[krishnprakash/codeql] 61e8f9: Accept MaD sanitizers for queries with MaD sinks
0 views
Skip to first unread message
Phileco
Feb 23, 2026, 6:37:49 PM (10 days ago) Feb 23
to philecodi...@googlegroups.com
Branch: refs/heads/main
Home: https://github.com/krishnprakash/codeql
Commit: 61e8f9140456611201d8f3beefe7d4f97671becd
https://github.com/krishnprakash/codeql/commit/61e8f9140456611201d8f3beefe7d4f97671becd
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
Accept MaD sanitizers for queries with MaD sinks
Commit: 3dc465f167536d9a6ece5044bebc2eaedd6e00f2
https://github.com/krishnprakash/codeql/commit/3dc465f167536d9a6ece5044bebc2eaedd6e00f2
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/LogInjectionQuery.qll
M ruby/ql/lib/codeql/ruby/security/PathInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/ServerSideRequestForgeryCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/SqlInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
Log Message:
-----------
Accept MaD sanitizers for queries with MaD sinks
Commit: b8f9dd9de5e9250a4ec331690b5e8a863088c5cc
https://github.com/krishnprakash/codeql/commit/b8f9dd9de5e9250a4ec331690b5e8a863088c5cc
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
Log Message:
-----------
Revert "javascript: add MaD model"
This reverts commit 75bd4a7a12e2a0565189734df42c9ab8e2de6995.
Commit: 05f9b4124dbfb09b7c3d0d7cbaa3959e4104c0cc
https://github.com/krishnprakash/codeql/commit/05f9b4124dbfb09b7c3d0d7cbaa3959e4104c0cc
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
Log Message:
-----------
Revert "javascript: remove sanitizer to be replaced by model"
This reverts commit da2f77d6159bacad91d85040416e69561f2061e2.
Commit: 1d7a39a093a748276b454645ecd8be7703ed97d6
https://github.com/krishnprakash/codeql/commit/1d7a39a093a748276b454645ecd8be7703ed97d6
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/Concepts.qll
M ruby/ql/lib/codeql/ruby/security/SqlInjectionCustomizations.qll
Log Message:
-----------
Change how sql-injection barriers are accepted
Commit: fc429c175799f150470f6dbdbaa8e20664187807
https://github.com/krishnprakash/codeql/commit/fc429c175799f150470f6dbdbaa8e20664187807
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/test/library-tests/frameworks/mysql2/Mysql2.rb
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.qlref
Log Message:
-----------
Improve Mysql2 test
Commit: 3e4f42f8a3c5117e16f746446aa60abe898a1b69
https://github.com/krishnprakash/codeql/commit/3e4f42f8a3c5117e16f746446aa60abe898a1b69
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.qll
M ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
Log Message:
-----------
Move Mysql2 flow model to MaD and remove ql sanitizer
Commit: d4bb92b038567a61b7f55fb10bff8729467c2f05
https://github.com/krishnprakash/codeql/commit/d4bb92b038567a61b7f55fb10bff8729467c2f05
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
Log Message:
-----------
Reinstate Mysql2 sanitizer in MaD
Commit: 1fa183ee2a73b886dea62c9c220c4082d1337a6f
https://github.com/krishnprakash/codeql/commit/1fa183ee2a73b886dea62c9c220c4082d1337a6f
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.qlref
M ruby/ql/test/library-tests/frameworks/sqlite3/sqlite3.rb
Log Message:
-----------
Improve Sqlite3 test
Commit: 5df695bec93e39b3495da70aa826b92cccb9c5dd
https://github.com/krishnprakash/codeql/commit/5df695bec93e39b3495da70aa826b92cccb9c5dd
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.qll
M ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
Log Message:
-----------
Move SQLite3 flow model to MaD and remove ql sanitizer
Commit: 4aee99f0ebe290273a32f2c0970c69cee7fe95a5
https://github.com/krishnprakash/codeql/commit/4aee99f0ebe290273a32f2c0970c69cee7fe95a5
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
Log Message:
-----------
Reinstate SQLite3 sanitizer in MaD
Commit: 6294c3b3b8de70109da4edd0b27a836f277690f2
https://github.com/krishnprakash/codeql/commit/6294c3b3b8de70109da4edd0b27a836f277690f2
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
Log Message:
-----------
Remove Shellwords sanitizer in ql
Note that some sanitizers had no effect because flow through those functions wasn't modeled.
Commit: b3681f7a0c3128fb1dbb1d1e9f9814c43a4def64
https://github.com/krishnprakash/codeql/commit/b3681f7a0c3128fb1dbb1d1e9f9814c43a4def64
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
Log Message:
-----------
Model flow through Shellwords escape and shellescape
Commit: de5470a85c6342b97d1e0e2041f686de8dad17ff
https://github.com/krishnprakash/codeql/commit/de5470a85c6342b97d1e0e2041f686de8dad17ff
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
Log Message:
-----------
Add MaD barriers for Shellwords.escape and shellescape
Note that this will only block flow for queries that use the kind `command-injection`.
Commit: eb7f1989c72149ebea41f242ee8998ff1174970f
https://github.com/krishnprakash/codeql/commit/eb7f1989c72149ebea41f242ee8998ff1174970f
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
Log Message:
-----------
Reinstate ql model for `String#shellescape`
Commit: 1bff7a3eb8cc6ccb7ab6d79023efc6e58637c085
https://github.com/krishnprakash/codeql/commit/1bff7a3eb8cc6ccb7ab6d79023efc6e58637c085
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/lib/change-notes/2026-02-17-flow-through-shellwords-escape-shellescape.md
Log Message:
-----------
Add change note
Commit: f577e973bc6c52bc06629e29ae235dc630935ef6
https://github.com/krishnprakash/codeql/commit/f577e973bc6c52bc06629e29ae235dc630935ef6
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
M ruby/ql/test/library-tests/frameworks/sqlite3/Sqlite3.expected
Log Message:
-----------
Update other test in same folder
Commit: 05d681fe1955e4badedab6a9575262e422fa48d8
https://github.com/krishnprakash/codeql/commit/05d681fe1955e4badedab6a9575262e422fa48d8
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
Log Message:
-----------
Update taintstep test for models becoming MaD
Commit: 1d6b8c5120ae49201b4043cef68e9b14b6cdee76
https://github.com/krishnprakash/codeql/commit/1d6b8c5120ae49201b4043cef68e9b14b6cdee76
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb
Log Message:
-----------
Use postprocessing queries for unrelated test
Need to do this because the model numbering was changing. At the same
time we may as well use inline expectations.
