hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-08 14:42:30 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,446 Commits 1,776 Branches 169 Tags
codeql-cli/v2.25.5
Commit Graph

87446 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
bc28e1726c Refactor to get rid of duplication 2026-04-17 13:24:16 +01:00
Taus
dc36609743 Python: Add data-flow tests 
Alas, all these demonstrate is that we already don't fully support the
desugared `yield from` form.
 2026-04-17 12:15:04 +00:00
Tom Hvitved
7bfdfbefa9 Add change note 2026-04-17 13:57:08 +02:00
Tom Hvitved
0235df8758 C#: Improve alert message for RedundantToStringCall.ql 2026-04-17 13:55:00 +02:00
Jeroen Ketema
e3b88cbad3 Swift: Fix change note 2026-04-17 13:29:24 +02:00
Jeroen Ketema
dd2440086f Swift: Add change note 2026-04-17 13:24:17 +02:00
Jeongsoo Lee
abec00cd34 Update cpp/ql/src/change-notes/2026-04-16-add-model-for-aligned-alloc.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2026-04-17 07:08:38 -04:00
Owen Mansel-Chan
9f4fd7fab0 Remove a data flow consistency exclusion 
This is no longer needed.
 2026-04-17 11:27:36 +01:00
Florin Coada
08aced85ba Add barrier and barrier guard documentation for Rust 
Add barrierModel and barrierGuardModel sections to the Rust library
models documentation, following the pattern established in PR #21523
for other languages.

Includes:
- New extensible predicate descriptions in the overview
- Example: barrier for SQL injection using escape_sql
- Example: barrier guard for path injection using is_safe_path
- Reference material for both barrierModel and barrierGuardModel

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-04-17 11:09:46 +01:00
Florin Coada
6c83ec6e61 docs: Add 'Customizing library models for Rust' documentation 
Add documentation for customizing library models for Rust using data
extension files. This follows the pattern of existing documentation for
other languages (Java, Python, Ruby, Go, C#, C++, JavaScript).

The documentation covers:
- Rust-specific extensible predicates (sourceModel, sinkModel,
  summaryModel, neutralModel) with their simplified schema
- Canonical path syntax for identifying Rust functions and methods
- Examples using real models from the codebase (sqlx, reqwest,
  std::env, std::path, Iterator::map)
- Access path token reference (Argument, Parameter, ReturnValue,
  Element, Field, Reference, Future)
- Source and sink kind reference
- Threat model integration

