[krishnprakash/codeql] 10c10c: JS: fixed typo in folder name
0 views
Skip to first unread message
Idriss Riouak
Sep 7, 2025, 6:00:17 PM (3 days ago) Sep 7
to philecodi...@googlegroups.com
Branch: refs/heads/main
Home: https://github.com/krishnprakash/codeql
Commit: 10c10c7d30cdd8bff78677840d5accf6cfe12a47
https://github.com/krishnprakash/codeql/commit/10c10c7d30cdd8bff78677840d5accf6cfe12a47
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.qlref
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tst.js
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tstNonExpr.js
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.expected
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.qlref
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/tst.js
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/tstNonExpr.js
Log Message:
-----------
JS: fixed typo in folder name
Commit: c39c04cb86c074ae2684c5997bf13d4728cd1d3c
https://github.com/krishnprakash/codeql/commit/c39c04cb86c074ae2684c5997bf13d4728cd1d3c
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tst.js
Log Message:
-----------
JS: added new test case for remote prop injection via `Object.keys`
Commit: 32606584ea6bd70063371eef0a47c7a645c3e6ae
https://github.com/krishnprakash/codeql/commit/32606584ea6bd70063371eef0a47c7a645c3e6ae
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/security/dataflow/RemotePropertyInjectionQuery.qll
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tst.js
Log Message:
-----------
JS: add enumeration taint flow to Remote Property Injection query
Commit: e0916c8750b4f0d72092a390eb85335c2d9e621b
https://github.com/krishnprakash/codeql/commit/e0916c8750b4f0d72092a390eb85335c2d9e621b
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
A javascript/ql/src/change-notes/2025-08-27-remote-property-injection-update.md
Log Message:
-----------
JS: add change note
Commit: 1851deb929ee0695fb8d5b48f2ecad92989e490a
https://github.com/krishnprakash/codeql/commit/1851deb929ee0695fb8d5b48f2ecad92989e490a
Author: Napalys Klicius <nap...@github.com>
Date: 2025-07-15 (Tue, 15 Jul 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-776/libxml.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.noent.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.sax.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.saxpush.js
Log Message:
-----------
Removed `libxmljs` from being marked as `sink` for `xml-bomb`.
Commit: 887d80f49f22392bdc62b79b7d173d733a51d488
https://github.com/krishnprakash/codeql/commit/887d80f49f22392bdc62b79b7d173d733a51d488
Author: Napalys Klicius <nap...@github.com>
Date: 2025-07-15 (Tue, 15 Jul 2025)
Changed paths:
A javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
Log Message:
-----------
Added change note
Commit: 638f6498f0058900ff046ef2af8a087a0af027c3
https://github.com/krishnprakash/codeql/commit/638f6498f0058900ff046ef2af8a087a0af027c3
Author: Napalys Klicius <nap...@github.com>
Date: 2025-07-15 (Tue, 15 Jul 2025)
Changed paths:
M python/ql/lib/semmle/python/frameworks/Lxml.qll
M python/ql/test/library-tests/frameworks/lxml/parsing.py
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
Log Message:
-----------
Removed `lxml.etree.XMLParser` from xml bomb sinks
Commit: ea93b392f790f125f648738c46b3f6fb771b1d45
https://github.com/krishnprakash/codeql/commit/ea93b392f790f125f648738c46b3f6fb771b1d45
Author: Napalys Klicius <nap...@github.com>
Date: 2025-07-15 (Tue, 15 Jul 2025)
Changed paths:
A python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
Log Message:
-----------
Added change note for python
Commit: bafe22c50c9eaa5b6f31ddb6946e2ead66651627
https://github.com/krishnprakash/codeql/commit/bafe22c50c9eaa5b6f31ddb6946e2ead66651627
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
M javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-776/libxml.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.noent.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.sax.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.saxpush.js
A python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
M python/ql/lib/semmle/python/frameworks/Lxml.qll
M python/ql/test/library-tests/frameworks/lxml/parsing.py
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
Log Message:
-----------
Merge pull request #20048 from Napalys/js/xml_bomb_sinks
JS: Exclude patched libraries from `xml-bomb` sink
Commit: 0c14d93bc678319a70da5e1a0c2cc26815a6d30b
https://github.com/krishnprakash/codeql/commit/0c14d93bc678319a70da5e1a0c2cc26815a6d30b
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/AnnotatedClass.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/VisibleForTesting.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
Log Message:
-----------
Java: Added new query `java/visible-for-testing-abuse`
Commit: 652e9cba3d8a1fcb3a54a69b63826e2a2715f134
https://github.com/krishnprakash/codeql/commit/652e9cba3d8a1fcb3a54a69b63826e2a2715f134
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
M java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
Log Message:
-----------
Java: Added inline test expectations for `java/visible-for-testing-abuse`
Commit: ff6ddd2893432f2b260455324af7f644a049864b
https://github.com/krishnprakash/codeql/commit/ff6ddd2893432f2b260455324af7f644a049864b
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: Promoted `java/visible-for-testing-abuse` to quality
Commit: 2a16f4829ec658c8181bd35b960aa30a19720023
https://github.com/krishnprakash/codeql/commit/2a16f4829ec658c8181bd35b960aa30a19720023
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
Log Message:
-----------
Java: Expanded test suite of `java/visible-for-testing-abuse`
Commit: fbf18af076129df000de83343475ed2372c7499c
https://github.com/krishnprakash/codeql/commit/fbf18af076129df000de83343475ed2372c7499c
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
Log Message:
-----------
Java: enchanced check if it is within same package
Commit: 9dfb4d4301ae8b53a1fc29a360605e1a133e15cc
https://github.com/krishnprakash/codeql/commit/9dfb4d4301ae8b53a1fc29a360605e1a133e15cc
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
Log Message:
-----------
Java: Enchanced `isWithinType` to also include lambdas, inner classes etc.
Commit: 7e2a1944f6e06b20b18c9d8add6938afa1eb70c9
https://github.com/krishnprakash/codeql/commit/7e2a1944f6e06b20b18c9d8add6938afa1eb70c9
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: Fix Predicate QLDoc style.
Commit: 1e2e6eccd780d48557cc40a8c6f2f878a45005b0
https://github.com/krishnprakash/codeql/commit/1e2e6eccd780d48557cc40a8c6f2f878a45005b0
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
Log Message:
-----------
Java: Test @VisibleForTesting method accessing @VisibleForTesting members
Commit: e4042402bcf37a8796e5e715f0cf5d404f0d431b
https://github.com/krishnprakash/codeql/commit/e4042402bcf37a8796e5e715f0cf5d404f0d431b
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
Log Message:
-----------
Java: Resolve spurious VisibleForTestingAbuse alerts for inner class access patterns
Commit: 225723bfeb13d1ab75575631e385ae20d379a721
https://github.com/krishnprakash/codeql/commit/225723bfeb13d1ab75575631e385ae20d379a721
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
Log Message:
-----------
Java: Exclude @VisibleForTesting-to-@VisibleForTesting access from VisibleForTestingAbuse alerts
Commit: eb46e54c43d553c148571c0435ce9e5ad17e04f2
https://github.com/krishnprakash/codeql/commit/eb46e54c43d553c148571c0435ce9e5ad17e04f2
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: Refactor VisibleForTestingAbuse query to reduce complexity
Commit: ea831a8352250d3422ce8cc2c090239b9b0677b7
https://github.com/krishnprakash/codeql/commit/ea831a8352250d3422ce8cc2c090239b9b0677b7
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/UseWithinAnnotation.java
Log Message:
-----------
Java: Fix VisibleForTestingAbuse false positives in annotations
Commit: d20fd5beba8b2bfcc3f949dcb620a3786da25e75
https://github.com/krishnprakash/codeql/commit/d20fd5beba8b2bfcc3f949dcb620a3786da25e75
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: updated `visible-for-testing-abuse` meta data and docs.
Commit: 0b172080aa59254717acf1187c0d7e6fe239c2ae
https://github.com/krishnprakash/codeql/commit/0b172080aa59254717acf1187c0d7e6fe239c2ae
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Co-authored-by: Copilot <17572847...@users.noreply.github.com>
Commit: 66f2911497e34590d98d348f03753faa44d5705a
https://github.com/krishnprakash/codeql/commit/66f2911497e34590d98d348f03753faa44d5705a
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Co-authored-by: Michael Nebel <michae...@github.com>
Commit: 38b3df07ee86c005b8ebf1fccbe7a165277212a0
https://github.com/krishnprakash/codeql/commit/38b3df07ee86c005b8ebf1fccbe7a165277212a0
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: Address comments
Commit: 4705ad2e321d88e0426af210d616bc80b4a7bdbb
https://github.com/krishnprakash/codeql/commit/4705ad2e321d88e0426af210d616bc80b4a7bdbb
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
Log Message:
-----------
Java: Added extra test cases for fields
Commit: 4149968f33f8d95fb1f82f2b06df8e360d8b145d
https://github.com/krishnprakash/codeql/commit/4149968f33f8d95fb1f82f2b06df8e360d8b145d
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-24 (Sun, 24 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
Log Message:
-----------
Java: Remove the hardcoded path filter that excluded CodeQL's own unit tests from the `java/visible-for-testing-abuse` query.
Commit: 38f517ecfaaa3eb1d6b18d0969900aeaddfca420
https://github.com/krishnprakash/codeql/commit/38f517ecfaaa3eb1d6b18d0969900aeaddfca420
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-24 (Sun, 24 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
Log Message:
-----------
Java: Add lambda-aware test detection to VisibleForTesting query
Commit: d3be456c5cfa206642706443a0c8ab9d822aadcb
https://github.com/krishnprakash/codeql/commit/d3be456c5cfa206642706443a0c8ab9d822aadcb
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Co-authored-by: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Commit: c836104717a0a10cab8e350693db9d9d38f200bc
https://github.com/krishnprakash/codeql/commit/c836104717a0a10cab8e350693db9d9d38f200bc
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
Log Message:
-----------
Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
Co-authored-by: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Commit: 6132900e12d1d41dbcf885224a0cb20b6c30e7df
https://github.com/krishnprakash/codeql/commit/6132900e12d1d41dbcf885224a0cb20b6c30e7df
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: add full stops for ql docs
Commit: b4d6cb6e5fae5d716372c4dbd7305820388e5eb2
https://github.com/krishnprakash/codeql/commit/b4d6cb6e5fae5d716372c4dbd7305820388e5eb2
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/AnnotatedClass.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/VisibleForTesting.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/UseWithinAnnotation.java
Log Message:
-----------
Merge pull request #20178 from Napalys/java/visible-for-testing-abuse
Java: Added new query `java/visible-for-testing-abuse`
Commit: a145e52fafd78fd20b82a399e76d0b70aee3a2e8
https://github.com/krishnprakash/codeql/commit/a145e52fafd78fd20b82a399e76d0b70aee3a2e8
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/UninitializedLocal.expected
A cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/ms_vacopy.c
Log Message:
-----------
C++: Add uninitialized local test
Commit: 6b580ac12d8f310fafb8015a2463b53cea9b52bb
https://github.com/krishnprakash/codeql/commit/6b580ac12d8f310fafb8015a2463b53cea9b52bb
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/UninitializedLocal.expected
Log Message:
-----------
C++: Update expected test results
Commit: 7c5b04a0da3e898afa7a0846554a3c45061cc917
https://github.com/krishnprakash/codeql/commit/7c5b04a0da3e898afa7a0846554a3c45061cc917
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/ms_vacopy.c
Log Message:
-----------
Merge pull request #20315 from jketema/uninit-test
C++: Add uninitialized local test
Commit: d5e029899919db069537f29c81d8fedbfa99dee9
https://github.com/krishnprakash/codeql/commit/d5e029899919db069537f29c81d8fedbfa99dee9
Author: Taus <tau...@github.com>
Date: 2025-08-25 (Mon, 25 Aug 2025)
Changed paths:
A python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
M python/ql/lib/semmle/python/frameworks/Psycopg2.qll
Log Message:
-----------
Python: Add support for Psycopg2 database connection pools
Our current modelling only treated `psycopg2` insofar as it implemented
PEP 249 (which does not define any notion of connection pool), which
meant we were missing database connections that arose from such pools.
With these changes, we add support for the three classes relating to
database pools that are defined in `psycopg2`. (Note that
`getAnInstance` automatically looks at subclasses, which means this
should also handle cases where the user has defined a new subclass that
inherits from one of these three classes.)
Commit: 1008ca974430eb5ccb72a323c101377ce207e58a
https://github.com/krishnprakash/codeql/commit/1008ca974430eb5ccb72a323c101377ce207e58a
Author: Taus <tau...@github.com>
Date: 2025-08-25 (Mon, 25 Aug 2025)
Changed paths:
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.expected
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.ql
A python/ql/test/library-tests/frameworks/psycopg2/connectionpool.py
Log Message:
-----------
Python: Add `psycopg2.pool` tests
Commit: f89fae39c5f6e01d14d0490058dba1610f1cdece
https://github.com/krishnprakash/codeql/commit/f89fae39c5f6e01d14d0490058dba1610f1cdece
Author: Taus <tau...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
M python/ql/lib/semmle/python/frameworks/Psycopg2.qll
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.expected
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.ql
A python/ql/test/library-tests/frameworks/psycopg2/connectionpool.py
Log Message:
-----------
Merge pull request #20276 from github/tausbn/python-model-psycopg2-connection-pools
Python: Add support for Psycopg2 database connection pools
Commit: 5c90b908cdace044b84e7dd45099c67ec028a057
https://github.com/krishnprakash/codeql/commit/5c90b908cdace044b84e7dd45099c67ec028a057
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql
Log Message:
-----------
Rust: Lower the thresholds in rust/diagnostic/database-quality to more pragmatic numbers.
Commit: 9e0a31cafcb7aefd843eb5ce0126d15d969cecc0
https://github.com/krishnprakash/codeql/commit/9e0a31cafcb7aefd843eb5ce0126d15d969cecc0
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
A rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
Log Message:
-----------
Rust: Change note.
Commit: 45d6fc04cef5cde34dd47cbebbad04d3aa266651
https://github.com/krishnprakash/codeql/commit/45d6fc04cef5cde34dd47cbebbad04d3aa266651
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
M rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql
Log Message:
-----------
Merge pull request #20312 from geoffw0/dbquality
Rust: Tune rust/diagnostic/database-quality
Commit: f135ed957d3d0d23cde0749656d7e6f12223ec53
https://github.com/krishnprakash/codeql/commit/f135ed957d3d0d23cde0749656d7e6f12223ec53
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
Log Message:
-----------
C++: Add testcases with missing model.
Commit: 3e78572a3a0b91128702f613b16ac4ca27309bdf
https://github.com/krishnprakash/codeql/commit/3e78572a3a0b91128702f613b16ac4ca27309bdf
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/lib/ext/ComPtr.model.yml
Log Message:
-----------
C++: Drive-by fix: Add missing '@'.
Commit: e59de9a3d65f9bcd8a7b254d25d0ca9094720e33
https://github.com/krishnprakash/codeql/commit/e59de9a3d65f9bcd8a7b254d25d0ca9094720e33
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/lib/ext/ComPtr.model.yml
A cpp/ql/lib/ext/ComPtrRef.model.yml
Log Message:
-----------
C++: Add models for the remaining member functions (and conversions) in ComPtr.
Commit: ddf0f37dac4b4722cc7e346b7fecadebf85a58af
https://github.com/krishnprakash/codeql/commit/ddf0f37dac4b4722cc7e346b7fecadebf85a58af
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
Log Message:
-----------
C++: Accept test changes.
Commit: 759e339444913807a40600ade0095498163ab72f
https://github.com/krishnprakash/codeql/commit/759e339444913807a40600ade0095498163ab72f
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-08-28-comptr.md
Log Message:
-----------
C++: Add change note.
Commit: b9cd7a80f93be5030c72273e67db66a2e8a40be1
https://github.com/krishnprakash/codeql/commit/b9cd7a80f93be5030c72273e67db66a2e8a40be1
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/lib/ext/ComPtr.model.yml
Log Message:
-----------
C++: Fix conflation in models.
