Merge pull request #20194 from github/redsun82/java-fix-tests

Java: use java 17 in `no-wrapper` tests
Java: use java 17 in no-wrapper tests
2026-05-20 22:27:18 +02:00 · 2025-08-08 17:54:45 +02:00 · 2025-08-08 17:52:38 +02:00 · 2025-07-07 15:47:56 +02:00 · 2025-07-07 10:06:27 +02:00 · 2025-06-19 17:35:02 +02:00
738 changed files with 15553 additions and 3767 deletions
--- a/.github/workflows/swift.yml
+++ b/.github/workflows/swift.yml
@@ -32,7 +32,7 @@ jobs:
    if: github.repository_owner == 'github'
    strategy:
      matrix:
-        runner: [ubuntu-latest, macos-13-xlarge]
+        runner: [ubuntu-latest, macos-15-xlarge]
      fail-fast: false
    runs-on: ${{ matrix.runner }}
    steps:
--- a/actions/ql/lib/CHANGELOG.md
+++ b/actions/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.4.10
+
+No user-facing changes.
+
 ## 0.4.9

 No user-facing changes.
--- a/actions/ql/lib/change-notes/released/0.4.10.md
+++ b/actions/ql/lib/change-notes/released/0.4.10.md
@@ -0,0 +1,3 @@
+## 0.4.10
+
+No user-facing changes.
--- a/actions/ql/lib/codeql-pack.release.yml
+++ b/actions/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.4.9
+lastReleaseVersion: 0.4.10
--- a/actions/ql/lib/qlpack.yml
+++ b/actions/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/actions-all
-version: 0.4.10-dev
+version: 0.4.11-dev
 library: true
 warnOnImplicitThis: true
 dependencies:
--- a/actions/ql/src/CHANGELOG.md
+++ b/actions/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 0.6.2
+
+### Minor Analysis Improvements
+
+* The query `actions/missing-workflow-permissions` is now aware of the minimal permissions needed for the actions `deploy-pages`, `delete-package-versions`, `ai-inference`. This should lead to better alert messages and better fix suggestions.
+
 ## 0.6.1

 No user-facing changes.
--- a/actions/ql/src/change-notes/2025-05-14-minimal-permission-for-add-to-project.md
+++ b/actions/ql/src/change-notes/2025-05-14-minimal-permission-for-add-to-project.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
+## 0.6.2
+
+### Minor Analysis Improvements
+
 * The query `actions/missing-workflow-permissions` is now aware of the minimal permissions needed for the actions `deploy-pages`, `delete-package-versions`, `ai-inference`. This should lead to better alert messages and better fix suggestions.
--- a/actions/ql/src/codeql-pack.release.yml
+++ b/actions/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.1
+lastReleaseVersion: 0.6.2
--- a/actions/ql/src/qlpack.yml
+++ b/actions/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/actions-queries
-version: 0.6.2-dev
+version: 0.6.3-dev
 library: false
 warnOnImplicitThis: true
 groups: [actions, queries]
--- a/config/annotate-overlay-local.py
+++ b/config/annotate-overlay-local.py
@@ -1,175 +0,0 @@
-# This script is used to annotate .qll files with overlay[local?] annotations.
-# It will walk the directory tree and annotate most .qll files, skipping only
-# some specific cases (e.g., empty files, files that configure dataflow for queries).
-# It will also add overlay[caller] annotations to predicates that are pragma[inline]
-# and either not private or in a hardcoded list of predicates.
-
-# The script takes a list of languages and processes the corresponding directories.
-
-# Usage: python3 annotate-overlay-local.py <language1> <language2> ...
-
-# The script will modify the files in place and print the changes made.
-# The script is designed to be run from the root of the repository.
-
-#!/usr/bin/python3
-import sys
-import os
-from difflib import *
-
-# These are the only two predicates that are pragma[inline], private, and must be
-# overlay[caller] in order to successfully compile our internal java queries.
-hardcoded_overlay_caller_preds = [
-    "fwdFlowInCand", "fwdFlowInCandTypeFlowDisabled"]
-
-
-def filter_out_annotations(filename):
-    '''
-    Read the file and strip all existing overlay[...] annotations from the contents.
-    Return the file modified file content as a list of lines.
-    '''
-    overlays = ["local?", "caller"]
-    annotations = [f"overlay[{t}]" for t in overlays]
-    with open(filename, 'r') as file_in:
-        lines = [l for l in file_in if not l.strip() in annotations]
-    for ann in annotations:
-        if any(line for line in lines if ann in line):
-            raise Exception(f"Failed to filter out {ann} from {filename}.")
-    return lines
-
-
-def insert_toplevel_maybe_local_anntotation(filename, lines):
-    '''
-    Find a suitable place to insert an overlay[local?] annotation at the top of the file.
-    Return a pair: (string describing action taken, modified content as list of lines).
-    '''
-    out_lines = []
-    status = 0
-
-    for line in lines:
-        if status == 0 and line.rstrip().endswith("module;"):
-            out_lines.append("overlay[local?]\n")
-            status = 1
-        out_lines.append(line)
-
-    if status == 1:
-        return (f"Annotating \"{filename}\" via existing file-level module statement", out_lines)
-
-    out_lines = []
-    empty_line_buffer = []
-    status = 0
-    for line in lines:
-        trimmed = line.strip()
-        if not trimmed:
-            empty_line_buffer.append(line)
-            continue
-        if status <= 1 and trimmed.endswith("*/"):
-            status = 2
-        elif status == 0 and trimmed.startswith("/**"):
-            status = 1
-        elif status == 0 and not trimmed.startswith("/*"):
-            out_lines.append("overlay[local?]\n")
-            out_lines.append("module;\n")
-            out_lines.append("\n")
-            status = 3
-        elif status == 2 and (trimmed.startswith("import ") or trimmed.startswith("private import ")):
-            out_lines.append("overlay[local?]\n")
-            out_lines.append("module;\n")
-            status = 3
-        elif status == 2 and (trimmed.startswith("class ") or trimmed.startswith("predicate ")
-                              or trimmed.startswith("module ") or trimmed.startswith("signature ")):
-            out_lines = ["overlay[local?]\n", "module;\n", "\n"] + out_lines
-            status = 3
-        elif status == 2 and trimmed.startswith("/*"):
-            out_lines.append("overlay[local?]\n")
-            out_lines.append("module;\n")
-            status = 3
-        elif status == 2:
-            status = 4
-        if empty_line_buffer:
-            out_lines += empty_line_buffer
-            empty_line_buffer = []
-        out_lines.append(line)
-    if status == 3:
-        out_lines += empty_line_buffer
-
-    if status == 3:
-        return (f"Annotating \"{filename}\" after file-level module qldoc", out_lines)
-
-    raise Exception(f"Failed to annotate \"{filename}\" as overlay[local?].")
-
-
-def insert_overlay_caller_annotations(lines):
-    '''
-    Mark pragma[inline] predicates as overlay[caller] if they are not declared private
-    or if they are private but are in the list of hardcoded_overlay_caller_preds.
-    '''
-    out_lines = []
-    for i, line in enumerate(lines):
-        trimmed = line.strip()
-        if trimmed == "pragma[inline]":
-            if (not "private" in lines[i+1] or
-                    any(pred in lines[i+1] for pred in hardcoded_overlay_caller_preds)):
-                whitespace = line[0: line.find(trimmed)]
-                out_lines.append(f"{whitespace}overlay[caller]\n")
-        out_lines.append(line)
-    return out_lines
-
-
-def annotate_as_appropriate(filename):
-    '''
-    Read file and strip all existing overlay[...] annotations from the contents;
-    then insert new overlay[...] annotations according to heuristics.
-    Return a pair: (string describing action taken, modified content as list of lines).
-    '''
-    lines = filter_out_annotations(filename)
-    lines = insert_overlay_caller_annotations(lines)
-
-    # These simple heuristics filter out those .qll files that we no _not_ want to annotate
-    # as overlay[local?].  It is not clear that these heuristics are exactly what we want,
-    # but they seem to work well enough for now (as determined by speed and accuracy numbers).
-    if (filename.endswith("Test.qll") or
-        ((filename.endswith("Query.qll") or filename.endswith("Config.qll")) and
-         any("implements DataFlow::ConfigSig" in line for line in lines))):
-        return (f"Keeping \"{filename}\" global because it configures dataflow for a query", lines)
-    elif not any(line for line in lines if line.strip()):
-        return (f"Keeping \"{filename}\" global because it is empty", lines)
-
-    return insert_toplevel_maybe_local_anntotation(filename, lines)
-
-
-def process_single_file(filename):
-    '''
-    Process a single file, annotating it as appropriate and writing the changes back to the file.
-    '''
-    annotate_result = annotate_as_appropriate(filename)
-
-    old = [line for line in open(filename)]
-    new = annotate_result[1]
-
-    if old != new:
-        diff = context_diff(old, new, fromfile=filename, tofile=filename)
-        diff = [line for line in diff]
-        if diff:
-            print(annotate_result[0])
-            for line in diff:
-                print(line.rstrip())
-            with open(filename, "w") as out_file:
-                for line in new:
-                    out_file.write(line)
-
-
-dirs = []
-for lang in sys.argv[1:]:
-    if lang in ["cpp", "go", "csharp", "java", "javascript", "python", "ruby", "rust", "swift"]:
-        dirs.append(f"{lang}/ql/lib")
-    else:
-        raise Exception(f"Unknown language \"{lang}\".")
-
-if dirs:
-    dirs.append("shared")
-
-for roots in dirs:
-    for dirpath, dirnames, filenames in os.walk(roots):
-        for filename in filenames:
-            if filename.endswith(".qll") and not dirpath.endswith("tutorial"):
-                process_single_file(os.path.join(dirpath, filename))
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,27 @@
+## 5.0.0
+
+### Breaking Changes
+
+* Deleted the deprecated `userInputArgument` predicate and its convenience accessor from the `Security.qll`.
+* Deleted the deprecated `userInputReturned` predicate and its convenience accessor from the `Security.qll`.
+* Deleted the deprecated `userInputReturn` predicate from the `Security.qll`.
+* Deleted the deprecated `isUserInput` predicate and its convenience accessor from the `Security.qll`.
+* Deleted the deprecated `userInputArgument` predicate from the `SecurityOptions.qll`.
+* Deleted the deprecated `userInputReturned` predicate from the `SecurityOptions.qll`.
+
+### New Features
+
+* Added local flow source models for `ReadFile`, `ReadFileEx`, `MapViewOfFile`, `MapViewOfFile2`, `MapViewOfFile3`, `MapViewOfFile3FromApp`, `MapViewOfFileEx`, `MapViewOfFileFromApp`, `MapViewOfFileNuma2`, and `NtReadFile`.
+* Added the `pCmdLine` arguments of `WinMain` and `wWinMain` as local flow sources.
+* Added source models for `GetCommandLineA`, `GetCommandLineW`, `GetEnvironmentStringsA`, `GetEnvironmentStringsW`, `GetEnvironmentVariableA`, and `GetEnvironmentVariableW`.
+* Added summary models for `CommandLineToArgvA` and `CommandLineToArgvW`.
+* Added support for `wmain` as part of the ArgvSource model.
+
+### Bug Fixes
+
+* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ArrayAggregateLiteral`s.
+* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ClassAggregateLiteral`s.
+
 ## 4.3.1

