codeql

mirror of https://github.com/github/codeql.git synced 2026-02-11 20:51:06 +01:00

Author	SHA1	Message	Date
Tom Hvitved	16539b4667	Address review comments	2026-02-09 19:30:58 +01:00
Tom Hvitved	2dc7576232	Rust: Rework call disambiguation logic	2026-02-05 17:29:40 +01:00
Anders Schack-Mulligen	81977f11a1	Cfg: qldoc + overlay fixups.	2026-02-05 08:59:28 +01:00
Anders Schack-Mulligen	83adf793e4	Cfg: Fix compilation.	2026-02-04 15:28:37 +01:00
Anders Schack-Mulligen	389cd5d648	Cfg: Extract CFG pretty-printing code.	2026-02-03 15:33:55 +01:00
github-actions[bot]	73d06f26cb	Post-release preparation for codeql-cli-2.24.1	2026-02-02 14:04:26 +00:00
github-actions[bot]	0db542e9f0	Release preparation for version 2.24.1	2026-02-02 12:09:09 +00:00
yoff	8c0baefd3b	Merge pull request #21141 from mbaluda/prompt-injection Python: Prompt injection in OpenAI clients	2026-01-30 12:55:56 +01:00
yoff	e7a0fc7140	python: Add query for prompt injection This pull request introduces a new CodeQL query for detecting prompt injection vulnerabilities in Python code targeting AI prompting APIs such as agents and openai. The changes includes a new experimental query, new taint flow and type models, a customizable dataflow configuration, documentation, and comprehensive test coverage.	2026-01-29 23:47:52 +01:00
Owen Mansel-Chan	8b936c5dbe	Add missing QLDocs	2026-01-29 16:45:23 +00:00
Tom Hvitved	df09f02981	Shared: Shadow `hasManualModel` in `RelevantSummarizedCallable`	2026-01-26 12:40:25 +01:00
Tom Hvitved	4ce04e4749	Shared: Provenance-based filtering of flow summaries	2026-01-26 12:39:37 +01:00
Simon Friis Vindum	a7fecaaa1b	Shared: Use `HasTypeTreeSig` for `TypeMention`	2026-01-26 09:29:51 +01:00
Simon Friis Vindum	ffaf1c0a24	Rust: Change `getATypeParameterConstraint` to not require a `TypeMention`	2026-01-22 14:54:24 +01:00
Tom Hvitved	8ce2618b7d	Merge pull request #21151 from hvitved/rust/disable-universal-conds-by-default Type inference: Disable universal conditions by default	2026-01-22 11:19:50 +01:00
Tom Hvitved	65ca8849f2	Type inference: Disable universal conditions	2026-01-22 09:56:52 +01:00
Ian Lynagh	df8029ff87	tree-sitter: Use more standard shared dbscheme sections We now use the shared "Overlay support" and "Database metadata".	2026-01-20 11:56:15 +00:00
Ian Lynagh	c6500e2759	tree-sitter: Add dbscheme regeneration instructions	2026-01-20 11:56:14 +00:00
github-actions[bot]	48475e66af	Post-release preparation for codeql-cli-2.24.0	2026-01-19 15:49:08 +00:00
github-actions[bot]	4142b9c4ce	Release preparation for version 2.24.0	2026-01-19 14:49:14 +00:00
Mathias Vorreiter Pedersen	dc7ce3fba3	Merge pull request #21171 from MathiasVP/fix-conflation-in-guards C++: Fix conflation in barrier guards	2026-01-19 11:29:05 +00:00
Mathias Vorreiter Pedersen	28681508f3	C++: Fix bug and accept test changes.	2026-01-15 11:17:15 +00:00
Simon Friis Vindum	8bfce6b284	Shared, rust: Add option to disable reads steps as taint steps in model generator	2026-01-13 15:58:23 +01:00