Commit: b8917c8c197a91e76d900f3a0f617763f8540994
https://github.com/krishnprakash/codeql/commit/b8917c8c197a91e76d900f3a0f617763f8540994
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/old.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/semmlecode.cpp.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/upgrade.properties
A cpp/ql/lib/change-notes/2025-08-27-pch.md
M cpp/ql/lib/cpp.qll
A cpp/ql/lib/semmle/code/cpp/PchFile.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmlecode.cpp.dbscheme
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/old.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/upgrade.properties
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
A csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
M csharp/ql/lib/ext/System.IO.model.yml
M csharp/ql/lib/ext/System.model.yml
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/UnsafeDeserializationUntrustedInput.expected
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.md
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.ql
A java/ql/test/query-tests/ExcessivePublicMethodMocking/Employee.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeRecord.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeStatus.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.expected
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.qlref
A java/ql/test/query-tests/ExcessivePublicMethodMocking/TestORM.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/options
A java/ql/test/stubs/junit-4.13/LICENSE-junit.txt
A java/ql/test/stubs/junit-4.13/org/junit/Assert.java
A java/ql/test/stubs/junit-4.13/org/junit/Test.java
A java/ql/test/stubs/junit-4.13/org/junit/function/ThrowingRunnable.java
A java/ql/test/stubs/mockito-5.14/org/mockito/ArgumentMatchers.java
A java/ql/test/stubs/mockito-5.14/org/mockito/MockSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/Mockito.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/MockitoCore.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/creation/MockSettingsImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerFactory.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/progress/MockingProgress.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/util/MockUtil.java
A java/ql/test/stubs/mockito-5.14/org/mockito/invocation/MockHandler.java
A java/ql/test/stubs/mockito-5.14/org/mockito/mock/MockCreationSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/plugins/MockMaker.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Answer.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/OngoingStubbing.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Stubber.java
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected
M python/ql/integration-tests/query-suite/python-code-quality.qls.expected
M python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected
M python/ql/lib/semmle/python/Class.qll
A python/ql/src/Classes/Comparisons/EqualsOrHash.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrHash.ql
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.ql
A python/ql/src/Classes/Comparisons/IncompleteOrdering.qhelp
A python/ql/src/Classes/Comparisons/IncompleteOrdering.ql
A python/ql/src/Classes/Comparisons/examples/EqualsOrHash.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals1.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals2.py
A python/ql/src/Classes/Comparisons/examples/IncompleteOrdering.py
M python/ql/src/Classes/Equality.qll
R python/ql/src/Classes/EqualsOrHash.py
R python/ql/src/Classes/EqualsOrHash.qhelp
R python/ql/src/Classes/EqualsOrHash.ql
R python/ql/src/Classes/EqualsOrNotEquals.py
R python/ql/src/Classes/EqualsOrNotEquals.qhelp
R python/ql/src/Classes/EqualsOrNotEquals.ql
R python/ql/src/Classes/IncompleteOrdering.py
R python/ql/src/Classes/IncompleteOrdering.qhelp
R python/ql/src/Classes/IncompleteOrdering.ql
R python/ql/src/Classes/SubclassShadowing.py
R python/ql/src/Classes/SubclassShadowing.qhelp
R python/ql/src/Classes/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.qhelp
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingBad.py
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingGood.py
A python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/3/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.expected
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.qlref
R python/ql/test/3/query-tests/Classes/equals-ne/test.py
M python/ql/test/query-tests/Classes/equals-attr/DefineEqualsWhenAddingAttributes.expected
A python/ql/test/query-tests/Classes/equals-attr/attr_eq_test.py
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.expected
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.qlref
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.expected
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/query-tests/Classes/equals-hash/attr_eq_test.py
A python/ql/test/query-tests/Classes/equals-hash/equalsHash.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.expected
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.expected
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/incomplete_ordering.py
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.expected
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.qlref
M python/ql/test/query-tests/Classes/subclass-shadowing/subclass_shadowing.py
M python/ql/test/query-tests/analysis/jump_to_defn/Definitions.expected
M python/ql/test/query-tests/analysis/jump_to_defn/test.py
A rust/ql/lib/change-notes/2025-08-22-fs.md
M rust/ql/lib/codeql/rust/elements/RangeExprExt.qll
A rust/ql/lib/codeql/rust/frameworks/asyncstd/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/stdlib/Stdlib.qll
M rust/ql/lib/codeql/rust/frameworks/stdlib/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/tokio/fs.model.yml
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
M rust/ql/test/library-tests/dataflow/sources/test.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/query-tests/security/CWE-022/Cargo.lock
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-022/options.yml
M rust/ql/test/query-tests/security/CWE-022/src/main.rs
Log Message:
-----------
Merge branch 'main' into add-comptr-model-now-with-more-models
Commit: b361b0f3c307b95f2a723bfbfc7830aabf6f970d
https://github.com/krishnprakash/codeql/commit/b361b0f3c307b95f2a723bfbfc7830aabf6f970d
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-08-28-comptr.md
M cpp/ql/lib/ext/ComPtr.model.yml
A cpp/ql/lib/ext/ComPtrRef.model.yml
M cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
Log Message:
-----------
Merge pull request #20310 from MathiasVP/add-comptr-model-now-with-more-models
C++: Add `ComPtr` conversion operators
Commit: c2bb3797b0a5a1399e5d6871e20605fd5e4ea807
https://github.com/krishnprakash/codeql/commit/c2bb3797b0a5a1399e5d6871e20605fd5e4ea807
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.cs
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
Log Message:
-----------
C#: Add data flow test
Commit: aa3f4e1eca4aa4520a75d758b6217a4d9c4a3e9c
https://github.com/krishnprakash/codeql/commit/aa3f4e1eca4aa4520a75d758b6217a4d9c4a3e9c
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
Log Message:
-----------
C#: Fix context-sensitive dispatch when using `base` qualifier
Commit: 611eca41b90eed14b2a25f85eb0f23821b7e1378
https://github.com/krishnprakash/codeql/commit/611eca41b90eed14b2a25f85eb0f23821b7e1378
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
Log Message:
-----------
Add change note
Commit: aa604425a534ad6cc750b607944744224131f8c8
https://github.com/krishnprakash/codeql/commit/aa604425a534ad6cc750b607944744224131f8c8
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
M csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.cs
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
Log Message:
-----------
Merge pull request #20305 from hvitved/csharp/dataflow-base-non-exact-type
C#: Fix context-sensitive dispatch when using `base` qualifier
Commit: dcf63fc4342ebfd541b1092022a4badc838cd796
https://github.com/krishnprakash/codeql/commit/dcf63fc4342ebfd541b1092022a4badc838cd796
Author: Asger F <asg...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/AST.qll
M javascript/ql/lib/semmle/javascript/Files.qll
M javascript/ql/lib/semmle/javascript/JSON.qll
M javascript/ql/lib/semmle/javascript/Locations.qll
M javascript/ql/lib/semmle/javascript/RestrictedLocations.qll
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/Variables.qll
M javascript/ql/lib/semmle/javascript/XML.qll
M javascript/ql/lib/semmle/javascript/YAML.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableOrThis.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
R javascript/ql/lib/semmle/javascript/internal/Locations.qll
Log Message:
-----------
JS: Remove synthetic locations
Commit: 4a687a12220d75ea1a1c07f5acfc39c33d0f530d
https://github.com/krishnprakash/codeql/commit/4a687a12220d75ea1a1c07f5acfc39c33d0f530d
Author: Asger F <asg...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/Locations.qll
Log Message:
-----------
JS: Add deprecated alias
The old DbLocation class was public, hence the alias
Commit: d117c52d2fd8df48eb264c521f7e1a6ea129a7fb
https://github.com/krishnprakash/codeql/commit/d117c52d2fd8df48eb264c521f7e1a6ea129a7fb
Author: Asger F <asg...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
Log Message:
-----------
JS: Use the LHS as the location for SsaExplicitDefinition
Commit: cc8fe1080175c0bfa25463c3f82779ab8536f276
https://github.com/krishnprakash/codeql/commit/cc8fe1080175c0bfa25463c3f82779ab8536f276
Author: Asger F <asg...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M javascript/ql/test/experimental/FormParsers/RemoteFlowSource.expected
M javascript/ql/test/experimental/Security/CWE-094-dataURL/CodeInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueAndKeyInjection/EnvValueAndKeyInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueInjection/EnvValueInjection.expected
M javascript/ql/test/experimental/Security/CWE-347/localsource/decodeJwtWithoutVerificationLocalSource.expected
M javascript/ql/test/experimental/Security/CWE-347/remotesource/decodeJwtWithoutVerification.expected
M javascript/ql/test/experimental/Security/CWE-918/SSRF.expected
M javascript/ql/test/experimental/Security/CWE-942/CorsPermissiveConfiguration.expected
M javascript/ql/test/library-tests/CallGraphs/FullTest/tests.expected
M javascript/ql/test/library-tests/DataFlow/tests.expected
M javascript/ql/test/library-tests/DefUse/DefUsePair.expected
M javascript/ql/test/library-tests/GlobalAccessPaths/GlobalAccessPaths.expected
M javascript/ql/test/library-tests/SSA/GetRhsNode/GetRhsNode.expected
M javascript/ql/test/library-tests/SSA/SSADefinition/SSADefinition.expected
M javascript/ql/test/library-tests/StringConcatenation/StringOps.expected
M javascript/ql/test/library-tests/frameworks/Electron/tests.expected
M javascript/ql/test/library-tests/frameworks/ReactJS/tests.expected
M javascript/ql/test/library-tests/frameworks/koa/tests.expected
M javascript/ql/test/query-tests/Security/CWE-020/UntrustedDataToExternalAPI/UntrustedDataToExternalAPI.expected
M javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
M javascript/ql/test/query-tests/Security/CWE-022/ZipSlip/ZipSlip.expected
M javascript/ql/test/query-tests/Security/CWE-073/TemplateObjectInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/CommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/IndirectCommandInjection/IndirectCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/SecondOrderCommandInjection/SecondOrderCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXssWithResponseThreat/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ExceptionXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ReflectedXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/UnsafeHtmlConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/UnsafeJQueryPlugin.expected
M javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected
M javascript/ql/test/query-tests/Security/CWE-089/local-threat-source/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/typed/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/untyped/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/CodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/HeuristicSourceCodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/ImproperCodeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-094/UnsafeDynamicMethodAccess/UnsafeDynamicMethodAccess.expected
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-117/LogInjection.expected
M javascript/ql/test/query-tests/Security/CWE-200/FileAccessToHttp.expected
M javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected
M javascript/ql/test/query-tests/Security/CWE-327/BrokenCryptoAlgorithm.expected
M javascript/ql/test/query-tests/Security/CWE-338/InsecureRandomness.expected
M javascript/ql/test/query-tests/Security/CWE-346/CorsMisconfigurationForCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-377/InsecureTemporaryFile.expected
M javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-506/HardcodedDataInterpretedAsCode.expected
M javascript/ql/test/query-tests/Security/CWE-522-DecompressionBombs/DecompressionBombs.expected
M javascript/ql/test/query-tests/Security/CWE-601/ClientSideUrlRedirect/ClientSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-611/Xxe.expected
M javascript/ql/test/query-tests/Security/CWE-643/XpathInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-disabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-enabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCall.expected
M javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/ResourceExhaustion.expected
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-807/ConditionalBypass.expected
M javascript/ql/test/query-tests/Security/CWE-829/InsecureDownload.expected
M javascript/ql/test/query-tests/Security/CWE-843/TypeConfusionThroughParameterTampering.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/PrototypePollutingAssignment.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingFunction/PrototypePollutingFunction.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/PrototypePollutingMergeCall.expected
M javascript/ql/test/query-tests/Security/CWE-918/ClientSideRequestForgery.expected
M javascript/ql/test/query-tests/Security/CWE-918/RequestForgery.expected
M javascript/ql/test/tutorials/Analyzing data flow in JavaScript/Local data flow/query1.expected
Log Message:
-----------
JS: Update locations in expected files
Commit: 0d0eaa21a1e9f2146d60f42d14b3b7769d65839c
https://github.com/krishnprakash/codeql/commit/0d0eaa21a1e9f2146d60f42d14b3b7769d65839c
Author: Asger F <asg...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/AST.qll
M javascript/ql/lib/semmle/javascript/Files.qll
M javascript/ql/lib/semmle/javascript/JSON.qll
M javascript/ql/lib/semmle/javascript/Locations.qll
M javascript/ql/lib/semmle/javascript/RestrictedLocations.qll
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/Variables.qll
M javascript/ql/lib/semmle/javascript/XML.qll
M javascript/ql/lib/semmle/javascript/YAML.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableOrThis.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
R javascript/ql/lib/semmle/javascript/internal/Locations.qll
M javascript/ql/test/experimental/FormParsers/RemoteFlowSource.expected
M javascript/ql/test/experimental/Security/CWE-094-dataURL/CodeInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueAndKeyInjection/EnvValueAndKeyInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueInjection/EnvValueInjection.expected
M javascript/ql/test/experimental/Security/CWE-347/localsource/decodeJwtWithoutVerificationLocalSource.expected
M javascript/ql/test/experimental/Security/CWE-347/remotesource/decodeJwtWithoutVerification.expected
M javascript/ql/test/experimental/Security/CWE-918/SSRF.expected
M javascript/ql/test/experimental/Security/CWE-942/CorsPermissiveConfiguration.expected
M javascript/ql/test/library-tests/CallGraphs/FullTest/tests.expected
M javascript/ql/test/library-tests/DataFlow/tests.expected
M javascript/ql/test/library-tests/DefUse/DefUsePair.expected
M javascript/ql/test/library-tests/GlobalAccessPaths/GlobalAccessPaths.expected
M javascript/ql/test/library-tests/SSA/GetRhsNode/GetRhsNode.expected
M javascript/ql/test/library-tests/SSA/SSADefinition/SSADefinition.expected
M javascript/ql/test/library-tests/StringConcatenation/StringOps.expected
M javascript/ql/test/library-tests/frameworks/Electron/tests.expected
M javascript/ql/test/library-tests/frameworks/ReactJS/tests.expected
M javascript/ql/test/library-tests/frameworks/koa/tests.expected
M javascript/ql/test/query-tests/Security/CWE-020/UntrustedDataToExternalAPI/UntrustedDataToExternalAPI.expected
M javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
M javascript/ql/test/query-tests/Security/CWE-022/ZipSlip/ZipSlip.expected
M javascript/ql/test/query-tests/Security/CWE-073/TemplateObjectInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/CommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/IndirectCommandInjection/IndirectCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/SecondOrderCommandInjection/SecondOrderCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXssWithResponseThreat/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ExceptionXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ReflectedXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/UnsafeHtmlConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/UnsafeJQueryPlugin.expected
M javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected
M javascript/ql/test/query-tests/Security/CWE-089/local-threat-source/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/typed/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/untyped/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/CodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/HeuristicSourceCodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/ImproperCodeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-094/UnsafeDynamicMethodAccess/UnsafeDynamicMethodAccess.expected
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-117/LogInjection.expected
M javascript/ql/test/query-tests/Security/CWE-200/FileAccessToHttp.expected
M javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected
M javascript/ql/test/query-tests/Security/CWE-327/BrokenCryptoAlgorithm.expected
M javascript/ql/test/query-tests/Security/CWE-338/InsecureRandomness.expected
M javascript/ql/test/query-tests/Security/CWE-346/CorsMisconfigurationForCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-377/InsecureTemporaryFile.expected
M javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-506/HardcodedDataInterpretedAsCode.expected
M javascript/ql/test/query-tests/Security/CWE-522-DecompressionBombs/DecompressionBombs.expected
M javascript/ql/test/query-tests/Security/CWE-601/ClientSideUrlRedirect/ClientSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-611/Xxe.expected
M javascript/ql/test/query-tests/Security/CWE-643/XpathInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-disabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-enabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCall.expected
M javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/ResourceExhaustion.expected
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-807/ConditionalBypass.expected
M javascript/ql/test/query-tests/Security/CWE-829/InsecureDownload.expected
M javascript/ql/test/query-tests/Security/CWE-843/TypeConfusionThroughParameterTampering.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/PrototypePollutingAssignment.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingFunction/PrototypePollutingFunction.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/PrototypePollutingMergeCall.expected
M javascript/ql/test/query-tests/Security/CWE-918/ClientSideRequestForgery.expected
M javascript/ql/test/query-tests/Security/CWE-918/RequestForgery.expected
M javascript/ql/test/tutorials/Analyzing data flow in JavaScript/Local data flow/query1.expected
Log Message:
-----------
Merge pull request #20302 from asgerf/js/simpler-locations
JS: Remove synthetic locations
Commit: 51f96deb2e3dd04f05322e2effeea9e6fdc594b7
https://github.com/krishnprakash/codeql/commit/51f96deb2e3dd04f05322e2effeea9e6fdc594b7
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Add shared LocOption module for optional types with locations
Commit: fc5501b9c85c0c0b2cdaca5f5b16c53e7f774a5b
https://github.com/krishnprakash/codeql/commit/fc5501b9c85c0c0b2cdaca5f5b16c53e7f774a5b
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Add LocOption2 for types with `getLocation`.
Commit: 8e5efb5fba3fe30fe0faab8944e512ae0d1a5e55
https://github.com/krishnprakash/codeql/commit/8e5efb5fba3fe30fe0faab8944e512ae0d1a5e55
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A shared/util/change-notes/2025-08-25-loc-option.md
Log Message:
-----------
Add change note
Commit: 80ab35c3a0dfbc282009162684635fc81b08bd45
https://github.com/krishnprakash/codeql/commit/80ab35c3a0dfbc282009162684635fc81b08bd45
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/util/change-notes/2025-08-25-loc-option.md
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Apply review suggestions - rename things and clean up style.
Commit: 1b808fed3429ab4af80653e855a19b664c30edd3
https://github.com/krishnprakash/codeql/commit/1b808fed3429ab4af80653e855a19b664c30edd3
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Fix incorrect switch of None and Some cases
Commit: 42e8b32841ad1871c4c0ccb13db46c017fb8cf9c
https://github.com/krishnprakash/codeql/commit/42e8b32841ad1871c4c0ccb13db46c017fb8cf9c
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A shared/util/change-notes/2025-08-25-loc-option.md
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Merge pull request #20280 from joefarebrother/shared-loc-option
Shared: Add Option types with location
Commit: 277f5efa9cc52f64a957d15b588c0962446dda1e
https://github.com/krishnprakash/codeql/commit/277f5efa9cc52f64a957d15b588c0962446dda1e
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
Log Message:
-----------
C++: Update dbscheme stats file
Commit: 93f4721418e53e8ea8492109bbd108b06db203a4
https://github.com/krishnprakash/codeql/commit/93f4721418e53e8ea8492109bbd108b06db203a4
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
Log Message:
-----------
Merge pull request #20316 from jketema/stats
C++: Update dbscheme stats file
Commit: 6e1d9752d20de03d0c65b14a69eebbf67132b97a
https://github.com/krishnprakash/codeql/commit/6e1d9752d20de03d0c65b14a69eebbf67132b97a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M .github/workflows/build-ripunzip.yml
M .github/workflows/buildifier.yml
M .github/workflows/check-implicit-this.yml
M .github/workflows/check-overlay-annotations.yml
M .github/workflows/check-qldoc.yml
M .github/workflows/check-query-ids.yml
M .github/workflows/codeql-analysis.yml
M .github/workflows/compile-queries.yml
M .github/workflows/cpp-swift-analysis.yml
M .github/workflows/csharp-qltest.yml
M .github/workflows/csv-coverage-metrics.yml
M .github/workflows/csv-coverage-pr-artifacts.yml
M .github/workflows/csv-coverage-pr-comment.yml
M .github/workflows/csv-coverage-timeseries.yml
M .github/workflows/csv-coverage-update.yml
M .github/workflows/csv-coverage.yml
M .github/workflows/fast-forward.yml
M .github/workflows/go-tests.yml
M .github/workflows/kotlin-build.yml
M .github/workflows/mad_modelDiff.yml
M .github/workflows/mad_regenerate-models.yml
M .github/workflows/python-tooling.yml
M .github/workflows/qhelp-pr-preview.yml
M .github/workflows/ql-for-ql-build.yml
M .github/workflows/ql-for-ql-dataset_measure.yml
M .github/workflows/ql-for-ql-tests.yml
M .github/workflows/query-list.yml
M .github/workflows/ruby-build.yml
M .github/workflows/ruby-dataset-measure.yml
M .github/workflows/ruby-qltest-rtjo.yml
M .github/workflows/ruby-qltest.yml
M .github/workflows/rust-analysis.yml
M .github/workflows/rust.yml
M .github/workflows/swift.yml
M .github/workflows/sync-files.yml
M .github/workflows/tree-sitter-extractor-test.yml
M .github/workflows/validate-change-notes.yml
M .github/workflows/zipmerge-test.yml
Log Message:
-----------
Bump actions/checkout from 4 to 5
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <sup...@github.com>
Commit: cbdc54adf7b14a6075e580364cbcccf9321b576f
https://github.com/krishnprakash/codeql/commit/cbdc54adf7b14a6075e580364cbcccf9321b576f
Author: Michael B. Gale <m...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M .github/workflows/build-ripunzip.yml
M .github/workflows/buildifier.yml
M .github/workflows/check-implicit-this.yml
M .github/workflows/check-overlay-annotations.yml
M .github/workflows/check-qldoc.yml
M .github/workflows/check-query-ids.yml
M .github/workflows/codeql-analysis.yml
M .github/workflows/compile-queries.yml
M .github/workflows/cpp-swift-analysis.yml
M .github/workflows/csharp-qltest.yml
M .github/workflows/csv-coverage-metrics.yml
M .github/workflows/csv-coverage-pr-artifacts.yml
M .github/workflows/csv-coverage-pr-comment.yml
M .github/workflows/csv-coverage-timeseries.yml
M .github/workflows/csv-coverage-update.yml
M .github/workflows/csv-coverage.yml
M .github/workflows/fast-forward.yml
M .github/workflows/go-tests.yml
M .github/workflows/kotlin-build.yml
M .github/workflows/mad_modelDiff.yml
M .github/workflows/mad_regenerate-models.yml
M .github/workflows/python-tooling.yml
M .github/workflows/qhelp-pr-preview.yml
M .github/workflows/ql-for-ql-build.yml
M .github/workflows/ql-for-ql-dataset_measure.yml
M .github/workflows/ql-for-ql-tests.yml
M .github/workflows/query-list.yml
M .github/workflows/ruby-build.yml
M .github/workflows/ruby-dataset-measure.yml
M .github/workflows/ruby-qltest-rtjo.yml
M .github/workflows/ruby-qltest.yml
M .github/workflows/rust-analysis.yml
M .github/workflows/rust.yml
M .github/workflows/swift.yml
M .github/workflows/sync-files.yml
M .github/workflows/tree-sitter-extractor-test.yml
M .github/workflows/validate-change-notes.yml
M .github/workflows/zipmerge-test.yml
Log Message:
-----------
Merge pull request #20313 from github/dependabot/github_actions/actions/checkout-5
Bump actions/checkout from 4 to 5
Commit: 119837bb1d37477e5a001e488d58f850a0ff1ee0
https://github.com/krishnprakash/codeql/commit/119837bb1d37477e5a001e488d58f850a0ff1ee0
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/controlflow/codeql/controlflow/BasicBlock.qll
Log Message:
-----------
BasicBlock: Add CFG signature.
Commit: bb3abc815f527aff46a41c8d2b2808c728ab26bc
https://github.com/krishnprakash/codeql/commit/bb3abc815f527aff46a41c8d2b2808c728ab26bc
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImplCommon.qll
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/ssa/codeql/ssa/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
SSA: Update input to use member predicates.
Commit: e53b22dfa7ce3663fe690ac4f16d159576ba7529
https://github.com/krishnprakash/codeql/commit/e53b22dfa7ce3663fe690ac4f16d159576ba7529
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/dataflow/qlpack.yml
M shared/ssa/codeql/ssa/Ssa.qll
M shared/ssa/qlpack.yml
Log Message:
-----------
SSA/VariableCapture: Use shared BasicBlock signature.
Commit: f459ddc40a1a25b6dfd5b226e3a1eb392906b39b
https://github.com/krishnprakash/codeql/commit/f459ddc40a1a25b6dfd5b226e3a1eb392906b39b
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/dataflow/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
Languages: Adapt to api changes.
Commit: a7b2a2fa9fa8419bd10305ef87eb44647cff7833
https://github.com/krishnprakash/codeql/commit/a7b2a2fa9fa8419bd10305ef87eb44647cff7833
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
Log Message:
-----------
C++: Sync files.
Commit: 3821f172dfeb84e1daab2e2b60a5966d5ac360e3
https://github.com/krishnprakash/codeql/commit/3821f172dfeb84e1daab2e2b60a5966d5ac360e3
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
M shared/controlflow/codeql/controlflow/Guards.qll
Log Message:
-----------
Guards/Java: Use BasicBlock signature in Guards library.
Commit: 6ffb9b129fc38db5705cd64a37a7bc1233fab07b
https://github.com/krishnprakash/codeql/commit/6ffb9b129fc38db5705cd64a37a7bc1233fab07b
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
Log Message:
-----------
C++: Extend final IRBlock
Commit: e2eb6dbbf26932d03aadb9f3b3229d5888d07ece
https://github.com/krishnprakash/codeql/commit/e2eb6dbbf26932d03aadb9f3b3229d5888d07ece
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M ruby/ql/lib/utils/test/InlineFlowTest.qll
M ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-flow.ql
Log Message:
-----------
Ruby: Fix query compilation.
Commit: 09b2c5abf011b8f16f79d36712828eb73dbc2f80
https://github.com/krishnprakash/codeql/commit/09b2c5abf011b8f16f79d36712828eb73dbc2f80
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
Log Message:
-----------
BasicBlock: Replace entryBlock predicate with subclass.
Commit: 70a871c1e52fa189d603d62c92d74a253cba5e88
https://github.com/krishnprakash/codeql/commit/70a871c1e52fa189d603d62c92d74a253cba5e88
Author: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
M java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/lib/utils/test/InlineFlowTest.qll
M ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-flow.ql
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/Guards.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/dataflow/qlpack.yml
M shared/ssa/codeql/ssa/Ssa.qll
M shared/ssa/qlpack.yml
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/dataflow/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
Merge pull request #20253 from aschackmull/shared/basicblock-signature2
Shared: Add and use a signature for basic blocks
Commit: 55869f28c380ce8105501b7da48dfceef017f8a3
https://github.com/krishnprakash/codeql/commit/55869f28c380ce8105501b7da48dfceef017f8a3
Author: Henry Mercer <henry...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M actions/extractor/codeql-extractor.yml
M csharp/codeql-extractor.yml
M go/codeql-extractor.yml
M javascript/resources/codeql-extractor.yml
M python/codeql-extractor.yml
M ruby/codeql-extractor.yml
M rust/codeql-extractor.yml
M swift/codeql-extractor.yml
Log Message:
-----------
Specify default queries in `codeql-extractor.yml`
Commit: d71991fdc0c6bf83aab4c61f9b8a07e6e5d58105
https://github.com/krishnprakash/codeql/commit/d71991fdc0c6bf83aab4c61f9b8a07e6e5d58105
Author: Henry Mercer <henry...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M actions/extractor/codeql-extractor.yml
M csharp/codeql-extractor.yml
M go/codeql-extractor.yml
M javascript/resources/codeql-extractor.yml
M python/codeql-extractor.yml
M ruby/codeql-extractor.yml
M rust/codeql-extractor.yml
M swift/codeql-extractor.yml
Log Message:
-----------
Merge pull request #20320 from github/henrymercer/default-queries
Specify default queries in `codeql-extractor.yml`
Commit: beeb91dd2aaf60ab47ddaf9d94331845b344e67f
https://github.com/krishnprakash/codeql/commit/beeb91dd2aaf60ab47ddaf9d94331845b344e67f
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/ext/System.Xml.model.yml
Log Message:
-----------
C#: Add some XmlDictionaryReader models.
