Paolo Tranquilli
578efeaaa3
feat: add rules_cc to autoload configuration
...
Add +@rules_cc to --incompatible_autoload_externally to enable
graceful migration path for cc_* rule usages before all files
are updated with explicit imports.
2026-02-10 13:44:05 +01:00
Paolo Tranquilli
4d6fb873ab
feat: add Python 3.12 toolchain registration
...
rules_python 1.x requires explicit toolchain setup and no longer
auto-registers toolchains. Register Python 3.12 toolchain to ensure
Python tools work correctly with Bazel 9.
2026-02-10 13:44:05 +01:00
Paolo Tranquilli
39218f5e6b
feat: add rules_cc and rules_java module dependencies
...
Add explicit dependencies required for Bazel 9:
- rules_cc 0.2.16: provides cc_binary, cc_library, cc_test
- rules_java 9.0.3: provides java_* rules
Also update related dependencies:
- rules_go: 0.56.1 → 0.59.0 (compatibility with Bazel 9)
- gazelle: 0.40.0 → 0.47.0 (compatibility with rules_go 0.59.0)
- rules_nodejs: 6.2.0-codeql.1 → 6.7.3 (upstream version)
2026-02-10 13:44:05 +01:00
Paolo Tranquilli
d33375cd16
chore: upgrade Bazel to 9.0.0
...
Bazel 9 removes native.cc_* and native.java_* rules from Starlark,
requiring explicit imports from rules_cc and rules_java.
2026-02-10 13:44:04 +01:00
Michael Nebel
25b836b1b5
C#: Apply suggestions from code review
...
Co-authored-by: Tom Hvitved <hvitved@github.com >
2026-02-10 13:12:53 +01:00
Owen Mansel-Chan
f2d3bc03aa
Merge pull request #21302 from github/mbg/go/bump-to-1.25.7
...
Go: Bump toolchain to `1.25.7`
2026-02-10 10:33:50 +00:00
Tom Hvitved
55e5bc4970
Rust: Add telemtry tags to queries
2026-02-10 11:25:42 +01:00
Michael B. Gale
518fb44a92
Go: Bump toolchain to 1.25.7
2026-02-10 10:01:38 +00:00
Tom Hvitved
5634395a32
Rust: Speedup type inference for Trait::function() calls
2026-02-10 10:50:59 +01:00
Michael B. Gale
eee4014e94
Merge pull request #21300 from github/dependabot/go_modules/go/extractor/extractor-dependencies-393b62c927
...
Bump the extractor-dependencies group in /go/extractor with 2 updates
2026-02-10 09:46:56 +00:00
Simon Friis Vindum
a033057d90
Rust: Fix a bad join
2026-02-10 09:54:01 +01:00
Simon Friis Vindum
624ee1898a
Rust: Implement support for associated types accessed on type parameters
2026-02-10 09:53:56 +01:00
Simon Friis Vindum
0cd5366034
Rust: Add type inference test for associated type acces on a type parameter of an impl block
2026-02-10 09:51:56 +01:00
Simon Friis Vindum
78c262ca63
Merge pull request #21297 from hvitved/rust/type-inference-fix-bug
...
Rust: Fix bug in `inferMethodCallTypeSelf`
2026-02-10 09:51:12 +01:00
Tom Hvitved
c3ac20267a
Merge pull request #21217 from hvitved/rust/type-inference-perf
...
Rust: Rework call disambiguation logic
2026-02-10 08:52:01 +01:00
dependabot[bot]
e172cb3f7a
Bump the extractor-dependencies group in /go/extractor with 2 updates
...
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod ) and [golang.org/x/tools](https://github.com/golang/tools ).
Updates `golang.org/x/mod` from 0.32.0 to 0.33.0
- [Commits](https://github.com/golang/mod/compare/v0.32.0...v0.33.0 )
Updates `golang.org/x/tools` from 0.41.0 to 0.42.0
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.41.0...v0.42.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-version: 0.33.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
dependency-version: 0.42.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: extractor-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-10 03:15:54 +00:00
Lindsay Simpkins
677949e409
Fix typo in change note
...
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2026-02-09 17:16:10 -05:00
Lindsay Simpkins
fe10fb37e9
add changenote
2026-02-09 16:48:08 -05:00
Lindsay Simpkins
ba3fc0a769
update csharp MaD for System.Web.HttpUtility for tainted URIs
2026-02-09 16:48:05 -05:00
Tom Hvitved
6611978368
Update rust/ql/lib/codeql/rust/internal/typeinference/DerefChain.qll
...
