Compare commits

...

20 Commits

Author SHA1 Message Date
Paolo Tranquilli
bd1f548fbc Swift: use git-lfs devcontainer feature 2024-07-16 11:24:01 +02:00
Paolo Tranquilli
1dbe908024 Swift: tentative fix to install git-lfs in codespace without direct write access 2024-07-09 10:48:18 +02:00
Mathias Vorreiter Pedersen
39ad4d4a89 Merge pull request #16930 from MathiasVP/promote-unsafe-strncat-to-code-scanning 2024-07-08 21:51:57 +01:00
Mathias Vorreiter Pedersen
2c5f007687 Merge pull request #16929 from MathiasVP/add-unsafe-strncat-fp 2024-07-08 18:54:58 +01:00
Cornelius Riemenschneider
f87e680185 Merge pull request #16928 from github/criemen/install-remove
Install script: Windows-compatible cleanup path.
2024-07-08 17:53:18 +02:00
Owen Mansel-Chan
496e76c1c5 Merge pull request #16931 from owen-mc/go/fix/clear-sanitizer
Go: fix `clear` sanitizer
2024-07-08 16:52:37 +01:00
Cornelius Riemenschneider
16660ab1df address review 2024-07-08 17:37:33 +02:00
Cornelius Riemenschneider
8df2e4952c address review 2024-07-08 17:27:17 +02:00
Owen Mansel-Chan
a774aacfa8 Add change note 2024-07-08 16:09:17 +01:00
Mathias Vorreiter Pedersen
9cfd06c761 C++: Increase the precision of 'cpp/unsafe-strncat' to high. 2024-07-08 16:06:58 +01:00
Owen Mansel-Chan
68929d1f73 Fix definition of ClearSanitizer 2024-07-08 16:05:17 +01:00
Owen Mansel-Chan
eec2aa82a6 Add failing tests for ClearSanitizer 2024-07-08 16:05:04 +01:00
Mathias Vorreiter Pedersen
962c73da16 C++: Promote 'cpp/unsafe-strncat' to Code Scanning. 2024-07-08 16:02:29 +01:00
Angela P Wen
80bd361607 Merge pull request #16926 from github/post-release-prep/codeql-cli-2.18.0
Post-release preparation for codeql-cli-2.18.0
2024-07-08 16:51:16 +02:00
Cornelius Riemenschneider
bb78536804 Install script: Windows-compatible cleanup path.
Windows might need some retrying around deleting
the target directory.
2024-07-08 16:21:29 +02:00
Mathias Vorreiter Pedersen
d5d04f2f4c C++: Add a 'cpp/unsafe-strncat' FP. 2024-07-08 15:13:00 +01:00
github-actions[bot]
ae3aba061b Post-release preparation for codeql-cli-2.18.0 2024-07-08 13:30:13 +00:00
Paolo Tranquilli
0421ceff93 Merge pull request #16922 from github/redsun82/kotlin-wrapper
Kotlin: make wrapper cache downloaded zips
2024-07-08 13:53:35 +02:00
Paolo Tranquilli
a30e7d2cfd Kotlin: add all .kotlin_* in dev to .gitignore 2024-07-08 13:18:56 +02:00
Paolo Tranquilli
002e1eb730 Kotlin: make wrapper cache downloaded zips
Also removed the version check step, as a version not existing will give
a 404 any way later on, and that was adding a delay.

The cache is stored in a `.kotlinc_zips` and will be cleaned up by
`--clear`.
2024-07-08 11:57:07 +02:00
49 changed files with 192 additions and 99 deletions

View File

@@ -1,25 +1,28 @@
{ {
"extensions": [ "extensions": [
"github.vscode-codeql", "github.vscode-codeql",
"hbenl.vscode-test-explorer", "hbenl.vscode-test-explorer",
"ms-vscode.test-adapter-converter", "ms-vscode.test-adapter-converter",
"slevesque.vscode-zipexplorer", "slevesque.vscode-zipexplorer",
"ms-vscode.cpptools" "ms-vscode.cpptools"
], ],
"settings": { "features": {
"files.watcherExclude": { "git-lfs": "latest"
"**/target/**": true },
}, "settings": {
"codeQL.runningQueries.memory": 2048 "files.watcherExclude": {
}, "**/target/**": true
"build": { },
"dockerfile": "Dockerfile", "codeQL.runningQueries.memory": 2048
}, },
"runArgs": [ "build": {
"--cap-add=SYS_PTRACE", "dockerfile": "Dockerfile",
"--security-opt", },
"seccomp=unconfined" "runArgs": [
], "--cap-add=SYS_PTRACE",
"remoteUser": "vscode", "--security-opt",
"onCreateCommand": ".devcontainer/swift/user.sh" "seccomp=unconfined"
],
"remoteUser": "vscode",
"onCreateCommand": ".devcontainer/swift/user.sh"
} }

