hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-13 05:31:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,688 Branches 160 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Simon Friis Vindum
7c0054bf25 C++: Tweak a comment in simple range analysis 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2026-01-08 08:51:04 +01:00
github-actions[bot]
614a05133e Add changed framework coverage reports 2026-01-08 00:26:30 +00:00
Chris Smowton
d048d394b4 Merge pull request #21117 from smowton/smowton/admin/revert-java-paths-directives 
Java: revert filtering of ancillary data extraction
 2026-01-07 16:13:21 +00:00
Jeroen Ketema
a5f6806239 Merge pull request #21105 from jketema/load-this 
C++: Use the loaded `this` instead of the `this` initialization
 2026-01-07 16:51:14 +01:00
Paolo Tranquilli
e3503be1d1 Cmake: fix bazel not generating files for the cmake generator 2026-01-07 16:36:36 +01:00
Taus
8602a2d59b Python: Use correct first parameter name for zstd call 
Co-authored-by: yoff <yoff@github.com>
 2026-01-07 14:47:11 +01:00
Owen Mansel-Chan
6a3c74c989 Merge pull request #20999 from joefarebrother/java-spring-websocket 
Java: Add models for spring WebSocketHandler
 2026-01-07 13:29:19 +00:00
Chris Smowton
688f10daf1 Revert "Change note" 
This reverts commit 6fb6923f63.
 2026-01-07 13:20:17 +00:00
Chris Smowton
9db11f73c5 Revert "Add integration test for paths and paths-ignore vs. Java buildless mode" 
This reverts commit 102cfd06a7.
 2026-01-07 13:20:12 +00:00
Tom Hvitved
fef00c1668 Add change note 2026-01-07 14:17:48 +01:00
Tom Hvitved
2d4da807c1 Merge pull request #21114 from hvitved/rust/exclude-result-err-taint-step 
Rust: Add `Result::Err` to `excludeFieldTaintStep`
 2026-01-07 14:01:49 +01:00
Michael Nebel
7ed3d3f3e1 Merge pull request #21065 from michaelnebel/csharp/implicitspanconversions 
C# 14: Implicit span conversions.
 2026-01-07 13:39:58 +01:00
Simon Friis Vindum
f5ddb1d51d C++: Remove safeFloor in simple range analysis 2026-01-07 12:49:09 +01:00
Owen Mansel-Chan
6c291e1e7f Add model for handlePongMessage and update test 2026-01-07 11:09:59 +00:00
Tom Hvitved
1e792132ba Rust: Add Result::Err to excludeFieldTaintStep 2026-01-07 11:37:08 +01:00
Asger F
cf0b77074f JS: Workaround forceLocal not supporting 'result' column 
A bug made it into the release which causes compilation errors when
forceLocal is used on a predicate with a result column.

This commit works around the issue by converting the result column
to a positional parameter, for the predicates that we use forceLocal on.

It should be safe to revert this commit once the compiler fix has made
it into a stable release.
 2026-01-07 11:05:41 +01:00
Asger F
e16cacd48d JS: Rename "in scope" to "in active file" 2026-01-07 11:05:41 +01:00
Asger F
87049bd07e Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Taus <tausbn@github.com>
 2026-01-07 11:05:41 +01:00
Asger F
56a6fe4c08 Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-07 11:05:41 +01:00
Asger F
d0dbc91aa9 Update javascript/ql/lib/semmle/javascript/ApiGraphs.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-07 11:05:41 +01:00
Asger F
9721b4e0f5 JS: Fix bad join in export logic 2026-01-07 11:05:41 +01:00
Asger F
cae27c40be JS: Add a missing needsDefNode restriction 
Previously this was implied by MkClassInstance but that's no longer
the case.
 2026-01-07 11:05:41 +01:00
Asger F
369848a870 JS: Fix some QL4QL alerts 2026-01-07 11:05:41 +01:00
Asger F
869efb8a48 JS: Sync ApiGraphModels.qll 2026-01-07 11:05:41 +01:00
Asger F
97d369cf4e JS: Make API::Node overlay[local?] 
We want the type itself to be local but nearly all its member predicates
are global.
 2026-01-07 11:05:41 +01:00
Asger F
27e8bcb347 JS: Add back promisify-all support 
This was somehow lost in a rebase
 2026-01-07 11:05:41 +01:00
Asger F
8731eee10e JS: Work around an issue with overlay-invariance 2026-01-07 11:05:41 +01:00
Asger F
962c128f20 JS: Update test output to reflect Node.toString() change 2026-01-07 11:05:41 +01:00
Asger F
7974416e65 JS: Simplify toString() 2026-01-07 11:05:41 +01:00
Asger F
651608a170 JS: Bugfix in Stage1Local::trackDefNode 2026-01-07 11:05:41 +01:00
Asger F
ed3a8bdfa9 JS: Include import paths from custom ModuleImportNode::Range subclasses 2026-01-07 11:05:41 +01:00
Asger F
c687dc93b0 JS: Add overlay[global] to abstract classes with fields 
Some abstract classes defines fields without binding them, leaving it up to the subclasses to bind them. When combined with overlay[local?], the charpred for such an abstract class can become local, while the subclasses are global. The means the charpred needs to be materialized, even though it doesn't bind the fields, leading to a cartesian product.
 2026-01-07 11:05:41 +01:00
Asger F
cf0e7652f4 JS: Remove global dependency that wasnt needed anyway 2026-01-07 11:05:41 +01:00
Asger F
a6dfb8351c JS: Add back CallReceiverStep() restriction 
This was initially lost after rebasing with indentation changes
 2026-01-07 11:05:41 +01:00
Asger F
825c08356f JS: Change signature of 'edges' to support quick eval 2026-01-07 11:05:41 +01:00
Asger F
4bd0f34938 JS: Add debug tools for detecting lost nodes/edges 2026-01-07 11:05:41 +01:00
Asger F
c9d3f06fbc JS:Add more member labels 2026-01-07 11:05:41 +01:00
Asger F
9c37e076cc JS: Add overlay-specific Stage2 2026-01-07 11:05:41 +01:00
Asger F
1001e86f20 JS: Restrict Stage1 to the base database 2026-01-07 11:05:41 +01:00
Asger F
b12d927020 JS: Also expose "any state" version of tracking predicates 2026-01-07 11:05:41 +01:00
Asger F
daf04f1184 JS: Call forceLocal on the output of Stage 1 2026-01-07 11:05:41 +01:00
Asger F
271567c88f JS: Add missing def-node roots 2026-01-07 11:05:41 +01:00
Asger F
123bc64091 JS: Improve join order at MkUse call 2026-01-07 11:05:41 +01:00
Asger F
295bc6981d JS: Make API nodes and labels local 2026-01-07 11:05:41 +01:00
Asger F
6c00a7fb96 JS: Remove unused predicate 2026-01-07 11:05:41 +01:00
Asger F
3ed0f36bb1 JS: Use forceLocal to localize MkTypeUse 2026-01-07 11:05:41 +01:00
Asger F
385bb32710 JS: Localize MkClassInstance 2026-01-07 11:05:41 +01:00
Asger F
a2a9518d2a JS: Localize MkModuleImport 2026-01-07 11:05:41 +01:00
Asger F
3110e5a8ac JS: Localize MkModuleExport 2026-01-07 11:05:41 +01:00
Asger F
c8108d109d JS: Localize charpred of API::EntryPoint 
This is needed for localizing ApiLabel later
 2026-01-07 11:05:41 +01:00