Skip to content

Sync Main (autogenerated) #230

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dilanbhalla merged 422 commits into from
May 15, 2025
Merged

Sync Main (autogenerated) #230

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
422 commits
Select commit Hold shift + click to select a range
eae1e1c
JS: Make API graphs rely on type-tracking steps in general
asgerf Apr 29, 2025
f5a295c
Merge pull request #19408 from michaelnebel/debug/removemodelgentag
michaelnebel Apr 29, 2025
b5c596b
Shared: Split model printing of summaries and sources/sinks into sepa…
michaelnebel Apr 24, 2025
bb6530f
Shared: Make the summary, source and sink model generation a paramete…
michaelnebel Apr 24, 2025
0016fbf
C#: Re-factor implementation to use the new model generator interface.
michaelnebel Apr 25, 2025
2535055
Java: Re-factor implementation to use the new model generator interface.
michaelnebel Apr 25, 2025
c16d913
C++: Re-factor implementation to use the new model generator interface.
michaelnebel Apr 25, 2025
a6b5645
Rust: Re-factor implementation to use the new model generator interface.
michaelnebel Apr 25, 2025
c9d01bc
Shared: Sprinkle some predicate defaults and clean up.
michaelnebel Apr 25, 2025
e3a6681
Add code quality suite selector
tamasvajk Apr 29, 2025
ea9b957
Use code-quality-selectors in C# suite
tamasvajk Apr 29, 2025
be5de9c
JS: Update test output
asgerf Apr 29, 2025
5de2c93
JS: Rename getTargetFile to getImportedFile and remove its deprecated…
asgerf Apr 29, 2025
70a5ec5
JS: Add package.json files in tests relying on node_modules
asgerf Apr 29, 2025
b0f73f1
JS: Update test output now that we import .d.ts files more liberally
asgerf Apr 29, 2025
425e020
Use code-quality-selectors in Java suite
tamasvajk Apr 29, 2025
bb46ca7
Modify quality query suite selector for actions, cpp, rust and swift
tamasvajk Apr 29, 2025
2515b06
Use code-quality-selectors in Go suite
tamasvajk Apr 29, 2025
d56c522
Use code-quality-selectors in JS suite
tamasvajk Apr 29, 2025
fdeac95
Use code-quality-selectors in Python suite
tamasvajk Apr 29, 2025
e9e6d68
Use code-quality-selectors in Ruby suite
tamasvajk Apr 29, 2025
abbf753
Merge pull request #19385 from github/redsun82/update-rules-kotlin
redsun82 Apr 29, 2025
280ce05
Revert "Bazel: update `rules_kotlin` to 2.1.3"
redsun82 Apr 29, 2025
6de38b1
Merge pull request #19300 from Napalys/js/fastify
Napalys Apr 29, 2025
64145ab
Merge pull request #19369 from hvitved/rust/crate-graph-self-param
hvitved Apr 29, 2025
2c95f00
Merge pull request #19414 from github/revert-19385-redsun82/update-ru…
redsun82 Apr 29, 2025
eb7cd3d
Ruby: disable diff-informed mode on regex queries
jbj Apr 30, 2025
7106475
Merge pull request #19411 from joefarebrother/python-qual-file-not-cl…
joefarebrother Apr 30, 2025
9753252
Rust: Crate graph extraction workarounds
hvitved Apr 24, 2025
52bd99b
Address review comments
hvitved Apr 30, 2025
ba89a5d
Codegen: make missing `codeql` error clearer
Apr 30, 2025
9958cc7
Codegen: consider windows paths in local `codeql` binary heuristic
Apr 30, 2025
da5d799
JS: Change note
asgerf Apr 30, 2025
1c1ccda
Merge pull request #19418 from github/redsun82/improve-codegen-codeql…
redsun82 Apr 30, 2025
f6fae7a
Added test cases for `cmd`, `which` and `asyncExec`
Napalys Apr 30, 2025
25d04f1
Added support for `shelljs.which`
Napalys Apr 30, 2025
18cea2d
Added support for `shelljs.cmd` and `async-shelljs.asyncExec`
Napalys Apr 30, 2025
c7e4853
Merge pull request #19269 from jketema/non-second-level-limits
jketema Apr 30, 2025
8ebbfb1
Merge pull request #19412 from asgerf/js/promise-all
asgerf Apr 30, 2025
f584d22
Rust: Use type inference to insert implicit borrows and derefs
paldepind Apr 30, 2025
6d61766
Added test case for `fastify.all`
Napalys Apr 30, 2025
71f1b82
Added support for `fastify.all`
Napalys Apr 30, 2025
9624a41
Added change note
Napalys Apr 30, 2025
389f15e
Merge pull request #19362 from hvitved/rust/crate-extraction-workarounds
hvitved Apr 30, 2025
4f5b340
Rust: Add type inference debug predicates
hvitved Apr 30, 2025
c8e564b
Merge pull request #19416 from jbj/ruby-no-diff-informed-regex
