hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-18 07:53:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,550 Commits 1,693 Branches 160 Tags
codeql-cli/v2.23.9
Commit Graph

84550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
8b04bc0ceb Rust: Model std::fs::OpenOptions and similar. 2025-08-22 09:58:07 +01:00
Geoffrey White
9fbbe02da0 Rust: Compact these models a little. 2025-08-22 09:58:05 +01:00
Geoffrey White
fcce862cea Rust: Add an explicit test case for sinks with two relevant args. 2025-08-22 09:58:04 +01:00
Geoffrey White
16e0de0cfb Rust: Fill gaps in the tokio models. 2025-08-22 09:58:03 +01:00
Geoffrey White
29e7b6ad2c Rust: Fill a gap in the std::fs model. 2025-08-22 09:58:01 +01:00
Geoffrey White
1d2ac33bb6 Rust: Model async-std::fs. 2025-08-22 09:58:00 +01:00
Geoffrey White
49b4adcc99 Rust: Add more tests for DirEntry, PathBuf, OsString. 2025-08-22 09:57:59 +01:00
Anders Schack-Mulligen
f2352f76c0 Java: Teach guards that exceptions in catch-clauses are non-null. 2025-08-22 10:16:42 +02:00
Anders Schack-Mulligen
02452704b2 Java: Fix bug in nullness 2025-08-22 10:15:22 +02:00
Anders Schack-Mulligen
9fc0793d6a Java: More nullness qltests, including highlight of FN bug. 2025-08-22 10:12:48 +02:00
Anders Schack-Mulligen
1c724372f2 Java: More nullness qltests. 2025-08-22 10:08:17 +02:00
Anders Schack-Mulligen
ba252cb5cf Java: Add a couple of difficult condition correlation tests. 2025-08-22 10:08:00 +02:00
Napalys Klicius
4705ad2e32 Java: Added extra test cases for fields 2025-08-22 09:23:49 +02:00
Napalys Klicius
38b3df07ee Java: Address comments 2025-08-22 09:23:49 +02:00
Napalys Klicius
66f2911497 Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2025-08-22 09:23:49 +02:00
Napalys Klicius
0b172080aa Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-22 09:23:49 +02:00
Napalys Klicius
d20fd5beba Java: updated visible-for-testing-abuse meta data and docs. 2025-08-22 09:23:49 +02:00
Napalys Klicius
ea831a8352 Java: Fix VisibleForTestingAbuse false positives in annotations 2025-08-22 09:23:49 +02:00
Napalys Klicius
eb46e54c43 Java: Refactor VisibleForTestingAbuse query to reduce complexity 2025-08-22 09:23:49 +02:00
Napalys Klicius
225723bfeb Java: Exclude @VisibleForTesting-to-@VisibleForTesting access from VisibleForTestingAbuse alerts 2025-08-22 09:23:49 +02:00
Napalys Klicius
e4042402bc Java: Resolve spurious VisibleForTestingAbuse alerts for inner class access patterns 2025-08-22 09:23:49 +02:00
Napalys Klicius
1e2e6eccd7 Java: Test @VisibleForTesting method accessing @VisibleForTesting members 2025-08-22 09:23:49 +02:00
Napalys Klicius
7e2a1944f6 Java: Fix Predicate QLDoc style. 2025-08-22 09:23:49 +02:00
Napalys Klicius
9dfb4d4301 Java: Enchanced isWithinType to also include lambdas, inner classes etc. 2025-08-22 09:23:49 +02:00
Napalys Klicius
fbf18af076 Java: enchanced check if it is within same package 2025-08-22 09:23:49 +02:00
Napalys Klicius
2a16f4829e Java: Expanded test suite of java/visible-for-testing-abuse 2025-08-22 09:23:49 +02:00
Napalys Klicius
ff6ddd2893 Java: Promoted java/visible-for-testing-abuse to quality 2025-08-22 09:23:49 +02:00
Napalys Klicius
652e9cba3d Java: Added inline test expectations for java/visible-for-testing-abuse 2025-08-22 09:23:49 +02:00
Napalys Klicius
0c14d93bc6 Java: Added new query java/visible-for-testing-abuse 2025-08-22 09:23:49 +02:00