 ### Bug Fixes
--- a/cpp/ql/lib/change-notes/2025-05-15-class-aggregate-literals.md
+++ b/cpp/ql/lib/change-notes/2025-05-15-class-aggregate-literals.md
@@ -1,4 +0,0 @@
---
-category: fix
---
-* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ClassAggregateLiteral`s.
--- a/cpp/ql/lib/change-notes/2025-05-16-array-aggregate-literals.md
+++ b/cpp/ql/lib/change-notes/2025-05-16-array-aggregate-literals.md
@@ -1,4 +0,0 @@
---
-category: fix
---
-* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ArrayAggregateLiteral`s.
--- a/cpp/ql/lib/change-notes/2025-05-16-wmain-support.md
+++ b/cpp/ql/lib/change-notes/2025-05-16-wmain-support.md
@@ -1,4 +0,0 @@
---
-category: feature
---
-* Added support for `wmain` as part of the ArgvSource model.
--- a/cpp/ql/lib/change-notes/2025-05-18-2025-May-outdated-deprecations.md
+++ b/cpp/ql/lib/change-notes/2025-05-18-2025-May-outdated-deprecations.md
@@ -1,9 +0,0 @@
---
-category: breaking
---
-* Deleted the deprecated `userInputArgument` predicate and its convenience accessor from the `Security.qll`.
-* Deleted the deprecated `userInputReturned` predicate and its convenience accessor from the `Security.qll`.
-* Deleted the deprecated `userInputReturn` predicate from the `Security.qll`.
-* Deleted the deprecated `isUserInput` predicate and its convenience accessor from the `Security.qll`.
-* Deleted the deprecated `userInputArgument` predicate from the `SecurityOptions.qll`.
-* Deleted the deprecated `userInputReturned` predicate from the `SecurityOptions.qll`.
--- a/cpp/ql/lib/change-notes/released/5.0.0.md
+++ b/cpp/ql/lib/change-notes/released/5.0.0.md
@@ -0,0 +1,23 @@
+## 5.0.0
+
+### Breaking Changes
+
+* Deleted the deprecated `userInputArgument` predicate and its convenience accessor from the `Security.qll`.
+* Deleted the deprecated `userInputReturned` predicate and its convenience accessor from the `Security.qll`.
+* Deleted the deprecated `userInputReturn` predicate from the `Security.qll`.
+* Deleted the deprecated `isUserInput` predicate and its convenience accessor from the `Security.qll`.
+* Deleted the deprecated `userInputArgument` predicate from the `SecurityOptions.qll`.
+* Deleted the deprecated `userInputReturned` predicate from the `SecurityOptions.qll`.
+
+### New Features
+
+* Added local flow source models for `ReadFile`, `ReadFileEx`, `MapViewOfFile`, `MapViewOfFile2`, `MapViewOfFile3`, `MapViewOfFile3FromApp`, `MapViewOfFileEx`, `MapViewOfFileFromApp`, `MapViewOfFileNuma2`, and `NtReadFile`.
+* Added the `pCmdLine` arguments of `WinMain` and `wWinMain` as local flow sources.
+* Added source models for `GetCommandLineA`, `GetCommandLineW`, `GetEnvironmentStringsA`, `GetEnvironmentStringsW`, `GetEnvironmentVariableA`, and `GetEnvironmentVariableW`.
+* Added summary models for `CommandLineToArgvA` and `CommandLineToArgvW`.
+* Added support for `wmain` as part of the ArgvSource model.
+
+### Bug Fixes
+
+* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ArrayAggregateLiteral`s.
+* Fixed a problem where `asExpr()` on `DataFlow::Node` would never return `ClassAggregateLiteral`s.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 4.3.1
+lastReleaseVersion: 5.0.0
--- a/cpp/ql/lib/ext/Boost.Asio.model.yml
+++ b/cpp/ql/lib/ext/Boost.Asio.model.yml
@@ -1,4 +1,4 @@
-  # partial model of the Boost::Asio network library
+# partial model of the Boost::Asio network library
 extensions:
  - addsTo:
      pack: codeql/cpp-all
--- a/cpp/ql/lib/ext/Windows.model.yml
+++ b/cpp/ql/lib/ext/Windows.model.yml
@@ -0,0 +1,35 @@
+# partial model of windows system calls
+extensions:
+  - addsTo:
+      pack: codeql/cpp-all
+      extensible: sourceModel
+    data: # namespace, type, subtypes, name, signature, ext, output, kind, provenance
+      # processenv.h
+      - ["", "", False, "GetCommandLineA", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "GetCommandLineW", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "GetEnvironmentStringsA", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "GetEnvironmentStringsW", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "GetEnvironmentVariableA", "", "", "Argument[*1]", "local", "manual"]
+      - ["", "", False, "GetEnvironmentVariableW", "", "", "Argument[*1]", "local", "manual"]
+      # fileapi.h
+      - ["", "", False, "ReadFile", "", "", "Argument[*1]", "local", "manual"]
+      - ["", "", False, "ReadFileEx", "", "", "Argument[*1]", "local", "manual"]
+      # memoryapi.h
+      - ["", "", False, "MapViewOfFile", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "MapViewOfFile2", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "MapViewOfFile3", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "MapViewOfFile3FromApp", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "MapViewOfFileEx", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "MapViewOfFileFromApp", "", "", "ReturnValue[*]", "local", "manual"]
+      - ["", "", False, "MapViewOfFileNuma2", "", "", "ReturnValue[*]", "local", "manual"]
+      # ntifs.h
+      - ["", "", False, "NtReadFile", "", "", "Argument[*5]", "local", "manual"]
+  - addsTo:
+      pack: codeql/cpp-all
+      extensible: summaryModel
+    data: # namespace, type, subtypes, name, signature, ext, input, output, kind, provenance
+      # shellapi.h
+      - ["", "", False, "CommandLineToArgvA", "", "", "Argument[*0]", "ReturnValue[**]", "taint", "manual"]
+      - ["", "", False, "CommandLineToArgvW", "", "", "Argument[*0]", "ReturnValue[**]", "taint", "manual"]
+      # fileapi.h
+      - ["", "", False, "ReadFileEx", "", "", "Argument[*3].Field[@hEvent]", "Argument[4].Parameter[*2].Field[@hEvent]", "value", "manual"]
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 4.3.2-dev
+version: 5.0.1-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll
+++ b/cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll
@@ -55,7 +55,7 @@ private class LocalModelSource extends LocalFlowSource {
 }

 /**
- * A local data flow source that the `argv` parameter to `main` or `wmain`.
+ * A local data flow source that is the `argv` parameter to `main` or `wmain`.
 */
 private class ArgvSource extends LocalFlowSource {
  ArgvSource() {
@@ -69,6 +69,21 @@ private class ArgvSource extends LocalFlowSource {
  override string getSourceType() { result = "a command-line argument" }
 }

+/**
+ * A local data flow source that is the `pCmdLine` parameter to `WinMain` or `wWinMain`.
+ */
+private class CmdLineSource extends LocalFlowSource {
+  CmdLineSource() {
+    exists(Function main, Parameter pCmdLine |
+      main.hasGlobalName(["WinMain", "wWinMain"]) and
+      main.getParameter(2) = pCmdLine and
+      this.asParameter(1) = pCmdLine
+    )
+  }
+
+  override string getSourceType() { result = "a command-line" }
+}
+
 /**
 * A remote data flow source that is defined through 'models as data'.
 */
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.4.1
+
+### Minor Analysis Improvements
+
+* Added flow model for the `SQLite` and `OpenSSL` libraries. This may result in more alerts when running queries on codebases that use these libraries.
+
 ## 1.4.0

 ### Query Metadata Changes
--- a/cpp/ql/src/change-notes/2025-05-14-openssl-sqlite-models.md
+++ b/cpp/ql/src/change-notes/2025-05-14-openssl-sqlite-models.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
-* Added flow model for the `SQLite` and `OpenSSL` libraries. This may result in more alerts when running queries on codebases that use these libraries.
+## 1.4.1
+
+### Minor Analysis Improvements
+
+* Added flow model for the `SQLite` and `OpenSSL` libraries. This may result in more alerts when running queries on codebases that use these libraries.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.4.0
+lastReleaseVersion: 1.4.1
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.4.1-dev
+version: 1.4.2-dev
 groups:
  - cpp
  - queries
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/TestBase.qll
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/TestBase.qll
@@ -124,7 +124,11 @@ module IRTest {