Commit: 1d35bd1a59cbd52989b71cf2ff7731cf49de6806
https://github.com/krishnprakash/codeql/commit/1d35bd1a59cbd52989b71cf2ff7731cf49de6806
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
C#: Update expected test output.
Commit: 8b2ebaa0471e560a5a3eec38ad188aaa6f932aa1
https://github.com/krishnprakash/codeql/commit/8b2ebaa0471e560a5a3eec38ad188aaa6f932aa1
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/ext/System.Xml.model.yml
Log Message:
-----------
C#: Promote some generated- and refine models for XmlReader.
Commit: 8a480b6be1e0e79839d8745d8b05411e337ebde3
https://github.com/krishnprakash/codeql/commit/8a480b6be1e0e79839d8745d8b05411e337ebde3
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
C#: Update test expected output.
Commit: 5cd30f023c033938af7b90c4d2989066114ad5eb
https://github.com/krishnprakash/codeql/commit/5cd30f023c033938af7b90c4d2989066114ad5eb
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/ext/System.Xml.model.yml
Log Message:
-----------
C#: Add some XmlTextReader models.
Commit: 525c0952878975baa55e36b2a461093259bd83bb
https://github.com/krishnprakash/codeql/commit/525c0952878975baa55e36b2a461093259bd83bb
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
C#: Update expected test output.
Commit: aa8a72d6396d917582a3cc0870fdc04d0b6c2564
https://github.com/krishnprakash/codeql/commit/aa8a72d6396d917582a3cc0870fdc04d0b6c2564
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
Log Message:
-----------
C#: Add change-note.
Commit: 55dd098307507a9393ee78ec533c7f55cb85ea11
https://github.com/krishnprakash/codeql/commit/55dd098307507a9393ee78ec533c7f55cb85ea11
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/ext/System.Xml.model.yml
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
C#: Address review comments.
Commit: 0c5c798ca597d8b61dc55dea563e756d4b6fcb59
https://github.com/krishnprakash/codeql/commit/0c5c798ca597d8b61dc55dea563e756d4b6fcb59
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
A csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
M csharp/ql/lib/ext/System.Xml.model.yml
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
Merge pull request #20290 from michaelnebel/csharp/xmldictionaryreader
C#: Add manual models for more some XML related classes.
Commit: 5b51bb2ef0c92075dd9029b61471d7c8eddf9de4
https://github.com/krishnprakash/codeql/commit/5b51bb2ef0c92075dd9029b61471d7c8eddf9de4
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll
M rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql
M rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
M rust/ql/test/query-tests/security/CWE-825/main.rs
Log Message:
-----------
Rust: Deref as taint step
Commit: 1130595c676ab142f8badc4195217657993892c4
https://github.com/krishnprakash/codeql/commit/1130595c676ab142f8badc4195217657993892c4
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll
M rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql
M rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
M rust/ql/test/query-tests/security/CWE-825/main.rs
Log Message:
-----------
Merge pull request #20340 from hvitved/rust/taint-tracking-implicit-deref-at-sinks
Rust: Deref as taint step
Commit: c1c7127894a50626f3349636e2f93a354b2de4f7
https://github.com/krishnprakash/codeql/commit/c1c7127894a50626f3349636e2f93a354b2de4f7
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-08-30 (Sat, 30 Aug 2025)
Changed paths:
M rust/ql/test/library-tests/path-resolution/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/main.rs
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
Log Message:
-----------
Rust: Add examples where trait visibility affects path and method resolution
Commit: 322ef4d9856f61d96c07ccdb7d75b04d38e8fb0b
https://github.com/krishnprakash/codeql/commit/322ef4d9856f61d96c07ccdb7d75b04d38e8fb0b
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/main.rs
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/query-tests/security/CWE-117/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/query-tests/security/CWE-312/CONSISTENCY/PathResolutionConsistency.expected
R rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected
Log Message:
-----------
Rust: Account for trait visibility when resolving paths and methods
Commit: 0ed6428a94f7759c7d3135b225754fd92b09074b
https://github.com/krishnprakash/codeql/commit/0ed6428a94f7759c7d3135b225754fd92b09074b
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/main.rs
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/query-tests/security/CWE-117/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/query-tests/security/CWE-312/CONSISTENCY/PathResolutionConsistency.expected
R rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected
Log Message:
-----------
Merge pull request #20321 from paldepind/rust/trait-method-scope-2
Rust: Take trait visibility into account when resolving paths and methods
Commit: d6d0645d7b739109989a2f60a2b9a5458b7dec17
https://github.com/krishnprakash/codeql/commit/d6d0645d7b739109989a2f60a2b9a5458b7dec17
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/codeql-extractor.yml
M rust/extractor/src/config.rs
M rust/extractor/src/main.rs
R rust/ql/test/extractor-tests/canonical_path_disabled/options.yml
Log Message:
-----------
Rust: Remove skip_path_resolution config variable (hardhoded to true).
Commit: 456f56096f176cb1507349fd02fa5232b99a951c
https://github.com/krishnprakash/codeql/commit/456f56096f176cb1507349fd02fa5232b99a951c
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/main.rs
M rust/extractor/src/translate.rs
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove ResolvePaths enum and resolve_paths arguments up to Translator::new (hardcode to false).
Commit: 078fbc6427af4ba354d76755bccd8d8baa1f6567
https://github.com/krishnprakash/codeql/commit/078fbc6427af4ba354d76755bccd8d8baa1f6567
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove resolve_paths from the translator.
Commit: dd00df74dda0746e3f3de8824d3b916ab05eed5c
https://github.com/krishnprakash/codeql/commit/dd00df74dda0746e3f3de8824d3b916ab05eed5c
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove unused wiring.
Commit: bd5f863efc7373076bed0119e2c3d1e9e3e65b29
https://github.com/krishnprakash/codeql/commit/bd5f863efc7373076bed0119e2c3d1e9e3e65b29
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove uncalled methods.
Commit: 70600fe6d9173800e12a2bc735636ffad0123dba
https://github.com/krishnprakash/codeql/commit/70600fe6d9173800e12a2bc735636ffad0123dba
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/mappings.rs
Log Message:
-----------
Rust: Remove unused traits and things.
Commit: a8f7f74812417cd6a42d2800181639f8ea91fc45
https://github.com/krishnprakash/codeql/commit/a8f7f74812417cd6a42d2800181639f8ea91fc45
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/base.rs
M rust/extractor/src/translate/mappings.rs
Log Message:
-----------
Rust: Remove unused use decls.
Commit: 3cd057fe39ebd99deb3acd9c666207017e721eb2
https://github.com/krishnprakash/codeql/commit/3cd057fe39ebd99deb3acd9c666207017e721eb2
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/schema/annotations.py
M rust/schema/prelude.py
Log Message:
-----------
Rust: Remove Resolvable from the schema.
Commit: c7947a0afa00a46bd117285a234fd204c85c0a15
https://github.com/krishnprakash/codeql/commit/c7947a0afa00a46bd117285a234fd204c85c0a15
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/schema/prelude.py
Log Message:
-----------
Rust: Remove built-in methods from Addressable in the schema.
Commit: 152ae1d29bec1ca196cde4450806ae64e6723901
https://github.com/krishnprakash/codeql/commit/152ae1d29bec1ca196cde4450806ae64e6723901
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/extractor/src/generated/.generated.list
M rust/extractor/src/generated/top.rs
M rust/ql/.generated.list
M rust/ql/.gitattributes
M rust/ql/lib/codeql/rust/elements.qll
M rust/ql/lib/codeql/rust/elements/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/PathAstNode.qll
R rust/ql/lib/codeql/rust/elements/Resolvable.qll
R rust/ql/lib/codeql/rust/elements/internal/ResolvableImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Addressable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/ParentChild.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/PathAstNode.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
R rust/ql/lib/codeql/rust/elements/internal/generated/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Synth.qll
M rust/ql/lib/rust.dbscheme
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.ql
M rust/ql/test/extractor-tests/generated/Const/Const.ql
M rust/ql/test/extractor-tests/generated/Enum/Enum.ql
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.ql
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.ql
M rust/ql/test/extractor-tests/generated/Function/Function.ql
M rust/ql/test/extractor-tests/generated/Impl/Impl.ql
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.ql
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.ql
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.ql
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.ql
M rust/ql/test/extractor-tests/generated/Module/Module.ql
M rust/ql/test/extractor-tests/generated/Path/PathExpr.ql
M rust/ql/test/extractor-tests/generated/Path/PathPat.ql
M rust/ql/test/extractor-tests/generated/Static/Static.ql
M rust/ql/test/extractor-tests/generated/Struct/Struct.ql
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.ql
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.ql
M rust/ql/test/extractor-tests/generated/Trait/Trait.ql
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.ql
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.ql
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.ql
M rust/ql/test/extractor-tests/generated/Union/Union.ql
M rust/ql/test/extractor-tests/generated/Use/Use.ql
M rust/ql/test/extractor-tests/generated/Variant/Variant.ql
Log Message:
-----------
Rust: Codegen.
Commit: 5d060d621b6f06d8276fbfaa2cf6cbfc87424ffc
https://github.com/krishnprakash/codeql/commit/5d060d621b6f06d8276fbfaa2cf6cbfc87424ffc
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ql/lib/codeql/rust/elements/internal/CallExprBaseImpl.qll
Log Message:
-----------
Rust: Remove leftover QL use of Resolvable.
Commit: 1d815b16d65b46e979ac1533341bd4881b6a5643
https://github.com/krishnprakash/codeql/commit/1d815b16d65b46e979ac1533341bd4881b6a5643
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.expected
M rust/ql/test/extractor-tests/generated/Const/Const.expected
M rust/ql/test/extractor-tests/generated/Enum/Enum.expected
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.expected
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.expected
M rust/ql/test/extractor-tests/generated/Function/Function.expected
M rust/ql/test/extractor-tests/generated/Impl/Impl.expected
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.expected
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.expected
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.expected
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.expected
M rust/ql/test/extractor-tests/generated/Module/Module.expected
M rust/ql/test/extractor-tests/generated/Path/PathExpr.expected
M rust/ql/test/extractor-tests/generated/Path/PathPat.expected
M rust/ql/test/extractor-tests/generated/Static/Static.expected
M rust/ql/test/extractor-tests/generated/Struct/Struct.expected
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.expected
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.expected
M rust/ql/test/extractor-tests/generated/Trait/Trait.expected
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.expected
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.expected
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.expected
M rust/ql/test/extractor-tests/generated/Union/Union.expected
M rust/ql/test/extractor-tests/generated/Use/Use.expected
M rust/ql/test/extractor-tests/generated/Variant/Variant.expected
Log Message:
-----------
Rust: Update test expectations.
Commit: a075ed595cf84589d2678ac22f31a70d1c3f376a
https://github.com/krishnprakash/codeql/commit/a075ed595cf84589d2678ac22f31a70d1c3f376a
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ql/src/queries/telemetry/ExtractorInformation.ql
R rust/ql/src/queries/telemetry/RustAnalyzerComparison.qll
Log Message:
-----------
Rust: Remove telemetry about extractor generated paths.
Commit: 2e747bb05ceb7643c86187c3ee0a988b8dea1afc
https://github.com/krishnprakash/codeql/commit/2e747bb05ceb7643c86187c3ee0a988b8dea1afc
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
A cpp/ql/lib/ext/ComPtr.model.yml
M cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql
M cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.22.4.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-scanning.qls.expected
M java/ql/integration-tests/java/query-suite/java-security-and-quality.qls.expected
M java/ql/integration-tests/java/query-suite/java-security-extended.qls.expected
M java/ql/integration-tests/java/query-suite/not_included_in_qls.expected
M java/ql/lib/semmle/code/configfiles/ConfigFiles.qll
A java/ql/lib/semmle/code/java/security/SpringBootActuatorsConfigQuery.qll
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/SpringBootActuatorsConfig.qhelp
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/SpringBootActuatorsConfig.ql
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/application_bad.properties
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/application_good.properties
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/pom_good.xml
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.java
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.qhelp
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.ql
A java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.qhelp
R java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql
R java/ql/src/experimental/Security/CWE/CWE-016/application.properties
R java/ql/src/experimental/Security/CWE/CWE-016/pom_bad.xml
R java/ql/src/experimental/Security/CWE/CWE-016/pom_good.xml
R java/ql/test/experimental/query-tests/security/CWE-016/InsecureSpringActuatorConfig.expected
R java/ql/test/experimental/query-tests/security/CWE-016/InsecureSpringActuatorConfig.qlref
R java/ql/test/experimental/query-tests/security/CWE-016/SensitiveInfo.java
R java/ql/test/experimental/query-tests/security/CWE-016/application.properties
R java/ql/test/experimental/query-tests/security/CWE-016/options
R java/ql/test/experimental/query-tests/security/CWE-016/pom.xml
A java/ql/test/query-tests/CallsToSystemExit/CallsToSystemExit.expected
A java/ql/test/query-tests/CallsToSystemExit/CallsToSystemExit.qlref
A java/ql/test/query-tests/CallsToSystemExit/ExampleRuntimeExit.java
A java/ql/test/query-tests/CallsToSystemExit/ExampleRuntimeHalt.java
A java/ql/test/query-tests/CallsToSystemExit/ExampleSystemExit.java
A java/ql/test/query-tests/CallsToSystemExit/LocalClassInTestMethod.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/SpringBootActuatorsConfig.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/SpringBootActuatorsConfig.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/bad/default/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/bad/default/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/bad/false/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/bad/false/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/good/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/good/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.5.x/bad/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.5.x/bad/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.5.x/good/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.5.x/good/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/expose/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/expose/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/exposure-include/all-exposed/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/exposure-include/all-exposed/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/exposure-include/some-exposed/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/exposure-include/some-exposed/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/good/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/good/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/bad/all-exposed/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/bad/all-exposed/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/bad/some-exposed/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/bad/some-exposed/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/good/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/good/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/options
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod.py
M python/ql/src/Functions/IncorrectRaiseInSpecialMethod.qhelp
M python/ql/src/Functions/IncorrectRaiseInSpecialMethod.ql
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod2.py
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod3.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod2.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod3.py
A python/ql/src/change-notes/2025-07-25-unexpected-raise-special-method.md
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/IncorrectRaiseInSpecialMethod.expected
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/IncorrectRaiseInSpecialMethod.qlref
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/test.py
R python/ql/test/query-tests/Functions/general/IncorrectRaiseInSpecialMethod.expected
R python/ql/test/query-tests/Functions/general/IncorrectRaiseInSpecialMethod.qlref
M rust/extractor/src/main.rs
M rust/extractor/src/rust_analyzer.rs
M rust/extractor/src/translate/base.rs
M rust/extractor/src/trap.rs
M rust/ql/.generated.list
M rust/ql/integration-tests/hello-project/ExtractionWarnings.expected
M rust/ql/integration-tests/hello-project/summary.expected
A rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
M rust/ql/lib/codeql/rust/controlflow/internal/generated/CfgNodes.qll
M rust/ql/lib/codeql/rust/elements/StructExpr.qll
M rust/ql/lib/codeql/rust/elements/TupleExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/MacroCallImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/StructExprImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/TupleExprImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/StructExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/TupleExpr.qll
M rust/ql/lib/codeql/rust/internal/Type.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/lib/codeql/rust/internal/TypeMention.qll
M rust/ql/test/extractor-tests/generated/.generated_tests.list
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.expected
M rust/ql/test/extractor-tests/generated/StructExpr/gen_struct_expr.rs
M rust/ql/test/extractor-tests/generated/TupleExpr/TupleExpr.expected
M rust/ql/test/extractor-tests/generated/TupleExpr/gen_tuple_expr.rs
M rust/ql/test/extractor-tests/macro-expansion/CONSISTENCY/ExtractionConsistency.expected
M rust/ql/test/extractor-tests/macro-expansion/test.expected
R rust/ql/test/library-tests/type-inference/CONSISTENCY/ExtractionConsistency.expected
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/query-tests/diagnostics/CONSISTENCY/ExtractionConsistency.expected
M rust/ql/test/query-tests/diagnostics/ExtractionWarnings.expected
R rust/ql/test/query-tests/unusedentities/CONSISTENCY/ExtractionConsistency.expected
M rust/schema/annotations.py
Log Message:
-----------
Merge branch 'main' into oldpaths1 (some generated files are left unmerged).
Commit: 83df1137b6d10d496ffb174c51ca4148d7dbe5f2
https://github.com/krishnprakash/codeql/commit/83df1137b6d10d496ffb174c51ca4148d7dbe5f2
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ql/.generated.list
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
Log Message:
-----------
Rust: Codegen.
Commit: 9efb6ea995f126887c057d91365bdc8b261f7302
https://github.com/krishnprakash/codeql/commit/9efb6ea995f126887c057d91365bdc8b261f7302
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/extractor/src/main.rs
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Cargo fmt.
Commit: f838494bf01bad9f5e0d45cb9695b4ea54f2f3a2
https://github.com/krishnprakash/codeql/commit/f838494bf01bad9f5e0d45cb9695b4ea54f2f3a2
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ast-generator/src/main.rs
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove empty impls.
Commit: 194363c1075c4d7923d4a1d37c6a0e08a20e9ff6
https://github.com/krishnprakash/codeql/commit/194363c1075c4d7923d4a1d37c6a0e08a20e9ff6
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/extractor/src/translate/generated.rs
Log Message:
-----------
Rust: Codegen.
Commit: 1e46dd8412ff7a3ceb23d6d1a09597c15a276fdb
https://github.com/krishnprakash/codeql/commit/1e46dd8412ff7a3ceb23d6d1a09597c15a276fdb
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M rust/extractor/src/translate/mappings.rs
Log Message:
-----------
Rust: Remove redundant code.
Commit: e860600712eb516a527831acb121517112c02893
https://github.com/krishnprakash/codeql/commit/e860600712eb516a527831acb121517112c02893
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
R rust/ql/test/extractor-tests/canonical_path_disabled/Cargo.lock
R rust/ql/test/extractor-tests/canonical_path_disabled/anonymous.rs
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.expected
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.qlref
R rust/ql/test/extractor-tests/canonical_path_disabled/regular.rs
Log Message:
-----------
Rust: Remove the canonical_path_disabled test entirely.
Commit: 5d14ef5fd39abddaa408651eaf9cf5a3a7ff7843
https://github.com/krishnprakash/codeql/commit/5d14ef5fd39abddaa408651eaf9cf5a3a7ff7843
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
A rust/ql/lib/change-notes/2025-08-28-path-resolution.md
Log Message:
-----------
Rust: Change note.