jbj Apr 30, 2025
edd18dc
C++: Address review comment
jketema Apr 30, 2025
7f24a25
Add modelling for JCA key gen cipher algorithm
nicolaswill Apr 30, 2025
9c87ad8
Merge branch 'brodes/key_agreement' of https://github.com/nicolaswill…
nicolaswill Apr 30, 2025
dd2f53f
Merge pull request #10 from nicolaswill/brodes/key_agreement
nicolaswill Apr 30, 2025
2b1b90c
Merge pull request #4 from nicolaswill/brodes/cipher_operation
nicolaswill Apr 30, 2025
27c7bf3
Merge branch 'github:main' into crypto-test
nicolaswill Apr 30, 2025
83617e0
Merge pull request #2 from nicolaswill/knewbury01/JCA-sample
nicolaswill Apr 30, 2025
302680c
Merge pull request #19425 from hvitved/rust/type-inference-debug-pred…
hvitved Apr 30, 2025
c263d3f
Rust: Remove predicates unused after refactor
paldepind Apr 30, 2025
c80588c
Adding content to KnownSymmetricCipherAlgorithmql.
bdrodes Apr 30, 2025
cf614a5
Fix cwe tags to include leading zero
owen-mc Apr 30, 2025
a9132c4
Fix incorrect CWE tags
owen-mc Apr 30, 2025
3423a10
C++: Address review comments
jketema Apr 30, 2025
531f2a1
python: model `send_header` from `http.server`
yoff Apr 30, 2025
cf45e77
python: remove copied comment
yoff Apr 30, 2025
e63b38c
python: add change note
yoff Apr 30, 2025
359aa02
Merge pull request #19410 from jketema/header-variant
jketema Apr 30, 2025
723778f
C++: Limit flow through sinks and sources in `cpp/upcast-array-pointe…
jketema Apr 30, 2025
51e70d0
Rust: Add Copilot generated test for `?` operator expressions
hvitved Apr 24, 2025
88075c4
Rust: Make manual tweaks to Copilot generated code
hvitved Apr 24, 2025
a3c26b4
Rust: Type inference for `?` expressions
hvitved Apr 24, 2025
2ed48ae
C++: Update expected test results after barrier introduction
jketema Apr 30, 2025
36199b3
Docs: Fix escaping in 2.21.0 changelog
adityasharad Apr 30, 2025
bab84d0
Merge pull request #19419 from paldepind/rust-precise-implicit-deref-…
paldepind May 1, 2025
20f7781
Merge pull request #19437 from adityasharad/docs/fix/2.21.0-escaping
nickrolfe May 1, 2025
1770f56
Merge pull request #19367 from hvitved/rust/type-inference-try-expr
hvitved May 1, 2025
499d224
Rust: Update generated models for core and std
paldepind May 1, 2025
423e2da
Rust: Strenghten the modeling of the `Clone` trait
hvitved May 1, 2025
40d176a
Added model for shelljs.env
Napalys Apr 30, 2025
602500e
Added change note
Napalys Apr 30, 2025
33d8ffa
Added test cases for shelljs.env
Napalys May 1, 2025
d4b5ef6
Refactor process.env handling in CleartextLogging and IndirectCommand…
Napalys May 1, 2025
68a9dd9
Address comments
Napalys May 1, 2025
0863c87
Add change notes
owen-mc May 1, 2025
6ba0dc2
Merge pull request #19439 from Napalys/js/fastify-all
Napalys May 1, 2025
817237c
Merge pull request #19441 from github/nickrolfe/mergeback-2.21.2
nickrolfe May 1, 2025
0325f36
Added test case for `hdbcli`
Napalys May 1, 2025
e1fc0ca
Added implementation `hdbcli` as part of `PEP249::PEP249ModuleApiNode`
Napalys May 1, 2025
da7c093
Added `hdbcli` to be part of `supported-framework` as well as change …
Napalys May 1, 2025
53b2e97
Rust: extract declarations of builtin types
aibaars Apr 30, 2025
e054948
Merge pull request #19429 from owen-mc/fix-cwe-tags-missing-leading-zero
owen-mc May 1, 2025
ca5f8b0
JS: Move some code into ModelsAsData.qll
asgerf May 1, 2025
481adce
Merge pull request #18449 from github/tausbn/misc-add-script-for-calc…
tausbn May 1, 2025
8e8efed
Rust: adjust integration tests and expected output
aibaars Apr 30, 2025
0fc1ae2
DataFlow: expose from FlowSummaries whether a summary is supported
asgerf May 1, 2025
a44bdf3
JS: Generate summaries from summaryModel, and only generate steps as …
asgerf May 1, 2025
d7e6e1d
Merge pull request #19432 from yoff/python/model-http-server-header-w…
yoff May 1, 2025
8ad6938
Merge pull request #19434 from jketema/array-barrier
jketema May 1, 2025
40f80ff
Merge pull request #19442 from hvitved/rust/clone-modeling
hvitved May 1, 2025
73fa381
Rust: Remove visibility check in path resolution
hvitved Apr 30, 2025
bd3155e
Rust: Promote rust/uncontrolled-allocation-size to warning.