  /** Common data flow configuration to be used by tests. */
  module IRTestAllocationConfig implements DataFlow::ConfigSig {
+    private import semmle.code.cpp.security.FlowSources
+
    predicate isSource(DataFlow::Node source) {
+      source instanceof FlowSource
+      or
      source.asExpr().(FunctionCall).getTarget().getName() = "source"
      or
      source.asIndirectExpr(1).(FunctionCall).getTarget().getName() = "indirect_source"
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-source-sink.expected
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-source-sink.expected
@@ -337,3 +337,4 @@ irFlow
 | true_upon_entry.cpp:70:11:70:16 | call to source | true_upon_entry.cpp:78:8:78:8 | x |
 | true_upon_entry.cpp:83:11:83:16 | call to source | true_upon_entry.cpp:86:8:86:8 | x |
 | true_upon_entry.cpp:98:11:98:16 | call to source | true_upon_entry.cpp:105:8:105:8 | x |
+| winmain.cpp:4:57:4:64 | *pCmdLine | winmain.cpp:6:8:6:16 | * ... |
--- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/winmain.cpp
+++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/winmain.cpp
@@ -0,0 +1,9 @@
+void sink(char);
+void sink(char*);
+
+int WinMain(void *hInstance, void *hPrevInstance, char *pCmdLine, int nCmdShow) { // $ ast-def=hInstance ast-def=hPrevInstance ast-def=pCmdLine ir-def=*hInstance ir-def=*hPrevInstance ir-def=*pCmdLine 
+  sink(pCmdLine);
+  sink(*pCmdLine); // $ ir
+
+  return 0;
+}
--- a/cpp/ql/test/library-tests/dataflow/external-models/flow.expected
+++ b/cpp/ql/test/library-tests/dataflow/external-models/flow.expected
@@ -10,33 +10,95 @@ edges
 | asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:6 |
 | asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | provenance |  |
 | asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:10 |
-| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:23489 |
-| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:23490 |
-| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:23491 |
+| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:23508 |
+| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:23509 |
+| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:23510 |
 | test.cpp:7:47:7:52 | value2 | test.cpp:7:64:7:69 | value2 | provenance |  |
 | test.cpp:7:64:7:69 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | provenance |  |
-| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:23487  |
-| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:14:10:14:10 | x | provenance | Sink:MaD:23488 |
+| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:23506  |
+| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:14:10:14:10 | x | provenance | Sink:MaD:23507 |
 | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:17:24:17:24 | x | provenance |  |
 | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:21:27:21:27 | x | provenance |  |
 | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:25:35:25:35 | x | provenance |  |
 | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:32:41:32:41 | x | provenance |  |
 | test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual | provenance |  |
-| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:23488 |
+| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:23507 |
 | test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | provenance |  |
-| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:23489 |
+| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:23508 |
 | test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance |  |
-| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:23488 |
+| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:23507 |
 | test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | provenance |  |
-| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:23490 |
+| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:23509 |
 | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance |  |
-| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:23488 |
+| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:23507 |
 | test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | provenance |  |
-| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:23491 |
+| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:23510 |
 | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance |  |
-| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:23488 |
+| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:23507 |
 | test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | provenance |  |
 | test.cpp:32:41:32:41 | x | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance |  |
+| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | provenance | MaD:341 |
+| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:22:15:22:29 | *call to GetCommandLineA | provenance | Src:MaD:325  |
+| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:24:8:24:11 | * ... | provenance |  |
+| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:27:36:27:38 | *cmd | provenance |  |
+| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance |  |
+| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:30:8:30:15 | * ... | provenance |  |
+| windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | provenance |  |
+| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | MaD:341 |
+| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:327  |
+| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:36:10:36:13 | * ... | provenance |  |
+| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | windows.cpp:41:10:41:13 | * ... | provenance | Src:MaD:329  |
+| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | provenance |  |
+| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | provenance |  |
+| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | provenance | MaD:343 |
+| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | provenance | MaD:343 |
+| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | provenance |  |
+| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | provenance |  |
+| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | provenance |  |
+| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | provenance |  |
+| windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | windows.cpp:149:42:149:53 | *lpOverlapped [*hEvent] | provenance |  |
+| windows.cpp:149:18:149:62 | *hEvent | windows.cpp:149:18:149:62 | *hEvent | provenance |  |
+| windows.cpp:149:18:149:62 | *hEvent | windows.cpp:151:8:151:14 | * ... | provenance |  |
+| windows.cpp:149:42:149:53 | *lpOverlapped [*hEvent] | windows.cpp:149:18:149:62 | *hEvent | provenance |  |
+| windows.cpp:149:42:149:53 | *lpOverlapped [*hEvent] | windows.cpp:149:56:149:61 | *hEvent | provenance |  |
+| windows.cpp:149:56:149:61 | *hEvent | windows.cpp:149:18:149:62 | *hEvent | provenance |  |
+| windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | windows.cpp:159:35:159:46 | *lpOverlapped [hEvent] | provenance |  |
+| windows.cpp:159:12:159:55 | hEvent | windows.cpp:159:12:159:55 | hEvent | provenance |  |
+| windows.cpp:159:12:159:55 | hEvent | windows.cpp:160:8:160:8 | c | provenance |  |
+| windows.cpp:159:35:159:46 | *lpOverlapped [hEvent] | windows.cpp:159:12:159:55 | hEvent | provenance |  |
+| windows.cpp:159:35:159:46 | *lpOverlapped [hEvent] | windows.cpp:159:12:159:55 | hEvent | provenance |  |
+| windows.cpp:168:35:168:40 | ReadFile output argument | windows.cpp:170:10:170:16 | * ... | provenance | Src:MaD:331  |
+| windows.cpp:177:23:177:28 | ReadFileEx output argument | windows.cpp:179:10:179:16 | * ... | provenance | Src:MaD:332  |
+| windows.cpp:189:21:189:26 | ReadFile output argument | windows.cpp:190:5:190:56 | *... = ... | provenance | Src:MaD:331  |
+| windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | windows.cpp:192:53:192:63 | *& ... [*hEvent] | provenance |  |
+| windows.cpp:190:5:190:56 | *... = ... | windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | provenance |  |
+| windows.cpp:192:53:192:63 | *& ... [*hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | provenance |  |
+| windows.cpp:198:21:198:26 | ReadFile output argument | windows.cpp:199:5:199:57 | ... = ... | provenance | Src:MaD:331  |
+| windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | windows.cpp:201:53:201:63 | *& ... [hEvent] | provenance |  |
+| windows.cpp:199:5:199:57 | ... = ... | windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | provenance |  |
+| windows.cpp:201:53:201:63 | *& ... [hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | provenance |  |
+| windows.cpp:209:84:209:89 | NtReadFile output argument | windows.cpp:211:10:211:16 | * ... | provenance | Src:MaD:340  |
+| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:286:23:286:35 | *call to MapViewOfFile | provenance | Src:MaD:333  |
+| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:287:20:287:52 | *pMapView | provenance |  |
+| windows.cpp:287:20:287:52 | *pMapView | windows.cpp:289:10:289:16 | * ... | provenance |  |
+| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | provenance | Src:MaD:334  |
+| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | windows.cpp:294:20:294:52 | *pMapView | provenance |  |
+| windows.cpp:294:20:294:52 | *pMapView | windows.cpp:296:10:296:16 | * ... | provenance |  |
+| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | provenance | Src:MaD:335  |
+| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | windows.cpp:303:20:303:52 | *pMapView | provenance |  |
+| windows.cpp:303:20:303:52 | *pMapView | windows.cpp:305:10:305:16 | * ... | provenance |  |
+| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | provenance | Src:MaD:336  |
+| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | windows.cpp:312:20:312:52 | *pMapView | provenance |  |
+| windows.cpp:312:20:312:52 | *pMapView | windows.cpp:314:10:314:16 | * ... | provenance |  |
+| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | provenance | Src:MaD:337  |
+| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | windows.cpp:319:20:319:52 | *pMapView | provenance |  |
+| windows.cpp:319:20:319:52 | *pMapView | windows.cpp:321:10:321:16 | * ... | provenance |  |
+| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | provenance | Src:MaD:338  |
+| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | windows.cpp:326:20:326:52 | *pMapView | provenance |  |
+| windows.cpp:326:20:326:52 | *pMapView | windows.cpp:328:10:328:16 | * ... | provenance |  |
+| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | provenance | Src:MaD:339  |
+| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:333:20:333:52 | *pMapView | provenance |  |
+| windows.cpp:333:20:333:52 | *pMapView | windows.cpp:335:10:335:16 | * ... | provenance |  |
 nodes
 | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | semmle.label | [summary param] *0 in buffer |
 | asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | semmle.label | [summary] to write: ReturnValue in buffer |
@@ -78,9 +140,85 @@ nodes
 | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | semmle.label | call to ymlStepGenerated_with_body |
 | test.cpp:32:41:32:41 | x | semmle.label | x |
 | test.cpp:33:10:33:11 | z2 | semmle.label | z2 |
+| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | semmle.label | [summary param] *0 in CommandLineToArgvA |
+| windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | semmle.label | [summary] to write: ReturnValue[**] in CommandLineToArgvA |
+| windows.cpp:22:15:22:29 | *call to GetCommandLineA | semmle.label | *call to GetCommandLineA |
+| windows.cpp:22:15:22:29 | *call to GetCommandLineA | semmle.label | *call to GetCommandLineA |
+| windows.cpp:24:8:24:11 | * ... | semmle.label | * ... |
+| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | semmle.label | **call to CommandLineToArgvA |
+| windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | semmle.label | **call to CommandLineToArgvA |
+| windows.cpp:27:36:27:38 | *cmd | semmle.label | *cmd |
+| windows.cpp:30:8:30:15 | * ... | semmle.label | * ... |
+| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | semmle.label | *call to GetEnvironmentStringsA |
+| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | semmle.label | *call to GetEnvironmentStringsA |
+| windows.cpp:36:10:36:13 | * ... | semmle.label | * ... |
+| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | semmle.label | GetEnvironmentVariableA output argument |
+| windows.cpp:41:10:41:13 | * ... | semmle.label | * ... |
+| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | semmle.label | [summary param] *3 in ReadFileEx [*hEvent] |
+| windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | semmle.label | [summary param] *3 in ReadFileEx [hEvent] |
+| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | semmle.label | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx |
+| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | semmle.label | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx |
+| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | semmle.label | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] |
+| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | semmle.label | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] |
+| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | semmle.label | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx |
+| windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | semmle.label | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx |
+| windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | semmle.label | *lpOverlapped [*hEvent] |
+| windows.cpp:149:18:149:62 | *hEvent | semmle.label | *hEvent |
+| windows.cpp:149:18:149:62 | *hEvent | semmle.label | *hEvent |
+| windows.cpp:149:42:149:53 | *lpOverlapped [*hEvent] | semmle.label | *lpOverlapped [*hEvent] |
+| windows.cpp:149:56:149:61 | *hEvent | semmle.label | *hEvent |
+| windows.cpp:151:8:151:14 | * ... | semmle.label | * ... |
+| windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | semmle.label | *lpOverlapped [hEvent] |
+| windows.cpp:159:12:159:55 | hEvent | semmle.label | hEvent |
+| windows.cpp:159:12:159:55 | hEvent | semmle.label | hEvent |
+| windows.cpp:159:35:159:46 | *lpOverlapped [hEvent] | semmle.label | *lpOverlapped [hEvent] |
+| windows.cpp:160:8:160:8 | c | semmle.label | c |
+| windows.cpp:168:35:168:40 | ReadFile output argument | semmle.label | ReadFile output argument |
+| windows.cpp:170:10:170:16 | * ... | semmle.label | * ... |
+| windows.cpp:177:23:177:28 | ReadFileEx output argument | semmle.label | ReadFileEx output argument |
+| windows.cpp:179:10:179:16 | * ... | semmle.label | * ... |
+| windows.cpp:189:21:189:26 | ReadFile output argument | semmle.label | ReadFile output argument |
+| windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | semmle.label | *overlapped [post update] [*hEvent] |