Commit: a6bdab15f6b5f602dcb2e94053ac0360a2feb8d2
https://github.com/krishnprakash/codeql/commit/a6bdab15f6b5f602dcb2e94053ac0360a2feb8d2
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/old.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/semmlecode.cpp.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/upgrade.properties
A cpp/ql/lib/change-notes/2025-08-27-pch.md
M cpp/ql/lib/cpp.qll
A cpp/ql/lib/semmle/code/cpp/PchFile.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmlecode.cpp.dbscheme
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/old.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/upgrade.properties
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
A csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
M csharp/ql/lib/ext/System.IO.model.yml
M csharp/ql/lib/ext/System.model.yml
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/UnsafeDeserializationUntrustedInput.expected
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.md
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.ql
A java/ql/test/query-tests/ExcessivePublicMethodMocking/Employee.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeRecord.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeStatus.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.expected
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.qlref
A java/ql/test/query-tests/ExcessivePublicMethodMocking/TestORM.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/options
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/AnnotatedClass.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/VisibleForTesting.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/UseWithinAnnotation.java
A java/ql/test/stubs/junit-4.13/LICENSE-junit.txt
A java/ql/test/stubs/junit-4.13/org/junit/Assert.java
A java/ql/test/stubs/junit-4.13/org/junit/Test.java
A java/ql/test/stubs/junit-4.13/org/junit/function/ThrowingRunnable.java
A java/ql/test/stubs/mockito-5.14/org/mockito/ArgumentMatchers.java
A java/ql/test/stubs/mockito-5.14/org/mockito/MockSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/Mockito.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/MockitoCore.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/creation/MockSettingsImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerFactory.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/progress/MockingProgress.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/util/MockUtil.java
A java/ql/test/stubs/mockito-5.14/org/mockito/invocation/MockHandler.java
A java/ql/test/stubs/mockito-5.14/org/mockito/mock/MockCreationSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/plugins/MockMaker.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Answer.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/OngoingStubbing.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Stubber.java
A javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
M javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-776/libxml.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.noent.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.sax.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.saxpush.js
M python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected
M python/ql/integration-tests/query-suite/python-code-quality.qls.expected
M python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected
A python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/frameworks/Lxml.qll
A python/ql/src/Classes/Comparisons/EqualsOrHash.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrHash.ql
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.ql
A python/ql/src/Classes/Comparisons/IncompleteOrdering.qhelp
A python/ql/src/Classes/Comparisons/IncompleteOrdering.ql
A python/ql/src/Classes/Comparisons/examples/EqualsOrHash.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals1.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals2.py
A python/ql/src/Classes/Comparisons/examples/IncompleteOrdering.py
M python/ql/src/Classes/Equality.qll
R python/ql/src/Classes/EqualsOrHash.py
R python/ql/src/Classes/EqualsOrHash.qhelp
R python/ql/src/Classes/EqualsOrHash.ql
R python/ql/src/Classes/EqualsOrNotEquals.py
R python/ql/src/Classes/EqualsOrNotEquals.qhelp
R python/ql/src/Classes/EqualsOrNotEquals.ql
R python/ql/src/Classes/IncompleteOrdering.py
R python/ql/src/Classes/IncompleteOrdering.qhelp
R python/ql/src/Classes/IncompleteOrdering.ql
R python/ql/src/Classes/SubclassShadowing.py
R python/ql/src/Classes/SubclassShadowing.qhelp
R python/ql/src/Classes/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.qhelp
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingBad.py
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingGood.py
A python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/3/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.expected
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.qlref
R python/ql/test/3/query-tests/Classes/equals-ne/test.py
M python/ql/test/library-tests/frameworks/lxml/parsing.py
M python/ql/test/query-tests/Classes/equals-attr/DefineEqualsWhenAddingAttributes.expected
A python/ql/test/query-tests/Classes/equals-attr/attr_eq_test.py
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.expected
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.qlref
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.expected
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/query-tests/Classes/equals-hash/attr_eq_test.py
A python/ql/test/query-tests/Classes/equals-hash/equalsHash.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.expected
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.expected
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/incomplete_ordering.py
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.expected
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.qlref
M python/ql/test/query-tests/Classes/subclass-shadowing/subclass_shadowing.py
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
M python/ql/test/query-tests/analysis/jump_to_defn/Definitions.expected
M python/ql/test/query-tests/analysis/jump_to_defn/test.py
A rust/ql/lib/change-notes/2025-08-22-fs.md
M rust/ql/lib/codeql/rust/elements/RangeExprExt.qll
M rust/ql/lib/codeql/rust/elements/internal/TypeParamImpl.qll
A rust/ql/lib/codeql/rust/frameworks/asyncstd/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/stdlib/Stdlib.qll
M rust/ql/lib/codeql/rust/frameworks/stdlib/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/tokio/fs.model.yml
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/PathResolutionConsistency.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/extractor-tests/macro-expansion/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
M rust/ql/test/library-tests/dataflow/sources/test.rs
M rust/ql/test/library-tests/path-resolution/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/query-tests/security/CWE-022/Cargo.lock
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-022/options.yml
M rust/ql/test/query-tests/security/CWE-022/src/main.rs
R rust/ql/test/query-tests/security/CWE-696/CONSISTENCY/PathResolutionConsistency.expected
Log Message:
-----------
Merge branch 'main' into oldpaths1
Commit: bdc1f1715d562e92494ad9d3fabf7a87c343add3
https://github.com/krishnprakash/codeql/commit/bdc1f1715d562e92494ad9d3fabf7a87c343add3
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/old.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/rust.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/upgrade.properties
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/old.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/upgrade.properties
Log Message:
-----------
Rust: Add upgrade and downgrade scripts (template).
Commit: d650d56485721c4dfe1e16dc9ffa15c1b162afdf
https://github.com/krishnprakash/codeql/commit/d650d56485721c4dfe1e16dc9ffa15c1b162afdf
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/upgrade.properties
M rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/upgrade.properties
Log Message:
-----------
Rust: Implement upgrade and downgrade scripts.
Commit: 9bae0bfb35584952a5054e2db6c8ef32197370f8
https://github.com/krishnprakash/codeql/commit/9bae0bfb35584952a5054e2db6c8ef32197370f8
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ast-generator/src/main.rs
M rust/codeql-extractor.yml
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/old.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/rust.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/upgrade.properties
M rust/extractor/src/config.rs
M rust/extractor/src/generated/.generated.list
M rust/extractor/src/generated/top.rs
M rust/extractor/src/main.rs
M rust/extractor/src/translate.rs
M rust/extractor/src/translate/base.rs
M rust/extractor/src/translate/generated.rs
M rust/extractor/src/translate/mappings.rs
M rust/ql/.generated.list
M rust/ql/.gitattributes
A rust/ql/lib/change-notes/2025-08-28-path-resolution.md
M rust/ql/lib/codeql/rust/elements.qll
M rust/ql/lib/codeql/rust/elements/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/PathAstNode.qll
R rust/ql/lib/codeql/rust/elements/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/CallExprBaseImpl.qll
R rust/ql/lib/codeql/rust/elements/internal/ResolvableImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Addressable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/ParentChild.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/PathAstNode.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
R rust/ql/lib/codeql/rust/elements/internal/generated/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Synth.qll
M rust/ql/lib/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/old.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/upgrade.properties
M rust/ql/src/queries/telemetry/ExtractorInformation.ql
R rust/ql/src/queries/telemetry/RustAnalyzerComparison.qll
R rust/ql/test/extractor-tests/canonical_path_disabled/Cargo.lock
R rust/ql/test/extractor-tests/canonical_path_disabled/anonymous.rs
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.expected
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.qlref
R rust/ql/test/extractor-tests/canonical_path_disabled/options.yml
R rust/ql/test/extractor-tests/canonical_path_disabled/regular.rs
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.expected
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.ql
M rust/ql/test/extractor-tests/generated/Const/Const.expected
M rust/ql/test/extractor-tests/generated/Const/Const.ql
M rust/ql/test/extractor-tests/generated/Enum/Enum.expected
M rust/ql/test/extractor-tests/generated/Enum/Enum.ql
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.expected
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.ql
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.expected
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.ql
M rust/ql/test/extractor-tests/generated/Function/Function.expected
M rust/ql/test/extractor-tests/generated/Function/Function.ql
M rust/ql/test/extractor-tests/generated/Impl/Impl.expected
M rust/ql/test/extractor-tests/generated/Impl/Impl.ql
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.expected
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.ql
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.expected
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.ql
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.expected
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.ql
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.expected
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.ql
M rust/ql/test/extractor-tests/generated/Module/Module.expected
M rust/ql/test/extractor-tests/generated/Module/Module.ql
M rust/ql/test/extractor-tests/generated/Path/PathExpr.expected
M rust/ql/test/extractor-tests/generated/Path/PathExpr.ql
M rust/ql/test/extractor-tests/generated/Path/PathPat.expected
M rust/ql/test/extractor-tests/generated/Path/PathPat.ql
M rust/ql/test/extractor-tests/generated/Static/Static.expected
M rust/ql/test/extractor-tests/generated/Static/Static.ql
M rust/ql/test/extractor-tests/generated/Struct/Struct.expected
M rust/ql/test/extractor-tests/generated/Struct/Struct.ql
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.expected
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.ql
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.expected
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.ql
M rust/ql/test/extractor-tests/generated/Trait/Trait.expected
M rust/ql/test/extractor-tests/generated/Trait/Trait.ql
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.expected
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.ql
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.expected
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.ql
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.expected
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.ql
M rust/ql/test/extractor-tests/generated/Union/Union.expected
M rust/ql/test/extractor-tests/generated/Union/Union.ql
M rust/ql/test/extractor-tests/generated/Use/Use.expected
M rust/ql/test/extractor-tests/generated/Use/Use.ql
M rust/ql/test/extractor-tests/generated/Variant/Variant.expected
M rust/ql/test/extractor-tests/generated/Variant/Variant.ql
M rust/schema/annotations.py
M rust/schema/prelude.py
Log Message:
-----------
Merge pull request #20295 from geoffw0/oldpaths1
Rust: Remove extractor path resolution.
Commit: 6872f517252bfa82d9e078c603d2d681a276912c
https://github.com/krishnprakash/codeql/commit/6872f517252bfa82d9e078c603d2d681a276912c
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
M javascript/ql/lib/semmlecode.javascript.dbscheme
M javascript/ql/lib/semmlecode.javascript.dbscheme.stats
Log Message:
-----------
JS: Add metadata to dbscheme and stats
Commit: c1df8a95cbebac021a2eb757aefb6896d9924113
https://github.com/krishnprakash/codeql/commit/c1df8a95cbebac021a2eb757aefb6896d9924113
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
M javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
A javascript/extractor/src/com/semmle/js/extractor/OverlayChanges.java
M javascript/resources/codeql-extractor.yml
Log Message:
-----------
JS: Overlay extraction support
Commit: 30baf0acecc6f4e2f5939f7e428ca4209142d3b9
https://github.com/krishnprakash/codeql/commit/30baf0acecc6f4e2f5939f7e428ca4209142d3b9
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
M javascript/ql/lib/semmlecode.javascript.dbscheme
M javascript/ql/lib/semmlecode.javascript.dbscheme.stats
M javascript/resources/codeql-extractor.yml
Log Message:
-----------
JS: Add overlayChangedFiles
Commit: ba585b8af5e78c77416b3e99f62fffa82c89db41
https://github.com/krishnprakash/codeql/commit/ba585b8af5e78c77416b3e99f62fffa82c89db41
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/old.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/semmlecode.javascript.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/upgrade.properties
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/old.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/semmlecode.javascript.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/upgrade.properties
Log Message:
-----------
JS: Add upgrade/downgrade scripts
Commit: 678345621354a6c4cb0d900ece5dadd2aa1f2cf8
https://github.com/krishnprakash/codeql/commit/678345621354a6c4cb0d900ece5dadd2aa1f2cf8
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
M javascript/ql/lib/javascript.qll
A javascript/ql/lib/semmle/javascript/internal/Overlay.qll
Log Message:
-----------
JS: Add discard predicates
Commit: 67a1c2ffef2afcb958676a3cf6b9b8ea403286c3
https://github.com/krishnprakash/codeql/commit/67a1c2ffef2afcb958676a3cf6b9b8ea403286c3
Author: Asger F <asg...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
Log Message:
-----------
Update javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
Co-authored-by: Copilot <17572847...@users.noreply.github.com>
Commit: 19fa29d52704a947c64f448849f1202fdc325e25
https://github.com/krishnprakash/codeql/commit/19fa29d52704a947c64f448849f1202fdc325e25
Author: Asger F <asg...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/old.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/semmlecode.javascript.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/upgrade.properties
M javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
A javascript/extractor/src/com/semmle/js/extractor/OverlayChanges.java
M javascript/ql/lib/javascript.qll
A javascript/ql/lib/semmle/javascript/internal/Overlay.qll
M javascript/ql/lib/semmlecode.javascript.dbscheme
M javascript/ql/lib/semmlecode.javascript.dbscheme.stats
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/old.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/semmlecode.javascript.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/upgrade.properties
M javascript/resources/codeql-extractor.yml
Log Message:
-----------
Merge pull request #20307 from asgerf/js/overlay-extract-and-discard-only
JS: Add overlay support to extractor
Commit: 011f8dd3b3fb32c5f7b6f7a5785330e5241b2b9a
https://github.com/krishnprakash/codeql/commit/011f8dd3b3fb32c5f7b6f7a5785330e5241b2b9a
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M swift/ql/lib/codeql/swift/elements/decl/internal/EnumDeclImpl.qll
Log Message:
-----------
Swift: Fix a Ql4Ql violation.
Commit: f73f9a0447335f10320106497af88bd7b30d0ecd
https://github.com/krishnprakash/codeql/commit/f73f9a0447335f10320106497af88bd7b30d0ecd
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M swift/ql/lib/codeql/swift/elements/decl/internal/EnumDeclImpl.qll
Log Message:
-----------
Merge pull request #20334 from michaelnebel/swift/ql4ql
Swift: Fix a Ql4Ql violation.
Commit: 74913522789f3bd512ff0c5330f626f2cd5ccc09
https://github.com/krishnprakash/codeql/commit/74913522789f3bd512ff0c5330f626f2cd5ccc09
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/printAst.ql
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Member.qll
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
M csharp/ql/lib/semmle/code/csharp/serialization/Deserializers.qll
M csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll
M csharp/ql/src/Language Abuse/UselessUpcast.ql
M csharp/ql/src/Telemetry/DatabaseQuality.qll
Log Message:
-----------
C#: Fix some Ql4Ql violations.
Commit: ef4b41ab6d2c1f7c18145c9c13fc5949c13622da
https://github.com/krishnprakash/codeql/commit/ef4b41ab6d2c1f7c18145c9c13fc5949c13622da
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
Log Message:
-----------
C#: Replace exists with any.
Commit: 39d3741a9141c53b1579859baf1a426ca30e6e74
https://github.com/krishnprakash/codeql/commit/39d3741a9141c53b1579859baf1a426ca30e6e74
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M csharp/ql/lib/printAst.ql
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Member.qll
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
M csharp/ql/lib/semmle/code/csharp/serialization/Deserializers.qll
M csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll
M csharp/ql/src/Language Abuse/UselessUpcast.ql
M csharp/ql/src/Telemetry/DatabaseQuality.qll
Log Message:
-----------
Merge pull request #20326 from michaelnebel/csharp/ql4ql
C#: Fix some Ql4Ql violations.
Commit: ea664e08d1d79eef07760289e122a11e519d4d86
https://github.com/krishnprakash/codeql/commit/ea664e08d1d79eef07760289e122a11e519d4d86
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M go/ql/lib/semmle/go/StringOps.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowUtil.qll
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
Log Message:
-----------
Go: Fix some Ql4Ql violations.
Commit: d0323a6425c380cac284aca0c7207ced4b424a2f
https://github.com/krishnprakash/codeql/commit/d0323a6425c380cac284aca0c7207ced4b424a2f
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
Log Message:
-----------
Fix one more violation.
Commit: 55e5281429fac51505945a966f06a1946ca408e8
https://github.com/krishnprakash/codeql/commit/55e5281429fac51505945a966f06a1946ca408e8
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
Log Message:
-----------
Go: Fix a couple more spelling errors.
Commit: 9a88e38d6f2587c8637e484ef77c797876f7f1e2
https://github.com/krishnprakash/codeql/commit/9a88e38d6f2587c8637e484ef77c797876f7f1e2
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M go/ql/lib/semmle/go/StringOps.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowUtil.qll
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
Log Message:
-----------
Merge pull request #20327 from michaelnebel/go/ql4ql
Go: Fix some Ql4Ql violations.
Commit: 11309e99ce62b0e59531b3a310805ce09231ac70
https://github.com/krishnprakash/codeql/commit/11309e99ce62b0e59531b3a310805ce09231ac70
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M shared/util/change-notes/2025-08-25-loc-option.md
Log Message:
-----------
Fix changenote
Commit: ab641b3144126839862ba99483f12de58ac6e607
https://github.com/krishnprakash/codeql/commit/ab641b3144126839862ba99483f12de58ac6e607
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M shared/util/change-notes/2025-08-25-loc-option.md
Log Message:
-----------
Merge pull request #20344 from joefarebrother/fix-changenote
Shared: Fix changenote
Commit: 77113b2e42ac0d9d30aeca91d616363d0ac45c7c
https://github.com/krishnprakash/codeql/commit/77113b2e42ac0d9d30aeca91d616363d0ac45c7c
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M java/ql/lib/experimental/quantum/JCA.qll
M java/ql/lib/experimental/quantum/Language.qll
M java/ql/lib/printAst.ql
M java/ql/lib/semmle/code/java/Concurrency.qll
M java/ql/lib/semmle/code/java/Conversions.qll
M java/ql/lib/semmle/code/java/Statement.qll
M java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
M java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll
M java/ql/lib/semmle/code/java/frameworks/Mockito.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
M java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll
M java/ql/lib/semmle/code/java/security/FileWritable.qll
M java/ql/lib/semmle/code/java/security/TempDirUtils.qll
M java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
M java/ql/src/Likely Bugs/Comparison/HashedButNoHash.ql
M java/ql/src/Likely Bugs/Concurrency/NotifyWithoutSynch.ql
M java/ql/src/Likely Bugs/Termination/SpinOnField.ql
M java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll
M java/ql/src/Violations of Best Practice/Naming Conventions/ConfusingOverloading.ql
M java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
M java/ql/src/experimental/quantum/Examples/BrokenCrypto.ql
M java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll
Log Message:
-----------
Java: Fix some Ql4Ql violations.
Commit: a732b36fa87f33fc9e0bc9ad3fa221ba2498f69d
https://github.com/krishnprakash/codeql/commit/a732b36fa87f33fc9e0bc9ad3fa221ba2498f69d
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
Log Message:
-----------
Update java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
Co-authored-by: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Commit: 2a932f0748fb7b30df2e4fa1a4bf80028d14951d
https://github.com/krishnprakash/codeql/commit/2a932f0748fb7b30df2e4fa1a4bf80028d14951d
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M java/ql/lib/experimental/quantum/JCA.qll
M java/ql/lib/experimental/quantum/Language.qll
M java/ql/lib/printAst.ql
M java/ql/lib/semmle/code/java/Concurrency.qll
M java/ql/lib/semmle/code/java/Conversions.qll
M java/ql/lib/semmle/code/java/Statement.qll
M java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
M java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll
M java/ql/lib/semmle/code/java/frameworks/Mockito.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
M java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll
M java/ql/lib/semmle/code/java/security/FileWritable.qll
M java/ql/lib/semmle/code/java/security/TempDirUtils.qll
M java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
M java/ql/src/Likely Bugs/Comparison/HashedButNoHash.ql
M java/ql/src/Likely Bugs/Concurrency/NotifyWithoutSynch.ql
M java/ql/src/Likely Bugs/Termination/SpinOnField.ql
M java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll
M java/ql/src/Violations of Best Practice/Naming Conventions/ConfusingOverloading.ql
M java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
M java/ql/src/experimental/quantum/Examples/BrokenCrypto.ql
M java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll
Log Message:
-----------
Merge pull request #20328 from michaelnebel/java/ql4ql
Java: Fix some Ql4Ql violations.
Commit: 367027e777aa5aa934c5c1c5e7924031571d6f3a
https://github.com/krishnprakash/codeql/commit/367027e777aa5aa934c5c1c5e7924031571d6f3a
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M ql/ql/src/codeql_ql/style/RedundantCastQuery.qll
M ql/ql/test/queries/performance/VarUnusedInDisjunct/Test.qll
M ql/ql/test/queries/style/Misspelling/Misspelling.expected
M ql/ql/test/queries/style/Misspelling/Test.qll
M ql/ql/test/queries/style/UseInstanceofExtension/Foo.qll
M ql/ql/test/queries/style/UseInstanceofExtension/UseInstanceofExtension.expected
M ql/ql/test/queries/style/UseSetLiteral/UseSetLiteral.expected
M ql/ql/test/queries/style/UseSetLiteral/test.qll
Log Message:
-----------
Ql: Fix some Ql4Ql violations.
Commit: 88ee20f189f8d053dbe58708516bf4b509503ec7
https://github.com/krishnprakash/codeql/commit/88ee20f189f8d053dbe58708516bf4b509503ec7
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M ql/ql/src/codeql_ql/style/RedundantCastQuery.qll
M ql/ql/test/queries/performance/VarUnusedInDisjunct/Test.qll
M ql/ql/test/queries/style/Misspelling/Misspelling.expected
M ql/ql/test/queries/style/Misspelling/Test.qll
M ql/ql/test/queries/style/UseInstanceofExtension/Foo.qll
M ql/ql/test/queries/style/UseInstanceofExtension/UseInstanceofExtension.expected
M ql/ql/test/queries/style/UseSetLiteral/UseSetLiteral.expected
M ql/ql/test/queries/style/UseSetLiteral/test.qll
Log Message:
-----------
Merge pull request #20331 from michaelnebel/ql/ql4ql
Ql: Fix some Ql4Ql violations.
Commit: c5cf46bc2cd5ed380e1bbe091fda4b5f2a561736
https://github.com/krishnprakash/codeql/commit/c5cf46bc2cd5ed380e1bbe091fda4b5f2a561736
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M ruby/ql/lib/codeql/ruby/ApiGraphs.qll
M ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll
M ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll
M ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll
Log Message:
-----------
Ruby: Fix some Ql4Ql violations.
Commit: 7ae5d405fc8e4b3a868247ffa7a8aac0dffd3834
https://github.com/krishnprakash/codeql/commit/7ae5d405fc8e4b3a868247ffa7a8aac0dffd3834
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M ruby/ql/lib/codeql/ruby/ApiGraphs.qll
M ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll
M ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll
M ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll
Log Message:
-----------
Merge pull request #20332 from michaelnebel/ruby/ql4ql
Ruby: Fix some Ql4Ql violations.
Commit: 37997c05610f6fe5e55d9a570ff6d8de8f5a43c3
https://github.com/krishnprakash/codeql/commit/37997c05610f6fe5e55d9a570ff6d8de8f5a43c3
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
M rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll
M rust/ql/lib/codeql/rust/internal/Type.qll
Log Message:
-----------
Rust: Fix some Ql4Ql violations.
Commit: 464d8b13a85bb9cbd618ea8823169bd10ff421fd
https://github.com/krishnprakash/codeql/commit/464d8b13a85bb9cbd618ea8823169bd10ff421fd
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
Log Message:
-----------
Rust: Address review comments.