Commit: a935d97190e0a20ea41875e54325235d008b246d
https://github.com/krishnprakash/codeql/commit/a935d97190e0a20ea41875e54325235d008b246d
Author: Jeroen Ketema <jke...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M cpp/ql/test/library-tests/builtins/complex/builtin.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsCompare.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsEnsure.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
M cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.expected
Log Message:
-----------
C++: Update expected test results after extractor changes
Commit: 12bd7092194ed9d565645968934135863196090d
https://github.com/krishnprakash/codeql/commit/12bd7092194ed9d565645968934135863196090d
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
A ruby/ql/lib/change-notes/2026-02-17-flow-through-shellwords-escape-shellescape.md
M ruby/ql/lib/codeql/ruby/Concepts.qll
A ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.qll
A ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.qll
A ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/LogInjectionQuery.qll
M ruby/ql/lib/codeql/ruby/security/PathInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/ServerSideRequestForgeryCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
M ruby/ql/test/library-tests/frameworks/mysql2/Mysql2.rb
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.qlref
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.qlref
M ruby/ql/test/library-tests/frameworks/sqlite3/Sqlite3.expected
M ruby/ql/test/library-tests/frameworks/sqlite3/sqlite3.rb
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb
Log Message:
-----------
Merge pull request #21341 from owen-mc/rb/accept-mad-sanitizers
Ruby: Accept MaD sanitizers for queries with MaD sinks and convert some existing sanitizers
Commit: 99de5d4238a446e68eae7b0821070cca8c29fda4
https://github.com/krishnprakash/codeql/commit/99de5d4238a446e68eae7b0821070cca8c29fda4
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M cpp/ql/test/library-tests/builtins/complex/builtin.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsCompare.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsEnsure.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
M cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.expected
Log Message:
-----------
Merge pull request #21208 from jketema/jketema/softfloat
C++: Update expected test results after extractor changes
Commit: ada9c452f0c3e6ffaad28d247143a22ed1fc7835
https://github.com/krishnprakash/codeql/commit/ada9c452f0c3e6ffaad28d247143a22ed1fc7835
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
M javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
Merge pull request #21336 from owen-mc/js/accept-mad-sanitizers
JS: Accept MaD sanitizers for queries with MaD sinks
Commit: 532e1feaccb340c9618eb22562efbb08c5e7ea58
https://github.com/krishnprakash/codeql/commit/532e1feaccb340c9618eb22562efbb08c5e7ea58
Author: github-actions[bot] <github-...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.19.1.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.21.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.22.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.23.1.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.24.2.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
Log Message:
-----------
update codeql documentation
Commit: 9773775a084c7cc889ef8effad4babba18e61a71
https://github.com/krishnprakash/codeql/commit/9773775a084c7cc889ef8effad4babba18e61a71
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.19.1.rst
Log Message:
-----------
Update codeql-cli-2.19.1.rst
Commit: 2969feef891fd81ffd1234fefc51b7ab5cf484e1
https://github.com/krishnprakash/codeql/commit/2969feef891fd81ffd1234fefc51b7ab5cf484e1
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.21.3.rst
Log Message:
-----------
Fix formatting in Kotlin version support note
Commit: d546b85163f05ec4d8b69f22d08b14304ba531bd
https://github.com/krishnprakash/codeql/commit/d546b85163f05ec4d8b69f22d08b14304ba531bd
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.22.3.rst
Log Message:
-----------
Fix formatting for Kotlin version support note
Commit: af0bfe0981f2b62db61f026c488fca5dc0f39f60
https://github.com/krishnprakash/codeql/commit/af0bfe0981f2b62db61f026c488fca5dc0f39f60
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.23.1.rst
Log Message:
-----------
Promote CORS configuration query to default suite
Commit: 8719072519a598dfc2832d5a10133b8d591fccda
https://github.com/krishnprakash/codeql/commit/8719072519a598dfc2832d5a10133b8d591fccda
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.24.2.rst
Log Message:
-----------
Apply suggestion from @Copilot
Co-authored-by: Copilot <17572847...@users.noreply.github.com>
Commit: 79ac95d8a8126591905eb4a14c87c34b356abf70
https://github.com/krishnprakash/codeql/commit/79ac95d8a8126591905eb4a14c87c34b356abf70
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M python/ql/lib/change-notes/released/6.1.1.md
Log Message:
-----------
Fix syntax error with '=' in format specifier
Commit: 365bae1f9cc175ca17c9d560d5966250b4ad41ff
https://github.com/krishnprakash/codeql/commit/365bae1f9cc175ca17c9d560d5966250b4ad41ff
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.23.1.rst
Log Message:
-----------
Fix formatting in codeql-cli-2.23.1.rst
Commit: e14b4f1c5cb8b2c9fccfb0e0bced2e8b30208bf1
https://github.com/krishnprakash/codeql/commit/e14b4f1c5cb8b2c9fccfb0e0bced2e8b30208bf1
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M .bazelrc
M .bazelversion
M MODULE.bazel
M actions/ql/lib/qlpack.yml
M actions/ql/src/qlpack.yml
A cpp/ql/lib/change-notes/2026-02-06-UncheckedLeapYearAfterModification_Refactor.md
A cpp/ql/lib/change-notes/2026-02-14-must-flow-fix.md
A cpp/ql/lib/change-notes/2026-02-14-must-flow.md
M cpp/ql/lib/qlpack.yml
M cpp/ql/lib/semmle/code/cpp/commons/DateTime.qll
M cpp/ql/lib/semmle/code/cpp/internal/Overlay.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/MustFlow.qll
M cpp/ql/lib/semmle/code/cpp/rangeanalysis/SimpleRangeAnalysis.qll
M cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll
M cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql
M cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.ql
M cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql
M cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql
M cpp/ql/src/Likely Bugs/OO/UnsafeUseOfThis.ql
M cpp/ql/src/qlpack.yml
M cpp/ql/test/library-tests/builtins/complex/builtin.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsCompare.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsEnsure.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/lowerBound.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.ql
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/ternaryLower.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/ternaryUpper.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/test.c
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/upperBound.expected
M cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedLeapYearAfterYearModification.expected
M cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedLeapYearAfterYearModification.qlref
M cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedReturnValueForTimeFunctions.expected
M cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/test.cpp
M cpp/ql/test/query-tests/Likely Bugs/Memory Management/ReturnStackAllocatedMemory/test.cpp
M cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.expected