+| windows.cpp:190:5:190:56 | *... = ... | semmle.label | *... = ... |
+| windows.cpp:192:53:192:63 | *& ... [*hEvent] | semmle.label | *& ... [*hEvent] |
+| windows.cpp:198:21:198:26 | ReadFile output argument | semmle.label | ReadFile output argument |
+| windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | semmle.label | *overlapped [post update] [hEvent] |
+| windows.cpp:199:5:199:57 | ... = ... | semmle.label | ... = ... |
+| windows.cpp:201:53:201:63 | *& ... [hEvent] | semmle.label | *& ... [hEvent] |
+| windows.cpp:209:84:209:89 | NtReadFile output argument | semmle.label | NtReadFile output argument |
+| windows.cpp:211:10:211:16 | * ... | semmle.label | * ... |
+| windows.cpp:286:23:286:35 | *call to MapViewOfFile | semmle.label | *call to MapViewOfFile |
+| windows.cpp:286:23:286:35 | *call to MapViewOfFile | semmle.label | *call to MapViewOfFile |
+| windows.cpp:287:20:287:52 | *pMapView | semmle.label | *pMapView |
+| windows.cpp:289:10:289:16 | * ... | semmle.label | * ... |
+| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | semmle.label | *call to MapViewOfFile2 |
+| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | semmle.label | *call to MapViewOfFile2 |
+| windows.cpp:294:20:294:52 | *pMapView | semmle.label | *pMapView |
+| windows.cpp:296:10:296:16 | * ... | semmle.label | * ... |
+| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | semmle.label | *call to MapViewOfFile3 |
+| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | semmle.label | *call to MapViewOfFile3 |
+| windows.cpp:303:20:303:52 | *pMapView | semmle.label | *pMapView |
+| windows.cpp:305:10:305:16 | * ... | semmle.label | * ... |
+| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | semmle.label | *call to MapViewOfFile3FromApp |
+| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | semmle.label | *call to MapViewOfFile3FromApp |
+| windows.cpp:312:20:312:52 | *pMapView | semmle.label | *pMapView |
+| windows.cpp:314:10:314:16 | * ... | semmle.label | * ... |
+| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | semmle.label | *call to MapViewOfFileEx |
+| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | semmle.label | *call to MapViewOfFileEx |
+| windows.cpp:319:20:319:52 | *pMapView | semmle.label | *pMapView |
+| windows.cpp:321:10:321:16 | * ... | semmle.label | * ... |
+| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | semmle.label | *call to MapViewOfFileFromApp |
+| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | semmle.label | *call to MapViewOfFileFromApp |
+| windows.cpp:326:20:326:52 | *pMapView | semmle.label | *pMapView |
+| windows.cpp:328:10:328:16 | * ... | semmle.label | * ... |
+| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | semmle.label | *call to MapViewOfFileNuma2 |
+| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | semmle.label | *call to MapViewOfFileNuma2 |
+| windows.cpp:333:20:333:52 | *pMapView | semmle.label | *pMapView |
+| windows.cpp:335:10:335:16 | * ... | semmle.label | * ... |
 subpaths
 | asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | asio_streams.cpp:100:44:100:62 | call to buffer |
 | test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual |
 | test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated |
 | test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body |
 | test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body |
+| windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA |
--- a/cpp/ql/test/library-tests/dataflow/external-models/sources.expected
+++ b/cpp/ql/test/library-tests/dataflow/external-models/sources.expected
@@ -1,2 +1,19 @@
 | asio_streams.cpp:87:34:87:44 | read_until output argument | remote |
 | test.cpp:10:10:10:18 | call to ymlSource | local |
+| windows.cpp:22:15:22:29 | *call to GetCommandLineA | local |
+| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | local |
+| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | local |
+| windows.cpp:168:35:168:40 | ReadFile output argument | local |
+| windows.cpp:177:23:177:28 | ReadFileEx output argument | local |
+| windows.cpp:189:21:189:26 | ReadFile output argument | local |
+| windows.cpp:192:23:192:29 | ReadFileEx output argument | local |
+| windows.cpp:198:21:198:26 | ReadFile output argument | local |
+| windows.cpp:201:23:201:29 | ReadFileEx output argument | local |
+| windows.cpp:209:84:209:89 | NtReadFile output argument | local |
+| windows.cpp:286:23:286:35 | *call to MapViewOfFile | local |
+| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | local |
+| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | local |
+| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | local |
+| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | local |
+| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | local |
+| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | local |
--- a/cpp/ql/test/library-tests/dataflow/external-models/steps.expected
+++ b/cpp/ql/test/library-tests/dataflow/external-models/steps.expected
@@ -5,3 +5,4 @@
 | test.cpp:28:35:28:35 | 0 | test.cpp:28:11:28:33 | call to ymlStepManual_with_body |
 | test.cpp:32:38:32:38 | 0 | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body |
 | test.cpp:35:38:35:38 | x | test.cpp:35:11:35:36 | call to ymlStepGenerated_with_body |
+| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA |
--- a/cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
+++ b/cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
@@ -3771,3 +3771,7 @@
 | Dubious signature "(wchar_t *)" in summary model. |
 | Dubious signature "(wchar_t, const CStringT &)" in summary model. |
 | Dubious signature "(wchar_t,const CStringT &)" in summary model. |
+| Unrecognized input specification "Field[****hEvent]" in summary model. |
+| Unrecognized input specification "Field[***hEvent]" in summary model. |
+| Unrecognized output specification "Field[****hEvent]" in summary model. |
+| Unrecognized output specification "Field[***hEvent]" in summary model. |
--- a/cpp/ql/test/library-tests/dataflow/external-models/windows.cpp
+++ b/cpp/ql/test/library-tests/dataflow/external-models/windows.cpp
@@ -0,0 +1,337 @@
+void sink(char);
+void sink(char*);
+void sink(char**);
+
+using HANDLE = void*;
+using DWORD = unsigned long;
+using LPCH = char*;
+using LPSTR = char*;
+using LPCSTR = const char*;
+using LPVOID = void*;
+using LPDWORD = unsigned long*;
+using PVOID = void*;
+using ULONG_PTR = unsigned long*;
+using SIZE_T = decltype(sizeof(0));
+
+LPSTR GetCommandLineA();
+LPSTR* CommandLineToArgvA(LPSTR, int*);
+LPCH GetEnvironmentStringsA();
+DWORD GetEnvironmentVariableA(LPCSTR, LPSTR, DWORD);
+
+void getCommandLine() {
+  char* cmd = GetCommandLineA();
+  sink(cmd);
+  sink(*cmd); // $ ir
+
+  int argc;
+  char** argv = CommandLineToArgvA(cmd, &argc);
+  sink(argv);
+  sink(argv[1]);
+  sink(*argv[1]); // $ ir
+}
+
+void getEnvironment() {
+    char* env = GetEnvironmentStringsA();
+    sink(env);
+    sink(*env); // $ ir
+
+    char buf[1024];
+    GetEnvironmentVariableA("FOO", buf, sizeof(buf));
+    sink(buf);
+    sink(*buf); // $ ir
+}
+
+typedef struct _OVERLAPPED {
+  ULONG_PTR Internal;
+  ULONG_PTR InternalHigh;
+  union {
+    struct {
+      DWORD Offset;
+      DWORD OffsetHigh;
+    } DUMMYSTRUCTNAME;
+    PVOID Pointer;
+  } DUMMYUNIONNAME;
+  HANDLE    hEvent;
+} OVERLAPPED, *LPOVERLAPPED;
+
+using BOOL = int;
+#define FILE_MAP_READ 0x0004
+
+using ULONG64 = unsigned long long;
+using ULONG = unsigned long;
+
+using DWORD64 = unsigned long long;
+#define MEM_EXTENDED_PARAMETER_TYPE_BITS 8
+
+typedef struct MEM_EXTENDED_PARAMETER {
+  struct {
+    DWORD64 Type : MEM_EXTENDED_PARAMETER_TYPE_BITS;
+    DWORD64 Reserved : 64 - MEM_EXTENDED_PARAMETER_TYPE_BITS;
+  } DUMMYSTRUCTNAME;
+  union {
+    DWORD64 ULong64;
+    PVOID   Pointer;
+    SIZE_T  Size;
+    HANDLE  Handle;
+    DWORD   ULong;
+  } DUMMYUNIONNAME;
+} MEM_EXTENDED_PARAMETER, *PMEM_EXTENDED_PARAMETER;
+
+BOOL ReadFile(
+  HANDLE       hFile,
+  LPVOID       lpBuffer,
+  DWORD        nNumberOfBytesToRead,
+  LPDWORD      lpNumberOfBytesRead,
+  LPOVERLAPPED lpOverlapped
+);
+
+using LPOVERLAPPED_COMPLETION_ROUTINE = void (*)(DWORD, DWORD, LPOVERLAPPED);
+
+BOOL ReadFileEx(
+  HANDLE                          hFile,
+  LPVOID                          lpBuffer,
+  DWORD                           nNumberOfBytesToRead,
+  LPOVERLAPPED                    lpOverlapped,
+  LPOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine
+);
+
+using NTSTATUS = long;
+using PIO_APC_ROUTINE = void (*)(struct _DEVICE_OBJECT*, struct _IRP*, PVOID);
+typedef struct _IO_STATUS_BLOCK {
+  union {
+    NTSTATUS Status;
+    PVOID    Pointer;
+  } DUMMYUNIONNAME;
+  ULONG_PTR Information;
+} IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;
+using LONGLONG = long long;
+using LONG = long;
+typedef struct _LARGE_INTEGER {
+  union {
+    struct {
+      ULONG LowPart;
+      LONG  HighPart;
+    } DUMMYSTRUCTNAME;
+    LONGLONG QuadPart;
+  } DUMMYUNIONNAME;
+} LARGE_INTEGER, *PLARGE_INTEGER;
+
+using PULONG = unsigned long*;
+
+NTSTATUS NtReadFile(
+  HANDLE           FileHandle,
+  HANDLE           Event,
+  PIO_APC_ROUTINE  ApcRoutine,
+  PVOID            ApcContext,
+  PIO_STATUS_BLOCK IoStatusBlock,
+  PVOID            Buffer,
+  ULONG            Length,
+  PLARGE_INTEGER   ByteOffset,
+  PULONG           Key
+);
+
+
+void FileIOCompletionRoutine(
+  DWORD dwErrorCode,
+  DWORD dwNumberOfBytesTransfered,
+  LPOVERLAPPED lpOverlapped
+) {
+  char* buffer = reinterpret_cast<char*>(lpOverlapped->hEvent);
+  sink(buffer);
+  sink(*buffer); // $ MISSING: ir
+}
+
+void FileIOCompletionRoutine2(
+  DWORD dwErrorCode,
+  DWORD dwNumberOfBytesTransfered,
+  LPOVERLAPPED lpOverlapped
+) {
+  char* buffer = reinterpret_cast<char*>(lpOverlapped->hEvent);
+  sink(buffer);
+  sink(*buffer); // $ ir
+}
+
+void FileIOCompletionRoutine3(
+  DWORD dwErrorCode,
+  DWORD dwNumberOfBytesTransfered,
+  LPOVERLAPPED lpOverlapped
+) {
+  char c = reinterpret_cast<char>(lpOverlapped->hEvent);
+  sink(c); // $ ir
+}
+
+void readFile(HANDLE hFile) {
+  {
+    char buffer[1024];
+    DWORD bytesRead;
+    OVERLAPPED overlapped;
+    BOOL result = ReadFile(hFile, buffer, sizeof(buffer), &bytesRead, &overlapped);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+
+  {
+    char buffer[1024];
+    OVERLAPPED overlapped;
+    overlapped.hEvent = reinterpret_cast<HANDLE>(buffer);
+    ReadFileEx(hFile, buffer, sizeof(buffer) - 1, &overlapped, FileIOCompletionRoutine);
+    sink(buffer);
+    sink(*buffer); // $ ir
+
+    char* p = reinterpret_cast<char*>(overlapped.hEvent);
+    sink(p);
+    sink(*p); // $ MISSING: ir
+  }
+  
+  {
+    char buffer[1024];
+    OVERLAPPED overlapped;
+    ReadFile(hFile, buffer, sizeof(buffer), nullptr, nullptr);
+    overlapped.hEvent = reinterpret_cast<HANDLE>(buffer);
+    char buffer2[1024];
+    ReadFileEx(hFile, buffer2, sizeof(buffer2) - 1, &overlapped, FileIOCompletionRoutine2);
+  }
+
+  {
+    char buffer[1024];
+    OVERLAPPED overlapped;
+    ReadFile(hFile, buffer, sizeof(buffer), nullptr, nullptr);
+    overlapped.hEvent = reinterpret_cast<HANDLE>(*buffer);
+    char buffer2[1024];
+    ReadFileEx(hFile, buffer2, sizeof(buffer2) - 1, &overlapped, FileIOCompletionRoutine3);
+  }
+
+  {
+    char buffer[1024];
+    IO_STATUS_BLOCK ioStatusBlock;
+    LARGE_INTEGER byteOffset;
+    ULONG key;
+    NTSTATUS status = NtReadFile(hFile, nullptr, nullptr, nullptr, &ioStatusBlock, buffer, sizeof(buffer), &byteOffset, &key);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+}
+
+LPVOID MapViewOfFile(
+  HANDLE hFileMappingObject,
+  DWORD  dwDesiredAccess,
+  DWORD  dwFileOffsetHigh,
+  DWORD  dwFileOffsetLow,
+  SIZE_T dwNumberOfBytesToMap
+);
+
+PVOID MapViewOfFile2(
+  HANDLE  FileMappingHandle,
+  HANDLE  ProcessHandle,
+  ULONG64 Offset,
+  PVOID   BaseAddress,
+  SIZE_T  ViewSize,
+  ULONG   AllocationType,
+  ULONG   PageProtection
+);
+
+PVOID MapViewOfFile3(
+  HANDLE                 FileMapping,
+  HANDLE                 Process,
+  PVOID                  BaseAddress,
+  ULONG64                Offset,
+  SIZE_T                 ViewSize,
+  ULONG                  AllocationType,
+  ULONG                  PageProtection,
+  MEM_EXTENDED_PARAMETER *ExtendedParameters,
+  ULONG                  ParameterCount
+);
+
+PVOID MapViewOfFile3FromApp(
+  HANDLE                 FileMapping,
+  HANDLE                 Process,
+  PVOID                  BaseAddress,
+  ULONG64                Offset,
+  SIZE_T                 ViewSize,
+  ULONG                  AllocationType,
+  ULONG                  PageProtection,
+  MEM_EXTENDED_PARAMETER *ExtendedParameters,
+  ULONG                  ParameterCount
+);
+
+LPVOID MapViewOfFileEx(
+  HANDLE hFileMappingObject,
+  DWORD  dwDesiredAccess,
+  DWORD  dwFileOffsetHigh,
+  DWORD  dwFileOffsetLow,
+  SIZE_T dwNumberOfBytesToMap,
+  LPVOID lpBaseAddress
+);
+
+PVOID MapViewOfFileFromApp(
+  HANDLE  hFileMappingObject,
+  ULONG   DesiredAccess,
+  ULONG64 FileOffset,
+  SIZE_T  NumberOfBytesToMap
+);
+
+PVOID MapViewOfFileNuma2(
+  HANDLE  FileMappingHandle,
+  HANDLE  ProcessHandle,
+  ULONG64 Offset,
+  PVOID   BaseAddress,
+  SIZE_T  ViewSize,
+  ULONG   AllocationType,
+  ULONG   PageProtection,
+  ULONG   PreferredNode
+);
+
+void mapViewOfFile(HANDLE hMapFile) {
+  {
+    LPVOID pMapView = MapViewOfFile(hMapFile, FILE_MAP_READ, 0, 0, 0);
+    char* buffer = reinterpret_cast<char*>(pMapView);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+
+  {
+    LPVOID pMapView = MapViewOfFile2(hMapFile, nullptr, 0, nullptr, 0, 0, 0);
+    char* buffer = reinterpret_cast<char*>(pMapView);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+
+  {
+    MEM_EXTENDED_PARAMETER extendedParams;
+
+    LPVOID pMapView = MapViewOfFile3(hMapFile, nullptr, 0, 0, 0, 0, 0, &extendedParams, 1);
+    char* buffer = reinterpret_cast<char*>(pMapView);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+
+  {
+    MEM_EXTENDED_PARAMETER extendedParams;
+
+    LPVOID pMapView = MapViewOfFile3FromApp(hMapFile, nullptr, 0, 0, 0, 0, 0, &extendedParams, 1);
+    char* buffer = reinterpret_cast<char*>(pMapView);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+
+  {
+    LPVOID pMapView = MapViewOfFileEx(hMapFile, FILE_MAP_READ, 0, 0, 0, nullptr);
+    char* buffer = reinterpret_cast<char*>(pMapView);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+
+  {
+    LPVOID pMapView = MapViewOfFileFromApp(hMapFile, FILE_MAP_READ, 0, 0);
+    char* buffer = reinterpret_cast<char*>(pMapView);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+
+  {
+    LPVOID pMapView = MapViewOfFileNuma2(hMapFile, nullptr, 0, nullptr, 0, 0, 0, 0);
+    char* buffer = reinterpret_cast<char*>(pMapView);
+    sink(buffer);
+    sink(*buffer); // $ ir
+  }
+}
--- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.7.41
+
+No user-facing changes.
+
 ## 1.7.40