Commit: 6f5da528a469bc32c3550cd4b3401c6eb1dfee04
https://github.com/krishnprakash/codeql/commit/6f5da528a469bc32c3550cd4b3401c6eb1dfee04
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
Log Message:
-----------
Update rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
Co-authored-by: Simon Friis Vindum <pald...@github.com>
Commit: 9d521e9cb60da771138528e49a50a35435b38b77
https://github.com/krishnprakash/codeql/commit/9d521e9cb60da771138528e49a50a35435b38b77
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
M rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll
M rust/ql/lib/codeql/rust/internal/Type.qll
Log Message:
-----------
Merge pull request #20333 from michaelnebel/rust/ql4ql
Rust: Fix some Ql4Ql violations.
Commit: dbd31259b3e62de0ffd7bb7103b402d4616d06cd
https://github.com/krishnprakash/codeql/commit/dbd31259b3e62de0ffd7bb7103b402d4616d06cd
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
M python/ql/lib/experimental/cryptography/CryptoArtifact.qll
M python/ql/lib/experimental/cryptography/modules/CryptographyModule.qll
M python/ql/lib/experimental/cryptography/modules/stdlib/HashlibModule.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/objects/ObjectInternal.qll
M python/ql/lib/semmle/python/types/FunctionObject.qll
M python/ql/src/Security/CWE-327/FluentApiModel.qll
M python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql
Log Message:
-----------
Python: Fix some Ql4Ql violations.
Commit: 90caded4fe8d8dad1cbc179a89d048a88d640ec2
https://github.com/krishnprakash/codeql/commit/90caded4fe8d8dad1cbc179a89d048a88d640ec2
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M python/ql/src/Security/CWE-327/FluentApiModel.qll
Log Message:
-----------
Apply suggestion from @aschackmull
Co-authored-by: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Commit: d3d737b3838e4b360150533f2f27ad08ec60e92d
https://github.com/krishnprakash/codeql/commit/d3d737b3838e4b360150533f2f27ad08ec60e92d
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
M python/ql/lib/experimental/cryptography/CryptoArtifact.qll
M python/ql/lib/experimental/cryptography/modules/CryptographyModule.qll
M python/ql/lib/experimental/cryptography/modules/stdlib/HashlibModule.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/objects/ObjectInternal.qll
M python/ql/lib/semmle/python/types/FunctionObject.qll
M python/ql/src/Security/CWE-327/FluentApiModel.qll
M python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql
Log Message:
-----------
Merge pull request #20330 from michaelnebel/python/ql4ql
Python: Fix some Ql4Ql violations.
Commit: 8434dc3890801b7584a99f5becd552bbfeda3514
https://github.com/krishnprakash/codeql/commit/8434dc3890801b7584a99f5becd552bbfeda3514
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A shared/controlflow/codeql/controlflow/SuccessorType.qll
Log Message:
-----------
Controlflow: Add a shared SuccessorType implementation.
Commit: 8b50ac291fbc056fb638f5e12511209953505982
https://github.com/krishnprakash/codeql/commit/8b50ac291fbc056fb638f5e12511209953505982
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/Caching.qll
M csharp/ql/lib/semmle/code/csharp/commons/Constants.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
M csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
M csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
M csharp/ql/test/library-tests/controlflow/graph/Condition.ql
M csharp/ql/test/library-tests/controlflow/graph/Nodes.ql
Log Message:
-----------
C#: Use shared SuccessorType.
Commit: d8c193df18379f70baa7c1d41af50f05be683f69
https://github.com/krishnprakash/codeql/commit/d8c193df18379f70baa7c1d41af50f05be683f69
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M ruby/ql/consistency-queries/DataFlowConsistency.ql
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/controlflow/ControlFlowGraph.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Completion.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Guards.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Splitting.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql
Log Message:
-----------
Ruby: Use shared SuccessorType.
Commit: cf9196fb5579405f5bda53990649b5582d963bd3
https://github.com/krishnprakash/codeql/commit/cf9196fb5579405f5bda53990649b5582d963bd3
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/controlflow/ControlFlowGraph.qll
M rust/ql/lib/codeql/rust/controlflow/internal/Completion.qll
M rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll
R rust/ql/lib/codeql/rust/controlflow/internal/SuccessorType.qll
M rust/ql/lib/codeql/rust/internal/CachedStages.qll
Log Message:
-----------
Rust: Use shared SuccessorType.
Commit: c1662cf05c1107d09644476e0a9f6660f09489a5
https://github.com/krishnprakash/codeql/commit/c1662cf05c1107d09644476e0a9f6660f09489a5
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/test/library-tests/assignables/AssignableDefinitionNode.expected
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.expected
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/csharp8/switchexprcontrolflow.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaExplicitDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaRead.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
M csharp/ql/test/library-tests/goto/Goto1.expected
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.expected
M ruby/ql/test/library-tests/controlflow/graph/Cfg.expected
M ruby/ql/test/library-tests/controlflow/graph/Nodes.expected
Log Message:
-----------
C#/Ruby: Accept qltest changes.
Mostly toString changes, and a slight change to
splitting in C#.
Commit: 1e25b4de4b392af578af356f2a2fc9df0321bd22
https://github.com/krishnprakash/codeql/commit/1e25b4de4b392af578af356f2a2fc9df0321bd22
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/controlflow/ControlFlowGraph.qll
M swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplSpecific.qll
M swift/ql/lib/codeql/swift/security/PathInjectionExtensions.qll
Log Message:
-----------
Swift: Use shared SuccessorType.
Commit: 92fcda3cc70ea1b964476892ec11fba30427aa7c
https://github.com/krishnprakash/codeql/commit/92fcda3cc70ea1b964476892ec11fba30427aa7c
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/actions/controlflow/internal/Cfg.qll
Log Message:
-----------
Actions: Use shared SuccessorType.
Commit: 4685b4f8a9eb4caed4eafa81c5f7b8e15c822b97
https://github.com/krishnprakash/codeql/commit/4685b4f8a9eb4caed4eafa81c5f7b8e15c822b97
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
R java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll
Log Message:
-----------
Java: Use shared SuccessorType.
Commit: 144e34c669c0f0238ce00d18d9abd1a18da3f9eb
https://github.com/krishnprakash/codeql/commit/144e34c669c0f0238ce00d18d9abd1a18da3f9eb
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/actions/controlflow/internal/Cfg.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/EdgeKind.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/Guards.qll
M shared/controlflow/codeql/controlflow/SuccessorType.qll
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplSpecific.qll
Log Message:
-----------
Shared: Use shared SuccessorType in shared Cfg and BasicBlock libs.
Commit: bbf799510092248780107c9ba944639c0fd86915
https://github.com/krishnprakash/codeql/commit/bbf799510092248780107c9ba944639c0fd86915
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
Log Message:
-----------
C#: Fix caching dependencies.
Commit: 0d9b8d059250427434bc13f58d55895638c7bf27
https://github.com/krishnprakash/codeql/commit/0d9b8d059250427434bc13f58d55895638c7bf27
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/controlflow/codeql/controlflow/Cfg.qll
Log Message:
-----------
Cfg: Allow for multiple exception successors.
Commit: 4e706276292e57b5d1fa0f1034a4b5c184d58c6b
https://github.com/krishnprakash/codeql/commit/4e706276292e57b5d1fa0f1034a4b5c184d58c6b
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
M shared/controlflow/codeql/controlflow/Guards.qll
Log Message:
-----------
Guards: Use shared SuccessorType.
Commit: 3d4d347150224d68a2048d4f0195cb42b34b28ca
https://github.com/krishnprakash/codeql/commit/3d4d347150224d68a2048d4f0195cb42b34b28ca
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Splitting.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/SuccessorType.qll
Log Message:
-----------
SuccessorType: Address review comments.
Commit: f833fe0e6eb881b982c5b96b63ddbcd1f5748897
https://github.com/krishnprakash/codeql/commit/f833fe0e6eb881b982c5b96b63ddbcd1f5748897
Author: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/actions/controlflow/internal/Cfg.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/EdgeKind.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M csharp/ql/lib/semmle/code/csharp/Caching.qll
M csharp/ql/lib/semmle/code/csharp/commons/Constants.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
M csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
M csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
M csharp/ql/test/library-tests/assignables/AssignableDefinitionNode.expected
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.ql
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.ql
M csharp/ql/test/library-tests/csharp8/switchexprcontrolflow.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaExplicitDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaRead.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
M csharp/ql/test/library-tests/goto/Goto1.expected
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
R java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M ruby/ql/consistency-queries/DataFlowConsistency.ql
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/controlflow/ControlFlowGraph.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Completion.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Guards.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Splitting.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.expected
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/controlflow/graph/Cfg.expected
M ruby/ql/test/library-tests/controlflow/graph/Nodes.expected
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/controlflow/ControlFlowGraph.qll
M rust/ql/lib/codeql/rust/controlflow/internal/Completion.qll
M rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll
R rust/ql/lib/codeql/rust/controlflow/internal/SuccessorType.qll
M rust/ql/lib/codeql/rust/internal/CachedStages.qll
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/Guards.qll
A shared/controlflow/codeql/controlflow/SuccessorType.qll
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/controlflow/ControlFlowGraph.qll
M swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplSpecific.qll
M swift/ql/lib/codeql/swift/security/PathInjectionExtensions.qll
Log Message:
-----------
Merge pull request #20300 from aschackmull/cfg/successortype
Shared: Add a shared SuccessorType implementation
Commit: 0bfa93828b3ec126c9c1cf170f00b3a167a4c4f7
https://github.com/krishnprakash/codeql/commit/0bfa93828b3ec126c9c1cf170f00b3a167a4c4f7
Author: github-actions[bot] <github-...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.16.md
M actions/ql/lib/codeql-pack.release.yml
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
A actions/ql/src/change-notes/released/0.6.8.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/qlpack.yml
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2025-08-19-virtual-dispatch.md
R cpp/ql/lib/change-notes/2025-08-27-pch.md
R cpp/ql/lib/change-notes/2025-08-28-comptr.md
A cpp/ql/lib/change-notes/released/5.5.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/src/CHANGELOG.md
R cpp/ql/src/change-notes/2025-08-20-add-customizations.md
A cpp/ql/src/change-notes/released/1.4.7.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/lib/CHANGELOG.md
R csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
R csharp/ql/lib/change-notes/2025-08-18-implicit-reads-at-sinks.md
R csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
R csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
A csharp/ql/lib/change-notes/released/5.2.3.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/CHANGELOG.md
A csharp/ql/src/change-notes/released/1.3.4.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/qlpack.yml
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.30.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/released/4.3.3.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/src/CHANGELOG.md
A go/ql/src/change-notes/released/1.4.4.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/qlpack.yml
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/released/7.6.1.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/qlpack.yml
M java/ql/src/CHANGELOG.md
R java/ql/src/change-notes/2024-10-03-remove-java-query.md
R java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/change-notes/2025-07-19-adjust-tags.md
R java/ql/src/change-notes/2025-08-22-nullness-fn.md
A java/ql/src/change-notes/released/1.7.0.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/qlpack.yml
M javascript/ql/lib/CHANGELOG.md
R javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
A javascript/ql/lib/change-notes/released/2.6.10.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.0.3.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.30.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/ql/lib/CHANGELOG.md
R python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
R python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
A python/ql/lib/change-notes/released/4.0.14.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/qlpack.yml
M python/ql/src/CHANGELOG.md
R python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/src/change-notes/2025-07-25-unexpected-raise-special-method.md
A python/ql/src/change-notes/released/1.6.4.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/qlpack.yml
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/released/5.0.3.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/released/1.4.4.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/CHANGELOG.md
R rust/ql/lib/change-notes/2025-08-22-fs.md
R rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
R rust/ql/lib/change-notes/2025-08-28-path-resolution.md
A rust/ql/lib/change-notes/released/0.1.15.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/qlpack.yml
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2025-08-18-log-injection.md
R rust/ql/src/change-notes/2025-08-20-add-customizations.md
R rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
A rust/ql/src/change-notes/released/0.1.15.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.4.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.14.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.0.14.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.30.md
M shared/mad/codeql-pack.release.yml
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.8.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.30.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.30.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.6.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.30.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.30.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.30.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.11.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.14.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.30.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
R shared/util/change-notes/2025-08-25-loc-option.md
A shared/util/change-notes/released/2.0.17.md
M shared/util/codeql-pack.release.yml
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.30.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.30.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/released/5.0.6.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2025-08-20-add-customizations.md
A swift/ql/src/change-notes/released/1.2.4.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Release preparation for version 2.23.0
Commit: 28f02c07d7d744d761520fbfb354f96827a11f6c
https://github.com/krishnprakash/codeql/commit/28f02c07d7d744d761520fbfb354f96827a11f6c
Author: Arthur Baars <aib...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.16.md
M actions/ql/lib/codeql-pack.release.yml
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
A actions/ql/src/change-notes/released/0.6.8.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/qlpack.yml
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2025-08-19-virtual-dispatch.md
R cpp/ql/lib/change-notes/2025-08-27-pch.md
R cpp/ql/lib/change-notes/2025-08-28-comptr.md
A cpp/ql/lib/change-notes/released/5.5.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/src/CHANGELOG.md
R cpp/ql/src/change-notes/2025-08-20-add-customizations.md
A cpp/ql/src/change-notes/released/1.4.7.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/lib/CHANGELOG.md
R csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
R csharp/ql/lib/change-notes/2025-08-18-implicit-reads-at-sinks.md
R csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
R csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
A csharp/ql/lib/change-notes/released/5.2.3.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/CHANGELOG.md
A csharp/ql/src/change-notes/released/1.3.4.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/qlpack.yml
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.30.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/released/4.3.3.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/src/CHANGELOG.md
A go/ql/src/change-notes/released/1.4.4.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/qlpack.yml
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/released/7.6.1.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/qlpack.yml
M java/ql/src/CHANGELOG.md
R java/ql/src/change-notes/2024-10-03-remove-java-query.md
R java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/change-notes/2025-07-19-adjust-tags.md
R java/ql/src/change-notes/2025-08-22-nullness-fn.md
A java/ql/src/change-notes/released/1.7.0.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/qlpack.yml
M javascript/ql/lib/CHANGELOG.md
R javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
A javascript/ql/lib/change-notes/released/2.6.10.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.0.3.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.30.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/ql/lib/CHANGELOG.md
R python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
R python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
A python/ql/lib/change-notes/released/4.0.14.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/qlpack.yml
M python/ql/src/CHANGELOG.md
R python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/src/change-notes/2025-07-25-unexpected-raise-special-method.md
A python/ql/src/change-notes/released/1.6.4.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/qlpack.yml
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/released/5.0.3.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/released/1.4.4.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/CHANGELOG.md
R rust/ql/lib/change-notes/2025-08-22-fs.md
R rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
R rust/ql/lib/change-notes/2025-08-28-path-resolution.md
A rust/ql/lib/change-notes/released/0.1.15.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/qlpack.yml
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2025-08-18-log-injection.md
R rust/ql/src/change-notes/2025-08-20-add-customizations.md
R rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
A rust/ql/src/change-notes/released/0.1.15.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.4.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.14.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.0.14.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.30.md
M shared/mad/codeql-pack.release.yml
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.8.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.30.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.30.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.6.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.30.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.30.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.30.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.11.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.14.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.30.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
R shared/util/change-notes/2025-08-25-loc-option.md
A shared/util/change-notes/released/2.0.17.md
M shared/util/codeql-pack.release.yml
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.30.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.30.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/released/5.0.6.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2025-08-20-add-customizations.md
A swift/ql/src/change-notes/released/1.2.4.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Merge pull request #20346 from github/release-prep/2.23.0
Release preparation for version 2.23.0
Commit: e8a2600a0ca34ab3440813eb54f4811db2e7bd63
https://github.com/krishnprakash/codeql/commit/e8a2600a0ca34ab3440813eb54f4811db2e7bd63
Author: github-actions[bot] <github-...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/qlpack.yml
M actions/ql/src/qlpack.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/src/qlpack.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/qlpack.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/qlpack.yml
M go/ql/src/qlpack.yml
M java/ql/lib/qlpack.yml
M java/ql/src/qlpack.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/src/qlpack.yml
M misc/suite-helpers/qlpack.yml
M python/ql/lib/qlpack.yml
M python/ql/src/qlpack.yml
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/qlpack.yml
M rust/ql/src/qlpack.yml
M shared/concepts/qlpack.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/qlpack.yml
M shared/mad/qlpack.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/qlpack.yml
M shared/ssa/qlpack.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/qlpack.yml
M shared/typos/qlpack.yml
M shared/util/qlpack.yml
M shared/xml/qlpack.yml
M shared/yaml/qlpack.yml
M swift/ql/lib/qlpack.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Post-release preparation for codeql-cli-2.23.0
Commit: 0bb7fdccf68ea3922536d136a95c61aff0205417
https://github.com/krishnprakash/codeql/commit/0bb7fdccf68ea3922536d136a95c61aff0205417
Author: Arthur Baars <aib...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.16.md
M actions/ql/lib/codeql-pack.release.yml
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
A actions/ql/src/change-notes/released/0.6.8.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/qlpack.yml
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2025-08-19-virtual-dispatch.md
R cpp/ql/lib/change-notes/2025-08-27-pch.md
R cpp/ql/lib/change-notes/2025-08-28-comptr.md
A cpp/ql/lib/change-notes/released/5.5.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/src/CHANGELOG.md
R cpp/ql/src/change-notes/2025-08-20-add-customizations.md
A cpp/ql/src/change-notes/released/1.4.7.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/lib/CHANGELOG.md
R csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
R csharp/ql/lib/change-notes/2025-08-18-implicit-reads-at-sinks.md
R csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
R csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
A csharp/ql/lib/change-notes/released/5.2.3.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/CHANGELOG.md
A csharp/ql/src/change-notes/released/1.3.4.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/qlpack.yml
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.30.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/released/4.3.3.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/src/CHANGELOG.md
A go/ql/src/change-notes/released/1.4.4.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/qlpack.yml
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/released/7.6.1.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/qlpack.yml
M java/ql/src/CHANGELOG.md
R java/ql/src/change-notes/2024-10-03-remove-java-query.md
R java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/change-notes/2025-07-19-adjust-tags.md
R java/ql/src/change-notes/2025-08-22-nullness-fn.md
A java/ql/src/change-notes/released/1.7.0.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/qlpack.yml
M javascript/ql/lib/CHANGELOG.md
R javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
A javascript/ql/lib/change-notes/released/2.6.10.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.0.3.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.30.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/ql/lib/CHANGELOG.md
R python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
R python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
A python/ql/lib/change-notes/released/4.0.14.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/qlpack.yml
M python/ql/src/CHANGELOG.md
R python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/src/change-notes/2025-07-25-unexpected-raise-special-method.md
A python/ql/src/change-notes/released/1.6.4.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/qlpack.yml
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/released/5.0.3.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/released/1.4.4.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/CHANGELOG.md
R rust/ql/lib/change-notes/2025-08-22-fs.md
R rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
R rust/ql/lib/change-notes/2025-08-28-path-resolution.md
A rust/ql/lib/change-notes/released/0.1.15.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/qlpack.yml
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2025-08-18-log-injection.md
R rust/ql/src/change-notes/2025-08-20-add-customizations.md
R rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
A rust/ql/src/change-notes/released/0.1.15.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.4.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.14.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.0.14.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.30.md
M shared/mad/codeql-pack.release.yml
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.8.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.30.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.30.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.6.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.30.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.30.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.30.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.11.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.14.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.30.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
R shared/util/change-notes/2025-08-25-loc-option.md
A shared/util/change-notes/released/2.0.17.md
M shared/util/codeql-pack.release.yml
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.30.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.30.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/released/5.0.6.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2025-08-20-add-customizations.md
A swift/ql/src/change-notes/released/1.2.4.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Merge pull request #20347 from github/post-release-prep/codeql-cli-2.23.0
Post-release preparation for codeql-cli-2.23.0
Commit: 7490d8ddd202b66a8be5f35f4b8d7de69a307cf7
https://github.com/krishnprakash/codeql/commit/7490d8ddd202b66a8be5f35f4b8d7de69a307cf7
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll
M ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll
M shared/quantum/codeql/quantum/experimental/Model.qll
Log Message:
-----------
Shared and Sync: Fix some Ql4Ql violations.
Commit: 31852985e5bb79ff2e923fffe73e900d7ea9fd06
https://github.com/krishnprakash/codeql/commit/31852985e5bb79ff2e923fffe73e900d7ea9fd06
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll
M ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll
M shared/quantum/codeql/quantum/experimental/Model.qll
Log Message:
-----------
Merge pull request #20335 from michaelnebel/shared/ql4ql
Shared and Sync: Fix some Ql4Ql violations.