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Event.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/EventAccessor.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Factory.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/PropertyFieldAccess.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Field.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/PropertyField.cs
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
A csharp/ql/integration-tests/posix/conftest.py
M csharp/ql/integration-tests/posix/standalone_dependencies_no_framework/test.py
M csharp/ql/integration-tests/posix/standalone_dependencies_nuget with_space/test.py
M csharp/ql/integration-tests/posix/standalone_dependencies_nuget/test.py
M csharp/ql/integration-tests/posix/standalone_dependencies_nuget_no_sources/test.py
A csharp/ql/lib/change-notes/2026-02-12-field-keyword.md
A csharp/ql/lib/change-notes/2026-02-16-partial-events.md
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/qlpack.yml
M csharp/ql/test/library-tests/dataflow/fields/D.cs
M csharp/ql/test/library-tests/dataflow/fields/FieldFlow.expected
M csharp/ql/test/library-tests/dispatch/CallGraph.expected
M csharp/ql/test/library-tests/dispatch/GetADynamicTarget.expected
M csharp/ql/test/library-tests/dispatch/ViableCallable.cs
M csharp/ql/test/library-tests/partial/MethodIsPartial.expected
M csharp/ql/test/library-tests/partial/Partial.cs
M csharp/ql/test/library-tests/partial/Partial1.expected
M csharp/ql/test/library-tests/partial/Partial2.expected
M csharp/ql/test/library-tests/partial/PartialAccessors.expected
M csharp/ql/test/library-tests/partial/PartialConstructors.expected
A csharp/ql/test/library-tests/partial/PartialEvents.expected
A csharp/ql/test/library-tests/partial/PartialEvents.ql
M csharp/ql/test/library-tests/partial/PartialIndexers.expected
M csharp/ql/test/library-tests/partial/PartialMethodBody.expected
M csharp/ql/test/library-tests/partial/PartialProperties.expected
M csharp/ql/test/library-tests/partial/PrintAst.expected
M csharp/ql/test/library-tests/properties/PrintAst.expected
M csharp/ql/test/library-tests/properties/Properties17.expected
M csharp/ql/test/library-tests/properties/Properties17.ql
M csharp/ql/test/library-tests/properties/properties.cs
A csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/NullableTest.cs
A csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/NullableTest.cs
M docs/codeql/reusables/supported-versions-compilers.rst
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/qlpack.yml
M go/ql/src/qlpack.yml
A java/ql/lib/change-notes/2026-02-12-jakarta.md
M java/ql/lib/experimental/quantum/JCA.qll
M java/ql/lib/qlpack.yml
M java/ql/lib/semmle/code/java/J2EE.qll
M java/ql/lib/semmle/code/java/JMX.qll
M java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll
M java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll
M java/ql/lib/semmle/code/java/frameworks/JAXB.qll
M java/ql/lib/semmle/code/java/frameworks/JavaxAnnotations.qll
M java/ql/lib/semmle/code/java/frameworks/JaxWS.qll
M java/ql/lib/semmle/code/java/frameworks/Jms.qll
M java/ql/lib/semmle/code/java/frameworks/Jndi.qll
M java/ql/lib/semmle/code/java/frameworks/Mail.qll
M java/ql/lib/semmle/code/java/frameworks/Networking.qll
M java/ql/lib/semmle/code/java/frameworks/Servlets.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/JavaServerFaces.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFAnnotations.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll
M java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll
M java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll
M java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll
M java/ql/lib/semmle/code/java/security/Encryption.qll
M java/ql/lib/semmle/code/java/security/InsecureBeanValidationQuery.qll
M java/ql/lib/semmle/code/java/security/XSS.qll
M java/ql/lib/semmle/code/java/security/XmlParsers.qll
M java/ql/lib/semmle/code/java/security/XsltInjection.qll
M java/ql/src/Likely Bugs/Frameworks/Swing/BadlyOverriddenAdapter.ql
M java/ql/src/Likely Bugs/Frameworks/Swing/ThreadSafety.ql
M java/ql/src/Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql
M java/ql/src/Security/CWE/CWE-319/UseSSLSocketFactories.ql
R java/ql/src/change-notes/2025-11-13-maven-default-java-17
A java/ql/src/change-notes/2025-11-13-maven-default-java-17.md
A java/ql/src/change-notes/2026-02-17-support-java-26.md
M java/ql/src/experimental/Security/CWE/CWE-094/JakartaExpressionInjectionLib.qll
M java/ql/src/experimental/Security/CWE/CWE-094/ScriptInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-094/SpringViewManipulationLib.qll
M java/ql/src/experimental/Security/CWE/CWE-208/NonConstantTimeCheckOnSignatureQuery.qll
M java/ql/src/experimental/Security/CWE/CWE-327/SslLib.qll
M java/ql/src/experimental/Security/CWE/CWE-400/LocalThreadResourceAbuse.ql
M java/ql/src/experimental/Security/CWE/CWE-489/WebComponentMain.ql
M java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll
M java/ql/src/experimental/Security/CWE/CWE-652/XQueryInjectionLib.qll
M java/ql/src/experimental/Security/CWE/CWE-665/InsecureRmiJmxEnvironmentConfiguration.ql
M java/ql/src/experimental/semmle/code/java/frameworks/Jsf.qll
M java/ql/src/qlpack.yml
M java/ql/src/utils/modelgenerator/internal/CaptureModels.qll
M javascript/extractor/BUILD.bazel
M javascript/extractor/test/com/semmle/js/extractor/test/BUILD.bazel
M javascript/ql/lib/qlpack.yml
M javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
M javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserializationCustomizations.qll
M javascript/ql/src/qlpack.yml
M misc/bazel/cmake/cmake.bzl
M misc/bazel/internal/zipmerge/BUILD.bazel
M misc/bazel/internal/zipmerge/zipmerge_test.cpp
M misc/bazel/registry/fix.py
R misc/bazel/registry/modules/rules_kotlin/2.2.0-codeql.1/MODULE.bazel
R misc/bazel/registry/modules/rules_kotlin/2.2.0-codeql.1/patches/codeql_add_language_version_option.patch
R misc/bazel/registry/modules/rules_kotlin/2.2.0-codeql.1/patches/codeql_do_not_emit_jdeps.patch
R misc/bazel/registry/modules/rules_kotlin/2.2.0-codeql.1/source.json
A misc/bazel/registry/modules/rules_kotlin/2.2.2-codeql.1/MODULE.bazel
A misc/bazel/registry/modules/rules_kotlin/2.2.2-codeql.1/patches/codeql_add_language_version_option.patch
A misc/bazel/registry/modules/rules_kotlin/2.2.2-codeql.1/patches/codeql_do_not_emit_jdeps.patch
A misc/bazel/registry/modules/rules_kotlin/2.2.2-codeql.1/source.json
M misc/bazel/registry/modules/rules_kotlin/metadata.json
A misc/bazel/registry/modules/rules_rust/0.68.1.codeql.1/MODULE.bazel
A misc/bazel/registry/modules/rules_rust/0.68.1.codeql.1/patches/include_rmeta_in_stdlib.patch
A misc/bazel/registry/modules/rules_rust/0.68.1.codeql.1/source.json
A misc/bazel/registry/modules/rules_rust/metadata.json
M misc/codegen/BUILD.bazel
M misc/codegen/templates/BUILD.bazel
M misc/suite-helpers/qlpack.yml
M python/ql/lib/analysis/DefinitionTracking.qll
A python/ql/lib/change-notes/2026-02-09-ssrf_test_case_cleanup_and_new_ssrf_barriers.md
A python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md
M python/ql/lib/qlpack.yml
M python/ql/lib/semmle/python/ApiGraphs.qll
M python/ql/lib/semmle/python/AstExtended.qll
M python/ql/lib/semmle/python/AstGenerated.qll
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Comment.qll
M python/ql/lib/semmle/python/Comprehensions.qll
M python/ql/lib/semmle/python/Constants.qll
M python/ql/lib/semmle/python/Exprs.qll
M python/ql/lib/semmle/python/Files.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/Function.qll