 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.41.md
+++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.41.md
@@ -0,0 +1,3 @@
+## 1.7.41
+
+No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.40
+lastReleaseVersion: 1.7.41
--- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.7.41-dev
+version: 1.7.42-dev
 groups:
  - csharp
  - solorigate
--- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
+++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.7.41
+
+No user-facing changes.
+
 ## 1.7.40

 No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.41.md
+++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.41.md
@@ -0,0 +1,3 @@
+## 1.7.41
+
+No user-facing changes.
--- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
+++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.7.40
+lastReleaseVersion: 1.7.41
--- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml
+++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.7.41-dev
+version: 1.7.42-dev
 groups:
  - csharp
  - solorigate
--- a/csharp/ql/integration-tests/posix/query-suite/csharp-code-quality.qls.expected
+++ b/csharp/ql/integration-tests/posix/query-suite/csharp-code-quality.qls.expected
@@ -3,6 +3,7 @@ ql/csharp/ql/src/API Abuse/FormatInvalid.ql
 ql/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql
 ql/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
 ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
+ql/csharp/ql/src/Language Abuse/MissedReadonlyOpportunity.ql
 ql/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql
 ql/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql
 ql/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql
--- a/csharp/ql/lib/CHANGELOG.md
+++ b/csharp/ql/lib/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 5.1.7
+
+### Minor Analysis Improvements
+
+* The generated Models as Data (MaD) models for .NET 9 Runtime have been updated and are now more precise (due to a recent model generator improvement).
+
 ## 5.1.6

 No user-facing changes.
--- a/csharp/ql/lib/change-notes/2025-05-14-dotnet-models.md
+++ b/csharp/ql/lib/change-notes/2025-05-14-dotnet-models.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
+## 5.1.7
+
+### Minor Analysis Improvements
+
 * The generated Models as Data (MaD) models for .NET 9 Runtime have been updated and are now more precise (due to a recent model generator improvement).
--- a/csharp/ql/lib/codeql-pack.release.yml
+++ b/csharp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 5.1.6
+lastReleaseVersion: 5.1.7
--- a/csharp/ql/lib/qlpack.yml
+++ b/csharp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 5.1.7-dev
+version: 5.1.8-dev
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/Bound.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/Bound.qll
@@ -1,8 +1,6 @@
 /**
 * Provides classes for representing abstract bounds for use in, for example, range analysis.
 */
-overlay[local?]
-module;

 private import internal.rangeanalysis.BoundSpecific

--- a/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll
@@ -3,8 +3,6 @@
 * an expression, `b` is a `Bound` (typically zero or the value of an SSA
 * variable), and `v` is an integer in the range `[0 .. m-1]`.
 */
-overlay[local?]
-module;

 private import internal.rangeanalysis.ModulusAnalysisSpecific::Private
 private import Bound
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll
@@ -1,6 +1,3 @@
-overlay[local?]
-module;
-
 newtype TSign =
  TNeg() or
  TZero() or
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll
@@ -5,8 +5,6 @@
 * The analysis is implemented as an abstract interpretation over the
 * three-valued domain `{negative, zero, positive}`.
 */
-overlay[local?]
-module;

 private import SignAnalysisSpecific::Private
 private import SsaReadPositionCommon
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll
@@ -1,8 +1,6 @@
 /**
 * Provides classes for representing a position at which an SSA variable is read.
 */
-overlay[local?]
-module;

 private import SsaReadPositionSpecific
 import SsaReadPositionSpecific::Public
--- a/csharp/ql/src/CHANGELOG.md
+++ b/csharp/ql/src/CHANGELOG.md
@@ -1,3 +1,12 @@
+## 1.2.1
+
+### Minor Analysis Improvements
+
+* The precision of the query `cs/missed-readonly-modifier` has been improved. Some false positives related to static fields and struct type fields have been removed.
+* The queries `cs/password-in-configuration`, `cs/hardcoded-credentials` and `cs/hardcoded-connection-string-credentials` have been removed from all query suites.
+* The precision of the query `cs/gethashcode-is-not-defined` has been improved (false negative reduction). Calls to more methods (and indexers) that rely on the invariant `e1.Equals(e2)` implies `e1.GetHashCode() == e2.GetHashCode()` are taken into account.
+* The precision of the query `cs/uncontrolled-format-string` has been improved (false negative reduction). Calls to `System.Text.CompositeFormat.Parse` are now considered a format like method call.
+
 ## 1.2.0

 ### Query Metadata Changes
--- a/Abuse/MissedReadonlyOpportunity.ql
+++ b/Abuse/MissedReadonlyOpportunity.ql
@@ -8,6 +8,7 @@
 * @id cs/missed-readonly-modifier
 * @tags maintainability
 *       language-features
+ *       quality
 */

 import csharp
@@ -19,13 +20,17 @@ predicate defTargetsField(AssignableDefinition def, Field f) {
 predicate isReadonlyCompatibleDefinition(AssignableDefinition def, Field f) {
  defTargetsField(def, f) and
  (
-    def.getEnclosingCallable().(Constructor).getDeclaringType() = f.getDeclaringType()
+    def.getEnclosingCallable().(StaticConstructor).getDeclaringType() = f.getDeclaringType()
+    or
+    def.getEnclosingCallable().(InstanceConstructor).getDeclaringType() = f.getDeclaringType() and
+    def.getTargetAccess().(QualifiableExpr).getQualifier() instanceof ThisAccess
    or
    def instanceof AssignableDefinitions::InitializerDefinition
  )
 }

 predicate canBeReadonly(Field f) {
+  exists(Type t | t = f.getType() | not t instanceof Struct or t.(Struct).isReadonly()) and
  forex(AssignableDefinition def | defTargetsField(def, f) | isReadonlyCompatibleDefinition(def, f))
 }