Commit: 8a92b2d611cabd9fedd08d8d25e944f2d75559dd
https://github.com/krishnprakash/codeql/commit/8a92b2d611cabd9fedd08d8d25e944f2d75559dd
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/type-inference/closure.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.ql
Log Message:
-----------
Rust: Change inline expectation annotation for certain inferred types
Commit: 17d23a9b78eee15367f8784f99765dbbce29cf86
https://github.com/krishnprakash/codeql/commit/17d23a9b78eee15367f8784f99765dbbce29cf86
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/type-inference/closure.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.ql
Log Message:
-----------
Merge pull request #20343 from paldepind/rust/certain-type-inline-expectation
Rust: Change inline expectation annotation for inferred certain types
Commit: 60845001dd22dd5c35849597b424c08bd160774e
https://github.com/krishnprakash/codeql/commit/60845001dd22dd5c35849597b424c08bd160774e
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Add `sizeof` VLA IR test cases
Commit: d9320b3c16b08818e8a189bacaa1dee8cc3ae2ae
https://github.com/krishnprakash/codeql/commit/d9320b3c16b08818e8a189bacaa1dee8cc3ae2ae
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Support `sizeof` VLAs in the IR
Commit: dc7833052964fbab41425a9e4148a1fc3393e448
https://github.com/krishnprakash/codeql/commit/dc7833052964fbab41425a9e4148a1fc3393e448
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Update expected test results
Commit: 5bd08e817444b909b8b541d2f23a68e61f58beab
https://github.com/krishnprakash/codeql/commit/5bd08e817444b909b8b541d2f23a68e61f58beab
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Add more `sizeof` VLA tests
Commit: fdab63fd5fb92b5f56a3da4b206eeb8c68c2a499
https://github.com/krishnprakash/codeql/commit/fdab63fd5fb92b5f56a3da4b206eeb8c68c2a499
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Handle `ArrayExpr`s in `sizeof` VLAs
Commit: 74f5687660c680b3eeb2c2e86106d9aec97233b4
https://github.com/krishnprakash/codeql/commit/74f5687660c680b3eeb2c2e86106d9aec97233b4
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Update expected test results
Commit: 6e8f44da42103da4b86b531df389d63789a041ed
https://github.com/krishnprakash/codeql/commit/6e8f44da42103da4b86b531df389d63789a041ed
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Handle `sizeof` VLAs with typedefs
Commit: ffbc83deebf30a5c20a32f9be3d51f00586245fc
https://github.com/krishnprakash/codeql/commit/ffbc83deebf30a5c20a32f9be3d51f00586245fc
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Update expected test results
Commit: 6a9324fab033c596892a6be91ee848eb7ab94b10
https://github.com/krishnprakash/codeql/commit/6a9324fab033c596892a6be91ee848eb7ab94b10
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
Log Message:
-----------
C++: Fix obtaining the base type of a VLA
Commit: f0f66c6d5880054c240726b458fbd6696171099b
https://github.com/krishnprakash/codeql/commit/f0f66c6d5880054c240726b458fbd6696171099b
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmle/code/cpp/stmts/Stmt.qll
Log Message:
-----------
C++: Minor refactor
* Introduce new instruction tag for the base size
* Introduce some convenience predicates on `VlaDeclStmt`
Commit: f68d3477d4be389ae9b9ec5b0c11921996419a76
https://github.com/krishnprakash/codeql/commit/f68d3477d4be389ae9b9ec5b0c11921996419a76
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
Log Message:
-----------
C++: Output necessary conversions in the `sizeof` VLA IR
Commit: 8a7553232f0d0f96a364e34c05df94927ded98a6
https://github.com/krishnprakash/codeql/commit/8a7553232f0d0f96a364e34c05df94927ded98a6
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Add more `sizeof` VLA tests
Commit: 438cc961da4629f2aedef0ae4acc5f893988a92c
https://github.com/krishnprakash/codeql/commit/438cc961da4629f2aedef0ae4acc5f893988a92c
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Document `TranslatedSizeofExpr`
Commit: f4df3881f8f3d7151d947e44e2861de5f27fb90c
https://github.com/krishnprakash/codeql/commit/f4df3881f8f3d7151d947e44e2861de5f27fb90c
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Handle `*&` sequences in `sizeof` VLA expressions
Commit: 9431b0c754f6e0d21a1655be2bd7a87d6d9495d5
https://github.com/krishnprakash/codeql/commit/9431b0c754f6e0d21a1655be2bd7a87d6d9495d5
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-09-02-vla.md
Log Message:
-----------
C++: Add change note for new `VlaDeclStmt` predicates
Commit: 8de1ed0d851594c3a350f58af4ec60d867f08322
https://github.com/krishnprakash/codeql/commit/8de1ed0d851594c3a350f58af4ec60d867f08322
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Address review comments
Commit: ab3ad20a1ef35ce65964150e56b5e257f4b74da8
https://github.com/krishnprakash/codeql/commit/ab3ad20a1ef35ce65964150e56b5e257f4b74da8
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-09-02-vla.md
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmle/code/cpp/stmts/Stmt.qll
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
Log Message:
-----------
Merge pull request #20319 from jketema/ir-vla-sizeof
C++: Support `sizeof` VLAs in the IR
Commit: 45b8158fe53acc55a0acf09da53b1f6a5ac9c950
https://github.com/krishnprakash/codeql/commit/45b8158fe53acc55a0acf09da53b1f6a5ac9c950
Author: Asger F <asg...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
JS: Remove totalorder()
This was once as input to the shared data flow library, but has since been removed from the input signature.
Commit: 1ea843f23c70b153a8bcb0963bd70c20a1084734
https://github.com/krishnprakash/codeql/commit/1ea843f23c70b153a8bcb0963bd70c20a1084734
Author: Asger F <asg...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
Merge pull request #20323 from asgerf/js/remove-totalorder
JS: Remove totalorder()
Commit: 9f31f02c12a3544dc91c01516a78c454437b6acb
https://github.com/krishnprakash/codeql/commit/9f31f02c12a3544dc91c01516a78c454437b6acb
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M csharp/documentation/library-coverage/coverage.csv
M csharp/documentation/library-coverage/coverage.rst
Log Message:
-----------
Add changed framework coverage reports
Commit: fb1387340ff6f19f6237c61acf56eb6d2c730ee5
https://github.com/krishnprakash/codeql/commit/fb1387340ff6f19f6237c61acf56eb6d2c730ee5
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M csharp/documentation/library-coverage/coverage.csv
M csharp/documentation/library-coverage/coverage.rst
Log Message:
-----------
Merge pull request #20349 from github/workflow/coverage/update
Update CSV framework coverage reports
Commit: dff5ed7d295e260d8bc30b5bfac8e9ec6eee58a7
https://github.com/krishnprakash/codeql/commit/dff5ed7d295e260d8bc30b5bfac8e9ec6eee58a7
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/test/library-tests/dataflow/global/viableCallable.expected
A rust/ql/test/library-tests/dataflow/global/viableCallable.qlref
Log Message:
-----------
Rust: Assign locations to all `DataFlowCallable`s
Commit: f2b8ac127f42d484a8838faef69de248a37c66f8
https://github.com/krishnprakash/codeql/commit/f2b8ac127f42d484a8838faef69de248a37c66f8
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/test/library-tests/dataflow/global/viableCallable.expected
A rust/ql/test/library-tests/dataflow/global/viableCallable.qlref
Log Message:
-----------
Merge pull request #20351 from hvitved/rust/summarized-callable-location
Rust: Assign locations to all `DataFlowCallable`s
Commit: 64f9758c29eca0d36a637c6fe12b2bb0bc594735
https://github.com/krishnprakash/codeql/commit/64f9758c29eca0d36a637c6fe12b2bb0bc594735
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/Locations.qll
M actions/ql/lib/codeql/actions/Ast.qll
M actions/ql/lib/codeql/actions/ast/internal/Ast.qll
M actions/ql/lib/codeql/actions/controlflow/BasicBlocks.qll
M actions/ql/lib/codeql/actions/dataflow/ExternalFlow.qll
M actions/ql/lib/codeql/actions/dataflow/FlowSources.qll
M actions/ql/lib/codeql/actions/security/ArgumentInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/ArtifactPoisoningQuery.qll
M actions/ql/lib/codeql/actions/security/ControlChecks.qll
M actions/ql/lib/codeql/actions/security/EnvVarInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/OutputClobberingQuery.qll
M actions/ql/lib/codeql/actions/security/UseOfUnversionedImmutableAction.qll
M actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
Log Message:
-----------
Actions: Fix some Ql4Ql violations.
Commit: a9baf34629fbdaf620003f67952b28f95959d7f1
https://github.com/krishnprakash/codeql/commit/a9baf34629fbdaf620003f67952b28f95959d7f1
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/Locations.qll
M actions/ql/lib/codeql/actions/Ast.qll
M actions/ql/lib/codeql/actions/ast/internal/Ast.qll
M actions/ql/lib/codeql/actions/controlflow/BasicBlocks.qll
M actions/ql/lib/codeql/actions/dataflow/ExternalFlow.qll
M actions/ql/lib/codeql/actions/dataflow/FlowSources.qll
M actions/ql/lib/codeql/actions/security/ArgumentInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/ArtifactPoisoningQuery.qll
M actions/ql/lib/codeql/actions/security/ControlChecks.qll
M actions/ql/lib/codeql/actions/security/EnvVarInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/OutputClobberingQuery.qll
M actions/ql/lib/codeql/actions/security/UseOfUnversionedImmutableAction.qll
M actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
Log Message:
-----------
Merge pull request #20324 from michaelnebel/actions/ql4ql
Actions: Fix some Ql4Ql violations.
Commit: 8fc81f4263ea67d0d3411a02998e82a9767f4432
https://github.com/krishnprakash/codeql/commit/8fc81f4263ea67d0d3411a02998e82a9767f4432
Author: Napalys Klicius <nap...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M .github/workflows/build-ripunzip.yml
M .github/workflows/buildifier.yml
M .github/workflows/check-implicit-this.yml
M .github/workflows/check-overlay-annotations.yml
M .github/workflows/check-qldoc.yml
M .github/workflows/check-query-ids.yml
M .github/workflows/codeql-analysis.yml
M .github/workflows/compile-queries.yml
M .github/workflows/cpp-swift-analysis.yml
M .github/workflows/csharp-qltest.yml
M .github/workflows/csv-coverage-metrics.yml
M .github/workflows/csv-coverage-pr-artifacts.yml
M .github/workflows/csv-coverage-pr-comment.yml
M .github/workflows/csv-coverage-timeseries.yml
M .github/workflows/csv-coverage-update.yml
M .github/workflows/csv-coverage.yml
M .github/workflows/fast-forward.yml
M .github/workflows/go-tests.yml
M .github/workflows/kotlin-build.yml
M .github/workflows/mad_modelDiff.yml
M .github/workflows/mad_regenerate-models.yml
M .github/workflows/python-tooling.yml
M .github/workflows/qhelp-pr-preview.yml
M .github/workflows/ql-for-ql-build.yml
M .github/workflows/ql-for-ql-dataset_measure.yml
M .github/workflows/ql-for-ql-tests.yml
M .github/workflows/query-list.yml
M .github/workflows/ruby-build.yml
M .github/workflows/ruby-dataset-measure.yml
M .github/workflows/ruby-qltest-rtjo.yml
M .github/workflows/ruby-qltest.yml
M .github/workflows/rust-analysis.yml
M .github/workflows/rust.yml
M .github/workflows/swift.yml
M .github/workflows/sync-files.yml
M .github/workflows/tree-sitter-extractor-test.yml
M .github/workflows/validate-change-notes.yml
M .github/workflows/zipmerge-test.yml
M actions/extractor/codeql-extractor.yml
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.16.md
M actions/ql/lib/codeql-pack.release.yml
M actions/ql/lib/codeql/Locations.qll
M actions/ql/lib/codeql/actions/Ast.qll
M actions/ql/lib/codeql/actions/ast/internal/Ast.qll
M actions/ql/lib/codeql/actions/controlflow/BasicBlocks.qll
M actions/ql/lib/codeql/actions/controlflow/internal/Cfg.qll
M actions/ql/lib/codeql/actions/dataflow/ExternalFlow.qll
M actions/ql/lib/codeql/actions/dataflow/FlowSources.qll
M actions/ql/lib/codeql/actions/security/ArgumentInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/ArtifactPoisoningQuery.qll
M actions/ql/lib/codeql/actions/security/ControlChecks.qll
M actions/ql/lib/codeql/actions/security/EnvVarInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/OutputClobberingQuery.qll
M actions/ql/lib/codeql/actions/security/UseOfUnversionedImmutableAction.qll
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
A actions/ql/src/change-notes/released/0.6.8.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
M actions/ql/src/qlpack.yml
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/old.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/semmlecode.cpp.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/upgrade.properties
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2025-08-19-virtual-dispatch.md
A cpp/ql/lib/change-notes/2025-09-02-vla.md
A cpp/ql/lib/change-notes/released/5.5.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/cpp.qll
A cpp/ql/lib/ext/ComPtr.model.yml
A cpp/ql/lib/ext/ComPtrRef.model.yml
M cpp/ql/lib/qlpack.yml
A cpp/ql/lib/semmle/code/cpp/PchFile.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/EdgeKind.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/stmts/Stmt.qll
M cpp/ql/lib/semmlecode.cpp.dbscheme
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/old.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/upgrade.properties
M cpp/ql/src/CHANGELOG.md
R cpp/ql/src/change-notes/2025-08-20-add-customizations.md
A cpp/ql/src/change-notes/released/1.4.7.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
A cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/ms_vacopy.c
M csharp/codeql-extractor.yml
M csharp/documentation/library-coverage/coverage.csv
M csharp/documentation/library-coverage/coverage.rst
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/lib/CHANGELOG.md
R csharp/ql/lib/change-notes/2025-08-18-implicit-reads-at-sinks.md
A csharp/ql/lib/change-notes/released/5.2.3.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/ext/System.IO.model.yml
M csharp/ql/lib/ext/System.Xml.model.yml
M csharp/ql/lib/ext/System.model.yml
M csharp/ql/lib/printAst.ql
M csharp/ql/lib/qlpack.yml
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Caching.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Member.qll
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
M csharp/ql/lib/semmle/code/csharp/commons/Constants.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
M csharp/ql/lib/semmle/code/csharp/serialization/Deserializers.qll
M csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
M csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll
M csharp/ql/src/CHANGELOG.md
M csharp/ql/src/Language Abuse/UselessUpcast.ql
M csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
M csharp/ql/src/Telemetry/DatabaseQuality.qll
A csharp/ql/src/change-notes/released/1.3.4.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/qlpack.yml
M csharp/ql/test/library-tests/assignables/AssignableDefinitionNode.expected
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.ql
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.ql
M csharp/ql/test/library-tests/csharp8/switchexprcontrolflow.expected
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.cs
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaExplicitDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaRead.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref
M csharp/ql/test/library-tests/goto/Goto1.expected
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/UnsafeDeserializationUntrustedInput.expected
M go/codeql-extractor.yml
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.30.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/released/4.3.3.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/lib/semmle/go/StringOps.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowUtil.qll
M go/ql/src/CHANGELOG.md
A go/ql/src/change-notes/released/1.4.4.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
M go/ql/src/qlpack.yml
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
M java/ql/integration-tests/java/query-suite/not_included_in_qls.expected
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/released/7.6.1.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/experimental/quantum/JCA.qll
M java/ql/lib/experimental/quantum/Language.qll
M java/ql/lib/printAst.ql
M java/ql/lib/qlpack.yml
M java/ql/lib/semmle/code/java/Concurrency.qll
M java/ql/lib/semmle/code/java/Conversions.qll
M java/ql/lib/semmle/code/java/Statement.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
R java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll
M java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
M java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
M java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
M java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll
M java/ql/lib/semmle/code/java/frameworks/Mockito.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
M java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll
M java/ql/lib/semmle/code/java/security/FileWritable.qll
M java/ql/lib/semmle/code/java/security/TempDirUtils.qll
M java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
M java/ql/src/CHANGELOG.md
M java/ql/src/Likely Bugs/Comparison/HashedButNoHash.ql
M java/ql/src/Likely Bugs/Concurrency/NotifyWithoutSynch.ql
M java/ql/src/Likely Bugs/Termination/SpinOnField.ql
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll
M java/ql/src/Violations of Best Practice/Naming Conventions/ConfusingOverloading.ql
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.md
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.ql
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.java
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.qhelp
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.ql
R java/ql/src/change-notes/2024-10-03-remove-java-query.md
R java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/change-notes/2025-07-19-adjust-tags.md
R java/ql/src/change-notes/2025-08-22-nullness-fn.md
A java/ql/src/change-notes/released/1.7.0.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
M java/ql/src/experimental/quantum/Examples/BrokenCrypto.ql
M java/ql/src/qlpack.yml
M java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll
A java/ql/test/query-tests/CallsToSystemExit/CallsToSystemExit.expected
A java/ql/test/query-tests/CallsToSystemExit/CallsToSystemExit.qlref
A java/ql/test/query-tests/CallsToSystemExit/ExampleRuntimeExit.java
A java/ql/test/query-tests/CallsToSystemExit/ExampleRuntimeHalt.java
A java/ql/test/query-tests/CallsToSystemExit/ExampleSystemExit.java
A java/ql/test/query-tests/CallsToSystemExit/LocalClassInTestMethod.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/Employee.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeRecord.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeStatus.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.expected
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.qlref
A java/ql/test/query-tests/ExcessivePublicMethodMocking/TestORM.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/options
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/AnnotatedClass.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/VisibleForTesting.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/UseWithinAnnotation.java
A java/ql/test/stubs/junit-4.13/LICENSE-junit.txt
A java/ql/test/stubs/junit-4.13/org/junit/Assert.java
A java/ql/test/stubs/junit-4.13/org/junit/Test.java
A java/ql/test/stubs/junit-4.13/org/junit/function/ThrowingRunnable.java
A java/ql/test/stubs/mockito-5.14/org/mockito/ArgumentMatchers.java
A java/ql/test/stubs/mockito-5.14/org/mockito/MockSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/Mockito.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/MockitoCore.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/creation/MockSettingsImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerFactory.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/progress/MockingProgress.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/util/MockUtil.java
A java/ql/test/stubs/mockito-5.14/org/mockito/invocation/MockHandler.java
A java/ql/test/stubs/mockito-5.14/org/mockito/mock/MockCreationSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/plugins/MockMaker.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Answer.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/OngoingStubbing.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Stubber.java
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/old.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/semmlecode.javascript.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/upgrade.properties
M javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
A javascript/extractor/src/com/semmle/js/extractor/OverlayChanges.java
M javascript/ql/lib/CHANGELOG.md
A javascript/ql/lib/change-notes/released/2.6.10.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/javascript.qll
M javascript/ql/lib/qlpack.yml
M javascript/ql/lib/semmle/javascript/AST.qll
M javascript/ql/lib/semmle/javascript/Files.qll
M javascript/ql/lib/semmle/javascript/JSON.qll
M javascript/ql/lib/semmle/javascript/Locations.qll
M javascript/ql/lib/semmle/javascript/RestrictedLocations.qll
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/Variables.qll
M javascript/ql/lib/semmle/javascript/XML.qll
M javascript/ql/lib/semmle/javascript/YAML.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableOrThis.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
R javascript/ql/lib/semmle/javascript/internal/Locations.qll
A javascript/ql/lib/semmle/javascript/internal/Overlay.qll
M javascript/ql/lib/semmlecode.javascript.dbscheme
M javascript/ql/lib/semmlecode.javascript.dbscheme.stats
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/old.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/semmlecode.javascript.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/upgrade.properties
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.0.3.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M javascript/ql/test/experimental/FormParsers/RemoteFlowSource.expected
M javascript/ql/test/experimental/Security/CWE-094-dataURL/CodeInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueAndKeyInjection/EnvValueAndKeyInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueInjection/EnvValueInjection.expected
M javascript/ql/test/experimental/Security/CWE-347/localsource/decodeJwtWithoutVerificationLocalSource.expected
M javascript/ql/test/experimental/Security/CWE-347/remotesource/decodeJwtWithoutVerification.expected
M javascript/ql/test/experimental/Security/CWE-918/SSRF.expected
M javascript/ql/test/experimental/Security/CWE-942/CorsPermissiveConfiguration.expected
M javascript/ql/test/library-tests/CallGraphs/FullTest/tests.expected
M javascript/ql/test/library-tests/DataFlow/tests.expected
M javascript/ql/test/library-tests/DefUse/DefUsePair.expected
M javascript/ql/test/library-tests/GlobalAccessPaths/GlobalAccessPaths.expected
M javascript/ql/test/library-tests/SSA/GetRhsNode/GetRhsNode.expected
M javascript/ql/test/library-tests/SSA/SSADefinition/SSADefinition.expected
M javascript/ql/test/library-tests/StringConcatenation/StringOps.expected
M javascript/ql/test/library-tests/frameworks/Electron/tests.expected
M javascript/ql/test/library-tests/frameworks/ReactJS/tests.expected
M javascript/ql/test/library-tests/frameworks/koa/tests.expected
M javascript/ql/test/query-tests/Security/CWE-020/UntrustedDataToExternalAPI/UntrustedDataToExternalAPI.expected
M javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
M javascript/ql/test/query-tests/Security/CWE-022/ZipSlip/ZipSlip.expected
M javascript/ql/test/query-tests/Security/CWE-073/TemplateObjectInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/CommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/IndirectCommandInjection/IndirectCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/SecondOrderCommandInjection/SecondOrderCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXssWithResponseThreat/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ExceptionXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ReflectedXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/UnsafeHtmlConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/UnsafeJQueryPlugin.expected
M javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected
M javascript/ql/test/query-tests/Security/CWE-089/local-threat-source/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/typed/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/untyped/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/CodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/HeuristicSourceCodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/ImproperCodeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-094/UnsafeDynamicMethodAccess/UnsafeDynamicMethodAccess.expected
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-117/LogInjection.expected
M javascript/ql/test/query-tests/Security/CWE-200/FileAccessToHttp.expected
M javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected
M javascript/ql/test/query-tests/Security/CWE-327/BrokenCryptoAlgorithm.expected
M javascript/ql/test/query-tests/Security/CWE-338/InsecureRandomness.expected
M javascript/ql/test/query-tests/Security/CWE-346/CorsMisconfigurationForCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-377/InsecureTemporaryFile.expected
M javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-506/HardcodedDataInterpretedAsCode.expected
M javascript/ql/test/query-tests/Security/CWE-522-DecompressionBombs/DecompressionBombs.expected
M javascript/ql/test/query-tests/Security/CWE-601/ClientSideUrlRedirect/ClientSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-611/Xxe.expected
M javascript/ql/test/query-tests/Security/CWE-643/XpathInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-disabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-enabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCall.expected
M javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/ResourceExhaustion.expected
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-776/libxml.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.noent.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.sax.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.saxpush.js
M javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-807/ConditionalBypass.expected
M javascript/ql/test/query-tests/Security/CWE-829/InsecureDownload.expected
M javascript/ql/test/query-tests/Security/CWE-843/TypeConfusionThroughParameterTampering.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/PrototypePollutingAssignment.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingFunction/PrototypePollutingFunction.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/PrototypePollutingMergeCall.expected
M javascript/ql/test/query-tests/Security/CWE-918/ClientSideRequestForgery.expected
M javascript/ql/test/query-tests/Security/CWE-918/RequestForgery.expected
M javascript/ql/test/tutorials/Analyzing data flow in JavaScript/Local data flow/query1.expected
M javascript/resources/codeql-extractor.yml
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.30.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/codeql-extractor.yml
