hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 20:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,804 Commits 1,689 Branches 160 Tags
f60d759a6593b30375fb9f39a643ff6615046400
Commit Graph

85804 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Philip Ginsbach
f60d759a65 Avoid non-trivially shadowing string.toString() 
Prepare libraries for a possible deprecation warning on shadowing
string.toString().

These instanceof classes were using this.(Type).method() to call
supertype methods, but super.method() is clearer and equivalent
for instanceof supertypes.
 2026-02-10 15:46:10 +00:00
Michael Nebel
ece85854cd Merge pull request #21285 from michaelnebel/csharp14/implicittypedlambdaparametermodifiers 
C# 14: [TEST ONLY] Simple lambda parameters with modifiers.
 2026-02-10 14:16:19 +01:00
Michael Nebel
c15ad31b07 Merge pull request #21220 from michaelnebel/csharp14/extension 
C# 14: Support `extension` types.
 2026-02-10 14:15:57 +01:00
Michael Nebel
25b836b1b5 C#: Apply suggestions from code review 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2026-02-10 13:12:53 +01:00
Owen Mansel-Chan
f2d3bc03aa Merge pull request #21302 from github/mbg/go/bump-to-1.25.7 
Go: Bump toolchain to `1.25.7`
 2026-02-10 10:33:50 +00:00
Michael B. Gale
518fb44a92 Go: Bump toolchain to 1.25.7 2026-02-10 10:01:38 +00:00
Michael B. Gale
eee4014e94 Merge pull request #21300 from github/dependabot/go_modules/go/extractor/extractor-dependencies-393b62c927 
Bump the extractor-dependencies group in /go/extractor with 2 updates
 2026-02-10 09:46:56 +00:00
Simon Friis Vindum
78c262ca63 Merge pull request #21297 from hvitved/rust/type-inference-fix-bug 
Rust: Fix bug in `inferMethodCallTypeSelf`
 2026-02-10 09:51:12 +01:00
Tom Hvitved
c3ac20267a Merge pull request #21217 from hvitved/rust/type-inference-perf 
Rust: Rework call disambiguation logic
 2026-02-10 08:52:01 +01:00
dependabot[bot]
e172cb3f7a Bump the extractor-dependencies group in /go/extractor with 2 updates 
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.32.0 to 0.33.0
- [Commits](https://github.com/golang/mod/compare/v0.32.0...v0.33.0)