--- a/csharp/ql/src/change-notes/2025-04-10-uncontrolled-format-string.md
+++ b/csharp/ql/src/change-notes/2025-04-10-uncontrolled-format-string.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The precision of the query `cs/uncontrolled-format-string` has been improved (false negative reduction). Calls to `System.Text.CompositeFormat.Parse` are now considered a format like method call.
--- a/csharp/ql/src/change-notes/2025-05-15-gethashcode-is-not-defined.md
+++ b/csharp/ql/src/change-notes/2025-05-15-gethashcode-is-not-defined.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The precision of the query `cs/gethashcode-is-not-defined` has been improved (false negative reduction). Calls to more methods (and indexers) that rely on the invariant `e1.Equals(e2)` implies `e1.GetHashCode() == e2.GetHashCode()` are taken into account.
--- a/csharp/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/csharp/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The queries `cs/password-in-configuration`, `cs/hardcoded-credentials` and `cs/hardcoded-connection-string-credentials` have been removed from all query suites.
--- a/csharp/ql/src/change-notes/released/1.2.1.md
+++ b/csharp/ql/src/change-notes/released/1.2.1.md
@@ -0,0 +1,8 @@
+## 1.2.1
+
+### Minor Analysis Improvements
+
+* The precision of the query `cs/missed-readonly-modifier` has been improved. Some false positives related to static fields and struct type fields have been removed.
+* The queries `cs/password-in-configuration`, `cs/hardcoded-credentials` and `cs/hardcoded-connection-string-credentials` have been removed from all query suites.
+* The precision of the query `cs/gethashcode-is-not-defined` has been improved (false negative reduction). Calls to more methods (and indexers) that rely on the invariant `e1.Equals(e2)` implies `e1.GetHashCode() == e2.GetHashCode()` are taken into account.
+* The precision of the query `cs/uncontrolled-format-string` has been improved (false negative reduction). Calls to `System.Text.CompositeFormat.Parse` are now considered a format like method call.
--- a/csharp/ql/src/codeql-pack.release.yml
+++ b/csharp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.2.0
+lastReleaseVersion: 1.2.1
--- a/csharp/ql/src/qlpack.yml
+++ b/csharp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 1.2.1-dev
+version: 1.2.2-dev
 groups:
  - csharp
  - queries
--- a/Abuse/MissedReadonlyOpportunity/MissedReadonlyOpportunity.cs
+++ b/Abuse/MissedReadonlyOpportunity/MissedReadonlyOpportunity.cs
@@ -1,23 +1,27 @@
 class MissedReadonlyOpportunity<T>
 {
-    public int Bad1;
-    public T Bad2;
+    public int Bad1; // $ Alert
+    public T Bad2; // $ Alert
+    public Immutable Bad3; // $ Alert
    public readonly int Good1;
    public readonly int Good2 = 0;
    public const int Good3 = 0;
    public int Good4;
    public readonly T Good5;
    public T Good6;
+    public Mutable Good7;

    public MissedReadonlyOpportunity(int i, T t)
    {
        Bad1 = i;
        Bad2 = t;
+        Bad3 = new Immutable();
        Good1 = i;
        Good2 = i;
        Good4 = i;
        Good5 = t;
        Good6 = t;
+        Good7 = new Mutable();
    }

    public void M(int i)
@@ -27,3 +31,54 @@ class MissedReadonlyOpportunity<T>
        x.Good6 = false;
    }
 }
+
+struct Mutable
+{
+    private int x;
+    public int Mutate()
+    {
+        x = x + 1;
+        return x;
+    }
+}
+
+readonly struct Immutable { }
+
+class Tree
+{
+    private Tree? Parent;
+    private Tree? Left; // $ Alert
+    private readonly Tree? Right;
+
+    public Tree(Tree left, Tree right)
+    {
+        this.Left = left;
+        this.Right = right;
+        left.Parent = this;
+        right.Parent = this;
+    }
+
+    public Tree()
+    {
+        Left = null;
+        Right = null;
+    }
+}
+
+class StaticFields
+{
+    static int X; // $ Alert
+    static int Y;
+
+    // Static constructor
+    static StaticFields()
+    {
+        X = 0;
+    }
+
+    // Instance constructor
+    public StaticFields(int y)
+    {
+        Y = y;
+    }
+}
--- a/Abuse/MissedReadonlyOpportunity/MissedReadonlyOpportunity.expected
+++ b/Abuse/MissedReadonlyOpportunity/MissedReadonlyOpportunity.expected
@@ -1,3 +1,6 @@
 | MissedReadonlyOpportunity.cs:3:16:3:19 | Bad1 | Field 'Bad1' can be 'readonly'. |
 | MissedReadonlyOpportunity.cs:4:14:4:17 | Bad2 | Field 'Bad2' can be 'readonly'. |
+| MissedReadonlyOpportunity.cs:5:22:5:25 | Bad3 | Field 'Bad3' can be 'readonly'. |
+| MissedReadonlyOpportunity.cs:50:19:50:22 | Left | Field 'Left' can be 'readonly'. |
+| MissedReadonlyOpportunity.cs:70:16:70:16 | X | Field 'X' can be 'readonly'. |
 | MissedReadonlyOpportunityBad.cs:3:9:3:13 | Field | Field 'Field' can be 'readonly'. |
--- a/Abuse/MissedReadonlyOpportunity/MissedReadonlyOpportunity.qlref
+++ b/Abuse/MissedReadonlyOpportunity/MissedReadonlyOpportunity.qlref
@@ -1 +1,2 @@
-Language Abuse/MissedReadonlyOpportunity.ql
+query: Language Abuse/MissedReadonlyOpportunity.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/Abuse/MissedReadonlyOpportunity/MissedReadonlyOpportunityBad.cs
+++ b/Abuse/MissedReadonlyOpportunity/MissedReadonlyOpportunityBad.cs
@@ -1,6 +1,6 @@
 class Bad
 {
-    int Field;
+    int Field; // $ Alert

    public Bad(int i)
    {
--- a/go/extractor/util/registryproxy.go
+++ b/go/extractor/util/registryproxy.go
@@ -50,8 +50,8 @@ func parseRegistryConfigs(str string) ([]RegistryConfig, error) {
 func getEnvVars() []string {
 	var result []string

-	if proxy_host, proxy_host_set := os.LookupEnv(PROXY_HOST); proxy_host_set {
-		if proxy_port, proxy_port_set := os.LookupEnv(PROXY_PORT); proxy_port_set {
+	if proxy_host, proxy_host_set := os.LookupEnv(PROXY_HOST); proxy_host_set && proxy_host != "" {
+		if proxy_port, proxy_port_set := os.LookupEnv(PROXY_PORT); proxy_port_set && proxy_port != "" {
 			proxy_address = fmt.Sprintf("http://%s:%s", proxy_host, proxy_port)
 			result = append(result, fmt.Sprintf("HTTP_PROXY=%s", proxy_address), fmt.Sprintf("HTTPS_PROXY=%s", proxy_address))

@@ -59,7 +59,7 @@ func getEnvVars() []string {
 		}
 	}

-	if proxy_cert, proxy_cert_set := os.LookupEnv(PROXY_CA_CERTIFICATE); proxy_cert_set {
+	if proxy_cert, proxy_cert_set := os.LookupEnv(PROXY_CA_CERTIFICATE); proxy_cert_set && proxy_cert != "" {
 		// Write the certificate to a temporary file
 		slog.Info("Found certificate")

@@ -82,7 +82,7 @@ func getEnvVars() []string {
 		}
 	}

-	if proxy_urls, proxy_urls_set := os.LookupEnv(PROXY_URLS); proxy_urls_set {
+	if proxy_urls, proxy_urls_set := os.LookupEnv(PROXY_URLS); proxy_urls_set && proxy_urls != "" {
 		val, err := parseRegistryConfigs(proxy_urls)
 		if err != nil {
 			slog.Error("Unable to parse proxy configurations", slog.String("error", err.Error()))
--- a/go/ql/consistency-queries/CHANGELOG.md
+++ b/go/ql/consistency-queries/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.0.24
+
+No user-facing changes.
+
 ## 1.0.23

 No user-facing changes.
--- a/go/ql/consistency-queries/change-notes/released/1.0.24.md
+++ b/go/ql/consistency-queries/change-notes/released/1.0.24.md
@@ -0,0 +1,3 @@
+## 1.0.24
+
+No user-facing changes.
--- a/go/ql/consistency-queries/codeql-pack.release.yml
+++ b/go/ql/consistency-queries/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.23
+lastReleaseVersion: 1.0.24
--- a/go/ql/consistency-queries/qlpack.yml
+++ b/go/ql/consistency-queries/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql-go-consistency-queries
-version: 1.0.24-dev
+version: 1.0.25-dev
 groups:
  - go
  - queries
--- a/go/ql/lib/CHANGELOG.md
+++ b/go/ql/lib/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 4.2.6
+
+No user-facing changes.
+
 ## 4.2.5

 No user-facing changes.
--- a/go/ql/lib/change-notes/released/4.2.6.md
+++ b/go/ql/lib/change-notes/released/4.2.6.md
@@ -0,0 +1,3 @@
+## 4.2.6
+
+No user-facing changes.
--- a/go/ql/lib/codeql-pack.release.yml
+++ b/go/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 4.2.5
+lastReleaseVersion: 4.2.6
--- a/go/ql/lib/qlpack.yml
+++ b/go/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-all
-version: 4.2.6-dev
+version: 4.2.7-dev
 groups: go
 dbscheme: go.dbscheme
 extractor: go
--- a/go/ql/src/CHANGELOG.md
+++ b/go/ql/src/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.2.1
+
+### Minor Analysis Improvements
+
+* The query `go/hardcoded-credentials` has been removed from all query suites.
+
 ## 1.2.0

 ### Query Metadata Changes
--- a/go/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
+++ b/go/ql/src/change-notes/2025-05-16-hardcoded-credentials.md
@@ -1,4 +1,5 @@
---
-category: minorAnalysis
---
+## 1.2.1
+
+### Minor Analysis Improvements
+
 * The query `go/hardcoded-credentials` has been removed from all query suites.
--- a/go/ql/src/codeql-pack.release.yml
+++ b/go/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.2.0
+lastReleaseVersion: 1.2.1
--- a/go/ql/src/qlpack.yml
+++ b/go/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/go-queries
-version: 1.2.1-dev
+version: 1.2.2-dev
 groups:
  - go
  - queries
--- a/java/ql/integration-tests/java/android-sample-kotlin-build-script-no-wrapper/test.py
+++ b/java/ql/integration-tests/java/android-sample-kotlin-build-script-no-wrapper/test.py
@@ -1,2 +1,2 @@
-def test(codeql, use_java_11, java, android_sdk):
+def test(codeql, use_java_17, java, android_sdk):
    codeql.database.create()
--- a/java/ql/integration-tests/java/android-sample-no-wrapper/test.py
+++ b/java/ql/integration-tests/java/android-sample-no-wrapper/test.py
@@ -1,2 +1,2 @@
-def test(codeql, use_java_11, java, android_sdk):
+def test(codeql, use_java_17, java, android_sdk):
    codeql.database.create()
--- a/java/ql/integration-tests/java/android-sample-old-style-kotlin-build-script-no-wrapper/test.py
+++ b/java/ql/integration-tests/java/android-sample-old-style-kotlin-build-script-no-wrapper/test.py
@@ -1,2 +1,2 @@
-def test(codeql, use_java_11, java, android_sdk, actions_toolchains_file):
+def test(codeql, use_java_17, java, android_sdk, actions_toolchains_file):
    codeql.database.create(_env={"LGTM_INDEX_MAVEN_TOOLCHAINS_FILE": str(actions_toolchains_file)})
--- a/java/ql/integration-tests/java/android-sample-old-style-no-wrapper/test.py
+++ b/java/ql/integration-tests/java/android-sample-old-style-no-wrapper/test.py
@@ -1,2 +1,2 @@
-def test(codeql, use_java_11, java, android_sdk, actions_toolchains_file):
+def test(codeql, use_java_17, java, android_sdk, actions_toolchains_file):
    codeql.database.create(_env={"LGTM_INDEX_MAVEN_TOOLCHAINS_FILE": str(actions_toolchains_file)})
--- a/java/ql/integration-tests/java/maven-enforcer-multiple-versions/maven-fetches.expected.disabled
+++ b/java/ql/integration-tests/java/maven-enforcer-multiple-versions/maven-fetches.expected.disabled
--- a/java/ql/integration-tests/java/maven-enforcer-single-version/maven-fetches.expected.disabled
+++ b/java/ql/integration-tests/java/maven-enforcer-single-version/maven-fetches.expected.disabled
--- a/java/ql/integration-tests/java/maven-enforcer/maven-fetches.expected.disabled
+++ b/java/ql/integration-tests/java/maven-enforcer/maven-fetches.expected.disabled
--- a/java/ql/lib/CHANGELOG.md
+++ b/java/ql/lib/CHANGELOG.md
@@ -1,3 +1,10 @@
+## 7.3.0
+
+### Deprecated APIs
+
+* The predicate `getValue()` on `SpringRequestMappingMethod` is now deprecated. Use `getAValue()` instead.
+* Java now uses the shared `BasicBlock` library. This means that the names of several member predicates have been changed to align with the names used in other languages. The old predicates have been deprecated. The `BasicBlock` class itself no longer extends `ControlFlowNode` - the predicate `getFirstNode` can be used to fix any QL code that somehow relied on this.
+
 ## 7.2.0