geoffw0 May 1, 2025
c9ce6c0
Rust: Demote rust/cleartext-logging to warning.
geoffw0 May 1, 2025
f652686
Merge pull request #19444 from Napalys/python/hdbcli
Napalys May 1, 2025
93f8cea
Rust: Add + clean up some QLDoc.
geoffw0 Apr 9, 2025
778f46d
Rust: adjust unit tests and expected output
aibaars May 1, 2025
cb1c373
Merge pull request #19413 from tamasvajk/quality/query-suite-selector
tamasvajk May 2, 2025
74669cb
Merge pull request #19382 from michaelnebel/shared/modelgenrefactor
michaelnebel May 2, 2025
16fc8c3
JS: Benign test updates
asgerf May 2, 2025
f64e86f
Rust: Add a library test for Operations.
geoffw0 Apr 9, 2025
f3e0cfd
Apply suggestions from code review
asgerf May 2, 2025
3aed1c8
Merge branch 'main' into rust-update-stdlib-models
paldepind May 2, 2025
c6d95ce
Shared: Remove the language-specific model generator scripts
paldepind May 2, 2025
5c9218f
JS: Add comment about 'path' heuristic
asgerf May 2, 2025
1f308ee
JS: Explain use of monotonicAggregates
asgerf May 2, 2025
871e93d
Update javascript/ql/lib/semmle/javascript/frameworks/ShellJS.qll
Napalys May 2, 2025
d1e769b
Merge pull request #19422 from Napalys/js/shelljs
Napalys May 2, 2025
07829e5
Merge pull request #19421 from github/aibaars/rust-builtin-types
hvitved May 2, 2025
ae2fd52
Merge pull request #19431 from hvitved/rust/path-resolution-remove-vi…
hvitved May 2, 2025
97d2ed8
Swift: Support `UnsafeCastExpr`
jketema Apr 30, 2025
c74fca9
Swift: Support `TypeValueExpr` and `IntegerType`
jketema May 1, 2025
98384bf
Swift: Support `BuiltinFixedArrayType`
jketema May 2, 2025
95ac458
Swift: Add upgrade and downgrade scripts
jketema May 2, 2025
4ca98ba
Rust: test with format! macro in a block
aibaars Apr 18, 2025
9ca6706
Rust: make MacroStmts a CFG Expr
aibaars Apr 17, 2025
869af58
Rust: add flow step for MacroStmts
aibaars Apr 17, 2025
bc35599
Rust: rename MacroStmts to MacroBlockExpr
aibaars May 2, 2025
5c4ca64
Swift: Add change note
jketema May 2, 2025
6bf50d8
Rust: add upgrade/downgrade scripts
aibaars May 2, 2025
060d515
Rust: Add an Operation class above LogicalOperation, AssignmentOperat…
geoffw0 Apr 9, 2025
be20176
Rust: Unify getAnOperand() methods into Operation.
geoffw0 May 2, 2025
dc1b4fc
Rust: Unify getOperatorName() methods into Operation.
geoffw0 May 2, 2025
09dc7fc
Rust: Autoformat.
geoffw0 May 2, 2025
d0287e9
Merge branch 'main' into alloc-size-sev
geoffw0 May 2, 2025
566b3dd
Rust: Update code scanning queries list.
geoffw0 May 2, 2025
16ed847
Rust: Use the new 'quality' tag.
geoffw0 May 2, 2025
f59ef58
Rust: Update query suite list.
geoffw0 May 2, 2025
5694f02
Misc. cleanup
bdrodes May 2, 2025
c08525a
Additional cleanup
bdrodes May 2, 2025
7481de7
Updating the model to infer implicit cipher key sizes.
bdrodes May 2, 2025
09d4736
Working refactor for cipher, padding, block mode. Still haven't compl…
bdrodes May 2, 2025
9463293
Clean up
bdrodes May 2, 2025
aa80b83
Merge pull request #19420 from github/jketema/swift-6.1-contructs
jketema May 2, 2025
0a0be41
Intermediate progress towards getting hashing upgraded. Still need to…
bdrodes May 2, 2025
4042081
Missing files, should have been part of last commit.
bdrodes May 2, 2025
d600eb4
add new stubs
5idg5 May 2, 2025
9b0854e
Merge pull request #19335 from github/aibaars/macro-stmts
aibaars May 3, 2025
c7026c0
Update changelogs for CodeQL CLI 2.21.2 and adjust query reporting fo…
coadaflorin May 5, 2025
1533d7a
Update codeql-cli-2.21.2.rst
coadaflorin May 5, 2025
0691cd3
Merge branch 'main' of https://github.com/5idg5/codeql into 5idg5-upd…
5idg5 May 6, 2025
7231f53
revert system.net stubs
5idg5 May 6, 2025
824271a
Bump golang.org/x/tools
dependabot[bot] May 6, 2025
228c45a
Look through aliases when identifying method receivers
owen-mc May 5, 2025
c781f98
(unrelated tidy up) `resolveTypeAlias` not needed
owen-mc May 5, 2025
55efb11
Merge pull request #19463 from github/dependabot/go_modules/go/extrac…
owen-mc May 6, 2025
a857069
Merge pull request #19464 from owen-mc/go/fix/extract-recv-alias-type
owen-mc May 6, 2025
310c02f
Rust: Add a dataflow sources test for the Poem web fraemework.