View File

@@ -3,9 +3,6 @@ set -xe
BAZELISK_VERSION=v1.12.0 BAZELISK_VERSION=v1.12.0
BAZELISK_DOWNLOAD_SHA=6b0bcb2ea15bca16fffabe6fda75803440375354c085480fe361d2cbf32501db BAZELISK_DOWNLOAD_SHA=6b0bcb2ea15bca16fffabe6fda75803440375354c085480fe361d2cbf32501db
# install git lfs apt source
curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
# install gh apt source # install gh apt source
(type -p wget >/dev/null || (sudo apt update && sudo apt-get install wget -y)) \ (type -p wget >/dev/null || (sudo apt update && sudo apt-get install wget -y)) \
&& sudo mkdir -p -m 755 /etc/apt/keyrings \ && sudo mkdir -p -m 755 /etc/apt/keyrings \
@@ -21,7 +18,6 @@ apt-get -y install --no-install-recommends \
python3-distutils \ python3-distutils \
python3-pip \ python3-pip \
bash-completion \ bash-completion \
git-lfs \
gh gh
# Install Bazel # Install Bazel

View File

@@ -1,7 +1,5 @@
set -xe set -xe
git lfs install
# add the workspace to the codeql search path # add the workspace to the codeql search path
mkdir -p /home/vscode/.config/codeql mkdir -p /home/vscode/.config/codeql
echo "--search-path /workspaces/codeql" > /home/vscode/.config/codeql/config echo "--search-path /workspaces/codeql" > /home/vscode/.config/codeql/config

View File

@@ -1,5 +1,5 @@
name: codeql/cpp-all name: codeql/cpp-all
version: 1.2.0 version: 1.2.1-dev
groups: cpp groups: cpp
dbscheme: semmlecode.cpp.dbscheme dbscheme: semmlecode.cpp.dbscheme
extractor: cpp extractor: cpp

View File

@@ -4,7 +4,7 @@
* @kind problem * @kind problem
* @problem.severity warning * @problem.severity warning
* @security-severity 9.3 * @security-severity 9.3
* @precision medium * @precision high
* @id cpp/unsafe-strncat * @id cpp/unsafe-strncat
* @tags reliability * @tags reliability
* correctness * correctness

View File

@@ -0,0 +1,4 @@
---
category: queryMetadata
---
* The precision of `cpp/unsafe-strncat` ("Potentially unsafe call to strncat") has been increased to `high`. As a result, it will be run by default as part of the Code Scanning suite.

View File

@@ -1,5 +1,5 @@
name: codeql/cpp-queries name: codeql/cpp-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- cpp - cpp
- queries - queries

View File

@@ -3,3 +3,5 @@
| test.c:67:3:67:9 | call to strncat | Potentially unsafe call to strncat. | | test.c:67:3:67:9 | call to strncat | Potentially unsafe call to strncat. |
| test.c:75:3:75:9 | call to strncat | Potentially unsafe call to strncat. | | test.c:75:3:75:9 | call to strncat | Potentially unsafe call to strncat. |
| test.c:76:3:76:9 | call to strncat | Potentially unsafe call to strncat. | | test.c:76:3:76:9 | call to strncat | Potentially unsafe call to strncat. |
| test.c:91:3:91:9 | call to strncat | Potentially unsafe call to strncat. |
| test.c:99:3:99:9 | call to strncat | Potentially unsafe call to strncat. |

View File

@@ -82,3 +82,20 @@ void strncat_test5(char *s) {
strncat(buf, s, len - strlen(buf) - 1); // GOOD strncat(buf, s, len - strlen(buf) - 1); // GOOD
strncat(buf, s, len - strlen(buf)); // GOOD strncat(buf, s, len - strlen(buf)); // GOOD
} }
void strncat_test6() {
{
char dest[60];
dest[0] = '\0';
// Will write `dest[0 .. 5]`
strncat(dest, "small", sizeof(dest)); // GOOD [FALSE POSITIVE]
}
{
char dest[60];
memset(dest, 'a', sizeof(dest));
dest[54] = '\0';
// Will write `dest[54 .. 59]`
strncat(dest, "small", sizeof(dest)); // GOOD [FALSE POSITIVE]
}
}

