hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-21 15:05:56 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,835 Commits 1,738 Branches 165 Tags
b9226a359a2af20324c0660182469166b56d33e6
Commit Graph

86835 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
b9226a359a Merge pull request #21633 from geoffw0/intmultlong2 
C++: Upgrade cpp/integer-multiplication-cast-to-long to high precision
 2026-04-10 14:02:34 +01:00
Geoffrey White
814c0ae7a8 Merge pull request #21632 from geoffw0/wrongtype2 
C++: Upgrade cpp/wrong-type-format-argument to high precision
 2026-04-10 14:01:07 +01:00
Geoffrey White
9ea33bc5bb Merge pull request #21553 from geoffw0/implicitfn 
C++: Disable cpp/implicit-function-declaration on build mode none databases
 2026-04-10 14:00:06 +01:00
Anders Schack-Mulligen
dfa8d72dd3 Merge pull request #21685 from aschackmull/csharp/unbind-new 
C#: Replace old-style unbind with pragmas.
 2026-04-10 13:55:01 +02:00
Geoffrey White
bcdbf141bc Merge pull request #21671 from geoffw0/neutralperf 
Rust: Fix performance issue with additionalExternalFile
 2026-04-10 12:08:27 +01:00
Paolo Tranquilli
7de8ce961c Merge pull request #21677 from github/dependabot/bazel/gazelle-0.50.0 
Bump gazelle from 0.47.0 to 0.50.0
 2026-04-10 10:07:25 +02:00
Michael Nebel
66278fcd10 Merge pull request #21690 from samchang-msft/update-net10-support 
Support added in Jan 2026
 2026-04-10 08:40:29 +02:00
Sam Chang
7883fab44f Qualify the limited support for .NET 10 and C# 14 2026-04-09 12:06:54 -07:00
Sam Chang
38440d96b8 Support added in Jan 2026 2026-04-09 10:48:08 -07:00
Anders Schack-Mulligen
cf4ab1d106 C#: Replace old-style unbind with pragmas. 2026-04-09 15:57:19 +02:00
Tom Hvitved
33cc887be0 Merge pull request #21592 from hvitved/dataflow/source-call-context-type-flow 
Data flow: Add hook for preventing lambda dispatch in source call contexts
 2026-04-09 13:44:42 +02:00
Geoffrey White
e72c116664 Rust: Proposed improved solution. 2026-04-09 11:18:25 +01:00
Tom Hvitved
d704b753c8 Fix CP in typeFlowParamType 
Forgot to link `p` with `c` using `nodeEnclosingCallable(p, c)`.
 2026-04-09 09:19:55 +02:00
dependabot[bot]
7833a0a2e8 Bump gazelle from 0.47.0 to 0.50.0 
Bumps [gazelle](https://github.com/bazel-contrib/bazel-gazelle) from 0.47.0 to 0.50.0.
- [Release notes](https://github.com/bazel-contrib/bazel-gazelle/releases)
- [Commits](https://github.com/bazel-contrib/bazel-gazelle/compare/v0.47.0...v0.50.0)

---
updated-dependencies:
- dependency-name: gazelle
  dependency-version: 0.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-09 03:08:02 +00:00
Geoffrey White
95681bfad4 Rust: Fix performance issue with File.fromSource. 2026-04-08 15:04:03 +01:00
Kristen Newbury
fb0ee5b987 Merge pull request #21640 from knewbury01/knewbury01/adjust-actions-queries-alerts 
Adjust alert messages CWE-829/ArtifactPoisoning[Critical|Medium]
 2026-04-08 09:44:00 -04:00
Kristen Newbury
7b7411f7df Change alert location CWE-829/ArtifactPoisoning queries 2026-04-08 08:57:45 -04:00
Taus
16683aee0e Merge pull request #21590 from github/tausbn/python-improve-bind-all-interfaces-query 
Python: Improve "bind all interfaces" query
 2026-04-07 17:59:48 +02:00
Jeroen Ketema
e7d3eedc80 Merge pull request #21661 from jketema/autoconf 
C++: Add heuristic for GNU autoconf config files
 2026-04-07 15:38:06 +02:00
Taus
4cb238f1af Merge pull request #21598 from github/tausbn/python-port-should-use-with 
Python: Port ShouldUseWithStatement.ql
 2026-04-07 14:16:41 +02:00
Geoffrey White
f2292643a3 C++: Update code scanning suite .expected. 2026-04-07 12:53:53 +01:00
Geoffrey White