geoffw0 May 6, 2025
e56519d
Rust: Add a dataflow sources test for the Actix web fraemework.
geoffw0 May 6, 2025
49ff967
Rust: Add a dataflow sources test for the Axum web fraemework.
geoffw0 May 7, 2025
19f86fd
Rust: Address confusing / typo'd paths.
geoffw0 May 7, 2025
f5a3656
Merge pull request #11 from nicolaswill/brodes/openssl_refactor
nicolaswill May 7, 2025
56670c6
Revert Python changes and delete implementation
nicolaswill May 7, 2025
314f1ff
Refactor Java directory structure
nicolaswill May 7, 2025
c19291b
Refactor 'cryptography' and 'Quantum' to 'quantum'
nicolaswill May 7, 2025
ac72abd
Refactor directory structure (shared experimental)
nicolaswill May 8, 2025
7339dd0
Rename "Quantum" to "quantum" in dir structure
nicolaswill May 8, 2025
0066f74
Delete development scripts
nicolaswill May 8, 2025
a7ebe4a
Fix typo in asymmetric inventory slice query id
nicolaswill May 8, 2025
e956d04
Format LibraryDetector.qll
nicolaswill May 8, 2025
1d8a57e
Fix EVP Cipher class, predicate, and comment typos
nicolaswill May 8, 2025
1135fbe
Fix EVP_Hash_Initializer typo
nicolaswill May 8, 2025
0c6e124
Delete development test query
nicolaswill May 8, 2025
986c8e1
Change Java inventory slices to @kind table
nicolaswill May 8, 2025
b558e84
Update slice query metadata and output tables
nicolaswill May 8, 2025
b8c3b43
Fix KnownAsymmetricAlgorithm query id
nicolaswill May 8, 2025
e03f57d
Update type name in experimental BrokenCrypto.ql
nicolaswill May 8, 2025
a57f4a1
Update Java analysis query metadata
nicolaswill May 8, 2025
529128c
Add problem.severity for java analysis queries
nicolaswill May 8, 2025
d0510bc
Merge branch 'main' into quantum-experimental
nicolaswill May 8, 2025
c607794
Update cpp and java not_included_in_qls.expected
nicolaswill May 8, 2025
64e4071
Merge branch 'quantum-experimental' of https://github.com/nicolaswill…
nicolaswill May 8, 2025
cd59ce5
Rename shared pack to quantum from experimental
nicolaswill May 9, 2025
fbf3d7c
Update CODEOWNERS to specify shared pack directory
nicolaswill May 9, 2025
48b95f3
Rust: Move OperationImpl to internal/OperationImpl.qll.
geoffw0 May 9, 2025
089ef1c
Merge branch 'main' of https://github.com/5idg5/codeql into 5idg5-upd…
5idg5 May 9, 2025
4e3ac93
fix unit tests part 2
5idg5 May 9, 2025
14ede4e
Merge pull request #19440 from paldepind/rust-update-stdlib-models
paldepind May 12, 2025
8fab235
DataFlow: Fix typo in a comment
asgerf May 12, 2025
891b2b8
DataFlow: Support a bare Argument[n] as a valid output stack
asgerf May 12, 2025
ab3f62e
Add missing tags to PrintCBOMGraph.ql queries
nicolaswill May 12, 2025
8f36624
Add AsymmetricAlgorithmNode, refactor and address feedback
nicolaswill May 12, 2025
c66ec63
Fix query compilation errors
nicolaswill May 12, 2025
5334e90
Make FlowAwareElement private
nicolaswill May 12, 2025
a69a561
Merge pull request #19455 from geoffw0/quality
geoffw0 May 12, 2025
6678dc4
Merge pull request #19449 from geoffw0/alloc-size-sev
geoffw0 May 12, 2025
08fcf61
Apply suggestions from code review
geoffw0 May 12, 2025
bf8cdff
Update rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs
geoffw0 May 12, 2025
402a84f
Update rust/ql/test/library-tests/dataflow/sources/web_frameworks.rs
geoffw0 May 12, 2025
7c98fa8
Rust: One more bit of cleanup.
geoffw0 May 12, 2025
9160036
Rust: Rename OperationImpl -> Impl.
geoffw0 May 12, 2025
a2944cd
Rust: Make usage of Impl more consistent with other Impl modules.
geoffw0 May 12, 2025
d3282a9
Merge pull request #19469 from nicolaswill/quantum-experimental
nicolaswill May 12, 2025
cd01bd0
Rust: Add `LiteralExpr` sub classes
hvitved May 12, 2025
e51cb47
C++: Expose 'MemoryLocation0'.
MathiasVP May 12, 2025
f1b4e05
C++: Expose 'isBusyDef'.
MathiasVP May 12, 2025
a501678
ruby: adjust precision of `rb/useless-assignment-to-local`
yoff May 12, 2025
ffd6b26
C#: Cleanup test options files.
michaelnebel May 12, 2025
82cf472
C#: Fix ASP tests.
michaelnebel May 12, 2025
60d26e5
C#: Cleanup test options files.
michaelnebel May 12, 2025
05dc9b6
C#: Remove dependency to ASP.NET in the System.Web.cs stub file.
michaelnebel May 12, 2025
