hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 06:53:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,690 Branches 160 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Smowton
4fb133a43d Recognise that a less-than test is as good as a non-equal test for mitigating off-by-one array access 2025-09-12 14:32:07 +01:00
Simon Friis Vindum
d10cdfb7f1 Rust: Move existing blanket implementation test 2025-09-12 15:31:42 +02:00
Simon Friis Vindum
69a1c7e1e8 Rust: Add tests with blanket implementation 2025-09-12 15:26:19 +02:00
Anders Schack-Mulligen
452bbf7289 Java: Add some more nullness tests. 2025-09-12 13:38:21 +02:00
Anders Schack-Mulligen
924a8eac5c Java: Improve precision of SuccessorType labels in CFG. 2025-09-12 13:38:21 +02:00
Anders Schack-Mulligen
1ebdcdfa8c Guards: Support integer ranges. 2025-09-12 13:38:20 +02:00
Anders Schack-Mulligen
db1f399067 Java: Preparatory Nullness refactor. 2025-09-12 13:38:20 +02:00
Anders Schack-Mulligen
e8ddac08b7 Merge pull request #20377 from aschackmull/java/preconditions 
Java: Consolidate Assertions.qll and Preconditions.qll.
 2025-09-12 13:37:41 +02:00
Alexander Eyers-Taylor
e9fcd985f9 Merge pull request #20357 from github/alexet/java-global-virtual-dispatch 
Java: Make Virtual Dispatch Global, but keep SSA local.
 2025-09-12 12:20:46 +01:00
Geoffrey White
d638ee9741 Merge pull request #20404 from geoffw0/rustanalyzerdoc 
Rust: add `rust-analyzer` update instructions
 2025-09-12 11:17:10 +01:00
Jeroen Ketema
7c35835e25 Merge pull request #20422 from jketema/go-log 
Go: Retrofit the change log to mention Go 1.25
 2025-09-12 11:20:03 +02:00
Jeroen Ketema
a773042c5d Merge pull request #20407 from jketema/dyn-too-many 
C++: Add `cpp/uninitialized-local` test
 2025-09-12 11:12:28 +02:00
Jeroen Ketema
0f5bd3799e Merge branch 'main' into go-log 2025-09-12 11:12:01 +02:00
Jeroen Ketema
3de9356141 Go: Retrofit the change log to mention Go 1.25 
This can only be a minor change (or something similar) to stay within the
semantic versioning contraints. This is because only the patch version of
the Go ql library pack was bumped during the release. Since there were no new
language features in Go 1.25, this might also be the most accurate choice here.
 2025-09-12 11:08:42 +02:00
Jeroen Ketema
352610d651 C++: Add GOOD annotation 2025-09-12 10:29:27 +02:00
Simon Friis Vindum
fd5b5baa8f Merge pull request #20403 from paldepind/rust/certain-struct-expr 
Rust: Infer certain type information for struct expressions
 2025-09-12 10:28:07 +02:00
Geoffrey White
92124a9033 Update rust/README.md 2025-09-12 09:01:13 +01:00
Jonas Jensen
5ac80353d2 Docs: remove outdated link to change notes. 
The change notes are now maintained under each query pack, so there's no
single place where we can link to it.
 2025-09-12 09:26:23 +02:00
Jonas Jensen
cb766de37e Docs: remove 1-year deprecation period for QL libs 
Internal reference: codeql-team ADR 0011.
 2025-09-12 09:24:13 +02:00
Simon Friis Vindum
b456a8c4e5 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-09-12 09:09:00 +02:00
Asger F
132a8b8b53 JS: Model json and jsonp methods 2025-09-12 08:51:23 +02:00
Asger F
d729ab501b JS: Add test that calls .json or .jsonp 2025-09-12 08:51:21 +02:00
Alex Eyers-Taylor
d5ee91b1e8 Java: Adress comments form code review. 2025-09-11 17:14:08 +01:00
Geoffrey White
aaa67a2da9 Update rust/README.md 
Co-authored-by: Simon Friis Vindum <paldepind@github.com>
 2025-09-11 17:12:22 +01:00
Ian Lynagh
ffeece1179 Merge pull request #20410 from igfoo/igfoo/bmn-med 
C++: Remove the BMN filter from some queries, but reduce precision to medium
 2025-09-11 17:01:35 +01:00
Ian Lynagh
050a9e155f C++: Add changenote for changes to some queries 
Queries affected:
    cpp/wrong-type-format-argument
    cpp/comparison-with-wider-type
    cpp/integer-multiplication-cast-to-long
    cpp/implicit-function-declaration
    cpp/suspicious-add-sizeof
 2025-09-11 15:56:41 +01:00
Idriss Riouak
8ce2d3954e Merge pull request #20413 from github/idrissrio/java25-change-note 
Java: Add change note and update supported versions
 2025-09-11 16:39:28 +02:00
Ian Lynagh
cc131a09a1 C++: Accept changes to cpp/ql/integration-tests/query-suite 2025-09-11 15:01:04 +01:00
Michael Nebel
0b43203349 Merge pull request #20401 from michaelnebel/csharp/deprecatecapturedforeachvariable 
C#: Deprecate `cs/captured-foreach-variable`.
