hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-30 20:28:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,449 Commits 1,724 Branches 164 Tags
codeql-cli/latest
Commit Graph

3527 Commits

Author SHA1 Message Date
github-actions[bot]
fb011842c9 Release preparation for version 2.25.1 2026-03-25 23:43:06 +00:00
github-actions[bot]
8cf0954796 Release preparation for version 2.25.1 2026-03-25 08:28:30 +00:00
github-actions[bot]
d6055754b6 Release preparation for version 2.25.0 2026-03-16 12:15:34 +00:00
Owen Mansel-Chan
b8b841cfba Add overlay[loca] in 4 more tests 2026-03-13 16:19:00 +00:00
Owen Mansel-Chan
99f4930e24 Explicitly mark DataFlowNodes.qll as overlay[local] 2026-03-13 15:23:39 +00:00
Owen Mansel-Chan
e9df9147ad Add overlay annotations in 4 PrintAst tests 2026-03-13 15:03:05 +00:00
Owen Mansel-Chan
f32f85399a Mark various files as overlay[local] 2026-03-13 15:03:02 +00:00
Jonas Jensen
c56feb7644 Go: annotate the standard library with for overlay 
This commit is auto-generated with:

    python3 config/add-overlay-annotations.py go
 2026-03-13 15:03:01 +00:00
dependabot[bot]
c9e0927992 Bump the extractor-dependencies group across 1 directory with 2 updates 
Bumps the extractor-dependencies group with 2 updates in the /go/extractor directory: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.33.0 to 0.34.0
- [Commits](https://github.com/golang/mod/compare/v0.33.0...v0.34.0)

Updates `golang.org/x/tools` from 0.42.0 to 0.43.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.42.0...v0.43.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-13 03:04:44 +00:00
Owen Mansel-Chan
d7d1554461 Merge pull request #21465 from owen-mc/go/small-tweaks 
Go: improve detection of type expressions when database is missing some type information
 2026-03-12 14:58:16 +00:00
Owen Mansel-Chan
0bb6ff58cc Merge pull request #21466 from owen-mc/go/add-nil-helper-predicate 
Go: Add and use `exprRefersToNil` predicate
 2026-03-12 14:36:03 +00:00
Owen Mansel-Chan
c271755985 Add and use exprRefersToNil predicate 2026-03-12 13:28:57 +00:00
Owen Mansel-Chan
a16c43881b Use "database" instead of "snapshot" in QLDocs 2026-03-12 13:28:06 +00:00
Owen Mansel-Chan
39e0382089 Improve QLDoc for isTypeExprTopDown 2026-03-12 13:28:05 +00:00
Owen Mansel-Chan
22e012c6f4 Expand isTypeExprTopDown 
We should be using all subtypes of `FieldBase`. This allows us to find
more type expressions, and is also simpler to evaluate.
 2026-03-12 13:28:03 +00:00
Mario Campos
6fb10555ff Correct comment about AES crypto algorithm strength 2026-03-11 09:27:03 -05:00
Óscar San José
3b9eba2afc Merge branch 'main' of https://github.com/github/codeql into oscarsj/merge-back-rc-3.21 2026-03-06 16:20:36 +01:00
Owen Mansel-Chan
c82f75604a Add change notes 2026-03-05 10:34:30 +00:00
Owen Mansel-Chan
d4ba2d68f9 Go: Inline expectation should have space after $ 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
 2026-03-04 12:44:57 +00:00
github-actions[bot]
e152f08468 Post-release preparation for codeql-cli-2.24.3 2026-03-02 22:51:27 +00:00
github-actions[bot]
7795badd18 Release preparation for version 2.24.3 2026-03-02 13:23:40 +00:00
Paolo Tranquilli
42e41c57d4 Go: fix standalone build of the Go extractor 
https://github.com/github/codeql/pull/21276 worked together with the
internal changes but broke the standalone build of the Go extractor of
this repo in isolation.

The root cause was the lack of an auto-loaded `java_library` rule
definition. This fixes it.