5faaa4f
C#: Cleanup test options files.
michaelnebel May 12, 2025
6a5ce39
Merge branch 'github:main' into 5idg5-update-cs-stubs
5idg5 May 12, 2025
eb4711e
Merge branch '5idg5-update-cs-stubs' of https://github.com/5idg5/code…
5idg5 May 12, 2025
0c0e1d0
Merge pull request #19456 from 5idg5/5idg5-update-cs-stubs
michaelnebel May 13, 2025
14bdc1a
Shared: Minor tweaks to model generator script
paldepind May 13, 2025
014e7dc
Shared: Remove change note for internal MaD generator
paldepind May 13, 2025
2b6e428
Merge pull request #19466 from geoffw0/web
geoffw0 May 13, 2025
b3dc7a2
Apply suggestions from code review
geoffw0 May 13, 2025
4cc9c24
Merge pull request #19452 from paldepind/shared-model-generator-script
paldepind May 13, 2025
510df38
C++: Add an 'hasIncompleteSsa' predicate to check whether a function …
MathiasVP May 12, 2025
9d2eb3d
C++: Filter out instructions with incomplete SSA in range analysis.
MathiasVP May 12, 2025
c3c18bd
C++: Add change note.
MathiasVP May 13, 2025
1c863b1
Merge pull request #19476 from yoff/ruby/DeadStoreOfLocal-precision-high
yoff May 13, 2025
20a012d
Merge pull request #19454 from geoffw0/deref
geoffw0 May 13, 2025
7494eac
Address review comments
hvitved May 13, 2025
0836f0b
C++: Cache and fix join order in 'hasIncompleteSsa'.
MathiasVP May 13, 2025
aea676d
Merge pull request #19445 from asgerf/js/summaries-with-fallback
asgerf May 13, 2025
ae54c62
Simplify using non-capturing groups
hvitved May 13, 2025
f255fc2
C++: Drive-by join order fix. Before:
MathiasVP May 13, 2025
08aad90
Add 2.2.0-Beta1 deps
smowton Apr 25, 2025
abea647
Bazel: update `rules_kotlin` to 2.1.3
Apr 25, 2025
163a403
Add Kotlin 2.2.0-Beta1; drop Kotlin 1.5
smowton Apr 25, 2025
24feb51
Fix Gradle config
smowton Apr 28, 2025
a36fc30
Fix build for Kotlin 2.2.0
smowton Apr 28, 2025
4cb1e78
Update Kotlin doc table
smowton Apr 28, 2025
2ad5e20
Change note
smowton Apr 28, 2025
3f23212
Update test expectation
smowton Apr 28, 2025
0d21fa5
Change default version
smowton Apr 28, 2025
29d369f
Don't try to decode a class from a .java file
smowton Apr 29, 2025
34e0a7b
Bump Kotlin version to keep integration test working
smowton Apr 29, 2025
1afe67a
Accept Kotlin 2.1.20 test changes
smowton Apr 29, 2025
0d34837
Bump unit tests to use latest stable Kotlin
smowton Apr 29, 2025
fc1fd26
Fix plugin test to work with Kotlin 2.1.20
smowton Apr 29, 2025
2722249
Update test expectation
smowton Apr 29, 2025
a2836f5
Adjust integration test expectations
smowton Apr 29, 2025
169ae19
Merge pull request #19391 from asgerf/js/typescript-path-resolution
asgerf May 13, 2025
3fc9da7
Merge pull request #19475 from hvitved/rust/literal-sub-classes
hvitved May 13, 2025
c608a90
Merge pull request #19462 from github/changedocs/2.21.2
coadaflorin May 13, 2025
3001d0b
Bazel: remove `2.0.0` `rules_kotlin` patching
Apr 28, 2025
fa79423
Merge pull request #19477 from MathiasVP/fix-infinite-range-analysis-…
MathiasVP May 13, 2025
fecad02
Fix handling of X/jvm-default intermediate modes such as 'compatibili…
smowton May 13, 2025
c6cc4c0
Merge pull request #19402 from smowton/smowton/admin/kotlin-2.2.0-sup…
smowton May 13, 2025
2de4a01
Release preparation for version 2.21.3
invalid-email-address May 13, 2025
4bb829e
Merge pull request #19488 from github/release-prep/2.21.3
smowton May 13, 2025
ae515a4
Merge tag 'codeql-cli/latest' into auto/sync-main-pr
May 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
2 changes: 1 addition & 1 deletion .github/workflows/mad_modelDiff.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ jobs:
DATABASE=$2
cd codeql-$QL_VARIANT
SHORTNAME=`basename $DATABASE`
python java/ql/src/utils/modelgenerator/GenerateFlowModel.py --with-summaries --with-sinks $DATABASE $SHORTNAME/$QL_VARIANT
python misc/scripts/models-as-data/generate_mad.py --language java --with-summaries --with-sinks $DATABASE $SHORTNAME/$QL_VARIANT
mkdir -p $MODELS/$SHORTNAME
mv java/ql/lib/ext/generated/$SHORTNAME/$QL_VARIANT $MODELS/$SHORTNAME
cd ..
Expand Down
1 change: 1 addition & 0 deletions CODEOWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@