M python/ql/lib/semmle/python/GuardedControlFlow.qll
M python/ql/lib/semmle/python/Import.qll
M python/ql/lib/semmle/python/Keywords.qll
M python/ql/lib/semmle/python/Module.qll
M python/ql/lib/semmle/python/Operations.qll
M python/ql/lib/semmle/python/Patterns.qll
M python/ql/lib/semmle/python/SSA.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/Stmts.qll
M python/ql/lib/semmle/python/Variables.qll
M python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Builtins.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll
M python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/ImportStar.qll
M python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
M python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/essa/Definitions.qll
M python/ql/lib/semmle/python/essa/Essa.qll
M python/ql/lib/semmle/python/essa/SsaCompute.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/frameworks/Flask.qll
M python/ql/lib/semmle/python/frameworks/Requests.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/ModelsAsData.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/lib/semmle/python/internal/Awaited.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/lib/semmle/python/objects/TObject.qll
M python/ql/lib/semmle/python/security/dataflow/ServerSideRequestForgeryCustomizations.qll
M python/ql/lib/semmle/python/types/Builtins.qll
M python/ql/lib/semmle/python/types/ImportTime.qll
M python/ql/src/Variables/LoopVariableCapture/LoopVariableCaptureQuery.qll
M python/ql/src/analysis/ImportFailure.ql
M python/ql/src/qlpack.yml
M python/ql/test/library-tests/dataflow/summaries/TestSummaries.qll
M python/ql/test/library-tests/dataflow/typetracking-summaries/TestSummaries.qll
M python/ql/test/library-tests/frameworks/data/warnings.ql
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.expected
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.qlref
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/PartialServerSideRequestForgery.expected
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/PartialServerSideRequestForgery.qlref
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/full_partial_test.py
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_azure_client.py
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_http_client.py
A python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_path_validation.py
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_requests.py
A ruby/ql/lib/change-notes/2026-02-17-flow-through-shellwords-escape-shellescape.md
M ruby/ql/lib/codeql/ruby/Concepts.qll
A ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.qll
A ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.qll
A ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/LogInjectionQuery.qll
M ruby/ql/lib/codeql/ruby/security/PathInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/ServerSideRequestForgeryCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/qlpack.yml
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
M ruby/ql/test/library-tests/frameworks/mysql2/Mysql2.rb
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.qlref
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.qlref
M ruby/ql/test/library-tests/frameworks/sqlite3/Sqlite3.expected
M ruby/ql/test/library-tests/frameworks/sqlite3/sqlite3.rb
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/typeinference/FunctionType.qll
M rust/ql/lib/qlpack.yml
A rust/ql/src/change-notes/2026-02-18-database-quality.md
M rust/ql/src/qlpack.yml
M rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql
A rust/ql/test/library-tests/path-resolution/invalid/main.rs
A rust/ql/test/library-tests/path-resolution/invalid/options.yml
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M shared/concepts/qlpack.yml
M shared/controlflow/qlpack.yml
M shared/cpp/BUILD.bazel
M shared/dataflow/qlpack.yml
M shared/mad/qlpack.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/qlpack.yml
M shared/ssa/qlpack.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/qlpack.yml
M shared/typos/qlpack.yml
M shared/util/qlpack.yml
M shared/xml/qlpack.yml
M shared/yaml/qlpack.yml
M swift/logging/BUILD.bazel
M swift/ql/lib/qlpack.yml
M swift/ql/src/qlpack.yml
M swift/rules.bzl
Log Message:
-----------
Merge branch 'main' into codeql-spark-run-22317536589
Commit: 0151e8427cc01dc58e35b01d7a6b7ccdff95aba6
https://github.com/krishnprakash/codeql/commit/0151e8427cc01dc58e35b01d7a6b7ccdff95aba6
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.24.2.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M python/ql/lib/change-notes/released/6.1.1.md
Log Message:
-----------
Merge pull request #21357 from github/codeql-spark-run-22317536589
Update changelog documentation site
Commit: 0c5cd6af7c1ade34272a972b8212b1c7259eb923
https://github.com/krishnprakash/codeql/commit/0c5cd6af7c1ade34272a972b8212b1c7259eb923
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-02-24 (Tue, 24 Feb 2026)
Changed paths:
M cpp/ql/test/library-tests/builtins/complex/builtin.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsCompare.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsEnsure.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
M cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.expected
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.24.2.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
M javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserializationCustomizations.qll
M python/ql/lib/change-notes/released/6.1.1.md
A ruby/ql/lib/change-notes/2026-02-17-flow-through-shellwords-escape-shellescape.md
M ruby/ql/lib/codeql/ruby/Concepts.qll
A ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.qll
A ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.qll
A ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/LogInjectionQuery.qll
M ruby/ql/lib/codeql/ruby/security/PathInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/ServerSideRequestForgeryCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
M ruby/ql/test/library-tests/frameworks/mysql2/Mysql2.rb
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.qlref
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.qlref
M ruby/ql/test/library-tests/frameworks/sqlite3/Sqlite3.expected
M ruby/ql/test/library-tests/frameworks/sqlite3/sqlite3.rb
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/33044af7f3e7...0c5cd6af7c1a
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Home: https://github.com/krishnprakash/codeql
Commit: 61e8f9140456611201d8f3beefe7d4f97671becd
https://github.com/krishnprakash/codeql/commit/61e8f9140456611201d8f3beefe7d4f97671becd
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
Accept MaD sanitizers for queries with MaD sinks
Commit: 3dc465f167536d9a6ece5044bebc2eaedd6e00f2
https://github.com/krishnprakash/codeql/commit/3dc465f167536d9a6ece5044bebc2eaedd6e00f2
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/LogInjectionQuery.qll
M ruby/ql/lib/codeql/ruby/security/PathInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/ServerSideRequestForgeryCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/SqlInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
Log Message:
-----------
Accept MaD sanitizers for queries with MaD sinks
Commit: b8f9dd9de5e9250a4ec331690b5e8a863088c5cc
https://github.com/krishnprakash/codeql/commit/b8f9dd9de5e9250a4ec331690b5e8a863088c5cc
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
Log Message:
-----------
Revert "javascript: add MaD model"
This reverts commit 75bd4a7a12e2a0565189734df42c9ab8e2de6995.