View File

@@ -1,5 +1,5 @@
name: codeql/csharp-solorigate-all name: codeql/csharp-solorigate-all
version: 1.7.20 version: 1.7.21-dev
groups: groups:
- csharp - csharp
- solorigate - solorigate

View File

@@ -1,5 +1,5 @@
name: codeql/csharp-solorigate-queries name: codeql/csharp-solorigate-queries
version: 1.7.20 version: 1.7.21-dev
groups: groups:
- csharp - csharp
- solorigate - solorigate

View File

@@ -1,5 +1,5 @@
name: codeql/csharp-all name: codeql/csharp-all
version: 1.0.3 version: 1.0.4-dev
groups: csharp groups: csharp
dbscheme: semmlecode.csharp.dbscheme dbscheme: semmlecode.csharp.dbscheme
extractor: csharp extractor: csharp

View File

@@ -1,5 +1,5 @@
name: codeql/csharp-queries name: codeql/csharp-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- csharp - csharp
- queries - queries

View File

@@ -1,5 +1,5 @@
name: codeql-go-consistency-queries name: codeql-go-consistency-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- go - go
- queries - queries

View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* There was a bug which meant that the built-in function `clear` was considered as a sanitizer in some cases when it shouldn't have been. This has now been fixed, which may lead to more alerts.

View File

@@ -1,5 +1,5 @@
name: codeql/go-all name: codeql/go-all
version: 1.1.2 version: 1.1.3-dev
groups: go groups: go
dbscheme: go.dbscheme dbscheme: go.dbscheme
extractor: go extractor: go

View File

@@ -423,7 +423,7 @@ private class ClearSanitizer extends DefaultTaintSanitizer {
arg = call.getAnArgument() and arg = call.getAnArgument() and
arg = var.getAUse() and arg = var.getAUse() and
arg != this and arg != this and
this.getBasicBlock().(ReachableBasicBlock).dominates(this.getBasicBlock()) arg.getBasicBlock().(ReachableBasicBlock).dominates(this.getBasicBlock())
) )
} }
} }

View File

@@ -1,5 +1,5 @@
name: codeql/go-queries name: codeql/go-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- go - go
- queries - queries

View File

@@ -8,9 +8,38 @@ func clearTestBad(sourceReq *http.Request) string {
return string(b) return string(b)
} }
func clearTestBad2(sourceReq *http.Request, x bool) string {
b := make([]byte, 8)
sourceReq.Body.Read(b)
if x {
clear(b)
}
return string(b)
}
func clearTestBad3(sourceReq *http.Request, x bool) string {
b := make([]byte, 8)
sourceReq.Body.Read(b)
if x {
return string(b)
}
clear(b)
return string(b)
}
func clearTestGood(sourceReq *http.Request) string { func clearTestGood(sourceReq *http.Request) string {
b := make([]byte, 8) b := make([]byte, 8)
sourceReq.Body.Read(b) sourceReq.Body.Read(b)
clear(b) // should prevent taint flow clear(b) // should prevent taint flow
return string(b) return string(b)
} }
func clearTestGood2(sourceReq *http.Request, x bool) string {
b := make([]byte, 8)
sourceReq.Body.Read(b)
clear(b) // should prevent taint flow
if x {
return string(b)
}
return ""
}