Updates `golang.org/x/tools` from 0.41.0 to 0.42.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.41.0...v0.42.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-10 03:15:54 +00:00
Tom Hvitved
6611978368 Update rust/ql/lib/codeql/rust/internal/typeinference/DerefChain.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-09 19:38:49 +01:00
Tom Hvitved
16539b4667 Address review comments 2026-02-09 19:30:58 +01:00
yoff
5ad42f8bcc Merge pull request #20563 from microsoft/azure_python_sdk_url_summary_upstream 
Azure python sdk url summary upstream
 2026-02-09 18:34:36 +01:00
Michael Nebel
bee1718469 QL4QL: Allow Impl classes to implement getAPrimaryQLClass with non Impl suffix. 2026-02-09 16:53:43 +01:00
Michael Nebel
3e914f7ff1 C#: Add DB downgrade script. 2026-02-09 16:24:19 +01:00
Michael Nebel
42d2de848d C#: Add DB upgrade script. 2026-02-09 16:24:00 +01:00
Ian Lynagh
b5e3168032 Merge pull request #21286 from github/andersfugmann/kotlin_2.3.10-no-artifacts 
Kotlin: Support Kotlin 2.3.10
 2026-02-09 13:26:40 +00:00
Tom Hvitved
109d802607 Rust: Fix bug in inferMethodCallTypeSelf 2026-02-09 14:15:05 +01:00
Michael B. Gale
71e8730c63 Merge pull request #21263 from github/mbg/csharp/registry-diagnostic 
C#: Add diagnostic for private registry usage
 2026-02-09 12:58:43 +00:00
Michael Nebel
eff9f99f44 C#: Update test expected output. 2026-02-09 13:30:14 +01:00
Michael Nebel
d9fea156f6 C#: Update MaD models for extension members. 2026-02-09 13:28:11 +01:00
Michael Nebel
bcdbd6e283 C#: Use the fully qualified name for the extension type when printing extension types. 2026-02-09 13:27:32 +01:00
Michael Nebel
fe94b3b68b C#: Address review comments. 2026-02-09 11:46:53 +01:00
Owen Mansel-Chan
90401b3ad3 Merge pull request #21254 from owen-mc/go/astnode-get-enclosing-block 
Go: Add `AstNode.getEnclosingBlock()`
 2026-02-06 22:23:15 +00:00
Jon Janego
d0bd8459a1 Merge pull request #21291 from github/codeql-spark-run-21760759512 
Update changelog documentation site
 2026-02-06 12:28:56 -06:00
Jon Janego
1c43ceae95 Merge branch 'main' into codeql-spark-run-21760759512 2026-02-06 12:16:31 -06:00
Jon Janego
5bf2d9442e Fix formatting in changelog for Go path injection query 2026-02-06 12:14:03 -06:00
Jon Janego
c40d784a4d Update codeql-cli-2.23.1.rst 2026-02-06 12:13:34 -06:00
Jon Janego
bf6568b928 Fix formatting for Kotlin version support note 2026-02-06 12:12:55 -06:00
Jon Janego
79ad064a93 Fix formatting in Kotlin version support note 2026-02-06 12:12:16 -06:00
Jon Janego
552976d057 Update codeql-cli-2.19.1.rst 2026-02-06 12:11:49 -06:00
github-actions[bot]
353cd31ce6 update codeql documentation 2026-02-06 18:09:49 +00:00
Paolo Tranquilli
48db24d184 Merge pull request #21287 from github/redsun82/fix-rust-deps-patching 
Bazel: fix Rust deps patching for semver build metadata
 2026-02-06 17:17:24 +01:00
REDMOND\brodes
8459eec239 Moving the SsrfSink concept into Concepts.qll, and renaming to HttpClientRequestFromModel as suggested in PR review. 2026-02-06 09:26:49 -05:00
Anders Fugmann
c5179e40c6 Kotlin: Add change note for supporting 2.3.10 2026-02-06 14:59:34 +01:00
github-actions[bot]
38830ddc5c Bazel: fix Rust deps patching for semver build metadata 
Handle crate versions containing `+` build metadata (e.g., `0.9.11+spec-1.1.0`).
Bazel repo names use `-` instead of `+`, so the generated labels need patching
to reference the correct repo name.

Also adds documentation for both patching issues handled by patch_defs.py.
 2026-02-06 14:58:34 +01:00
Anders Fugmann
d5827b5cca Kotlin: Support Kotlin 2.3.10 2026-02-06 14:54:08 +01:00
Michael Nebel
6c355a1bf8 C#: Update test expected output. 2026-02-06 14:38:27 +01:00
Michael Nebel
e550d4937c C#: Update parameter modifiers test to include lambda expression from the new test file. 2026-02-06 14:37:50 +01:00
Michael Nebel
62a6b5985d C#: Add test cases for lambda parameter modifiers. 2026-02-06 14:37:11 +01:00
Mathias Vorreiter Pedersen
2c05624088 Merge pull request #21280 from MathiasVP/make-getChildCount-more-robust 
C++: Make 'getChildCount' more robust by counting indices instead of elements
 2026-02-06 12:19:20 +00:00
Ben Rodes
ac1987f264 Update python/ql/lib/change-notes/2025-09-30-azure_ssrf_models.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-02-05 15:44:44 -05:00
Mathias Vorreiter Pedersen
d57a42a7f7 C++: Make 'getChildCount' more robust by counting indexes instead of 'TranslatedDeclarationEntry's. 2026-02-05 20:23:45 +00:00
Tom Hvitved
32aaac27ec Rust: Add type inference regression test 2026-02-05 17:29:42 +01:00
Tom Hvitved
2dc7576232 Rust: Rework call disambiguation logic 2026-02-05 17:29:40 +01:00
Taus
5adc9f8ff0 Merge pull request #21274 from github/tausbn/python-fix-parsing-of-format-specifiers 
Python: Fix syntax error when `=` is used as a format fill character
 2026-02-05 16:37:42 +01:00
Michael Nebel
02e4a8b6f7 C#: Add change-note. 2026-02-05 15:52:43 +01:00
Michael Nebel
bd3e4d3d7e C#: Add MaD tests for extensions. 2026-02-05 15:38:29 +01:00
Michael Nebel
4b6a53b577 C#: Add extension data flow test. 2026-02-05 15:38:27 +01:00
Michael Nebel
6cbe000d51 C#: Add PrintAst test for extensions. 2026-02-05 15:38:25 +01:00