# Experimental CodeQL cryptography
**/experimental/quantum/ @github/ps-codeql
/shared/quantum/ @github/ps-codeql

# CodeQL tools and associated docs
/docs/codeql/codeql-cli/ @github/codeql-cli-reviewers
Expand Down
17 changes: 4 additions & 13 deletions MODULE.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ bazel_dep(name = "bazel_skylib", version = "1.7.1")
bazel_dep(name = "abseil-cpp", version = "20240116.1", repo_name = "absl")
bazel_dep(name = "nlohmann_json", version = "3.11.3", repo_name = "json")
bazel_dep(name = "fmt", version = "10.0.0")
bazel_dep(name = "rules_kotlin", version = "2.0.0-codeql.1")
bazel_dep(name = "rules_kotlin", version = "2.1.3-codeql.1")
bazel_dep(name = "gazelle", version = "0.40.0")
bazel_dep(name = "rules_dotnet", version = "0.17.4")
bazel_dep(name = "googletest", version = "1.14.0.bcr.1")
Expand Down Expand Up @@ -193,10 +193,6 @@ use_repo(
kotlin_extractor_deps,
"codeql_kotlin_defaults",
"codeql_kotlin_embeddable",
"kotlin-compiler-1.5.0",
"kotlin-compiler-1.5.10",
"kotlin-compiler-1.5.20",
"kotlin-compiler-1.5.30",
"kotlin-compiler-1.6.0",
"kotlin-compiler-1.6.20",
"kotlin-compiler-1.7.0",
Expand All @@ -208,10 +204,7 @@ use_repo(
"kotlin-compiler-2.0.20-Beta2",
"kotlin-compiler-2.1.0-Beta1",
"kotlin-compiler-2.1.20-Beta1",
"kotlin-compiler-embeddable-1.5.0",
"kotlin-compiler-embeddable-1.5.10",
"kotlin-compiler-embeddable-1.5.20",
"kotlin-compiler-embeddable-1.5.30",
"kotlin-compiler-2.2.0-Beta1",
"kotlin-compiler-embeddable-1.6.0",
"kotlin-compiler-embeddable-1.6.20",
"kotlin-compiler-embeddable-1.7.0",
Expand All @@ -223,10 +216,7 @@ use_repo(
"kotlin-compiler-embeddable-2.0.20-Beta2",
"kotlin-compiler-embeddable-2.1.0-Beta1",
"kotlin-compiler-embeddable-2.1.20-Beta1",
"kotlin-stdlib-1.5.0",
"kotlin-stdlib-1.5.10",
"kotlin-stdlib-1.5.20",
"kotlin-stdlib-1.5.30",
"kotlin-compiler-embeddable-2.2.0-Beta1",
"kotlin-stdlib-1.6.0",
"kotlin-stdlib-1.6.20",
"kotlin-stdlib-1.7.0",
Expand All @@ -238,6 +228,7 @@ use_repo(
"kotlin-stdlib-2.0.20-Beta2",
"kotlin-stdlib-2.1.0-Beta1",
"kotlin-stdlib-2.1.20-Beta1",
"kotlin-stdlib-2.2.0-Beta1",
)

go_sdk = use_extension("@rules_go//go:extensions.bzl", "go_sdk")
Expand Down
4 changes: 4 additions & 0 deletions actions/ql/lib/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## 0.4.9

No user-facing changes.