View File

@@ -1,10 +1,22 @@
edges edges
| Builtin.go:6:2:6:2 | definition of b | Builtin.go:8:9:8:17 | type conversion | provenance | | | Builtin.go:6:2:6:2 | definition of b | Builtin.go:8:9:8:17 | type conversion | provenance | |
| Builtin.go:7:2:7:15 | selection of Body | Builtin.go:6:2:6:2 | definition of b | provenance | MaD:626 | | Builtin.go:7:2:7:15 | selection of Body | Builtin.go:6:2:6:2 | definition of b | provenance | MaD:626 |
| Builtin.go:12:2:12:2 | definition of b | Builtin.go:17:9:17:17 | type conversion | provenance | |
| Builtin.go:13:2:13:15 | selection of Body | Builtin.go:12:2:12:2 | definition of b | provenance | MaD:626 |
| Builtin.go:21:2:21:2 | definition of b | Builtin.go:24:10:24:18 | type conversion | provenance | |
| Builtin.go:22:2:22:15 | selection of Body | Builtin.go:21:2:21:2 | definition of b | provenance | MaD:626 |
nodes nodes
| Builtin.go:6:2:6:2 | definition of b | semmle.label | definition of b | | Builtin.go:6:2:6:2 | definition of b | semmle.label | definition of b |
| Builtin.go:7:2:7:15 | selection of Body | semmle.label | selection of Body | | Builtin.go:7:2:7:15 | selection of Body | semmle.label | selection of Body |
| Builtin.go:8:9:8:17 | type conversion | semmle.label | type conversion | | Builtin.go:8:9:8:17 | type conversion | semmle.label | type conversion |
| Builtin.go:12:2:12:2 | definition of b | semmle.label | definition of b |
| Builtin.go:13:2:13:15 | selection of Body | semmle.label | selection of Body |
| Builtin.go:17:9:17:17 | type conversion | semmle.label | type conversion |
| Builtin.go:21:2:21:2 | definition of b | semmle.label | definition of b |
| Builtin.go:22:2:22:15 | selection of Body | semmle.label | selection of Body |
| Builtin.go:24:10:24:18 | type conversion | semmle.label | type conversion |
subpaths subpaths
#select #select
| Builtin.go:8:9:8:17 | type conversion | Builtin.go:7:2:7:15 | selection of Body | Builtin.go:8:9:8:17 | type conversion | Found taint flow | | Builtin.go:8:9:8:17 | type conversion | Builtin.go:7:2:7:15 | selection of Body | Builtin.go:8:9:8:17 | type conversion | Found taint flow |
| Builtin.go:17:9:17:17 | type conversion | Builtin.go:13:2:13:15 | selection of Body | Builtin.go:17:9:17:17 | type conversion | Found taint flow |
| Builtin.go:24:10:24:18 | type conversion | Builtin.go:22:2:22:15 | selection of Body | Builtin.go:24:10:24:18 | type conversion | Found taint flow |