M python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected
M python/ql/integration-tests/query-suite/python-code-quality.qls.expected
M python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected
M python/ql/lib/CHANGELOG.md
M python/ql/lib/analysis/DefinitionTracking.qll
A python/ql/lib/change-notes/released/4.0.14.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/experimental/cryptography/CryptoArtifact.qll
M python/ql/lib/experimental/cryptography/modules/CryptographyModule.qll
M python/ql/lib/experimental/cryptography/modules/stdlib/HashlibModule.qll
M python/ql/lib/qlpack.yml
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/frameworks/Lxml.qll
M python/ql/lib/semmle/python/frameworks/Psycopg2.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll
M python/ql/lib/semmle/python/objects/ObjectInternal.qll
M python/ql/lib/semmle/python/types/FunctionObject.qll
M python/ql/src/CHANGELOG.md
A python/ql/src/Classes/Comparisons/EqualsOrHash.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrHash.ql
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.ql
A python/ql/src/Classes/Comparisons/IncompleteOrdering.qhelp
A python/ql/src/Classes/Comparisons/IncompleteOrdering.ql
A python/ql/src/Classes/Comparisons/examples/EqualsOrHash.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals1.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals2.py
A python/ql/src/Classes/Comparisons/examples/IncompleteOrdering.py
M python/ql/src/Classes/Equality.qll
R python/ql/src/Classes/EqualsOrHash.py
R python/ql/src/Classes/EqualsOrHash.qhelp
R python/ql/src/Classes/EqualsOrHash.ql
R python/ql/src/Classes/EqualsOrNotEquals.py
R python/ql/src/Classes/EqualsOrNotEquals.qhelp
R python/ql/src/Classes/EqualsOrNotEquals.ql
R python/ql/src/Classes/IncompleteOrdering.py
R python/ql/src/Classes/IncompleteOrdering.qhelp
R python/ql/src/Classes/IncompleteOrdering.ql
R python/ql/src/Classes/SubclassShadowing.py
R python/ql/src/Classes/SubclassShadowing.qhelp
R python/ql/src/Classes/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.qhelp
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingBad.py
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingGood.py
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod.py
M python/ql/src/Functions/IncorrectRaiseInSpecialMethod.qhelp
M python/ql/src/Functions/IncorrectRaiseInSpecialMethod.ql
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod2.py
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod3.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod2.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod3.py
M python/ql/src/Security/CWE-327/FluentApiModel.qll
A python/ql/src/change-notes/released/1.6.4.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql
M python/ql/src/qlpack.yml
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/3/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.expected
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.qlref
R python/ql/test/3/query-tests/Classes/equals-ne/test.py
M python/ql/test/library-tests/frameworks/lxml/parsing.py
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.expected
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.ql
A python/ql/test/library-tests/frameworks/psycopg2/connectionpool.py
M python/ql/test/query-tests/Classes/equals-attr/DefineEqualsWhenAddingAttributes.expected
A python/ql/test/query-tests/Classes/equals-attr/attr_eq_test.py
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.expected
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.qlref
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.expected
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/query-tests/Classes/equals-hash/attr_eq_test.py
A python/ql/test/query-tests/Classes/equals-hash/equalsHash.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.expected
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.expected
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/incomplete_ordering.py
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.expected
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.qlref
M python/ql/test/query-tests/Classes/subclass-shadowing/subclass_shadowing.py
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/IncorrectRaiseInSpecialMethod.expected
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/IncorrectRaiseInSpecialMethod.qlref
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/test.py
R python/ql/test/query-tests/Functions/general/IncorrectRaiseInSpecialMethod.expected
R python/ql/test/query-tests/Functions/general/IncorrectRaiseInSpecialMethod.qlref
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
M python/ql/test/query-tests/analysis/jump_to_defn/Definitions.expected
M python/ql/test/query-tests/analysis/jump_to_defn/test.py
M ql/ql/src/codeql_ql/style/RedundantCastQuery.qll
M ql/ql/test/queries/performance/VarUnusedInDisjunct/Test.qll
M ql/ql/test/queries/style/Misspelling/Misspelling.expected
M ql/ql/test/queries/style/Misspelling/Test.qll
M ql/ql/test/queries/style/UseInstanceofExtension/Foo.qll
M ql/ql/test/queries/style/UseInstanceofExtension/UseInstanceofExtension.expected
M ql/ql/test/queries/style/UseSetLiteral/UseSetLiteral.expected
M ql/ql/test/queries/style/UseSetLiteral/test.qll
M ruby/codeql-extractor.yml
M ruby/ql/consistency-queries/DataFlowConsistency.ql
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/released/5.0.3.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/codeql/ruby/ApiGraphs.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/controlflow/ControlFlowGraph.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Completion.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Guards.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Splitting.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll
M ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll
M ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll
M ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll
M ruby/ql/lib/qlpack.yml
M ruby/ql/lib/utils/test/InlineFlowTest.qll
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/released/1.4.4.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.expected
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/controlflow/graph/Cfg.expected
M ruby/ql/test/library-tests/controlflow/graph/Nodes.expected
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-flow.ql
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql
M rust/ast-generator/src/main.rs
M rust/codeql-extractor.yml
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/old.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/rust.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/upgrade.properties
M rust/extractor/src/config.rs
M rust/extractor/src/generated/.generated.list
M rust/extractor/src/generated/top.rs
M rust/extractor/src/main.rs
M rust/extractor/src/translate.rs
M rust/extractor/src/translate/base.rs
M rust/extractor/src/translate/generated.rs
M rust/extractor/src/translate/mappings.rs
M rust/ql/.generated.list
M rust/ql/.gitattributes
M rust/ql/lib/CHANGELOG.md
R rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
A rust/ql/lib/change-notes/released/0.1.15.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/controlflow/ControlFlowGraph.qll
M rust/ql/lib/codeql/rust/controlflow/internal/Completion.qll
M rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll
R rust/ql/lib/codeql/rust/controlflow/internal/SuccessorType.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
M rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll
M rust/ql/lib/codeql/rust/elements.qll
M rust/ql/lib/codeql/rust/elements/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/PathAstNode.qll
M rust/ql/lib/codeql/rust/elements/RangeExprExt.qll
R rust/ql/lib/codeql/rust/elements/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/CallExprBaseImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll
R rust/ql/lib/codeql/rust/elements/internal/ResolvableImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/TypeParamImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Addressable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/ParentChild.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/PathAstNode.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
R rust/ql/lib/codeql/rust/elements/internal/generated/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Synth.qll
A rust/ql/lib/codeql/rust/frameworks/asyncstd/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/stdlib/Stdlib.qll
M rust/ql/lib/codeql/rust/frameworks/stdlib/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/tokio/fs.model.yml
M rust/ql/lib/codeql/rust/internal/CachedStages.qll
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/PathResolutionConsistency.qll
M rust/ql/lib/codeql/rust/internal/Type.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/lib/qlpack.yml
M rust/ql/lib/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/old.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/upgrade.properties
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2025-08-18-log-injection.md
R rust/ql/src/change-notes/2025-08-20-add-customizations.md
A rust/ql/src/change-notes/released/0.1.15.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql
M rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql
M rust/ql/src/queries/telemetry/ExtractorInformation.ql
R rust/ql/src/queries/telemetry/RustAnalyzerComparison.qll
R rust/ql/test/extractor-tests/canonical_path_disabled/Cargo.lock
R rust/ql/test/extractor-tests/canonical_path_disabled/anonymous.rs
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.expected
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.qlref
R rust/ql/test/extractor-tests/canonical_path_disabled/options.yml
R rust/ql/test/extractor-tests/canonical_path_disabled/regular.rs
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.expected
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.ql
M rust/ql/test/extractor-tests/generated/Const/Const.expected
M rust/ql/test/extractor-tests/generated/Const/Const.ql
M rust/ql/test/extractor-tests/generated/Enum/Enum.expected
M rust/ql/test/extractor-tests/generated/Enum/Enum.ql
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.expected
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.ql
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.expected
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.ql
M rust/ql/test/extractor-tests/generated/Function/Function.expected
M rust/ql/test/extractor-tests/generated/Function/Function.ql
M rust/ql/test/extractor-tests/generated/Impl/Impl.expected
M rust/ql/test/extractor-tests/generated/Impl/Impl.ql
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.expected
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.ql
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.expected
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.ql
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.expected
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.ql
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.expected
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.ql
M rust/ql/test/extractor-tests/generated/Module/Module.expected
M rust/ql/test/extractor-tests/generated/Module/Module.ql
M rust/ql/test/extractor-tests/generated/Path/PathExpr.expected
M rust/ql/test/extractor-tests/generated/Path/PathExpr.ql
M rust/ql/test/extractor-tests/generated/Path/PathPat.expected
M rust/ql/test/extractor-tests/generated/Path/PathPat.ql
M rust/ql/test/extractor-tests/generated/Static/Static.expected
M rust/ql/test/extractor-tests/generated/Static/Static.ql
M rust/ql/test/extractor-tests/generated/Struct/Struct.expected
M rust/ql/test/extractor-tests/generated/Struct/Struct.ql
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.expected
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.ql
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.expected
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.ql
M rust/ql/test/extractor-tests/generated/Trait/Trait.expected
M rust/ql/test/extractor-tests/generated/Trait/Trait.ql
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.expected
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.ql
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.expected
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.ql
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.expected
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.ql
M rust/ql/test/extractor-tests/generated/Union/Union.expected
M rust/ql/test/extractor-tests/generated/Union/Union.ql
M rust/ql/test/extractor-tests/generated/Use/Use.expected
M rust/ql/test/extractor-tests/generated/Use/Use.ql
M rust/ql/test/extractor-tests/generated/Variant/Variant.expected
M rust/ql/test/extractor-tests/generated/Variant/Variant.ql
M rust/ql/test/extractor-tests/macro-expansion/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/global/viableCallable.expected
A rust/ql/test/library-tests/dataflow/global/viableCallable.qlref
M rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
M rust/ql/test/library-tests/dataflow/sources/test.rs
M rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected
M rust/ql/test/library-tests/path-resolution/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/main.rs
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/closure.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/library-tests/type-inference/type-inference.ql
M rust/ql/test/query-tests/security/CWE-022/Cargo.lock
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-022/options.yml
M rust/ql/test/query-tests/security/CWE-022/src/main.rs
M rust/ql/test/query-tests/security/CWE-117/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/query-tests/security/CWE-312/CONSISTENCY/PathResolutionConsistency.expected
R rust/ql/test/query-tests/security/CWE-696/CONSISTENCY/PathResolutionConsistency.expected
R rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
M rust/ql/test/query-tests/security/CWE-825/main.rs
M rust/schema/annotations.py
M rust/schema/prelude.py
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.4.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.14.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/Guards.qll
A shared/controlflow/codeql/controlflow/SuccessorType.qll
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.0.14.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.30.md
M shared/mad/codeql-pack.release.yml
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.8.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/codeql/quantum/experimental/Model.qll
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.30.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.30.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.6.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/codeql/ssa/Ssa.qll
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.30.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.30.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.30.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.11.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.14.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.30.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
A shared/util/change-notes/released/2.0.17.md
M shared/util/codeql-pack.release.yml
M shared/util/codeql/util/Option.qll
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.30.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.30.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/codeql-extractor.yml
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/released/5.0.6.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/controlflow/ControlFlowGraph.qll
M swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplSpecific.qll
M swift/ql/lib/codeql/swift/dataflow/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
M swift/ql/lib/codeql/swift/elements/decl/internal/EnumDeclImpl.qll
M swift/ql/lib/codeql/swift/security/PathInjectionExtensions.qll
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2025-08-20-add-customizations.md
A swift/ql/src/change-notes/released/1.2.4.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Merge branch 'main' into js/remote-property-injection-update
Commit: 7cbaa114a335105fad23dec24ec54dddb20e92a4
https://github.com/krishnprakash/codeql/commit/7cbaa114a335105fad23dec24ec54dddb20e92a4
Author: Napalys Klicius <nap...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/security/dataflow/RemotePropertyInjectionQuery.qll
A javascript/ql/src/change-notes/2025-08-27-remote-property-injection-update.md
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.qlref
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tst.js
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tstNonExpr.js
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.expected
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.qlref
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/tst.js
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/tstNonExpr.js
Log Message:
-----------
Merge pull request #20296 from Napalys/js/remote-property-injection-update
JS: Detect property injection via object enumeration patterns
Commit: 504ae0f35ab9d19265cbbdd8547e814519f1dd5a
https://github.com/krishnprakash/codeql/commit/504ae0f35ab9d19265cbbdd8547e814519f1dd5a
Author: Kevin Stubbings <kwst...@github.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
A go/ql/lib/change-notes/2025-07-15-path-injection-sanitizers.md
M go/ql/lib/ext/os.model.yml
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.expected
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.go
Log Message:
-----------
Update go path sanitizers and sinks
Commit: f86152d3bd45e57cd2b64aacd7bd28e3c3317ebb
https://github.com/krishnprakash/codeql/commit/f86152d3bd45e57cd2b64aacd7bd28e3c3317ebb
Author: Kevin Stubbings <kwst...@github.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M go/ql/lib/change-notes/2025-07-15-path-injection-sanitizers.md
M go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.expected
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.go
Log Message:
-----------
Add sanitizer changes and fix test
Commit: b4b848a25c8663942af6c80ee18fda7ee2acaf09
https://github.com/krishnprakash/codeql/commit/b4b848a25c8663942af6c80ee18fda7ee2acaf09
Author: Kevin Stubbings <kwst...@github.com>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M go/ql/lib/ext/os.model.yml
M go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
M go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Os.go
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.go
Log Message:
-----------
Fix tests and simplify sanitizer
Commit: e2f3c9d1b6c84b48c3d3dbcef86ce9b8ec02918a
https://github.com/krishnprakash/codeql/commit/e2f3c9d1b6c84b48c3d3dbcef86ce9b8ec02918a
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2025-07-22 (Tue, 22 Jul 2025)
Changed paths:
M go/ql/lib/change-notes/2025-07-15-path-injection-sanitizers.md
Log Message:
-----------
Reword change note
Commit: 2a45b28e5fb97eed90886568ebd47ab1b91db69a
https://github.com/krishnprakash/codeql/commit/2a45b28e5fb97eed90886568ebd47ab1b91db69a
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
A go/ql/lib/change-notes/2025-07-15-path-injection-sanitizers.md
M go/ql/lib/ext/os.model.yml
M go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
M go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Os.go
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.expected
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.go
Log Message:
-----------
Merge pull request #20064 from Kwstubbs/go-path-separator
Update Go Path Injection Sanitizer and Sink
Commit: 9cc6e9c8a9efdd646aa0a20db70c1348d91dc57f
https://github.com/krishnprakash/codeql/commit/9cc6e9c8a9efdd646aa0a20db70c1348d91dc57f
Author: Kasper Svendsen <kasp...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Member.qll
M java/ql/lib/semmle/code/java/Type.qll
Log Message:
-----------
Overlay: Add discarding for Java classes, interfaces & fields
Commit: dd99a2d3bd5d849f2d7c2a1ff2d8580e467e4f34
https://github.com/krishnprakash/codeql/commit/dd99a2d3bd5d849f2d7c2a1ff2d8580e467e4f34
Author: Kasper Svendsen <kasp...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Member.qll
M java/ql/lib/semmle/code/java/Type.qll
Log Message:
-----------
Merge pull request #20294 from github/kaspersv/discard-fields-and-classes
Overlay: Add discarding for Java classes, interfaces & fields
Commit: 8b10ad49d745a22f94e5b172b3f49fefb0155603
https://github.com/krishnprakash/codeql/commit/8b10ad49d745a22f94e5b172b3f49fefb0155603
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/dataflow/FlowSummary.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/BarrierGuards.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/frameworks/Babel.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Arrays.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/AsyncAwait.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Generators.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Iterators.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Maps.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Promises.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Sets.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Strings.qll
M javascript/ql/lib/semmle/javascript/security/TaintedUrlSuffixCustomizations.qll
M javascript/ql/src/Declarations/UnreachableMethodOverloads.ql
M javascript/ql/test/library-tests/FlowSummary/test.ql
Log Message:
-----------
JS: Fix some Ql4Ql violations.
Commit: 8009ddebced1988b87aef3c246b2b4cf8a5775e4
https://github.com/krishnprakash/codeql/commit/8009ddebced1988b87aef3c246b2b4cf8a5775e4
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/dataflow/FlowSummary.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/BarrierGuards.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/frameworks/Babel.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Arrays.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/AsyncAwait.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Generators.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Iterators.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Maps.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Promises.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Sets.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Strings.qll
M javascript/ql/lib/semmle/javascript/security/TaintedUrlSuffixCustomizations.qll
M javascript/ql/src/Declarations/UnreachableMethodOverloads.ql
M javascript/ql/test/library-tests/FlowSummary/test.ql
Log Message:
-----------
Merge pull request #20329 from michaelnebel/javascript/ql4ql
JS: Fix some Ql4Ql violations.
Commit: 83d53baf82981685af77a3547078100ae4d5ba02
https://github.com/krishnprakash/codeql/commit/83d53baf82981685af77a3547078100ae4d5ba02
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M cpp/ql/lib/Options.qll
M cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll
M cpp/ql/lib/semmle/code/cpp/Concept.qll
M cpp/ql/lib/semmle/code/cpp/Declaration.qll
M cpp/ql/lib/semmle/code/cpp/commons/Printf.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/Dominance.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/internal/CFG.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
M cpp/ql/lib/semmle/code/cpp/ir/internal/IRUtilities.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/FunctionInputsAndOutputs.qll
M cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticExpr.qll
M cpp/ql/lib/semmle/code/cpp/security/FileWrite.qll
M cpp/ql/lib/semmle/code/cpp/security/boostorg/asio/protocols.qll
M cpp/ql/lib/semmle/code/cpp/valuenumbering/HashCons.qll
M cpp/ql/src/Best Practices/Magic Constants/MagicConstants.qll
M cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll
M cpp/ql/src/Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql
M cpp/ql/src/Metrics/Internal/CallableExtents.ql
M cpp/ql/src/Security/CWE/CWE-190/IntegerOverflowTainted.ql
M cpp/ql/src/Security/CWE/CWE-457/UninitializedVariables.qll
M cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql
M cpp/ql/src/definitions.ql
M cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql
M cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql
M cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql
M cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql
M cpp/ql/src/experimental/Security/CWE/CWE-416/UseAfterExpiredLifetime.ql
M cpp/ql/src/external/DefectFilter.qll
M cpp/ql/src/external/MetricFilter.qll
M cpp/ql/src/jsf/4.10 Classes/AV Rule 96.ql
Log Message:
-----------
C++: Fix some Ql4Ql violations.
Commit: 61e8ad264f07a7c2e2570cc01d484d7633b3eb27
https://github.com/krishnprakash/codeql/commit/61e8ad264f07a7c2e2570cc01d484d7633b3eb27
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-09-03-rename-api.md
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/valuenumbering/HashCons.qll
M cpp/ql/src/Metrics/Internal/CallableExtents.ql
A cpp/ql/src/change-notes/2025-09-03-rename-api.md
Log Message:
-----------
C++: Address review comments.
Commit: 64d68feab3712034bedbd525c647267bda45925b
https://github.com/krishnprakash/codeql/commit/64d68feab3712034bedbd525c647267bda45925b
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M cpp/ql/lib/Options.qll
A cpp/ql/lib/change-notes/2025-09-03-rename-api.md
M cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll
M cpp/ql/lib/semmle/code/cpp/Concept.qll
M cpp/ql/lib/semmle/code/cpp/Declaration.qll
M cpp/ql/lib/semmle/code/cpp/commons/Printf.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/Dominance.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/internal/CFG.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
M cpp/ql/lib/semmle/code/cpp/ir/internal/IRUtilities.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/FunctionInputsAndOutputs.qll
M cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticExpr.qll
M cpp/ql/lib/semmle/code/cpp/security/FileWrite.qll
M cpp/ql/lib/semmle/code/cpp/security/boostorg/asio/protocols.qll
M cpp/ql/src/Best Practices/Magic Constants/MagicConstants.qll
M cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll
M cpp/ql/src/Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql
M cpp/ql/src/Metrics/Internal/CallableExtents.ql
M cpp/ql/src/Security/CWE/CWE-190/IntegerOverflowTainted.ql
M cpp/ql/src/Security/CWE/CWE-457/UninitializedVariables.qll
M cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql
A cpp/ql/src/change-notes/2025-09-03-rename-api.md
M cpp/ql/src/definitions.ql
M cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql
M cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql
M cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql
M cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql
M cpp/ql/src/experimental/Security/CWE/CWE-416/UseAfterExpiredLifetime.ql
M cpp/ql/src/external/DefectFilter.qll
M cpp/ql/src/external/MetricFilter.qll
M cpp/ql/src/jsf/4.10 Classes/AV Rule 96.ql
Log Message:
-----------
Merge pull request #20325 from michaelnebel/cpp/ql4ql
C++: Fix some Ql4Ql violations.