Also updates codeql-for-rust.rst to include the new page in the
toctree.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-04-17 10:02:34 +01:00
Paolo Tranquilli
5342cc79fb Merge pull request #21574 from github/redsun82/actions/remove-harden-runner-false-positive 
Remove false positive injection sink models for `docker/build-push-action` and `step-security/harden-runner`
 2026-04-17 09:43:45 +02:00
Tom Hvitved
426962e348 C#: Fix FPs in RedundantToStringCall.ql 2026-04-17 09:37:19 +02:00
Tom Hvitved
33e9c02079 C#: Add more tests for RedundantToStringCall.ql 2026-04-17 09:33:13 +02:00
jeongsoolee09
553ed103c3 Add a change note 2026-04-16 21:31:55 -04:00
jeongsoolee09
d2d594a8ff Add models of ::aligned_alloc, std::aligned_alloc, and bsl::aligned_alloc 2026-04-16 21:21:09 -04:00
Taus
6c675fcede Python: Consolidate duplicated code 2026-04-16 21:14:42 +00:00
Kristen Newbury
81532c7ce6 Fix outstanding expected file 2026-04-16 11:37:03 -04:00
Jeroen Ketema
efddfab564 Swift: Expose the generic arguments of BuiltinFixedArrays 2026-04-16 17:07:20 +02:00
Owen Mansel-Chan
73cc54c10d Use monospace instead of bold for quoted code 2026-04-16 12:35:38 +01:00
Owen Mansel-Chan
69c150d5f6 Use monospace instead of bold for predicate signatures 2026-04-16 12:34:47 +01:00
Owen Mansel-Chan
82d9d46fde Remove duplication and standardize wording 
Co-authored-by: Copilot <copilot@github.com>
 2026-04-16 12:26:44 +01:00
Owen Mansel-Chan
5a7b1b91e0 Fix mistakes in explanation of override column 
To avoid copy-paste mistakes and make them more consistent we just use
the word "model".
 2026-04-16 11:41:30 +01:00
Owen Mansel-Chan
2c16cb46ad Quote library name in backticks 
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
 2026-04-16 11:30:10 +01:00
Owen Mansel-Chan
f6135b70ea Remove global function step from local flow 2026-04-16 11:15:01 +01:00
Tom Hvitved
ee34e3353d Merge pull request #21698 from hvitved/rust/type-inference-index-expr 
Rust: Replace special handling of index expressions in type inference
 2026-04-16 09:03:06 +02:00
Kristen Newbury
ed4e2bc5b9 Improve formatting helpfiles 2026-04-15 16:29:57 -04:00
Kristen Newbury
589e1e5c19 Update actions/ql/lib/ext/config/poisonable_steps.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-04-15 16:27:06 -04:00
Kristen Newbury
c9e5dbda78 Update actions/ql/lib/ext/config/poisonable_steps.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-04-15 16:26:38 -04:00
Kristen Newbury
a342efca0e Revert accidental change 2026-04-15 16:12:52 -04:00
Kristen Newbury
1233d81523 Improve actions/ql/src/Security/CWE-829/UntrustedCheckoutX queries 2026-04-15 14:11:17 -04:00
Jon Janego
f95ee129df Merge pull request #21713 from github/codeql-spark-run-24459914636 
Update changelog documentation site for codeql-cli-2.25.2
 2026-04-15 09:55:53 -05:00
github-actions[bot]
d24fb29ff4 update codeql documentation 2026-04-15 14:23:47 +00:00
Jeroen Ketema
97d8993fc5 Merge pull request #21667 from jketema/jketema/swift-6.3 
Swift: Update to Swift 6.3
 2026-04-15 14:07:23 +02:00
Jeroen Ketema
7d1c62daa6 Swift: Address review comment 2026-04-15 13:37:15 +02:00
Tom Hvitved
597d81038a Merge pull request #21708 from github/copilot/fix-missed-opportunity-to-use-select 
Fix false positive in `MissedSelectOpportunity` when foreach body uses `await`
 2026-04-15 11:32:02 +02:00
Tom Hvitved
069431941e Merge pull request #21596 from hvitved/rust/data-flow-closure-type 
Rust: Track closure types in data flow
 2026-04-15 10:32:05 +02:00
Tom Hvitved
609621f638 Merge pull request #21679 from hvitved/rust/type-inference-forall-checks 
Rust: Replace recursion through `forall` with ranked recursion
 2026-04-15 09:43:37 +02:00
Jeroen Ketema
ae2226345e Merge pull request #21709 from jketema/depr 
C++: Remove deprecated code deprecated more than a year ago
 2026-04-14 17:04:48 +02:00
Owen Mansel-Chan
f79ffe792e Fix docs: "branch" -> "acceptingValue" 2026-04-14 15:41:02 +01:00
Owen Mansel-Chan
87f2e21ae9 Fix docs: "acceptingvalue" -> "acceptingValue" 2026-04-14 15:37:17 +01:00
Owen Mansel-Chan
6321482a46 Remove mention of extension ID 2026-04-14 15:29:52 +01:00
Owen Mansel-Chan
8081d4602b Use hyphens in column names: "access-path", "accepting-value" 2026-04-14 15:27:42 +01:00
Owen Mansel-Chan
2ecf086333 Include parameters when quoting extensible predicate name 2026-04-14 15:27:41 +01:00
Owen Mansel-Chan
76d165e71e "modelling" -> "modeling" in docs 2026-04-14 15:27:39 +01:00
Owen Mansel-Chan
8f17b73796 Fix link formatting in change notes 2026-04-14 15:27:37 +01:00
Owen Mansel-Chan
6d4e8bfcb2 Correct extensible predicate signatures in docs 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-04-14 15:27:35 +01:00
Owen Mansel-Chan
a2a0c087e1 Remove incorrect parameter of extensible predicate 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-04-14 15:27:33 +01:00
Owen Mansel-Chan
c86ba38a4e Add change notes 2026-04-14 15:27:31 +01:00
Owen Mansel-Chan
415330d5eb Update docs for barriers and barrier guards 2026-04-14 15:27:29 +01:00
Owen Mansel-Chan
05e3073165 List extensible predicates for barriers and barrier guards 2026-04-14 15:27:27 +01:00