REDMOND\brodes
ec7e41cb30 Crypto: Fixed issues in CBOM representations (gaps in the underlying model) and simplified unit tests in terms of the graph complexity to aid visual assessments of model correctness. 2025-08-21 15:05:45 -04:00
Chris Smowton
2d9470ded8 Merge pull request #20264 from github/smowton/admin/merge-rc319-into-main 
Merge rc/3.19 into main
 2025-08-21 17:06:17 +01:00
Geoffrey White
8da44828a6 Rust: Add tests for std::fs::canonicalize and similar. 2025-08-21 16:47:12 +01:00
Geoffrey White
801be8fbbd Rust: Add more tests for std::fs::DirBuilder and similar. 2025-08-21 16:47:11 +01:00
Geoffrey White
bc226e2117 Rust: Add more general test cases for async_std::fs and tokio::fs. 2025-08-21 16:47:10 +01:00
Geoffrey White
5da296d77f Rust: Add tests for std::fs::OpenOptions and similar. 2025-08-21 16:47:08 +01:00
Chris Smowton
1829060fab Merge remote-tracking branch 'origin/main' into smowton/admin/merge-rc319-into-main 2025-08-21 16:33:37 +01:00
Napalys Klicius
eb6e9b8fe6 Java: Fix java/jvm-exit false positives for local nested classes in test methods 2025-08-21 14:20:49 +00:00
Napalys Klicius
41a78a0c3d Java: Added nested local class test case 2025-08-21 14:10:12 +00:00
Tom Hvitved
7a4bc80582 Merge pull request #20248 from hvitved/rust/jump-to-def-generic-args 
Rust: Adjust jump-to-def for paths with generic arguments
 2025-08-21 16:00:51 +02:00
Tom Hvitved
0144c77dd1 Merge pull request #20234 from hvitved/type-inference/rename-vars 
Type inference: Rename some variables
 2025-08-21 16:00:31 +02:00
Michael Nebel
c89f2e309d Merge pull request #20089 from michaelnebel/csharp/allowsinkimplicitread 
C#: Allow implicit collection reads in sink nodes.
 2025-08-21 15:29:52 +02:00
Joe Farebrother
9edfd7a6fb Use generator script directly 2025-08-21 14:12:26 +01:00
Joe Farebrother
f24f7d5146 Add builtin subclass models, incorporate into query 2025-08-21 13:50:26 +01:00
Jami
771d7cb171 Merge pull request #20095 from jcogs33/jcogs33/java/finalizers-on-exit-and-garbage-collection 
Java: Add `previous-id` and adjust tags for `java/garbage-collection` and `java/run-finalizers-on-exit`
 2025-08-21 08:10:36 -04:00
Owen Mansel-Chan
f1c6064f4e Merge pull request #20188 from github/dependabot/go_modules/go/extractor/extractor-dependencies-c0b353d580 
Bump the extractor-dependencies group in /go/extractor with 2 updates
 2025-08-21 12:44:15 +01:00
Napalys Klicius
46a2de69cd Update java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.ql 
Co-authored-by: Michael Nebel <michaelnebel@github.com>
 2025-08-21 13:21:17 +02:00
Mathias Vorreiter Pedersen
dfda5a0793 Merge pull request #20249 from MathiasVP/type-tracking-for-cpp-3 
C++: Use the shared type-tracking library for virtual dispatch resolution
 2025-08-21 11:14:12 +02:00
Napalys Klicius
3369e16b1b Merge pull request #20254 from Napalys/cs/ldap-injection-qhelp 
CS: Update `cs/ldap-injection` qhelp
 2025-08-21 08:57:03 +02:00
Michael Nebel
ebfbc71104 C#: Address more review comments. 2025-08-21 08:07:17 +02:00
dependabot[bot]
e99b423e28 Bump the extractor-dependencies group in /go/extractor with 2 updates 
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.26.0 to 0.27.0
- [Commits](https://github.com/golang/mod/compare/v0.26.0...v0.27.0)

Updates `golang.org/x/tools` from 0.35.0 to 0.36.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-21 03:46:43 +00:00