Ian Lynagh	dcd0a69759	Merge remote-tracking branch 'upstream/main' into igfoo/mb	2026-01-13 01:01:35 +00:00
Anders Schack-Mulligen	c28062aff5	Merge pull request #21127 from aschackmull/ssa/phi-input-perf SSA: Improve performance of finding relevant phi input nodes.	2026-01-12 13:29:58 +01:00
Anders Schack-Mulligen	aae8ec2240	SSA: Use fastTC for even better performance.	2026-01-12 09:39:15 +01:00
Tom Hvitved	6028cd6636	Address review comments	2026-01-09 11:14:23 +01:00
Anders Schack-Mulligen	af5adbac30	SSA: Improve performance of finding relevant phi input nodes.	2026-01-08 15:02:34 +01:00
Tom Hvitved	dce21e595e	Rust: Model implicit `Deref` trait calls in data flow	2026-01-07 10:51:56 +01:00
Tom Hvitved	4540662ab9	Rust: Model `Deref` trait in type inference	2026-01-07 10:51:53 +01:00
github-actions[bot]	2cb932cf5d	Post-release preparation for codeql-cli-2.23.9	2026-01-06 15:42:16 +00:00
github-actions[bot]	c00663766e	Release preparation for version 2.23.9	2026-01-05 11:57:06 +00:00
Tom Hvitved	b6cda4a29b	Update shared/util/codeql/util/UnboundList.qll Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-12-17 13:44:47 +01:00
Tom Hvitved	08339fe0df	Shared: Add library for unbound lists	2025-12-17 13:13:39 +01:00
Tom Hvitved	d709343d38	Merge pull request #21011 from aschackmull/mad/shared-externalflow Java/C++/Go/C#: Share parts of ExternalFlow.qll	2025-12-15 20:27:04 +01:00
Óscar San José	2824c98efb	Merge pull request #21025 from github/oscarsj/mergeback-rc-3-20-into-main Mergeback rc/3.20 into main	2025-12-15 11:59:58 +01:00
Anders Schack-Mulligen	64a48e4e7b	MaD: Use "namespace" instead "package" in shared code.	2025-12-12 13:57:02 +01:00
Anders Schack-Mulligen	7f8d0771df	MaD: Rename file.	2025-12-12 13:50:58 +01:00
Óscar San José	d972af9ef8	Merge branch 'main' of https://github.com/github/codeql into oscarsj/mergeback-rc-3-20-into-main	2025-12-12 13:22:08 +01:00
Anders Schack-Mulligen	8564b4ea66	Go: Use shared modelCoverage.	2025-12-12 11:24:39 +01:00
Tom Hvitved	c4a8e9df21	Shared: Prefer source/sink models with manual provenance over generated	2025-12-12 11:16:13 +01:00
Anders Schack-Mulligen	5bddc8d289	Go: Move Go package-grouping support into shared lib.	2025-12-12 09:17:51 +01:00
Anders Schack-Mulligen	e262438557	C++: Use shared model coverage code.	2025-12-12 08:20:20 +01:00
Anders Schack-Mulligen	07252519c8	Java/C++: Thread additional models through the shared lib.	2025-12-12 08:20:20 +01:00
Anders Schack-Mulligen	3b334ea215	Java/C#: Share model coverage code.	2025-12-12 08:20:19 +01:00
Anders Schack-Mulligen	cb578e32ab	Java: Move interpretModelForTest into shared code.	2025-12-12 08:20:17 +01:00
Anders Schack-Mulligen	8da65ec6d0	Java: Add support for boolean MaD barrier guards.	2025-12-11 16:24:25 +01:00
Anders Schack-Mulligen	d24b0ff596	Java: Basic support for pass-through barrier models.	2025-12-11 16:24:25 +01:00
Tom Hvitved	d5a95a8099	Rust: Strengthen `isNotInstantiationOf` uses	2025-12-10 20:48:21 +01:00
Anders Schack-Mulligen	09058e48aa	Guards: Rename -WithState to Parameterized-.	2025-12-10 12:23:51 +01:00

1 2 3 4 5 ...

1719 Commits