View File

@@ -1,2 +1 @@
/.kotlinc_version /.kotlinc_*
/.kotlinc_installed

View File

@@ -29,6 +29,7 @@ import os
DEFAULT_VERSION = "2.0.0" DEFAULT_VERSION = "2.0.0"
def options(): def options():
parser = argparse.ArgumentParser(add_help=False) parser = argparse.ArgumentParser(add_help=False)
parser.add_argument("tool") parser.add_argument("tool")
@@ -38,11 +39,15 @@ def options():
return parser.parse_known_args() return parser.parse_known_args()
url_template = 'https://github.com/JetBrains/kotlin/releases/download/v{version}/kotlin-compiler-{version}.zip' file_template = "kotlin-compiler-{version}.zip"
url_template = "https://github.com/JetBrains/kotlin/releases/download/v{version}/kotlin-compiler-{version}.zip"
this_dir = pathlib.Path(__file__).resolve().parent this_dir = pathlib.Path(__file__).resolve().parent
version_file = this_dir / ".kotlinc_version" version_file = this_dir / ".kotlinc_version"
install_dir = this_dir / ".kotlinc_installed" install_dir = this_dir / ".kotlinc_installed"
windows_ripunzip = this_dir.parents[4] / "resources" / "lib" / "windows" / "ripunzip" / "ripunzip.exe" zips_dir = this_dir / ".kotlinc_zips"
windows_ripunzip = (
this_dir.parents[4] / "resources" / "lib" / "windows" / "ripunzip" / "ripunzip.exe"
)
class Error(Exception): class Error(Exception):
@@ -62,16 +67,6 @@ class ZipFilePreservingPermissions(zipfile.ZipFile):
return targetpath return targetpath
def check_version(version: str):
try:
with urllib.request.urlopen(url_template.format(version=version)) as response:
pass
except urllib.error.HTTPError as e:
if e.code == 404:
raise Error(f"Version {version} not found in github.com/JetBrains/kotlin/releases") from e
raise
def get_version(): def get_version():
try: try:
return version_file.read_text() return version_file.read_text()
@@ -86,29 +81,39 @@ def install(version: str, quiet: bool):
else: else:
info_out = sys.stderr info_out = sys.stderr
info = lambda *args: print(*args, file=sys.stderr) info = lambda *args: print(*args, file=sys.stderr)
file = file_template.format(version=version)
url = url_template.format(version=version) url = url_template.format(version=version)
if install_dir.exists(): if install_dir.exists():
shutil.rmtree(install_dir) shutil.rmtree(install_dir)
install_dir.mkdir() install_dir.mkdir()
zips_dir.mkdir(exist_ok=True)
zip = zips_dir / file
if not zip.exists():
info(f"downloading {url}")
tmp_zip = zip.with_suffix(".tmp")
with open(tmp_zip, "wb") as out, urllib.request.urlopen(url) as response:
shutil.copyfileobj(response, out)
tmp_zip.rename(zip)
ripunzip = shutil.which("ripunzip") ripunzip = shutil.which("ripunzip")
if ripunzip is None and platform.system() == "Windows" and windows_ripunzip.exists(): if (
ripunzip is None
and platform.system() == "Windows"
and windows_ripunzip.exists()
):
ripunzip = windows_ripunzip ripunzip = windows_ripunzip
if ripunzip: if ripunzip:
info(f"downloading and extracting {url} using ripunzip") info(f"extracting {zip} using ripunzip")
subprocess.run([ripunzip, "unzip-uri", url], stdout=info_out, stderr=info_out, cwd=install_dir, subprocess.run(
check=True) [ripunzip, "unzip-file", zip],
return stdout=info_out,
with io.BytesIO() as buffer: stderr=info_out,
info(f"downloading {url}") cwd=install_dir,
with urllib.request.urlopen(url) as response: check=True,
while True: )
bytes = response.read() else:
if not bytes: info(f"extracting {zip}")
break with ZipFilePreservingPermissions(zip) as archive:
buffer.write(bytes)
buffer.seek(0)
info(f"extracting kotlin-compiler-{version}.zip")
with ZipFilePreservingPermissions(buffer) as archive:
archive.extractall(install_dir) archive.extractall(install_dir)
@@ -130,6 +135,9 @@ def clear():
if version_file.exists(): if version_file.exists():
print(f"removing {version_file}", file=sys.stderr) print(f"removing {version_file}", file=sys.stderr)
version_file.unlink() version_file.unlink()
if zips_dir.exists():
print(f"removing {zips_dir}", file=sys.stderr)
shutil.rmtree(zips_dir)
def main(opts, forwarded_opts): def main(opts, forwarded_opts):
@@ -140,7 +148,6 @@ def main(opts, forwarded_opts):
if opts.select == "default": if opts.select == "default":
selected_version = DEFAULT_VERSION selected_version = DEFAULT_VERSION
elif opts.select is not None: elif opts.select is not None:
check_version(opts.select)
selected_version = opts.select selected_version = opts.select
else: else:
selected_version = current_version or DEFAULT_VERSION selected_version = current_version or DEFAULT_VERSION
@@ -153,7 +160,10 @@ def main(opts, forwarded_opts):
return return
if opts.version: if opts.version:
if opts.tool == "kotlinc": if opts.tool == "kotlinc":
print(f"info: kotlinc-jvm {selected_version} (codeql dev wrapper)", file=sys.stderr) print(
f"info: kotlinc-jvm {selected_version} (codeql dev wrapper)",
file=sys.stderr,
)
return return
forwarded_opts.append("-version") forwarded_opts.append("-version")

View File

@@ -1,5 +1,5 @@
name: codeql/java-automodel-queries name: codeql/java-automodel-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- java - java
- automodel - automodel

View File

@@ -1,5 +1,5 @@
name: codeql/java-all name: codeql/java-all
version: 1.1.2 version: 1.1.3-dev
groups: java groups: java
dbscheme: config/semmlecode.dbscheme dbscheme: config/semmlecode.dbscheme
extractor: java extractor: java

View File

@@ -1,5 +1,5 @@
name: codeql/java-queries name: codeql/java-queries
version: 1.1.0 version: 1.1.1-dev
groups: groups:
- java - java
- queries - queries

View File

@@ -1,5 +1,5 @@
name: codeql/javascript-all name: codeql/javascript-all
version: 1.1.0 version: 1.1.1-dev
groups: javascript groups: javascript
dbscheme: semmlecode.javascript.dbscheme dbscheme: semmlecode.javascript.dbscheme
extractor: javascript extractor: javascript

View File

@@ -1,5 +1,5 @@
name: codeql/javascript-queries name: codeql/javascript-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- javascript - javascript
- queries - queries