Commit: 05f9b4124dbfb09b7c3d0d7cbaa3959e4104c0cc
https://github.com/krishnprakash/codeql/commit/05f9b4124dbfb09b7c3d0d7cbaa3959e4104c0cc
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
Log Message:
-----------
Revert "javascript: remove sanitizer to be replaced by model"
This reverts commit da2f77d6159bacad91d85040416e69561f2061e2.
Commit: 1d7a39a093a748276b454645ecd8be7703ed97d6
https://github.com/krishnprakash/codeql/commit/1d7a39a093a748276b454645ecd8be7703ed97d6
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/Concepts.qll
M ruby/ql/lib/codeql/ruby/security/SqlInjectionCustomizations.qll
Log Message:
-----------
Change how sql-injection barriers are accepted
Commit: fc429c175799f150470f6dbdbaa8e20664187807
https://github.com/krishnprakash/codeql/commit/fc429c175799f150470f6dbdbaa8e20664187807
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/test/library-tests/frameworks/mysql2/Mysql2.rb
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.qlref
Log Message:
-----------
Improve Mysql2 test
Commit: 3e4f42f8a3c5117e16f746446aa60abe898a1b69
https://github.com/krishnprakash/codeql/commit/3e4f42f8a3c5117e16f746446aa60abe898a1b69
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.qll
M ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
Log Message:
-----------
Move Mysql2 flow model to MaD and remove ql sanitizer
Commit: d4bb92b038567a61b7f55fb10bff8729467c2f05
https://github.com/krishnprakash/codeql/commit/d4bb92b038567a61b7f55fb10bff8729467c2f05
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
Log Message:
-----------
Reinstate Mysql2 sanitizer in MaD
Commit: 1fa183ee2a73b886dea62c9c220c4082d1337a6f
https://github.com/krishnprakash/codeql/commit/1fa183ee2a73b886dea62c9c220c4082d1337a6f
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.qlref
M ruby/ql/test/library-tests/frameworks/sqlite3/sqlite3.rb
Log Message:
-----------
Improve Sqlite3 test
Commit: 5df695bec93e39b3495da70aa826b92cccb9c5dd
https://github.com/krishnprakash/codeql/commit/5df695bec93e39b3495da70aa826b92cccb9c5dd
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.qll
M ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
Log Message:
-----------
Move SQLite3 flow model to MaD and remove ql sanitizer
Commit: 4aee99f0ebe290273a32f2c0970c69cee7fe95a5
https://github.com/krishnprakash/codeql/commit/4aee99f0ebe290273a32f2c0970c69cee7fe95a5
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
Log Message:
-----------
Reinstate SQLite3 sanitizer in MaD
Commit: 6294c3b3b8de70109da4edd0b27a836f277690f2
https://github.com/krishnprakash/codeql/commit/6294c3b3b8de70109da4edd0b27a836f277690f2
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
Log Message:
-----------
Remove Shellwords sanitizer in ql
Note that some sanitizers had no effect because flow through those functions wasn't modeled.
Commit: b3681f7a0c3128fb1dbb1d1e9f9814c43a4def64
https://github.com/krishnprakash/codeql/commit/b3681f7a0c3128fb1dbb1d1e9f9814c43a4def64
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
Log Message:
-----------
Model flow through Shellwords escape and shellescape
Commit: de5470a85c6342b97d1e0e2041f686de8dad17ff
https://github.com/krishnprakash/codeql/commit/de5470a85c6342b97d1e0e2041f686de8dad17ff
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
Log Message:
-----------
Add MaD barriers for Shellwords.escape and shellescape
Note that this will only block flow for queries that use the kind `command-injection`.
Commit: eb7f1989c72149ebea41f242ee8998ff1174970f
https://github.com/krishnprakash/codeql/commit/eb7f1989c72149ebea41f242ee8998ff1174970f
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
Log Message:
-----------
Reinstate ql model for `String#shellescape`
Commit: 1bff7a3eb8cc6ccb7ab6d79023efc6e58637c085
https://github.com/krishnprakash/codeql/commit/1bff7a3eb8cc6ccb7ab6d79023efc6e58637c085
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-17 (Tue, 17 Feb 2026)
Changed paths:
A ruby/ql/lib/change-notes/2026-02-17-flow-through-shellwords-escape-shellescape.md
Log Message:
-----------
Add change note
Commit: f577e973bc6c52bc06629e29ae235dc630935ef6
https://github.com/krishnprakash/codeql/commit/f577e973bc6c52bc06629e29ae235dc630935ef6
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
M ruby/ql/test/library-tests/frameworks/sqlite3/Sqlite3.expected
Log Message:
-----------
Update other test in same folder
Commit: 05d681fe1955e4badedab6a9575262e422fa48d8
https://github.com/krishnprakash/codeql/commit/05d681fe1955e4badedab6a9575262e422fa48d8
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
Log Message:
-----------
Update taintstep test for models becoming MaD
Commit: 1d6b8c5120ae49201b4043cef68e9b14b6cdee76
https://github.com/krishnprakash/codeql/commit/1d6b8c5120ae49201b4043cef68e9b14b6cdee76
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb
Log Message:
-----------
Use postprocessing queries for unrelated test
Need to do this because the model numbering was changing. At the same
time we may as well use inline expectations.