 2025-09-11 15:01:29 +02:00
Asger F
ae4cf302f2 Remove failures from dataflow-consistency expectations 2025-09-11 14:49:58 +02:00
Asger F
511308746c DataFlow: Permit local flow between post-update nodes 2025-09-11 14:49:56 +02:00
idrissrio
a0e963f769 Java: Add change note and update supported versions 2025-09-11 14:37:36 +02:00
Ian Lynagh
b3f4c68a1d C++: Remove the BMN filter from some queries, but reduce precision to medium 
Remove the `not any(Compilation c).buildModeNone() and` clause from:
    cpp/wrong-type-format-argument
    cpp/comparison-with-wider-type
    cpp/integer-multiplication-cast-to-long
    cpp/implicit-function-declaration
    cpp/suspicious-add-sizeof
but reduce their precision to `medium`.
 2025-09-11 13:32:11 +01:00
Idriss Riouak
0b5745c24b Merge pull request #20405 from github/workflow/coverage/update 
Update CSV framework coverage reports
 2025-09-11 14:17:08 +02:00
Michael B. Gale
f4575d9d03 Merge pull request #20406 from github/dependabot/go_modules/go/extractor/extractor-dependencies-93606d20ee 
Bump golang.org/x/tools from 0.36.0 to 0.37.0 in /go/extractor in the extractor-dependencies group
 2025-09-11 13:11:28 +01:00
Simon Friis Vindum
4d0635dc8a Update qhelp for request forgery query 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2025-09-11 13:55:51 +02:00
Jeroen Ketema
d87e9ec095 Merge pull request #20409 from jketema/jketema/swift-changenote 
Swift: Mention in update playbook that we want a change note
 2025-09-11 13:03:56 +02:00
Owen Mansel-Chan
f74913aa4d Merge pull request #20411 from owen-mc/go/improve-pun-tests 
Go: improve post-update node tests
 2025-09-11 12:03:21 +01:00
Simon Friis Vindum
671bea58af Rust: Add certain type information for struct patterns 2025-09-11 12:43:26 +02:00
Owen Mansel-Chan
d9e7c89af0 Add indirect method calls 2025-09-11 11:31:28 +01:00
Owen Mansel-Chan
84e70e166e Add direct method calls 2025-09-11 11:27:56 +01:00
Owen Mansel-Chan
fa18fd2782 Add method defs 2025-09-11 11:24:53 +01:00
Owen Mansel-Chan
cbbf7c2578 Include pre-update node in output 2025-09-11 11:22:17 +01:00
Paolo Tranquilli
051da9d407 Merge branch 'main' into rustanalyzerdoc 2025-09-11 11:48:17 +02:00
Geoffrey White
32131cf9ae Update rust/README.md 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-11 10:36:04 +01:00
Simon Friis Vindum
50b3571124 Cargo: Revert changes to the Ruby extractors Cargo file 2025-09-11 11:35:33 +02:00
Simon Friis Vindum
61eea66c51 Bazel: regenerate vendored cargo dependencies 2025-09-11 11:35:15 +02:00
Jeroen Ketema
2f9961888a Swift: Mention in update playbook that we want a change note 2025-09-11 11:31:36 +02:00
Asger F
7a2391f848 JS: Deprecate Portals and delete tests 
This is a super old attempt at model generation, from before MaD even existed. It's obsolete and just have to be removed.
 2025-09-11 11:05:36 +02:00
Simon Friis Vindum
55d022f6eb Cargo: upgrade dependencies 2025-09-11 10:47:26 +02:00