View File

@@ -11,6 +11,8 @@ import argparse
import pathlib import pathlib
import shutil import shutil
import subprocess import subprocess
import platform
import time
from python.runfiles import runfiles from python.runfiles import runfiles
runfiles = runfiles.Create() runfiles = runfiles.Create()
@@ -41,8 +43,25 @@ else:
assert destdir.is_absolute(), "Provide `--build-file` to resolve destination directory" assert destdir.is_absolute(), "Provide `--build-file` to resolve destination directory"
script = runfiles.Rlocation(opts.pkg_install_script) script = runfiles.Rlocation(opts.pkg_install_script)
_WIN_FILE_IN_USE_ERROR_CODE = 32
if destdir.exists() and opts.cleanup: if destdir.exists() and opts.cleanup:
shutil.rmtree(destdir) if platform.system() == 'Windows':
# On Windows we might have virus scanner still looking at the path so
# attempt removal a couple of times sleeping between each attempt.
for retry_delay in [1, 2, 2]:
try:
shutil.rmtree(destdir)
break
except OSError as e:
if e.winerror == _WIN_FILE_IN_USE_ERROR_CODE:
time.sleep(retry_delay)
else:
raise
else:
shutil.rmtree(destdir)
else:
shutil.rmtree(destdir)
destdir.mkdir(parents=True, exist_ok=True) destdir.mkdir(parents=True, exist_ok=True)
subprocess.run([script, "--destdir", destdir], check=True) subprocess.run([script, "--destdir", destdir], check=True)

View File

@@ -1,4 +1,4 @@
name: codeql/suite-helpers name: codeql/suite-helpers
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
warnOnImplicitThis: true warnOnImplicitThis: true

View File

@@ -1,5 +1,5 @@
name: codeql/python-all name: codeql/python-all
version: 1.0.3 version: 1.0.4-dev
groups: python groups: python
dbscheme: semmlecode.python.dbscheme dbscheme: semmlecode.python.dbscheme
extractor: python extractor: python

View File

@@ -1,5 +1,5 @@
name: codeql/python-queries name: codeql/python-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- python - python
- queries - queries

View File

@@ -1,5 +1,5 @@
name: codeql/ruby-all name: codeql/ruby-all
version: 1.0.3 version: 1.0.4-dev
groups: ruby groups: ruby
extractor: ruby extractor: ruby
dbscheme: ruby.dbscheme dbscheme: ruby.dbscheme

View File

@@ -1,5 +1,5 @@
name: codeql/ruby-queries name: codeql/ruby-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- ruby - ruby
- queries - queries

View File

@@ -1,5 +1,5 @@
name: codeql/controlflow name: codeql/controlflow
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/dataflow name: codeql/dataflow
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/mad name: codeql/mad
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/rangeanalysis name: codeql/rangeanalysis
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/regex name: codeql/regex
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/ssa name: codeql/ssa
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/threat-models name: codeql/threat-models
version: 1.0.3 version: 1.0.4-dev
library: true library: true
groups: shared groups: shared
dataExtensions: dataExtensions:

View File

@@ -1,7 +1,7 @@
name: codeql/tutorial name: codeql/tutorial
description: Library for the CodeQL detective tutorials, helping new users learn to description: Library for the CodeQL detective tutorials, helping new users learn to
write CodeQL queries. write CodeQL queries.
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
warnOnImplicitThis: true warnOnImplicitThis: true

View File

@@ -1,5 +1,5 @@
name: codeql/typeflow name: codeql/typeflow
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/typetracking name: codeql/typetracking
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/typos name: codeql/typos
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
warnOnImplicitThis: true warnOnImplicitThis: true

View File

@@ -1,5 +1,5 @@
name: codeql/util name: codeql/util
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: null dependencies: null

View File

@@ -1,5 +1,5 @@
name: codeql/xml name: codeql/xml
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
dependencies: dependencies:

View File

@@ -1,5 +1,5 @@
name: codeql/yaml name: codeql/yaml
version: 1.0.3 version: 1.0.4-dev
groups: shared groups: shared
library: true library: true
warnOnImplicitThis: true warnOnImplicitThis: true

View File

@@ -1,5 +1,5 @@
name: codeql/swift-all name: codeql/swift-all
version: 1.0.3 version: 1.0.4-dev
groups: swift groups: swift
extractor: swift extractor: swift
dbscheme: swift.dbscheme dbscheme: swift.dbscheme

View File

@@ -1,5 +1,5 @@
name: codeql/swift-queries name: codeql/swift-queries
version: 1.0.3 version: 1.0.4-dev
groups: groups:
- swift - swift
- queries - queries