Commit: a935d97190e0a20ea41875e54325235d008b246d
https://github.com/krishnprakash/codeql/commit/a935d97190e0a20ea41875e54325235d008b246d
Author: Jeroen Ketema <jke...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M cpp/ql/test/library-tests/builtins/complex/builtin.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsCompare.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsEnsure.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
M cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.expected
Log Message:
-----------
C++: Update expected test results after extractor changes
Commit: 12bd7092194ed9d565645968934135863196090d
https://github.com/krishnprakash/codeql/commit/12bd7092194ed9d565645968934135863196090d
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
A ruby/ql/lib/change-notes/2026-02-17-flow-through-shellwords-escape-shellescape.md
M ruby/ql/lib/codeql/ruby/Concepts.qll
A ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.qll
A ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.qll
A ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/LogInjectionQuery.qll
M ruby/ql/lib/codeql/ruby/security/PathInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/ServerSideRequestForgeryCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
M ruby/ql/test/library-tests/frameworks/mysql2/Mysql2.rb
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.qlref
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.qlref
M ruby/ql/test/library-tests/frameworks/sqlite3/Sqlite3.expected
M ruby/ql/test/library-tests/frameworks/sqlite3/sqlite3.rb
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb
Log Message:
-----------
Merge pull request #21341 from owen-mc/rb/accept-mad-sanitizers
Ruby: Accept MaD sanitizers for queries with MaD sinks and convert some existing sanitizers
Commit: 99de5d4238a446e68eae7b0821070cca8c29fda4
https://github.com/krishnprakash/codeql/commit/99de5d4238a446e68eae7b0821070cca8c29fda4
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M cpp/ql/test/library-tests/builtins/complex/builtin.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsCompare.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsEnsure.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
M cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.expected
Log Message:
-----------
Merge pull request #21208 from jketema/jketema/softfloat
C++: Update expected test results after extractor changes
Commit: ada9c452f0c3e6ffaad28d247143a22ed1fc7835
https://github.com/krishnprakash/codeql/commit/ada9c452f0c3e6ffaad28d247143a22ed1fc7835
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
M javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
Merge pull request #21336 from owen-mc/js/accept-mad-sanitizers
JS: Accept MaD sanitizers for queries with MaD sinks
Commit: 532e1feaccb340c9618eb22562efbb08c5e7ea58
https://github.com/krishnprakash/codeql/commit/532e1feaccb340c9618eb22562efbb08c5e7ea58
Author: github-actions[bot] <github-...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.19.1.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.21.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.22.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.23.1.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.24.2.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
Log Message:
-----------
update codeql documentation
Commit: 9773775a084c7cc889ef8effad4babba18e61a71
https://github.com/krishnprakash/codeql/commit/9773775a084c7cc889ef8effad4babba18e61a71
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.19.1.rst
Log Message:
-----------
Update codeql-cli-2.19.1.rst
Commit: 2969feef891fd81ffd1234fefc51b7ab5cf484e1
https://github.com/krishnprakash/codeql/commit/2969feef891fd81ffd1234fefc51b7ab5cf484e1
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.21.3.rst
Log Message:
-----------
Fix formatting in Kotlin version support note
Commit: d546b85163f05ec4d8b69f22d08b14304ba531bd
https://github.com/krishnprakash/codeql/commit/d546b85163f05ec4d8b69f22d08b14304ba531bd
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.22.3.rst
Log Message:
-----------
Fix formatting for Kotlin version support note
Commit: af0bfe0981f2b62db61f026c488fca5dc0f39f60
https://github.com/krishnprakash/codeql/commit/af0bfe0981f2b62db61f026c488fca5dc0f39f60
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.23.1.rst
Log Message:
-----------
Promote CORS configuration query to default suite
Commit: 8719072519a598dfc2832d5a10133b8d591fccda
https://github.com/krishnprakash/codeql/commit/8719072519a598dfc2832d5a10133b8d591fccda
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.24.2.rst
Log Message:
-----------
Apply suggestion from @Copilot
Co-authored-by: Copilot <17572847...@users.noreply.github.com>
Commit: 79ac95d8a8126591905eb4a14c87c34b356abf70
https://github.com/krishnprakash/codeql/commit/79ac95d8a8126591905eb4a14c87c34b356abf70
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M python/ql/lib/change-notes/released/6.1.1.md
Log Message:
-----------
Fix syntax error with '=' in format specifier
Commit: 365bae1f9cc175ca17c9d560d5966250b4ad41ff
https://github.com/krishnprakash/codeql/commit/365bae1f9cc175ca17c9d560d5966250b4ad41ff
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.23.1.rst
Log Message:
-----------
Fix formatting in codeql-cli-2.23.1.rst
Commit: e14b4f1c5cb8b2c9fccfb0e0bced2e8b30208bf1
https://github.com/krishnprakash/codeql/commit/e14b4f1c5cb8b2c9fccfb0e0bced2e8b30208bf1
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
M .bazelrc
M .bazelversion
M MODULE.bazel
M actions/ql/lib/qlpack.yml
M actions/ql/src/qlpack.yml
A cpp/ql/lib/change-notes/2026-02-06-UncheckedLeapYearAfterModification_Refactor.md
A cpp/ql/lib/change-notes/2026-02-14-must-flow-fix.md
A cpp/ql/lib/change-notes/2026-02-14-must-flow.md
M cpp/ql/lib/qlpack.yml
M cpp/ql/lib/semmle/code/cpp/commons/DateTime.qll
M cpp/ql/lib/semmle/code/cpp/internal/Overlay.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/MustFlow.qll
M cpp/ql/lib/semmle/code/cpp/rangeanalysis/SimpleRangeAnalysis.qll
M cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll
M cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql
M cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.ql
M cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql
M cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql
M cpp/ql/src/Likely Bugs/OO/UnsafeUseOfThis.ql
M cpp/ql/src/qlpack.yml
M cpp/ql/test/library-tests/builtins/complex/builtin.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsCompare.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsEnsure.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/lowerBound.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.ql
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/ternaryLower.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/ternaryUpper.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/test.c
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/upperBound.expected
M cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedLeapYearAfterYearModification.expected
M cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedLeapYearAfterYearModification.qlref
M cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/UncheckedReturnValueForTimeFunctions.expected
M cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/test.cpp