## 0.4.8

No user-facing changes.
Expand Down
3 changes: 3 additions & 0 deletions actions/ql/lib/change-notes/released/0.4.9.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.4.9

No user-facing changes.
2 changes: 1 addition & 1 deletion actions/ql/lib/codeql-pack.release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.4.8
lastReleaseVersion: 0.4.9
2 changes: 1 addition & 1 deletion actions/ql/lib/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/actions-all
version: 0.4.8
version: 0.4.9
library: true
warnOnImplicitThis: true
dependencies:
Expand Down
4 changes: 4 additions & 0 deletions actions/ql/src/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## 0.6.1

No user-facing changes.

## 0.6.0

### Breaking Changes
Expand Down
3 changes: 3 additions & 0 deletions actions/ql/src/change-notes/released/0.6.1.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
## 0.6.1

No user-facing changes.
2 changes: 1 addition & 1 deletion actions/ql/src/codeql-pack.release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.6.0
lastReleaseVersion: 0.6.1
4 changes: 3 additions & 1 deletion actions/ql/src/codeql-suites/actions-code-quality.qls
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
[]
- queries: .
- apply: code-quality-selectors.yml
from: codeql/suite-helpers
2 changes: 1 addition & 1 deletion actions/ql/src/qlpack.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: codeql/actions-queries
version: 0.6.0
version: 0.6.1
library: false
warnOnImplicitThis: true
groups: [actions, queries]
Expand Down
2 changes: 2 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/clang-pch/a.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
#include "a.h"
#define FOUR 4
0 ...l/test/header-variant-tests/clang-pch/a.h → ...-tests/header-variant-tests/clang-pch/a.h
View file
Open in desktop
File renamed without changes.
0 ...l/test/header-variant-tests/clang-pch/b.c → ...-tests/header-variant-tests/clang-pch/b.c
View file
Open in desktop
File renamed without changes.
0 ...l/test/header-variant-tests/clang-pch/b.h → ...-tests/header-variant-tests/clang-pch/b.h
View file
Open in desktop
File renamed without changes.
3 changes: 3 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/clang-pch/c.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
int main() {
return ONE + FOUR;
}
0 ...ariant-tests/clang-pch/clang-pch.expected → ...ariant-tests/clang-pch/clang-pch.expected
View file
Open in desktop
File renamed without changes.
0 ...ader-variant-tests/clang-pch/clang-pch.ql → ...ader-variant-tests/clang-pch/clang-pch.ql
View file
Open in desktop
File renamed without changes.
1 change: 1 addition & 0 deletions cpp/ql/integration-tests/header-variant-tests/clang-pch/d.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
#import "d.h"
0 ...l/test/header-variant-tests/clang-pch/d.h → ...-tests/header-variant-tests/clang-pch/d.h
View file
Open in desktop
File renamed without changes.
3 changes: 3 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/clang-pch/e.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
int main() {
return SEVENTEEN;
}
5 changes: 5 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/clang-pch/f.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#if 1
#pragma hdrstop
extern int x;
#define SEEN_F
#endif
5 changes: 5 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/clang-pch/g.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#ifdef SEEN_F
static int g() {
return 20;
}
#endif
4 changes: 4 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/clang-pch/h.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#include "h1.h"
#pragma hdrstop
#include "h2.h"
#define SEEN_H
0 .../test/header-variant-tests/clang-pch/h1.h → ...tests/header-variant-tests/clang-pch/h1.h
View file
Open in desktop
File renamed without changes.
0 .../test/header-variant-tests/clang-pch/h2.h → ...tests/header-variant-tests/clang-pch/h2.h
View file
Open in desktop
File renamed without changes.
1 change: 0 additions & 1 deletion ...l/test/header-variant-tests/clang-pch/i.c → ...-tests/header-variant-tests/clang-pch/i.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,3 @@ static int h2() {
return 32;
}
#endif
// semmle-extractor-options: --clang -include-pch ${testdir}/clang-pch.testproj/h.pch
17 changes: 17 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/clang-pch/test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
import os


def test(codeql, cpp):
os.mkdir("pch")
extractor = cpp.get_tool("extractor")
codeql.database.create(command=[
f'"{extractor}" --mimic-clang -emit-pch -o pch/a.pch a.c',
f'"{extractor}" --mimic-clang -include-pch pch/a.pch -Iextra_dummy_path b.c',
f'"{extractor}" --mimic-clang -include pch/a -Iextra_dummy_path c.c',
f'"{extractor}" --mimic-clang -emit-pch -o pch/d.pch d.c',
f'"{extractor}" --mimic-clang -include-pch pch/d.pch e.c',
f'"{extractor}" --mimic-clang -emit-pch -o pch/f.pch f.c',
f'"{extractor}" --mimic-clang -include-pch pch/f.pch g.c',
f'"{extractor}" --mimic-clang -emit-pch -o pch/h.pch h.c',
f'"{extractor}" --mimic-clang -include-pch pch/h.pch i.c',
])
1 change: 1 addition & 0 deletions cpp/ql/integration-tests/header-variant-tests/microsoft-pch/a.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
#include "a.h"
0 ...st/header-variant-tests/microsoft-pch/a.h → ...ts/header-variant-tests/microsoft-pch/a.h
View file
Open in desktop
File renamed without changes.
6 changes: 6 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/microsoft-pch/b.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
#pragma hdrstop
#include "b.h"