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2026-02-09 19:38:49 +01:00
Tom Hvitved
16539b4667
Address review comments
2026-02-09 19:30:58 +01:00
REDMOND\brodes
23bab81855
Added change log
2026-02-09 13:22:35 -05:00
REDMOND\brodes
df54459552
Restore prior PR change log (accidentally removed)
2026-02-09 13:19:02 -05:00
Ben Rodes
85ae4045c5
Merge branch 'main' into azure_python_sanitizer_upstream2
2026-02-09 13:12:38 -05:00
Ian Lynagh
6235edaa21
C++: Update stats
2026-02-09 18:01:02 +00:00
Ian Lynagh
9a5128f915
C++: Add up/downgrade scripts
2026-02-09 18:01:01 +00:00
Ian Lynagh
c5f6820b5d
C++ overlay: Add trap_filename, source_file_uses_trap, in_trap
2026-02-09 18:01:01 +00:00
yoff
5ad42f8bcc
Merge pull request #20563 from microsoft/azure_python_sdk_url_summary_upstream
...
Azure python sdk url summary upstream
2026-02-09 18:34:36 +01:00
Michael Nebel
bee1718469
QL4QL: Allow Impl classes to implement getAPrimaryQLClass with non Impl suffix.
2026-02-09 16:53:43 +01:00
REDMOND\brodes
98b51149da
C++: Change log missing .md extension.
2026-02-09 10:48:24 -05:00
REDMOND\brodes
8e36316ebf
C++: Addressing Copilot PR suggestions.
2026-02-09 10:42:34 -05:00
Michael Nebel
3e914f7ff1
C#: Add DB downgrade script.
2026-02-09 16:24:19 +01:00
Michael Nebel
42d2de848d
C#: Add DB upgrade script.
2026-02-09 16:24:00 +01:00
Ian Lynagh
b5e3168032
Merge pull request #21286 from github/andersfugmann/kotlin_2.3.10-no-artifacts
...
Kotlin: Support Kotlin 2.3.10
2026-02-09 13:26:40 +00:00
Tom Hvitved
109d802607
Rust: Fix bug in inferMethodCallTypeSelf
2026-02-09 14:15:05 +01:00
Michael B. Gale
71e8730c63
Merge pull request #21263 from github/mbg/csharp/registry-diagnostic
...
C#: Add diagnostic for private registry usage
2026-02-09 12:58:43 +00:00
Michael Nebel
eff9f99f44
C#: Update test expected output.
2026-02-09 13:30:14 +01:00
Michael Nebel
d9fea156f6
C#: Update MaD models for extension members.
2026-02-09 13:28:11 +01:00
Michael Nebel
bcdbd6e283
C#: Use the fully qualified name for the extension type when printing extension types.
2026-02-09 13:27:32 +01:00
Michael Nebel
fe94b3b68b
C#: Address review comments.
2026-02-09 11:46:53 +01:00
Owen Mansel-Chan
90401b3ad3
Merge pull request #21254 from owen-mc/go/astnode-get-enclosing-block
...
Go: Add `AstNode.getEnclosingBlock()`
2026-02-06 22:23:15 +00:00
REDMOND\brodes
1796bc0abb
C++: Add change note.
2026-02-06 16:19:11 -05:00
REDMOND\brodes
36cc20989c
C++: Accept test changes (removing false negative)
2026-02-06 16:11:51 -05:00
REDMOND\brodes
2b806ad6fd
C++: Add missing DateTime models for PTIME_FIELDS and TIME_FIELDS
2026-02-06 16:10:04 -05:00
REDMOND\brodes
a534d26449
C++: Accept test changes.
2026-02-06 16:07:44 -05:00
REDMOND\brodes
ca18179bd2
C++: Correct false positive. Only TimeConversionFunction that do not auto correct for leap year should be considered.
2026-02-06 16:07:07 -05:00
REDMOND\brodes
d9feadcfec
C++. Accept test changes. One false positive introduced, and one false negative remains.
2026-02-06 16:05:38 -05:00
REDMOND\brodes
95d4a541bc
C++: Refactor leap year logic for UncheckedLeapYearAfterYearModification. Includes new logic for detecting leap year checks, new forms of leap year checks detected, and various heuristics to remove false postives. Move TimeConversionFunction into LeapYear.qll and refactored to separate conversion functions that are expected to be checked for failure from those that auto correct leap year dates if feb 29 is provided on a non-leap year. Increas the set of known TimeConversionFunctions.
2026-02-06 16:03:37 -05:00
REDMOND\brodes
6c171c804f
C++: Add more tests for modified years with and without leap year checks (UncheckedLeapYearAfterYearModification). Switch to using 'postprocess' for unit tests.
2026-02-06 16:03:25 -05:00
Jon Janego
d0bd8459a1
Merge pull request #21291 from github/codeql-spark-run-21760759512
...
Update changelog documentation site
2026-02-06 12:28:56 -06:00