 ### New Features
--- a/java/ql/lib/Customizations.qll
+++ b/java/ql/lib/Customizations.qll
@@ -8,7 +8,5 @@
 * the `RemoteFlowSource` and `AdditionalTaintStep` classes associated with the security queries
 * to model frameworks that are not covered by the standard library.
 */
-overlay[local?]
-module;

 import java
--- a/java/ql/lib/IDEContextual.qll
+++ b/java/ql/lib/IDEContextual.qll
@@ -1,8 +1,6 @@
 /**
 * Provides shared predicates related to contextual queries in the code viewer.
 */
-overlay[local?]
-module;

 import semmle.files.FileSystem
 private import codeql.util.FileSystem
--- a/java/ql/lib/change-notes/2025-05-22-spring-request-mapping-value.md
+++ b/java/ql/lib/change-notes/2025-05-22-spring-request-mapping-value.md
@@ -1,4 +0,0 @@
---
-category: deprecated
---
-* The predicate `getValue()` on `SpringRequestMappingMethod` is now deprecated. Use `getAValue()` instead.
--- a/java/ql/lib/change-notes/2025-05-16-shared-basicblocks.md
+++ b/java/ql/lib/change-notes/2025-05-16-shared-basicblocks.md
@@ -1,4 +1,6 @@
---
-category: deprecated
---
+## 7.3.0
+
+### Deprecated APIs
+
+* The predicate `getValue()` on `SpringRequestMappingMethod` is now deprecated. Use `getAValue()` instead.
 * Java now uses the shared `BasicBlock` library. This means that the names of several member predicates have been changed to align with the names used in other languages. The old predicates have been deprecated. The `BasicBlock` class itself no longer extends `ControlFlowNode` - the predicate `getFirstNode` can be used to fix any QL code that somehow relied on this.
--- a/java/ql/lib/codeql-pack.release.yml
+++ b/java/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 7.2.0
+lastReleaseVersion: 7.3.0
--- a/java/ql/lib/default.qll
+++ b/java/ql/lib/default.qll
@@ -1,5 +1,3 @@
 /** DEPRECATED: use `java.qll` instead. */
-overlay[local?]
-module;

 import java
--- a/java/ql/lib/definitions.qll
+++ b/java/ql/lib/definitions.qll
@@ -2,8 +2,6 @@
 * Provides classes and predicates related to jump-to-definition links
 * in the code viewer.
 */
-overlay[local?]
-module;

 import java
 import IDEContextual
--- a/java/ql/lib/experimental/quantum/JCA.qll
+++ b/java/ql/lib/experimental/quantum/JCA.qll
@@ -1,6 +1,3 @@
-overlay[local?]
-module;
-
 import java
 import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.TaintTracking
--- a/java/ql/lib/experimental/quantum/Language.qll
+++ b/java/ql/lib/experimental/quantum/Language.qll
@@ -1,6 +1,3 @@
-overlay[local?]
-module;
-
 private import java as Language
 private import semmle.code.java.security.InsecureRandomnessQuery
 private import semmle.code.java.security.RandomQuery
--- a/java/ql/lib/external/ExternalArtifact.qll
+++ b/java/ql/lib/external/ExternalArtifact.qll
@@ -1,6 +1,3 @@
-overlay[local?]
-module;
-
 import java

 class ExternalData extends @externalDataElement {
--- a/java/ql/lib/java.qll
+++ b/java/ql/lib/java.qll
@@ -1,6 +1,4 @@
 /** Provides all default Java QL imports. */
-overlay[local?]
-module;

 import Customizations
 import semmle.code.FileSystem
@@ -26,7 +24,6 @@ import semmle.code.java.KotlinType
 import semmle.code.java.Member
 import semmle.code.java.Modifier
 import semmle.code.java.Modules
-import semmle.code.java.Overlay
 import semmle.code.java.Package
 import semmle.code.java.Statement
 import semmle.code.java.Type
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/java-all
-version: 7.2.1-dev
+version: 7.3.1-dev
 groups: java
 dbscheme: config/semmlecode.dbscheme
 extractor: java
--- a/java/ql/lib/semmle/code/FileSystem.qll
+++ b/java/ql/lib/semmle/code/FileSystem.qll
@@ -1,6 +1,4 @@
 /** Provides classes for working with files and folders. */
-overlay[local?]
-module;

 import Location
 private import codeql.util.FileSystem
--- a/java/ql/lib/semmle/code/Location.qll
+++ b/java/ql/lib/semmle/code/Location.qll
@@ -3,8 +3,6 @@
 *
 * Locations represent parts of files and are used to map elements to their source location.
 */
-overlay[local?]
-module;

 import FileSystem
 import semmle.code.java.Element
@@ -221,17 +219,3 @@ private predicate fixedHasLocation(Top l, Location loc, File f) {
  not hasSourceLocation(l, _, _) and
  locations_default(loc, f, _, _, _, _)
 }
-
-overlay[local]
-pragma[nomagic]
-predicate discardableLocation(string file, @location l) {
-  not hasOverlay() and
-  file = getRawFileForLoc(l) and
-  not exists(@file f | hasLocation(f, l))
-}
-
-overlay[discard_entity]
-pragma[nomagic]
-predicate discardLocation(@location l) {
-  exists(string file | discardableLocation(file, l) and discardFile(file))
-}
--- a/java/ql/lib/semmle/code/SMAP.qll
+++ b/java/ql/lib/semmle/code/SMAP.qll
@@ -1,8 +1,6 @@
 /**
 * Provides classes and predicates for working with SMAP files (see JSR-045).
 */
-overlay[local?]
-module;

 import java

--- a/java/ql/lib/semmle/code/Unit.qll
+++ b/java/ql/lib/semmle/code/Unit.qll
@@ -1,5 +1,3 @@
 /** Provides the `Unit` class. */
-overlay[local?]
-module;