3769a8a482 C++: Update code scanning suite .expected. 2026-04-07 12:51:56 +01:00
Mathias Vorreiter Pedersen
5e145aa27d Merge pull request #21631 from MathiasVP/expose-fwd-stage-1 
Dataflow: Expose stage 1's `fwdFlow`
 2026-04-07 11:29:56 +01:00
Mathias Vorreiter Pedersen
e06294bcb4 Shared: Respond to review comments. 2026-04-07 11:11:04 +01:00
Idriss Riouak
39f92e992a Merge pull request #21494 from github/idrissrio/java/jdk26 
Java: Accept new test results after JDK 26 extractor upgrade
 2026-04-07 12:03:36 +02:00
Tom Hvitved
0d4524f8f3 Address review comments 2026-04-07 11:40:10 +02:00
Tom Hvitved
1e1a8732a3 Data flow: Add hook for preventing lambda dispatch in source call contexts 2026-04-07 11:40:08 +02:00
Tom Hvitved
eb64fcd208 C#: Add test that shows unintended flow summary generation 2026-04-07 11:40:07 +02:00
Jeroen Ketema
04cfd37f53 C++: Fix comments in tests 2026-04-07 10:52:12 +02:00
Jeroen Ketema
b19c648965 C++: Add heuristic for GNU autoconf config files 2026-04-07 10:43:15 +02:00
Michael Nebel
e259ebe258 Merge pull request #21627 from michaelnebel/csharp/cleanup 
C#: Deprecate get[L|R]Value predicates.
 2026-04-07 10:23:59 +02:00
idrissrio
6f199b90ba Java: Accept new test results for JDK 26 
Accept new ByteOrder.getEntries, List.ofLazy, and Map.ofLazy entries
in kotlin2 test expected files.
 2026-04-07 09:28:25 +02:00
idrissrio
3ccbd8032c Java: Accept new test results for JDK 26 
JDK 26 added ofLazy methods to List, Map, and Set collections.
Update expected test output to include these new methods.
 2026-04-07 09:28:23 +02:00
idrissrio
5a6eb79470 Java: Pin CWE-676 test to --release 25 
Thread.stop() was removed in JDK 26. Pin the test to --release 25.
 2026-04-07 09:28:22 +02:00
idrissrio
74b0e8c19a Java: Accept new test results after JDK 26 extractor upgrade 2026-04-07 09:28:20 +02:00
Tom Hvitved
7d184d0c7f Merge pull request #21206 from hvitved/rust/type-inference-closure-param-context-typed 
Rust: Infer argument types based on trait bounds on parameters
 2026-04-07 09:17:30 +02:00
Mario Campos
fb8b5699f2 Merge pull request #21639 from github/mario-campos/test-go-registries 
Add tests for multiple Git sources and GoProxy servers in registry config parsing
 2026-04-02 11:12:51 -05:00
Kristen Newbury
41714656ec Adjust alert messages actions CWE-829 2026-04-02 11:58:58 -04:00
Kristen Newbury
e69e30aa84 Adjust alert messages CWE-829/ArtifactPoisoning[Critical|Medium] 2026-04-02 11:32:37 -04:00
Mario Campos
fb871cdfb8 Add tests for multiple Git sources and GoProxy servers in registry config parsing 2026-04-02 10:12:48 -05:00
Paolo Tranquilli
cedacc91db Merge pull request #21583 from github/redsun82/update-kotlin-2.3.20 
Kotlin: update to 2.3.20
 2026-04-02 15:58:22 +02:00
Geoffrey White
56af9a84ab Update cpp/ql/src/Likely Bugs/Underspecified Functions/ImplicitFunctionDeclaration.qhelp 2026-04-02 11:40:51 +01:00
Geoffrey White
9eabfc5fdc Update cpp/ql/src/Likely Bugs/Underspecified Functions/ImplicitFunctionDeclaration.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2026-04-02 11:39:45 +01:00
Geoffrey White
e83658ed06 C++: Upgrade query precision. 2026-04-02 11:38:09 +01:00
Geoffrey White
2d02056e5c C++: Second change note. 2026-04-02 11:34:54 +01:00
Geoffrey White
909b55a40a C++: Change note. 2026-04-02 11:28:34 +01:00
Geoffrey White
b41a4ff5e4 C++: Upgrade query precision. 2026-04-02 11:28:19 +01:00
Geoffrey White
fca567f6ea C++: Change note. 2026-04-02 11:26:50 +01:00
Geoffrey White
84c01bc255 C++: Upgrade query precision. 2026-04-02 11:26:49 +01:00
Mathias Vorreiter Pedersen
4d8b782695 Shared: Also expose dataflow stage 1's forward flow predicate. 2026-04-02 10:56:09 +01:00