 +02:00
Michael Nebel
01454d76c2 Merge pull request #21881 from michaelnebel/csharp/propertycalls 
C#: Property- and Indexer call targets for partial overrides.
 2026-06-16 08:46:33 +02:00
Michael Nebel
859ad1d8d0 Merge pull request #21877 from michaelnebel/csharp/spanaccessrange 
C#: Extract `.Slice` method call when using a span in conjunction with a range.
 2026-06-16 08:42:57 +02:00
Owen Mansel-Chan
b10abb63d9 Add SPURIOUS and MISSING to some comments 2026-06-16 00:28:40 +01:00
copilot-swe-agent[bot]
44e23638a4 Convert Swift .qlref tests to inline expectation tests 2026-06-16 00:08:39 +01:00
Owen Mansel-Chan
5e606b7bef Don't use inline expectations when alerts in erb files 2026-06-15 23:03:50 +01:00
copilot-swe-agent[bot]
84e7c2de6c Convert Ruby qlref tests to inline expectations 2026-06-15 23:03:46 +01:00
Owen Mansel-Chan
0df9aac69c Merge pull request #21988 from owen-mc/ql/convert-qlref-tests-inline-expectations 
QL: Convert qlref tests to inline expectations
 2026-06-15 21:09:44 +01:00
Owen Mansel-Chan
bc9fa6ba13 Fix bug in inline expectations test implementation 
This was stopping trailing comments, as in `// $ Alert // some comment`, from working.
 2026-06-15 21:08:08 +01:00
Chad Bentz
c08c0e9ae5 Merge branch 'main' into felickz/razor-page-handler-sources 2026-06-15 11:35:54 -04:00
Chad Bentz
4f1d6f472d Fix test comments: replace GOOD/BAD markers with flow source descriptions 
Per review feedback, GOOD/BAD markers don't apply to flow source
enumeration tests. Use descriptive comments instead.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-06-15 11:34:43 -04:00
Owen Mansel-Chan
78d95719a5 Do not convert test that is example of not using inline expectations 2026-06-15 16:18:24 +01:00
Michael Nebel
c31b594bbc C#: Address review comments. 2026-06-15 16:17:46 +02:00
Michael Nebel
66db0d42a9 C#: Address review comment. 2026-06-15 15:41:19 +02:00
Asger F
7039c4a2be Merge pull request #21981 from asgerf/yeast/comments 
Yeast/Unified: Extract comments
 2026-06-15 15:25:35 +02:00
Michael Nebel
746631d3dc Merge pull request #21989 from michaelnebel/csharp/compoundmad 
C#: Add models as data tests for compound assignment operators.
 2026-06-15 14:57:04 +02:00
Jeroen Ketema
b9b15af308 Java: Use fixture for filtering diagnostics 2026-06-15 14:51:52 +02:00
copilot-swe-agent[bot]
f658bc9b39 Update expected files for CaseElseBranch AST node change 2026-06-15 12:11:22 +00:00
copilot-swe-agent[bot]
8cb4b9b118 Add CaseElseBranch AST node for Ruby case else branches 2026-06-15 11:42:13 +00:00
Michael Nebel
175c4f1b0d C#: Add models as data tests for compound assignment operators. 2026-06-15 13:26:39 +02:00
Michael Nebel
ab4f170780 Merge pull request #21909 from michaelnebel/csharp/refactoroperations 
C#: Refactor- and rename operation expressions.
 2026-06-15 12:35:39 +02:00
Owen Mansel-Chan
4ad3a44aab QL: Convert qlref tests to inline expectations 2026-06-15 11:15:16 +01:00
Tom Hvitved
686e98c6ff Update java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2026-06-15 11:37:14 +02:00
Owen Mansel-Chan
14c72def96 Merge pull request #21983 from owen-mc/java/convert-to-inline-expectation-tests 
Java: Improve inline expectations test comments
 2026-06-15 10:31:56 +01:00
Michael Nebel
d0841d2283 C#: Address review comments. 2026-06-15 11:04:59 +02:00
Tom Hvitved
568de02e98 Update shared/typeflow/codeql/typeflow/UniversalFlow.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2026-06-15 10:58:48 +02:00