 import codeql.util.Unit
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Paolo Tranquilli	56ada6b140	Merge pull request #20194 from github/redsun82/java-fix-tests Java: use java 17 in `no-wrapper` tests	2025-08-08 17:54:45 +02:00
Paolo Tranquilli	c7f54f6fda	Java: use java 17 in `no-wrapper` tests Gradle 9 requires Java 17. (cherry picked from commit `72843b56e8`)	2025-08-08 17:52:38 +02:00
Paolo Tranquilli	4977839665	Merge pull request #19987 from github/redsun82/java-fix-tests Merge pull request #19956 from github/redsun82/java-fix-tests	2025-07-07 15:47:56 +02:00
Paolo Tranquilli	5e4ce5b418	Merge pull request #19956 from github/redsun82/java-fix-tests Java: disable failing maven fetches expectations for now (cherry picked from commit `33a2801bb7`)	2025-07-07 10:06:27 +02:00
Paolo Tranquilli	246d769dc9	Merge pull request #19821 from github/redsun82/backport-lock-fixes Rust: backport `Cargo.lock` fixes for CI	2025-06-19 17:35:02 +02:00
Paolo Tranquilli	3be417396d	Rust: do not remove `Cargo.lock` file when running QL tests (cherry picked from commit `71b9263470`)	2025-06-19 16:39:16 +02:00
Paolo Tranquilli	cbc8a489bb	Rust: add `Cargo.lock` files to all tests with `cargo check` (cherry picked from commit `55096a31f2`)	2025-06-19 16:39:15 +02:00
Paolo Tranquilli	f5ea84e684	Rust: fix crate graph test (cherry picked from commit `6f25d7e35e`)	2025-06-19 16:39:15 +02:00
Henry Mercer	6b280efd29	Merge pull request #19602 from github/post-release-prep/codeql-cli-2.21.4 Post-release preparation for codeql-cli-2.21.4	2025-05-27 19:56:09 +01:00
github-actions[bot]	d2c6875eac	Post-release preparation for codeql-cli-2.21.4	2025-05-27 18:16:21 +00:00
Henry Mercer	d72c766a49	Merge pull request #19601 from github/release-prep/2.21.4 Release preparation for version 2.21.4	2025-05-27 18:37:24 +01:00
github-actions[bot]	bfb91e95e3	Release preparation for version 2.21.4	2025-05-27 17:22:05 +00:00
Geoffrey White	5df50c0b14	Merge pull request #19470 from geoffw0/moresensitive Rust: Recognize more sensitive data sources	2025-05-27 17:34:58 +01:00
Jeroen Ketema	596553233f	Merge pull request #19599 from jketema/jketema/win C++: Address comments from earlier Windows MaD PRs	2025-05-27 17:13:31 +02:00
Jeroen Ketema	ae266546a6	C++: Minor test clean up	2025-05-27 16:57:23 +02:00
Jeroen Ketema	ae67948a67	C++: Fix formatting in model files	2025-05-27 16:55:26 +02:00
Michael B. Gale	8c39f617df	Merge pull request #19598 from github/mbg/go/handle-empty-strings-in-proxy-vars Go: Explicitly check whether proxy env vars are empty	2025-05-27 15:32:40 +01:00
Mathias Vorreiter Pedersen	e826b838b4	Merge pull request #19595 from MathiasVP/add-readfileex-flow-summary C++: Add missing `ReadFileEx` flow summary	2025-05-27 15:22:06 +01:00
Michael B. Gale	c236084043	Go: Explicitly check whether proxy env vars are empty	2025-05-27 14:58:18 +01:00
Geoffrey White	a412ad2775	Merge pull request #19529 from geoffw0/pin Rust: Model Pin	2025-05-27 14:03:08 +01:00
Arthur Baars	d018c02a78	Merge pull request #19583 from github/aibaars/lib-as-source Rust: add option to extract dependencies as source files	2025-05-27 14:10:58 +02:00
Michael Nebel	ef1ddd04ee	Merge pull request #19520 from michaelnebel/csharp/missedreadonly C#: Improve `cs/missed-readonly-modifier` and to code-quality suite.	2025-05-27 13:50:50 +02:00
Mathias Vorreiter Pedersen	76c2d24a7e	C++: Add summary for ReadFileEx and accept test changes.	2025-05-27 12:41:22 +01:00
Mathias Vorreiter Pedersen	c1ee56e4c1	C++: Add ReadFileEx tests with missing flow.	2025-05-27 12:41:20 +01:00
Mathias Vorreiter Pedersen	8595bd84a3	Merge pull request #19591 from MathiasVP/add-more-win32-flow-sources-2 C++: Add more Win32 flow sources	2025-05-27 12:38:19 +01:00
Simon Friis Vindum	254eabf44a	Merge pull request #19557 from paldepind/rust/type-mention-consistency Rust: Only include relevant AST nodes in TypeMention	2025-05-27 13:34:48 +02:00
Arthur Baars	ac724d2671	Update rust/extractor/src/main.rs Co-authored-by: Simon Friis Vindum <simonfv@gmail.com>	2025-05-27 13:08:20 +02:00
Geoffrey White	257d94905d	Merge branch 'main' into pin	2025-05-27 11:46:07 +01:00
Mathias Vorreiter Pedersen	a05ddca9c9	Update cpp/ql/lib/ext/Windows.model.yml Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>	2025-05-27 11:45:35 +01:00
Mathias Vorreiter Pedersen	80229644b8	Update cpp/ql/lib/ext/Windows.model.yml Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>	2025-05-27 11:45:27 +01:00
Mathias Vorreiter Pedersen	e406f27bb3	Update cpp/ql/lib/ext/Windows.model.yml Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>	2025-05-27 11:45:18 +01:00
Simon Friis Vindum	52280625ee	Rust: Add type inference inconsistency counts to the stats summary	2025-05-27 12:43:34 +02:00
Mathias Vorreiter Pedersen	fd9adc43c2	C++: Add change note.	2025-05-27 11:38:02 +01:00
Mathias Vorreiter Pedersen	5d8bb1b5b0	C++: Add more Windows sources.	2025-05-27 11:38:00 +01:00
Jeroen Ketema	b071a462f3	Merge pull request #19563 from jketema/jketema/win-flow C++: Add Windows command line and environment models	2025-05-27 12:32:51 +02:00
Jeroen Ketema	4c9c8bc37f	Merge pull request #19576 from jketema/swift-6.1.1 Swift: Update to Swift 6.1.1	2025-05-27 11:21:56 +02:00
Napalys Klicius	99ab144bde	Merge pull request #19578 from Napalys/js/security_quality_suite JS: Explicitly Filter Quality Queries for Inclusion in `Security-and-Quality`	2025-05-27 11:00:28 +02:00
Jeroen Ketema	f4636b9ef2	Swift: Update Swift resources	2025-05-27 10:56:52 +02:00
Jeroen Ketema	329d451d4d	Swift: Add change note	2025-05-27 10:53:57 +02:00
Jeroen Ketema	0f2d2b7697	Merge pull request #19582 from jketema/jketema/swift-type Swift: Fix type string representation	2025-05-27 10:44:41 +02:00
Geoffrey White	c97173735c	Merge pull request #19562 from geoffw0/operations3 Rust: Add more Operation subclasses	2025-05-27 09:26:35 +01:00
Geoffrey White	1e64f50c3c	Apply suggestions from code review Co-authored-by: Simon Friis Vindum <paldepind@github.com>	2025-05-27 08:51:00 +01:00
Napalys Klicius	1f6b3ad929	Update javascript/ql/src/codeql-suites/javascript-security-and-quality.qls Co-authored-by: Michael Nebel <michaelnebel@github.com>	2025-05-27 09:38:24 +02:00
Simon Friis Vindum	ba4950fb89	Rust: Accept test changes	2025-05-27 09:35:40 +02:00
Simon Friis Vindum	5278064407	Rust: Only include relevant AST nodes in TypeMention	2025-05-27 09:35:30 +02:00
Simon Friis Vindum	96cba8b8c2	Rust: Add inconsistency check for type mentions without a root type	2025-05-27 09:33:59 +02:00
Simon Friis Vindum	bf2cfab931	Merge pull request #19575 from paldepind/rust/function-call-method Rust: Resolve function calls to traits methods	2025-05-27 09:28:36 +02:00
Paolo Tranquilli	b99b25cc9c	Merge pull request #19572 from github/redsun82/rust-macro Rust: turn off macro expansion in code to be expanded by attribute macros	2025-05-27 08:29:20 +02:00
Arthur Baars	765afdbae0	Rust: add option to extract dependencies as source files	2025-05-26 18:21:35 +02:00
Jeroen Ketema	f17076e212	Swift: Update expected test results	2025-05-26 16:41:05 +02:00
Jeroen Ketema	b4d2fb45ab	Swift: Fix type string representation	2025-05-26 16:22:20 +02:00
Simon Friis Vindum	0ce06e8818	Rust: Use member predicate from path resolution	2025-05-26 15:12:33 +02:00
Paolo Tranquilli	a749cf934a	Rust: accept test changes	2025-05-26 14:15:56 +02:00
Paolo Tranquilli	add3c941a2	Merge branch 'main' into redsun82/rust-macro	2025-05-26 11:47:58 +02:00
Napalys Klicius	37024ade85	JS: Move query suite selector logic to `javascript-security-and-quality.qls`	2025-05-26 11:00:48 +02:00
Jeroen Ketema	27fd7c48fa	Swift: Update macOS runner	2025-05-26 10:17:19 +02:00
Jeroen Ketema	bb9c72f889	Swift: Update to Swift 6.1.1	2025-05-25 21:13:18 +02:00
Simon Friis Vindum	e778cbe768	Rust: Resolve function calls to traits methods	2025-05-24 10:25:46 +02:00
Simon Friis Vindum	e4d1b01361	Rust: Add type inference test with function call to trait method	2025-05-24 08:56:33 +02:00
Jeroen Ketema	10f6e1ceb8	C++: Add change note	2025-05-23 19:17:17 +02:00
Jeroen Ketema	fbc9615287	C++: Update expected test results	2025-05-23 16:03:47 +02:00
Jeroen Ketema	a77ddd7532	C++: Add Windows command line and environment models	2025-05-23 15:56:09 +02:00
Jeroen Ketema	b800040c73	C++: Add tests for various local Windows dataflow sources	2025-05-23 15:55:02 +02:00
Paolo Tranquilli	5c294617c5	Rust: update a comment	2025-05-23 14:43:18 +02:00
Paolo Tranquilli	01e22b7266	Rust: remove wrong comment	2025-05-23 12:01:50 +02:00
Paolo Tranquilli	5183d1610f	Rust: enhance macro expansion integration test	2025-05-23 12:01:33 +02:00
Paolo Tranquilli	31b48e18e6	Rust: fix `BadCtorInitialization` test	2025-05-23 12:01:14 +02:00
Paolo Tranquilli	abf21ba767	Rust: skip macro expansion in unexpanded attribute macro AST	2025-05-23 12:01:00 +02:00
Paolo Tranquilli	32cece3a43	Rust: adapt `BadCtorInitialization.ql` to attribute macro expansion	2025-05-23 12:00:42 +02:00
Geoffrey White	9ac24c7f4f	Merge branch 'main' into moresensitive	2025-05-22 16:11:12 +01:00
Geoffrey White	dc280c6fb7	Rust: Add missing assignment class relations.	2025-05-22 15:23:29 +01:00
Geoffrey White	b22ce5515f	Rust: Make RefExpr an Operation.	2025-05-22 13:52:13 +01:00
Geoffrey White	b8f0e4d7e0	Rust: Use DerefExpr.	2025-05-22 13:52:08 +01:00
Geoffrey White	6c19cecb07	Rust: Add DerefExpr class.	2025-05-22 13:50:30 +01:00
Geoffrey White	fafdc1d181	Rust: Add BitwiseOperation library.	2025-05-22 13:50:29 +01:00
Geoffrey White	11480d29b7	Rust: Add ArithmeticOperation library.	2025-05-22 13:50:24 +01:00
Michael Nebel	bae16f07ff	C#: Change note.	2025-05-22 08:42:37 +02:00
Geoffrey White	355864dd93	Merge branch 'main' into pin	2025-05-21 17:24:00 +01:00
Michael Nebel	008d5b7081	C#: Update test expected output.	2025-05-21 15:20:15 +02:00
Michael Nebel	19e9197874	C#: The field access should be on this for it to be compatible with readonly.	2025-05-21 15:19:26 +02:00
Michael Nebel	8108c72c17	C#: Exclude structs from being flagged in cs/missed-readonly-modifier.	2025-05-21 15:19:25 +02:00
Michael Nebel	28cd8a827a	C#: Add more test examples for cs/missing-readonly-modifier.	2025-05-21 15:18:32 +02:00
Michael Nebel	3a1cd3f734	C#: Add cs/missed-readonly-modifier to the code-quality suite.	2025-05-21 11:34:40 +02:00
Michael Nebel	5941b3081c	C#: Convert tests for cs/missed-readonly-modifier to inline expectatations.	2025-05-21 11:34:38 +02:00
Geoffrey White	bfb15cd88f	Rust: Accept changes to other tests.	2025-05-20 11:13:00 +01:00
Geoffrey White	94b57ac9a9	Update rust/ql/test/library-tests/dataflow/modeled/main.rs Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-05-19 21:49:02 +01:00
Geoffrey White	ebd75a118b	Rust: Add models for std::Pin.	2025-05-19 18:38:50 +01:00
Geoffrey White	533aa7fc26	Rust: Add tests for std::Pin.	2025-05-19 18:38:20 +01:00
Geoffrey White	b503b1ef6c	Rust: Prefer getExpr() over getAstNode().	2025-05-19 12:09:27 +01:00
Geoffrey White	4bbdc9a1cd	Rust: Simplify SensitiveData.qll.	2025-05-19 12:08:53 +01:00
Geoffrey White	65456b5cf0	Merge branch 'main' into moresensitive	2025-05-19 11:54:46 +01:00
Geoffrey White	f04d6fd8c8	Rust: Accept minor test changes for the cleartext logging query.	2025-05-12 17:45:00 +01:00
Geoffrey White	682f59fc11	Rust: Make helper predicate private + autoformat.	2025-05-12 12:49:58 +01:00
Geoffrey White	ac5ec06736	Rust: Constrain SensitiveFieldAccess to avoid including unwanted parents.	2025-05-12 12:47:31 +01:00
Geoffrey White	b907cfe468	Rust: Add a few more test cases involving 'map'.	2025-05-12 12:31:01 +01:00
Geoffrey White	0a3275e0b3	Rust: One more test case.	2025-05-12 11:50:57 +01:00
Geoffrey White	d02d5c5baf	Rust: Update cleartext logging test with new found results.	2025-05-09 14:33:26 +01:00
Geoffrey White	5f5d6f679a	Rust: Understand sensitive enum variants calls.	2025-05-09 11:58:51 +01:00
Geoffrey White	0f36e1d625	Rust: Understand sensitive qualifier expressions.	2025-05-09 11:26:23 +01:00
Geoffrey White	a537197691	Rust: Understand sensitive field access expressions.	2025-05-09 11:04:38 +01:00
Geoffrey White	8825eefea6	Rust: More counterexamples for sensitive data as well.	2025-05-09 10:50:12 +01:00
Geoffrey White	87218cb6d7	Rust: Test more examples of sensitive data.	2025-05-09 10:50:11 +01:00