hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 15:16:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,857 Commits 1,700 Branches 161 Tags
ba252cb5cf817cc1d75bb47405f5ef134d7a31e0
Commit Graph

81857 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
ba252cb5cf Java: Add a couple of difficult condition correlation tests. 2025-08-22 10:08:00 +02:00
Chris Smowton
2d9470ded8 Merge pull request #20264 from github/smowton/admin/merge-rc319-into-main 
Merge rc/3.19 into main
 2025-08-21 17:06:17 +01:00
Chris Smowton
1829060fab Merge remote-tracking branch 'origin/main' into smowton/admin/merge-rc319-into-main 2025-08-21 16:33:37 +01:00
Tom Hvitved
7a4bc80582 Merge pull request #20248 from hvitved/rust/jump-to-def-generic-args 
Rust: Adjust jump-to-def for paths with generic arguments
 2025-08-21 16:00:51 +02:00
Tom Hvitved
0144c77dd1 Merge pull request #20234 from hvitved/type-inference/rename-vars 
Type inference: Rename some variables
 2025-08-21 16:00:31 +02:00
Michael Nebel
c89f2e309d Merge pull request #20089 from michaelnebel/csharp/allowsinkimplicitread 
C#: Allow implicit collection reads in sink nodes.
 2025-08-21 15:29:52 +02:00
Jami
771d7cb171 Merge pull request #20095 from jcogs33/jcogs33/java/finalizers-on-exit-and-garbage-collection 
Java: Add `previous-id` and adjust tags for `java/garbage-collection` and `java/run-finalizers-on-exit`
 2025-08-21 08:10:36 -04:00
Owen Mansel-Chan
f1c6064f4e Merge pull request #20188 from github/dependabot/go_modules/go/extractor/extractor-dependencies-c0b353d580 
Bump the extractor-dependencies group in /go/extractor with 2 updates
 2025-08-21 12:44:15 +01:00
Mathias Vorreiter Pedersen
dfda5a0793 Merge pull request #20249 from MathiasVP/type-tracking-for-cpp-3 
C++: Use the shared type-tracking library for virtual dispatch resolution
 2025-08-21 11:14:12 +02:00
Napalys Klicius
3369e16b1b Merge pull request #20254 from Napalys/cs/ldap-injection-qhelp 
CS: Update `cs/ldap-injection` qhelp
 2025-08-21 08:57:03 +02:00
Michael Nebel
ebfbc71104 C#: Address more review comments. 2025-08-21 08:07:17 +02:00
dependabot[bot]
e99b423e28 Bump the extractor-dependencies group in /go/extractor with 2 updates 
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.26.0 to 0.27.0
- [Commits](https://github.com/golang/mod/compare/v0.26.0...v0.27.0)

Updates `golang.org/x/tools` from 0.35.0 to 0.36.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-21 03:46:43 +00:00
Jeroen Ketema
b79f0a2cf2 Merge pull request #20252 from knewbury01/knewbury01/add-uniform-Customizations 
Add extra Customizations files
 2025-08-20 20:14:02 +02:00
Kristen Newbury
cf0342410d Merge branch 'knewbury01/add-uniform-Customizations' of https://github.com/knewbury01/codeql into knewbury01/add-uniform-Customizations 2025-08-20 13:19:16 -04:00
Kristen Newbury
854a5b5871 Add changenotes customizations addition 2025-08-20 13:18:17 -04:00
Napalys Klicius
71a8e10f3d CS: added extra guidance in recommendation section for LDAPInjection 2025-08-20 13:37:02 +02:00
Napalys Klicius
c475bedf73 CS: removed dead links from LDAPInjection qhelp 2025-08-20 12:58:54 +02:00
Mathias Vorreiter Pedersen
70d3e69ce5 C++: Rename 'lambda' to 'virtual'. 2025-08-20 10:38:22 +02:00
Paolo Tranquilli
fd7668d94a Merge pull request #20251 from github/redsun82/rust-remove-warning 
Rust: update README to remove experimental warning
 2025-08-20 10:12:19 +02:00
Michael Nebel
3e03728ffe Merge pull request #20244 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2025-08-20 08:55:48 +02:00
Michael Nebel
b42c366250 C#: Address review comments. 2025-08-20 08:50:23 +02:00
Jeroen Ketema
c9f0e3a377 Apply suggestions from code review 2025-08-20 08:07:10 +02:00
github-actions[bot]
e74116b347 Add changed framework coverage reports 2025-08-20 00:23:14 +00:00
Kristen Newbury
d630e32ce9 Format Customizations.qll 2025-08-19 15:27:29 -04:00
Kristen Newbury
49ef6939d4 Add extra Customizations files 2025-08-19 14:49:31 -04:00
Paolo Tranquilli
65e5ded80d Rust: update README to remove experimental warning 2025-08-19 16:02:45 +02:00
Geoffrey White
963e028645 Merge pull request #20238 from geoffw0/scinit 
Rust: Update StreamCipherInit to use getCanonicalPath.