M cpp/ql/test/query-tests/Likely Bugs/Memory Management/ReturnStackAllocatedMemory/test.cpp
M cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.expected
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Event.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/EventAccessor.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Factory.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/PropertyFieldAccess.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Field.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/PropertyField.cs
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
A csharp/ql/integration-tests/posix/conftest.py
M csharp/ql/integration-tests/posix/standalone_dependencies_no_framework/test.py
M csharp/ql/integration-tests/posix/standalone_dependencies_nuget with_space/test.py
M csharp/ql/integration-tests/posix/standalone_dependencies_nuget/test.py
M csharp/ql/integration-tests/posix/standalone_dependencies_nuget_no_sources/test.py
A csharp/ql/lib/change-notes/2026-02-12-field-keyword.md
A csharp/ql/lib/change-notes/2026-02-16-partial-events.md
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/qlpack.yml
M csharp/ql/test/library-tests/dataflow/fields/D.cs
M csharp/ql/test/library-tests/dataflow/fields/FieldFlow.expected
M csharp/ql/test/library-tests/dispatch/CallGraph.expected
M csharp/ql/test/library-tests/dispatch/GetADynamicTarget.expected
M csharp/ql/test/library-tests/dispatch/ViableCallable.cs
M csharp/ql/test/library-tests/partial/MethodIsPartial.expected
M csharp/ql/test/library-tests/partial/Partial.cs
M csharp/ql/test/library-tests/partial/Partial1.expected
M csharp/ql/test/library-tests/partial/Partial2.expected
M csharp/ql/test/library-tests/partial/PartialAccessors.expected
M csharp/ql/test/library-tests/partial/PartialConstructors.expected
A csharp/ql/test/library-tests/partial/PartialEvents.expected
A csharp/ql/test/library-tests/partial/PartialEvents.ql
M csharp/ql/test/library-tests/partial/PartialIndexers.expected
M csharp/ql/test/library-tests/partial/PartialMethodBody.expected
M csharp/ql/test/library-tests/partial/PartialProperties.expected
M csharp/ql/test/library-tests/partial/PrintAst.expected
M csharp/ql/test/library-tests/properties/PrintAst.expected
M csharp/ql/test/library-tests/properties/Properties17.expected
M csharp/ql/test/library-tests/properties/Properties17.ql
M csharp/ql/test/library-tests/properties/properties.cs
A csharp/ql/test/query-tests/API Abuse/ClassDoesNotImplementEquals/NullableTest.cs
A csharp/ql/test/query-tests/API Abuse/IncorrectEqualsSignature/NullableTest.cs
M docs/codeql/reusables/supported-versions-compilers.rst
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/qlpack.yml
M go/ql/src/qlpack.yml
A java/ql/lib/change-notes/2026-02-12-jakarta.md
M java/ql/lib/experimental/quantum/JCA.qll
M java/ql/lib/qlpack.yml
M java/ql/lib/semmle/code/java/J2EE.qll
M java/ql/lib/semmle/code/java/JMX.qll
M java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll
M java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll
M java/ql/lib/semmle/code/java/frameworks/JAXB.qll
M java/ql/lib/semmle/code/java/frameworks/JavaxAnnotations.qll
M java/ql/lib/semmle/code/java/frameworks/JaxWS.qll
M java/ql/lib/semmle/code/java/frameworks/Jms.qll
M java/ql/lib/semmle/code/java/frameworks/Jndi.qll
M java/ql/lib/semmle/code/java/frameworks/Mail.qll
M java/ql/lib/semmle/code/java/frameworks/Networking.qll
M java/ql/lib/semmle/code/java/frameworks/Servlets.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/JavaServerFaces.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFAnnotations.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll
M java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll
M java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll
M java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll
M java/ql/lib/semmle/code/java/security/Encryption.qll
M java/ql/lib/semmle/code/java/security/InsecureBeanValidationQuery.qll
M java/ql/lib/semmle/code/java/security/XSS.qll
M java/ql/lib/semmle/code/java/security/XmlParsers.qll
M java/ql/lib/semmle/code/java/security/XsltInjection.qll
M java/ql/src/Likely Bugs/Frameworks/Swing/BadlyOverriddenAdapter.ql
M java/ql/src/Likely Bugs/Frameworks/Swing/ThreadSafety.ql
M java/ql/src/Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql
M java/ql/src/Security/CWE/CWE-319/UseSSLSocketFactories.ql
R java/ql/src/change-notes/2025-11-13-maven-default-java-17
A java/ql/src/change-notes/2025-11-13-maven-default-java-17.md
A java/ql/src/change-notes/2026-02-17-support-java-26.md
M java/ql/src/experimental/Security/CWE/CWE-094/JakartaExpressionInjectionLib.qll
M java/ql/src/experimental/Security/CWE/CWE-094/ScriptInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-094/SpringViewManipulationLib.qll
M java/ql/src/experimental/Security/CWE/CWE-208/NonConstantTimeCheckOnSignatureQuery.qll
M java/ql/src/experimental/Security/CWE/CWE-327/SslLib.qll
M java/ql/src/experimental/Security/CWE/CWE-400/LocalThreadResourceAbuse.ql
M java/ql/src/experimental/Security/CWE/CWE-489/WebComponentMain.ql
M java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll
M java/ql/src/experimental/Security/CWE/CWE-652/XQueryInjectionLib.qll
M java/ql/src/experimental/Security/CWE/CWE-665/InsecureRmiJmxEnvironmentConfiguration.ql
M java/ql/src/experimental/semmle/code/java/frameworks/Jsf.qll
M java/ql/src/qlpack.yml
M java/ql/src/utils/modelgenerator/internal/CaptureModels.qll
M javascript/extractor/BUILD.bazel
M javascript/extractor/test/com/semmle/js/extractor/test/BUILD.bazel
M javascript/ql/lib/qlpack.yml
M javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
M javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserializationCustomizations.qll
M javascript/ql/src/qlpack.yml
M misc/bazel/cmake/cmake.bzl
M misc/bazel/internal/zipmerge/BUILD.bazel
M misc/bazel/internal/zipmerge/zipmerge_test.cpp
M misc/bazel/registry/fix.py
R misc/bazel/registry/modules/rules_kotlin/2.2.0-codeql.1/MODULE.bazel
R misc/bazel/registry/modules/rules_kotlin/2.2.0-codeql.1/patches/codeql_add_language_version_option.patch
R misc/bazel/registry/modules/rules_kotlin/2.2.0-codeql.1/patches/codeql_do_not_emit_jdeps.patch
R misc/bazel/registry/modules/rules_kotlin/2.2.0-codeql.1/source.json
A misc/bazel/registry/modules/rules_kotlin/2.2.2-codeql.1/MODULE.bazel
A misc/bazel/registry/modules/rules_kotlin/2.2.2-codeql.1/patches/codeql_add_language_version_option.patch
A misc/bazel/registry/modules/rules_kotlin/2.2.2-codeql.1/patches/codeql_do_not_emit_jdeps.patch
A misc/bazel/registry/modules/rules_kotlin/2.2.2-codeql.1/source.json
M misc/bazel/registry/modules/rules_kotlin/metadata.json
A misc/bazel/registry/modules/rules_rust/0.68.1.codeql.1/MODULE.bazel
A misc/bazel/registry/modules/rules_rust/0.68.1.codeql.1/patches/include_rmeta_in_stdlib.patch
A misc/bazel/registry/modules/rules_rust/0.68.1.codeql.1/source.json
A misc/bazel/registry/modules/rules_rust/metadata.json
M misc/codegen/BUILD.bazel
M misc/codegen/templates/BUILD.bazel
M misc/suite-helpers/qlpack.yml
M python/ql/lib/analysis/DefinitionTracking.qll
A python/ql/lib/change-notes/2026-02-09-ssrf_test_case_cleanup_and_new_ssrf_barriers.md
A python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md
M python/ql/lib/qlpack.yml
M python/ql/lib/semmle/python/ApiGraphs.qll
M python/ql/lib/semmle/python/AstExtended.qll
M python/ql/lib/semmle/python/AstGenerated.qll