I also checked this doesn't happen anywhere else.
 2026-02-25 13:33:54 +01:00
github-actions[bot]
b5898c5a30 Post-release preparation for codeql-cli-2.24.2 2026-02-16 17:07:45 +00:00
github-actions[bot]
ef04f927fb Release preparation for version 2.24.2 2026-02-16 13:29:25 +00:00
github-actions[bot]
fea07ebfcb Add changed framework coverage reports 2026-02-12 00:32:08 +00:00
Owen Mansel-Chan
542d4631d7 restore ~ in action.yml version 2026-02-10 22:32:36 +00:00
Owen Mansel-Chan
f01d5840b0 Update to 1.26.0 2026-02-10 22:32:33 +00:00
Owen Mansel-Chan
936c4cc79f Fix edge case in MaD validation 
If the db contains no pointer types then we were getting spurious model
validation errors.
 2026-02-10 22:32:31 +00:00
Owen Mansel-Chan
e1bddd9365 Model newly added functions 2026-02-10 22:32:30 +00:00
Owen Mansel-Chan
22e9c212d6 Add failing tests for newly added functions 2026-02-10 22:32:28 +00:00
Owen Mansel-Chan
26ef33212d Test builtins like standard library 2026-02-10 22:32:27 +00:00
Jeroen Ketema
22e9b42808 Go: Add change note 2026-02-10 22:31:10 +00:00
Jeroen Ketema
50ed0af9da Go: Bump maxGoVersion to 1.26 2026-02-10 22:31:08 +00:00
Jeroen Ketema
e00e3a87ff Update Go version in tests to 1.26.0 2026-02-10 22:31:00 +00:00
Michael B. Gale
518fb44a92 Go: Bump toolchain to 1.25.7 2026-02-10 10:01:38 +00:00
dependabot[bot]
e172cb3f7a Bump the extractor-dependencies group in /go/extractor with 2 updates 
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.32.0 to 0.33.0
- [Commits](https://github.com/golang/mod/compare/v0.32.0...v0.33.0)

Updates `golang.org/x/tools` from 0.41.0 to 0.42.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.41.0...v0.42.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-10 03:15:54 +00:00
Owen Mansel-Chan
90401b3ad3 Merge pull request #21254 from owen-mc/go/astnode-get-enclosing-block 
Go: Add `AstNode.getEnclosingBlock()`
 2026-02-06 22:23:15 +00:00
Michael B. Gale
8e39ed079e Merge pull request #21252 from github/mbg/go/private-registry-diagnostic 
Go: Add diagnostic for private registry usage
 2026-02-03 14:36:19 +00:00
Michael B. Gale
d5c4a19efa Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2026-02-03 10:34:14 +00:00
Owen Mansel-Chan
e00390d23a Merge pull request #21224 from owen-mc/go/use-shared-basic-block-lib 
Go: Use shared basic block lib
 2026-02-02 16:31:06 +00:00
Michael B. Gale
d079671ec8 Align testItems with what getEnvVars does 2026-02-02 16:17:22 +00:00
Michael B. Gale
cbbc057dd3 Fix singular/plural wording and add test 2026-02-02 16:15:36 +00:00
Michael B. Gale
30b30d65c8 Emit the new diagnostic 2026-02-02 14:47:25 +00:00
Michael B. Gale
6d67e419ff Move private registry sources out of util package 2026-02-02 14:45:06 +00:00
Michael B. Gale
29930fa6bf Track active proxy configurations 2026-02-02 14:40:08 +00:00
Michael B. Gale
a57c6cde30 Add EmitPrivateRegistryUsed 2026-02-02 14:39:27 +00:00
github-actions[bot]
73d06f26cb Post-release preparation for codeql-cli-2.24.1 2026-02-02 14:04:26 +00:00
github-actions[bot]
0db542e9f0 Release preparation for version 2.24.1 2026-02-02 12:09:09 +00:00
Owen Mansel-Chan
8aa1bff9a5 Add AstNode.getEnclosingBlock() 2026-02-01 23:06:26 +00:00
Owen Mansel-Chan
2f29c905c3 Fix typo in change note 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-28 22:39:08 +00:00