 2025-08-19 13:18:10 +01:00
Mathias Vorreiter Pedersen
02bf923f7e C++: Add change note. 2025-08-19 13:57:15 +02:00
Mathias Vorreiter Pedersen
0631bd7466 C++: Add object/flow conflation for unions when resolving function pointers. 2025-08-19 13:57:13 +02:00
Mathias Vorreiter Pedersen
16508b1800 C++: Fix off-by-one error in getType on 'FinalGlobalValue' nodes and accept test changes. 2025-08-19 13:57:11 +02:00
Mathias Vorreiter Pedersen
302d35bedc C++: Accept test changes. 2025-08-19 13:57:10 +02:00
Mathias Vorreiter Pedersen
cca5bd9ada C++: Update 'mayBenefitFromCallContext' to not use the old virtual dispatch local flow predicate. 2025-08-19 13:57:07 +02:00
Mathias Vorreiter Pedersen
383799ce67 C++: Perform 6 rounds of virtual dispatch resolution like Java. 2025-08-19 13:57:05 +02:00
Mathias Vorreiter Pedersen
d4188d59a8 C++: Instantiate the type tracking module inside a reusable module like it's done in Java. 2025-08-19 13:57:03 +02:00
Mathias Vorreiter Pedersen
ea8d766ae8 Merge pull request #20242 from MathiasVP/fprintf-partial-flow 
C++: Mark the write to `fprintf`'s 0'th argument as partial
 2025-08-19 13:43:22 +02:00
Mathias Vorreiter Pedersen
caf7464f3b C++: Prefix with 'DataflowPrivate'. 2025-08-19 12:46:12 +02:00
Mathias Vorreiter Pedersen
fdb9f7ba2a C++: Move these predicates to make the diff smaller. 2025-08-19 12:42:15 +02:00
Mathias Vorreiter Pedersen
42fcfca849 C++: Remove the old virtual dispatch case from 'defaultViableCallable' and slightly reorganize the code in preparation for the next commit. 2025-08-19 12:39:26 +02:00
Mathias Vorreiter Pedersen
c1b91db37a C++: Add more virtual dispatch tests. 2025-08-19 12:32:09 +02:00
Geoffrey White
401315c4f5 Update rust/ql/lib/codeql/rust/frameworks/rustcrypto/RustCrypto.qll 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2025-08-19 09:22:53 +01:00
Tom Hvitved
714423d6b9 Rust: Adjust jump-to-def for paths with generic arguments 2025-08-19 10:22:32 +02:00
Tom Hvitved
0cd8c9009f Rust: Add more jump-to-def tests 2025-08-19 10:20:59 +02:00
Tom Hvitved
4684ac1ed9 Merge pull request #20191 from hvitved/rust/path-resolution-successor-kind 
Rust: Distinguish internal/external items in path resolution
 2025-08-19 10:20:05 +02:00
Anders Schack-Mulligen
a8f394fedb Merge pull request #20237 from aschackmull/guards/nullguard-caching 
Guards: Cache nullGuard predicate.
 2025-08-19 09:51:31 +02:00
Geoffrey White
9f04de859f Rust: Update test results following merge. 2025-08-19 08:50:23 +01:00
Geoffrey White
ab49c33915 Merge branch 'main' into scinit 2025-08-19 08:50:12 +01:00
Tom Hvitved
e6150e2079 Merge pull request #20243 from hvitved/rust/canonical-path-transitive-deps 
Rust: Take transitive dependencies into account when computing canonical paths
 2025-08-19 09:46:53 +02:00
Tom Hvitved
60b2cf6638 Rust: Take transitive dependencies into account when computing canonical paths 2025-08-18 22:02:44 +02:00
Tom Hvitved
5a69845485 Rust: Elaborate QL doc 2025-08-18 21:31:37 +02:00
Geoffrey White
bf33d1b870 Rust: Make a couple of new imports private. 2025-08-18 18:51:33 +01:00