Bumps the maven group with 1 update in the /java/ql/integration-tests/java/buildless-maven directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/buildless-maven-executable-war directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/buildless-maven-existing-settings-xml directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/buildless-maven-mirrorof directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 2 updates in the /java/ql/integration-tests/java/buildless-maven-multimodule directory: [junit:junit](https://github.com/junit-team/junit4) and org.apache.commons:commons-lang3. Bumps the maven group with 2 updates in the /java/ql/integration-tests/java/buildless-maven-multimodule/submod2 directory: [junit:junit](https://github.com/junit-team/junit4) and org.apache.commons:commons-lang3. Bumps the maven group with 1 update in the /java/ql/integration-tests/java/buildless-maven-timeout directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/buildless-proxy-maven directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/buildless-sibling-projects/maven-project-1 directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/buildless-sibling-projects/maven-project-2 directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/diagnostics/compilation-error directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/diagnostics/multiple-candidate-builds/maven-project-1 directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/diagnostics/multiple-candidate-builds/maven-project-2 directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-download-failure directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-enforcer directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-enforcer-multiple-versions directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-enforcer-single-version directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample-extract-properties directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample-large-xml-files directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample-small-xml-files directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample-xml-mode-all directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample-xml-mode-all-gbk-encoding directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample-xml-mode-byname directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample-xml-mode-disabled directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-sample-xml-mode-smart directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-wrapper directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-wrapper-script-only directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 1 update in the /java/ql/integration-tests/java/maven-wrapper-source-only directory: [junit:junit](https://github.com/junit-team/junit4). Bumps the maven group with 9 updates in the /java/ql/test/utils/flowtestcasegenerator directory: | Package | From | To | | --- | --- | --- | | org.apache.logging.log4j:log4j-core | `2.14.1` | `2.25.4` | | [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) | `2.3.5.RELEASE` | `2.4.4` | | [org.springframework:spring-web](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.1.21` | | [org.springframework:spring-context](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.1.20` | | [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) | `5.3.18` | `6.2.18` | | [org.apache.shiro:shiro-core](https://github.com/apache/shiro) | `1.8.0` | `2.2.1` | | [org.owasp.esapi:esapi](https://github.com/ESAPI/esapi-java-legacy) | `2.2.3.1` | `2.6.0.0` | | org.thymeleaf:thymeleaf | `3.0.15.RELEASE` | `3.1.5.RELEASE` | | [com.hubspot.jinjava:jinjava](https://github.com/HubSpot/jinjava) | `2.6.0` | `2.7.6` | Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `org.apache.commons:commons-lang3` from 3.14.0 to 3.18.0 Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `org.apache.commons:commons-lang3` from 3.14.0 to 3.18.0 Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.12 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `junit:junit` from 4.11 to 4.13.1 - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1) Updates `org.apache.logging.log4j:log4j-core` from 2.14.1 to 2.25.4 Updates `org.springframework.ldap:spring-ldap-core` from 2.3.5.RELEASE to 2.4.4 - [Release notes](https://github.com/spring-projects/spring-ldap/releases) - [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt) - [Commits](https://github.com/spring-projects/spring-ldap/compare/2.3.5.RELEASE...2.4.4) Updates `org.springframework:spring-web` from 5.3.18 to 6.1.21 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.1.21) Updates `org.springframework:spring-context` from 5.3.18 to 6.1.20 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.1.20) Updates `org.springframework:spring-webmvc` from 5.3.18 to 6.2.18 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.18...v6.2.18) Updates `org.apache.shiro:shiro-core` from 1.8.0 to 2.2.1 - [Release notes](https://github.com/apache/shiro/releases) - [Changelog](https://github.com/apache/shiro/blob/main/RELEASE-NOTES) - [Commits](https://github.com/apache/shiro/compare/shiro-root-1.8.0...shiro-root-2.2.1) Updates `org.owasp.esapi:esapi` from 2.2.3.1 to 2.6.0.0 - [Release notes](https://github.com/ESAPI/esapi-java-legacy/releases) - [Commits](https://github.com/ESAPI/esapi-java-legacy/compare/esapi-2.2.3.1...esapi-2.6.0.0) Updates `org.thymeleaf:thymeleaf` from 3.0.15.RELEASE to 3.1.5.RELEASE Updates `com.hubspot.jinjava:jinjava` from 2.6.0 to 2.7.6 - [Release notes](https://github.com/HubSpot/jinjava/releases) - [Changelog](https://github.com/HubSpot/jinjava/blob/master/CHANGES.md) - [Commits](https://github.com/HubSpot/jinjava/compare/jinjava-2.6.0...jinjava-2.7.6) --- updated-dependencies: - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: org.apache.commons:commons-lang3 dependency-version: 3.18.0 dependency-type: direct:production dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: org.apache.commons:commons-lang3 dependency-version: 3.18.0 dependency-type: direct:production dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: junit:junit dependency-version: 4.13.1 dependency-type: direct:development dependency-group: maven - dependency-name: org.apache.logging.log4j:log4j-core dependency-version: 2.25.4 dependency-type: direct:production dependency-group: maven - dependency-name: org.springframework.ldap:spring-ldap-core dependency-version: 2.4.4 dependency-type: direct:production dependency-group: maven - dependency-name: org.springframework:spring-web dependency-version: 6.1.21 dependency-type: direct:production dependency-group: maven - dependency-name: org.springframework:spring-context dependency-version: 6.1.20 dependency-type: direct:production dependency-group: maven - dependency-name: org.springframework:spring-webmvc dependency-version: 6.2.18 dependency-type: direct:production dependency-group: maven - dependency-name: org.apache.shiro:shiro-core dependency-version: 2.2.1 dependency-type: direct:production dependency-group: maven - dependency-name: org.owasp.esapi:esapi dependency-version: 2.6.0.0 dependency-type: direct:production dependency-group: maven - dependency-name: org.thymeleaf:thymeleaf dependency-version: 3.1.5.RELEASE dependency-type: direct:production dependency-group: maven - dependency-name: com.hubspot.jinjava:jinjava dependency-version: 2.7.6 dependency-type: direct:production dependency-group: maven ... Signed-off-by: dependabot[bot] <support@github.com>
CodeQL
This open source repository contains the standard CodeQL libraries and queries that power GitHub Advanced Security and the other application security products that GitHub makes available to its customers worldwide.
How do I learn CodeQL and run queries?
There is extensive documentation about the CodeQL language, writing CodeQL using the CodeQL extension for Visual Studio Code and using the CodeQL CLI.
Contributing
We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our contributing guidelines. You can also consult our style guides to learn how to format your code for consistency and clarity, how to write query metadata, and how to write query help documentation for your query.
For information on contributing to CodeQL documentation, see the "contributing guide" for docs.
License
The code in this repository is licensed under the MIT License by GitHub.
The CodeQL CLI (including the CodeQL engine) is hosted in a different repository and is licensed separately. If you'd like to use the CodeQL CLI to analyze closed-source code, you will need a separate commercial license; please contact us for further help.
Visual Studio Code integration
If you use Visual Studio Code to work in this repository, there are a few integration features to make development easier.
CodeQL for Visual Studio Code
You can install the CodeQL for Visual Studio Code extension to get syntax highlighting, IntelliSense, and code navigation for the QL language, as well as unit test support for testing CodeQL libraries and queries.
Tasks
The .vscode/tasks.json file defines custom tasks specific to working in this repository. To invoke one of these tasks, select the Terminal | Run Task... menu option, and then select the desired task from the dropdown. You can also invoke the Tasks: Run Task command from the command palette.