int b() {
return A;
}
6 changes: 6 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/microsoft-pch/c.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
#include "d.h"
#include "c.h"

int c() {
return A;
}
0 ...ests/microsoft-pch/microsoft-pch.expected → ...ests/microsoft-pch/microsoft-pch.expected
View file
Open in desktop
File renamed without changes.
0 ...iant-tests/microsoft-pch/microsoft-pch.ql → ...iant-tests/microsoft-pch/microsoft-pch.ql
View file
Open in desktop
File renamed without changes.
11 changes: 11 additions & 0 deletions cpp/ql/integration-tests/header-variant-tests/microsoft-pch/test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
import os


def test(codeql, cpp):
os.mkdir("pch")
extractor = cpp.get_tool("extractor")
codeql.database.create(command=[
f'"{extractor}" --mimic-cl /Yca.h /Fppch/a.pch a.c',
f'"{extractor}" --mimic-cl /Yub.h /Fppch/a.pch b.c',
f'"{extractor}" --mimic-cl /Yuc.h /Fppch/a.pch c.c',
])
1 change: 1 addition & 0 deletions cpp/ql/integration-tests/query-suite/cpp-code-quality.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@

60 changes: 60 additions & 0 deletions cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
ql/cpp/ql/src/Critical/DoubleFree.ql
ql/cpp/ql/src/Critical/IncorrectCheckScanf.ql
ql/cpp/ql/src/Critical/NewFreeMismatch.ql
ql/cpp/ql/src/Critical/OverflowStatic.ql
ql/cpp/ql/src/Critical/UseAfterFree.ql
ql/cpp/ql/src/Diagnostics/ExtractedFiles.ql
ql/cpp/ql/src/Diagnostics/ExtractionWarnings.ql
ql/cpp/ql/src/Diagnostics/FailedExtractorInvocations.ql
ql/cpp/ql/src/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql
ql/cpp/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql
ql/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql
ql/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql
ql/cpp/ql/src/Likely Bugs/Format/SnprintfOverflow.ql
ql/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql
ql/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.ql
ql/cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql
ql/cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.ql
ql/cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql
ql/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql
ql/cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql
ql/cpp/ql/src/Likely Bugs/OO/UnsafeUseOfThis.ql
ql/cpp/ql/src/Likely Bugs/RedundantNullCheckSimple.ql
ql/cpp/ql/src/Likely Bugs/Underspecified Functions/TooFewArguments.ql
ql/cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.ql
ql/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql
ql/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql
ql/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql
ql/cpp/ql/src/Security/CWE/CWE-120/BadlyBoundedWrite.ql
ql/cpp/ql/src/Security/CWE/CWE-120/VeryLikelyOverrunWrite.ql
ql/cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql
ql/cpp/ql/src/Security/CWE/CWE-134/UncontrolledFormatString.ql
ql/cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql
ql/cpp/ql/src/Security/CWE/CWE-190/ComparisonWithWiderType.ql
ql/cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql
ql/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql
ql/cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql
ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql
ql/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql
ql/cpp/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql
ql/cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql
ql/cpp/ql/src/Security/CWE/CWE-327/OpenSslHeartbleed.ql
ql/cpp/ql/src/Security/CWE/CWE-367/TOCTOUFilesystemRace.ql
ql/cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.ql
ql/cpp/ql/src/Security/CWE/CWE-416/UseOfStringAfterLifetimeEnds.ql
ql/cpp/ql/src/Security/CWE/CWE-416/UseOfUniquePointerAfterLifetimeEnds.ql
ql/cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
ql/cpp/ql/src/Security/CWE/CWE-497/ExposedSystemData.ql
ql/cpp/ql/src/Security/CWE/CWE-611/XXE.ql
ql/cpp/ql/src/Security/CWE/CWE-676/DangerousFunctionOverflow.ql
ql/cpp/ql/src/Security/CWE/CWE-676/DangerousUseOfCin.ql
ql/cpp/ql/src/Security/CWE/CWE-704/WcharCharConversion.ql
ql/cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.ql
ql/cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql
ql/cpp/ql/src/Summary/LinesOfCode.ql
ql/cpp/ql/src/Summary/LinesOfUserCode.ql
ql/cpp/ql/src/Telemetry/CompilerErrors.ql
ql/cpp/ql/src/Telemetry/DatabaseQuality.ql
ql/cpp/ql/src/Telemetry/ExtractionMetrics.ql
ql/cpp/ql/src/Telemetry/MissingIncludes.ql
ql/cpp/ql/src/Telemetry/SucceededIncludes.ql
Loading
Loading