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Comment.qll
M python/ql/lib/semmle/python/Comprehensions.qll
M python/ql/lib/semmle/python/Constants.qll
M python/ql/lib/semmle/python/Exprs.qll
M python/ql/lib/semmle/python/Files.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/Function.qll
M python/ql/lib/semmle/python/GuardedControlFlow.qll
M python/ql/lib/semmle/python/Import.qll
M python/ql/lib/semmle/python/Keywords.qll
M python/ql/lib/semmle/python/Module.qll
M python/ql/lib/semmle/python/Operations.qll
M python/ql/lib/semmle/python/Patterns.qll
M python/ql/lib/semmle/python/SSA.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/Stmts.qll
M python/ql/lib/semmle/python/Variables.qll
M python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Builtins.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll
M python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/ImportStar.qll
M python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
M python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/essa/Definitions.qll
M python/ql/lib/semmle/python/essa/Essa.qll
M python/ql/lib/semmle/python/essa/SsaCompute.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/frameworks/Flask.qll
M python/ql/lib/semmle/python/frameworks/Requests.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/ModelsAsData.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/lib/semmle/python/internal/Awaited.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/lib/semmle/python/objects/TObject.qll
M python/ql/lib/semmle/python/security/dataflow/ServerSideRequestForgeryCustomizations.qll
M python/ql/lib/semmle/python/types/Builtins.qll
M python/ql/lib/semmle/python/types/ImportTime.qll
M python/ql/src/Variables/LoopVariableCapture/LoopVariableCaptureQuery.qll
M python/ql/src/analysis/ImportFailure.ql
M python/ql/src/qlpack.yml
M python/ql/test/library-tests/dataflow/summaries/TestSummaries.qll
M python/ql/test/library-tests/dataflow/typetracking-summaries/TestSummaries.qll
M python/ql/test/library-tests/frameworks/data/warnings.ql
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.expected
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.qlref
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/PartialServerSideRequestForgery.expected
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/PartialServerSideRequestForgery.qlref
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/full_partial_test.py
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_azure_client.py
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_http_client.py
A python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_path_validation.py
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/test_requests.py
A ruby/ql/lib/change-notes/2026-02-17-flow-through-shellwords-escape-shellescape.md
M ruby/ql/lib/codeql/ruby/Concepts.qll
A ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.qll
A ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.qll
A ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/LogInjectionQuery.qll
M ruby/ql/lib/codeql/ruby/security/PathInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/ServerSideRequestForgeryCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/qlpack.yml
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
M ruby/ql/test/library-tests/frameworks/mysql2/Mysql2.rb
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.qlref
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.qlref
M ruby/ql/test/library-tests/frameworks/sqlite3/Sqlite3.expected
M ruby/ql/test/library-tests/frameworks/sqlite3/sqlite3.rb
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/typeinference/FunctionType.qll
M rust/ql/lib/qlpack.yml
A rust/ql/src/change-notes/2026-02-18-database-quality.md
M rust/ql/src/qlpack.yml
M rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql
A rust/ql/test/library-tests/path-resolution/invalid/main.rs
A rust/ql/test/library-tests/path-resolution/invalid/options.yml
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M shared/concepts/qlpack.yml
M shared/controlflow/qlpack.yml
M shared/cpp/BUILD.bazel
M shared/dataflow/qlpack.yml
M shared/mad/qlpack.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/qlpack.yml
M shared/ssa/qlpack.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/qlpack.yml
M shared/typos/qlpack.yml
M shared/util/qlpack.yml
M shared/xml/qlpack.yml
M shared/yaml/qlpack.yml
M swift/logging/BUILD.bazel
M swift/ql/lib/qlpack.yml
M swift/ql/src/qlpack.yml
M swift/rules.bzl
Log Message:
-----------
Merge branch 'main' into codeql-spark-run-22317536589
Commit: 0151e8427cc01dc58e35b01d7a6b7ccdff95aba6
https://github.com/krishnprakash/codeql/commit/0151e8427cc01dc58e35b01d7a6b7ccdff95aba6
Author: Jon Janego <jonj...@github.com>
Date: 2026-02-23 (Mon, 23 Feb 2026)
Changed paths:
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.24.2.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M python/ql/lib/change-notes/released/6.1.1.md
Log Message:
-----------
Merge pull request #21357 from github/codeql-spark-run-22317536589
Update changelog documentation site
Commit: 0c5cd6af7c1ade34272a972b8212b1c7259eb923
https://github.com/krishnprakash/codeql/commit/0c5cd6af7c1ade34272a972b8212b1c7259eb923
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-02-24 (Tue, 24 Feb 2026)
Changed paths:
M cpp/ql/test/library-tests/builtins/complex/builtin.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsCompare.expected
M cpp/ql/test/library-tests/controlflow/guards/GuardsEnsure.expected
M cpp/ql/test/library-tests/rangeanalysis/SimpleRangeAnalysis/nrOfBounds.expected
M cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.expected
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.24.2.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
M javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentialsCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirectCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserializationCustomizations.qll
M python/ql/lib/change-notes/released/6.1.1.md
A ruby/ql/lib/change-notes/2026-02-17-flow-through-shellwords-escape-shellescape.md
M ruby/ql/lib/codeql/ruby/Concepts.qll
A ruby/ql/lib/codeql/ruby/frameworks/Mysql2.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Mysql2.qll
A ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.model.yml
M ruby/ql/lib/codeql/ruby/frameworks/Sqlite3.qll
A ruby/ql/lib/codeql/ruby/frameworks/stdlib/Shellwords.model.yml
M ruby/ql/lib/codeql/ruby/security/CodeInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/CommandInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/LogInjectionQuery.qll
M ruby/ql/lib/codeql/ruby/security/PathInjectionCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/ServerSideRequestForgeryCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
M ruby/ql/test/library-tests/frameworks/mysql2/Mysql2.rb
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/mysql2/SqlInjection.qlref
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.expected
A ruby/ql/test/library-tests/frameworks/sqlite3/SqlInjection.qlref
M ruby/ql/test/library-tests/frameworks/sqlite3/Sqlite3.expected
M ruby/ql/test/library-tests/frameworks/sqlite3/sqlite3.rb
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/33044af7f3e7...0c5cd6af7c1a
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Reply all
Reply to author
Forward
0 new messages