Commit: 462d6396275f0666aa5407dcc986eb7fc59f1f00
https://github.com/krishnprakash/codeql/commit/462d6396275f0666aa5407dcc986eb7fc59f1f00
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M cpp/ql/lib/experimental/cryptography/CryptoArtifact.qll
M cpp/ql/lib/experimental/cryptography/modules/OpenSSL.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoFunction.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/DataBuilders.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/PassthroughFunction.qll
Log Message:
-----------
C++: Fix some Ql4Ql violations.
Commit: af82da5db33fe1560fd4079aa217547a844493e9
https://github.com/krishnprakash/codeql/commit/af82da5db33fe1560fd4079aa217547a844493e9
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M cpp/ql/lib/experimental/cryptography/CryptoArtifact.qll
M cpp/ql/lib/experimental/cryptography/modules/OpenSSL.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoFunction.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/DataBuilders.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/PassthroughFunction.qll
Log Message:
-----------
Merge pull request #20350 from michaelnebel/cpp/ql4qlexperimental
C++: Fix some Ql4Ql violations (crypto).
Commit: 5d2268fa80510db204f2dd181f899b8b7ef32994
https://github.com/krishnprakash/codeql/commit/5d2268fa80510db204f2dd181f899b8b7ef32994
Author: idrissrio <idri...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M java/ql/test-kotlin1/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin1/library-tests/reflection/reflection.expected
M java/ql/test-kotlin2/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin2/library-tests/reflection/reflection.expected
Log Message:
-----------
Java: accept new test results after extractor update
Commit: c5e5b8a585945e7b6fd1949a22dd32cf14ed90d7
https://github.com/krishnprakash/codeql/commit/c5e5b8a585945e7b6fd1949a22dd32cf14ed90d7
Author: Idriss Riouak <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/test-kotlin1/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin1/library-tests/reflection/reflection.expected
M java/ql/test-kotlin2/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin2/library-tests/reflection/reflection.expected
Log Message:
-----------
Merge pull request #20247 from github/idrissrio/java-upgrade-fix
Java: accept new test results after extractor update
Commit: de6d9f4d50cdf68fee0ed6f3fe0cb678ca491cec
https://github.com/krishnprakash/codeql/commit/de6d9f4d50cdf68fee0ed6f3fe0cb678ca491cec
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
A java/ql/test/library-tests/flexible-constructors/CONSISTENCY/diags.expected
A java/ql/test/library-tests/flexible-constructors/FlexibleConstructors.java
A java/ql/test/library-tests/flexible-constructors/PrintAst.expected
A java/ql/test/library-tests/flexible-constructors/PrintAst.qlref
A java/ql/test/library-tests/flexible-constructors/options
Log Message:
-----------
Java: Add test for flexible constructor support
Commit: 6b022edf06e8ed5201899660222f356277bd2290
https://github.com/krishnprakash/codeql/commit/6b022edf06e8ed5201899660222f356277bd2290
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/test/library-tests/flexible-constructors/FlexibleConstructors.java
M java/ql/test/library-tests/flexible-constructors/PrintAst.expected
Log Message:
-----------
Java: Address review comment. Add prologue field initialization tests
Commit: fffb4c03b0d08c7fb24aee2cd1437f48940ed304
https://github.com/krishnprakash/codeql/commit/fffb4c03b0d08c7fb24aee2cd1437f48940ed304
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
A java/ql/test/library-tests/flexible-constructors/SuperPredecessor.expected
A java/ql/test/library-tests/flexible-constructors/SuperPredecessor.ql
Log Message:
-----------
Java: add flexible constructor test including CFG predecessor query
Commit: 6c773a74737b24a42dd33edcbb89afd8cf0b5690
https://github.com/krishnprakash/codeql/commit/6c773a74737b24a42dd33edcbb89afd8cf0b5690
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/test/library-tests/flexible-constructors/FlexibleConstructors.java
A java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.expected
A java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.ql
A java/ql/test/library-tests/flexible-constructors/PrettyPrint.expected
A java/ql/test/library-tests/flexible-constructors/PrettyPrint.ql
M java/ql/test/library-tests/flexible-constructors/PrintAst.expected
M java/ql/test/library-tests/flexible-constructors/SuperPredecessor.expected
M java/ql/test/library-tests/flexible-constructors/options
Log Message:
-----------
Java: Add test to verify that the AST does not capture instance initializers
Commit: 160543833347007f1dc9edce70368bd0313337b5
https://github.com/krishnprakash/codeql/commit/160543833347007f1dc9edce70368bd0313337b5
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.expected
M java/ql/test/library-tests/flexible-constructors/PrettyPrint.expected
M java/ql/test/library-tests/flexible-constructors/PrintAst.expected
Log Message:
-----------
Java: Accept new test result after extractor changes
Commit: 2100dc1288596e26da20998161336b252c4262aa
https://github.com/krishnprakash/codeql/commit/2100dc1288596e26da20998161336b252c4262aa
Author: Idriss Riouak <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
A java/ql/test/library-tests/flexible-constructors/CONSISTENCY/diags.expected
A java/ql/test/library-tests/flexible-constructors/FlexibleConstructors.java
A java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.expected
A java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.ql
A java/ql/test/library-tests/flexible-constructors/PrettyPrint.expected
A java/ql/test/library-tests/flexible-constructors/PrettyPrint.ql
A java/ql/test/library-tests/flexible-constructors/PrintAst.expected
A java/ql/test/library-tests/flexible-constructors/PrintAst.qlref
A java/ql/test/library-tests/flexible-constructors/SuperPredecessor.expected
A java/ql/test/library-tests/flexible-constructors/SuperPredecessor.ql
A java/ql/test/library-tests/flexible-constructors/options
Log Message:
-----------
Merge pull request #20136 from github/idrissrio/flexible-constructors
Java: Add test for flexible constructor support
Commit: f51ee4c04f5749e9084e5bd8ccf41b1814ab1b48
https://github.com/krishnprakash/codeql/commit/f51ee4c04f5749e9084e5bd8ccf41b1814ab1b48
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/lib/config/semmlecode.dbscheme
Log Message:
-----------
Java: Add `isImplicitClass` table to keep track of compact source files
Commit: 81b1e73e18314f68016733cd28a34b12c3b2d554
https://github.com/krishnprakash/codeql/commit/81b1e73e18314f68016733cd28a34b12c3b2d554
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/CompilationUnit.qll
M java/ql/lib/semmle/code/java/Type.qll
Log Message:
-----------
Java: Add `isImplict` predicate to CompilationUnit and Class
Commit: 9363bc318a8f896f16ee311bc986bd875b7c5d3f
https://github.com/krishnprakash/codeql/commit/9363bc318a8f896f16ee311bc986bd875b7c5d3f
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.expected
A java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.ql
A java/ql/test/library-tests/compact-source-files/CompactSourceDetection.expected
A java/ql/test/library-tests/compact-source-files/CompactSourceDetection.ql
A java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.expected
A java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.ql
A java/ql/test/library-tests/compact-source-files/PrintAst.expected
A java/ql/test/library-tests/compact-source-files/PrintAst.qlref
A java/ql/test/library-tests/compact-source-files/Test.java
A java/ql/test/library-tests/compact-source-files/options
Log Message:
-----------
Java: Add compact source file tests
Commit: 3a9a559d259222535c0d3fdbf8c5c33dddc2ed41
https://github.com/krishnprakash/codeql/commit/3a9a559d259222535c0d3fdbf8c5c33dddc2ed41
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/old.dbscheme
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/semmlecode.dbscheme
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/upgrade.properties
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/old.dbscheme
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/semmlecode.dbscheme
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/upgrade.properties
Log Message:
-----------
Java: Add upgrade and downgrade script
Commit: c26a56a3323a0a00a9d54f270136f4fbdeb68482
https://github.com/krishnprakash/codeql/commit/c26a56a3323a0a00a9d54f270136f4fbdeb68482
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/ql/lib/change-notes/2025-07-23-compact-source-files.md
Log Message:
-----------
Java: Add change note
Commit: a6b68ec7de9f59c80101589f1b15f0d7fee6815a
https://github.com/krishnprakash/codeql/commit/a6b68ec7de9f59c80101589f1b15f0d7fee6815a
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/lib/config/semmlecode.dbscheme.stats
Log Message:
-----------
Java: Update stats file
Commit: b2ef60c165e2d22363e85c2ca238063757b285ca
https://github.com/krishnprakash/codeql/commit/b2ef60c165e2d22363e85c2ca238063757b285ca
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/ql/test/library-tests/compact-source-files/MethodInCompactSource.expected
A java/ql/test/library-tests/compact-source-files/MethodInCompactSource.ql
M java/ql/test/library-tests/compact-source-files/PrintAst.expected
M java/ql/test/library-tests/compact-source-files/Test.java
Log Message:
-----------
Java: add tests for compact source files
Commit: fc1b9277b3b24fc4cfc38988caf4aa9fbc4bd284
https://github.com/krishnprakash/codeql/commit/fc1b9277b3b24fc4cfc38988caf4aa9fbc4bd284
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Type.qll
Log Message:
-----------
Java: extend definition of `isCompilerGenerated` for classes
Commit: f1186432c1f4ea543fe745723a2648b06f16d8fd
https://github.com/krishnprakash/codeql/commit/f1186432c1f4ea543fe745723a2648b06f16d8fd
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
R java/ql/test/library-tests/flexible-constructors/CONSISTENCY/diags.expected
Log Message:
-----------
Java: Accept new test result after extractor changes
Commit: e719dd912ddc14a2d5255828dbd2db9a6af0014e
https://github.com/krishnprakash/codeql/commit/e719dd912ddc14a2d5255828dbd2db9a6af0014e
Author: Idriss Riouak <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/old.dbscheme
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/semmlecode.dbscheme
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/upgrade.properties
A java/ql/lib/change-notes/2025-07-23-compact-source-files.md
M java/ql/lib/config/semmlecode.dbscheme
M java/ql/lib/config/semmlecode.dbscheme.stats
M java/ql/lib/semmle/code/java/CompilationUnit.qll
M java/ql/lib/semmle/code/java/Type.qll
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/old.dbscheme
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/semmlecode.dbscheme
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/upgrade.properties
A java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.expected
A java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.ql
A java/ql/test/library-tests/compact-source-files/CompactSourceDetection.expected
A java/ql/test/library-tests/compact-source-files/CompactSourceDetection.ql
A java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.expected
A java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.ql
A java/ql/test/library-tests/compact-source-files/MethodInCompactSource.expected
A java/ql/test/library-tests/compact-source-files/MethodInCompactSource.ql
A java/ql/test/library-tests/compact-source-files/PrintAst.expected
A java/ql/test/library-tests/compact-source-files/PrintAst.qlref
A java/ql/test/library-tests/compact-source-files/Test.java
A java/ql/test/library-tests/compact-source-files/options
R java/ql/test/library-tests/flexible-constructors/CONSISTENCY/diags.expected
Log Message:
-----------
Merge pull request #20116 from github/idrissrio/compact-soruce-file
Java: Add support to Compact Source Files
Commit: 5d3ec35e292271050b4081d1ee75f53b664ff4b1
https://github.com/krishnprakash/codeql/commit/5d3ec35e292271050b4081d1ee75f53b664ff4b1
Author: Arthur Baars <aib...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M .github/workflows/query-list.yml
M actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md
M actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md
M actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md
M docs/codeql/ql-language-reference/expressions.rst
M go/old-change-notes/2020-10-01-gomod-extraction.md
M go/ql/lib/semmle/go/Architectures.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll
M go/ql/lib/semmle/go/frameworks/Beego.qll
M go/ql/src/InconsistentCode/MissingErrorCheck.qhelp
M go/ql/src/InconsistentCode/MissingErrorCheck.ql
M go/ql/src/Security/CWE-327/InsecureTLS.ql
M go/ql/test/library-tests/semmle/go/frameworks/Beego/test.go
M go/ql/test/library-tests/semmle/go/frameworks/Revel/EndToEnd.go
M javascript/documentation/library-customization.rst
M javascript/ql/src/experimental/Security/CWE-918/SSRF.js
M javascript/ql/src/experimental/Security/CWE-918/SSRFGood.js
M javascript/ql/test/library-tests/TypeScript/RegressionTests/EmptyName/test.ts
M javascript/ql/test/library-tests/TypeScript/RegressionTests/SemicolonInName/test.ts
M misc/scripts/shared-code-metrics.py
M python/extractor/tsg-python/python.tsg
M python/ql/test/library-tests/dataflow/global-flow/known.py
M python/ql/test/library-tests/dataflow/typetracking/attribute_tests.py
M ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
M ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
M ruby/ql/test/query-tests/security/cwe-915/test.rb
Log Message:
-----------
Remove non-breaking spaces from code
Commit: 82476b9efd92f31ace5ff2963df6583ab2075a74
https://github.com/krishnprakash/codeql/commit/82476b9efd92f31ace5ff2963df6583ab2075a74
Author: Arthur Baars <aib...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M .github/workflows/query-list.yml
M actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md
M actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md
M actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md
M docs/codeql/ql-language-reference/expressions.rst
M go/old-change-notes/2020-10-01-gomod-extraction.md
M go/ql/lib/semmle/go/Architectures.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll
M go/ql/lib/semmle/go/frameworks/Beego.qll
M go/ql/src/InconsistentCode/MissingErrorCheck.qhelp
M go/ql/src/InconsistentCode/MissingErrorCheck.ql
M go/ql/src/Security/CWE-327/InsecureTLS.ql
M go/ql/test/library-tests/semmle/go/frameworks/Beego/test.go
M go/ql/test/library-tests/semmle/go/frameworks/Revel/EndToEnd.go
M javascript/documentation/library-customization.rst
M javascript/ql/src/experimental/Security/CWE-918/SSRF.js
M javascript/ql/src/experimental/Security/CWE-918/SSRFGood.js
M javascript/ql/test/library-tests/TypeScript/RegressionTests/EmptyName/test.ts
M javascript/ql/test/library-tests/TypeScript/RegressionTests/SemicolonInName/test.ts
M misc/scripts/shared-code-metrics.py
M python/extractor/tsg-python/python.tsg
M python/ql/test/library-tests/dataflow/global-flow/known.py
M python/ql/test/library-tests/dataflow/typetracking/attribute_tests.py
M ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
M ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
M ruby/ql/test/query-tests/security/cwe-915/test.rb
Log Message:
-----------
Merge pull request #20373 from github/aibaars/drop-nbsp
Remove non-breaking spaces from code
Commit: 8c13faf3d8dc845a4cce19bdc3efcecff33a2b58
https://github.com/krishnprakash/codeql/commit/8c13faf3d8dc845a4cce19bdc3efcecff33a2b58
Author: Michael B. Gale <m...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M go/extractor/cli/go-autobuilder/go-autobuilder.go
M go/extractor/cli/go-extractor/BUILD.bazel
M go/extractor/cli/go-extractor/go-extractor.go
M go/extractor/util/BUILD.bazel
A go/extractor/util/logging.go
A go/extractor/util/logging_test.go
Log Message:
-----------
Go: Set log level based on `CODEQL_VERBOSITY`
Commit: e18b049d108648cd050b960c98154b7257213791
https://github.com/krishnprakash/codeql/commit/e18b049d108648cd050b960c98154b7257213791
Author: Michael B. Gale <m...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M go/extractor/cli/go-autobuilder/go-autobuilder.go
M go/extractor/cli/go-extractor/BUILD.bazel
M go/extractor/cli/go-extractor/go-extractor.go
M go/extractor/util/BUILD.bazel
A go/extractor/util/logging.go
A go/extractor/util/logging_test.go
Log Message:
-----------
Merge pull request #20376 from github/mbg/go/use-codeql-verbosity
Commit: fe7426740bb9c883efbbe2dadf8d19804b9c7b94
https://github.com/krishnprakash/codeql/commit/fe7426740bb9c883efbbe2dadf8d19804b9c7b94
Author: Alex Eyers-Taylor <ale...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/integration-tests/java/buildless-erroneous/ExtractorInformation.expected
Log Message:
-----------
Javba: Update tests results with disabled annotation processing.
Commit: 61485908b90a9d5c8dc0f7977a72d940ca8abd40
https://github.com/krishnprakash/codeql/commit/61485908b90a9d5c8dc0f7977a72d940ca8abd40
Author: Alexander Eyers-Taylor <ale...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/integration-tests/java/buildless-erroneous/ExtractorInformation.expected
Log Message:
-----------
Merge pull request #20355 from github/alexet/update-java-tests-no-annotation=-proc
Java: Update tests results with disabled annotation processing when lombok is not used.
Commit: c5ee0f3c22183f6785f50f9c1c4ca5b1a47d717a
https://github.com/krishnprakash/codeql/commit/c5ee0f3c22183f6785f50f9c1c4ca5b1a47d717a
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Import.qll
Log Message:
-----------
Java: Add `ModuleImportDeclaration` QL class
Commit: 039b5af2e0f11b234e656cf0d2a0699dc2f06823
https://github.com/krishnprakash/codeql/commit/039b5af2e0f11b234e656cf0d2a0699dc2f06823
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
A java/ql/test/library-tests/module-import-declarations/ImportedPackage.expected
A java/ql/test/library-tests/module-import-declarations/ImportedPackage.ql
A java/ql/test/library-tests/module-import-declarations/ImportedType.expected
A java/ql/test/library-tests/module-import-declarations/ImportedType.ql
A java/ql/test/library-tests/module-import-declarations/Test.java
A java/ql/test/library-tests/module-import-declarations/options
Log Message:
-----------
Java: Add module import declaration test
Commit: 7d479704e8ec3b52c258b6140a708cdd709049eb
https://github.com/krishnprakash/codeql/commit/7d479704e8ec3b52c258b6140a708cdd709049eb
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
A java/ql/lib/change-notes/2025-07-21-module-import-declarations.md
Log Message:
-----------
Java: Add change note
Commit: 1caf18ede10511f57b291eea66a4a4496eff1352
https://github.com/krishnprakash/codeql/commit/1caf18ede10511f57b291eea66a4a4496eff1352
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Import.qll
Log Message:
-----------
Java: Address review comment. Improve module-import documentation
Commit: ed9ed439237bedb22ddd317297dab512791d9394
https://github.com/krishnprakash/codeql/commit/ed9ed439237bedb22ddd317297dab512791d9394
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Import.qll
Log Message:
-----------
Java: Address review comment. Improve `getAnImportedType` definition
Commit: c5cb86ac24321aee475817062ec4d4c7018198bc
https://github.com/krishnprakash/codeql/commit/c5cb86ac24321aee475817062ec4d4c7018198bc
Author: Idriss Riouak <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
A java/ql/lib/change-notes/2025-07-21-module-import-declarations.md
M java/ql/lib/semmle/code/java/Import.qll
A java/ql/test/library-tests/module-import-declarations/ImportedPackage.expected
A java/ql/test/library-tests/module-import-declarations/ImportedPackage.ql
A java/ql/test/library-tests/module-import-declarations/ImportedType.expected
A java/ql/test/library-tests/module-import-declarations/ImportedType.ql
A java/ql/test/library-tests/module-import-declarations/Test.java
A java/ql/test/library-tests/module-import-declarations/options
Log Message:
-----------
Merge pull request #20097 from github/idrissrio/module-import-declarations
Java: Add support to `ModuleImportDeclaration`
Compare: https://github.com/krishnprakash/codeql/compare/38ebb940ee75...c5cb86ac2432
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Home: https://github.com/krishnprakash/codeql
Commit: 10c10c7d30cdd8bff78677840d5accf6cfe12a47
https://github.com/krishnprakash/codeql/commit/10c10c7d30cdd8bff78677840d5accf6cfe12a47
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.qlref
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tst.js
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tstNonExpr.js
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.expected
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.qlref
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/tst.js
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/tstNonExpr.js
Log Message:
-----------
JS: fixed typo in folder name
Commit: c39c04cb86c074ae2684c5997bf13d4728cd1d3c
https://github.com/krishnprakash/codeql/commit/c39c04cb86c074ae2684c5997bf13d4728cd1d3c
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tst.js
Log Message:
-----------
JS: added new test case for remote prop injection via `Object.keys`
Commit: 32606584ea6bd70063371eef0a47c7a645c3e6ae
https://github.com/krishnprakash/codeql/commit/32606584ea6bd70063371eef0a47c7a645c3e6ae
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/security/dataflow/RemotePropertyInjectionQuery.qll
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tst.js
Log Message:
-----------
JS: add enumeration taint flow to Remote Property Injection query
Commit: e0916c8750b4f0d72092a390eb85335c2d9e621b
https://github.com/krishnprakash/codeql/commit/e0916c8750b4f0d72092a390eb85335c2d9e621b
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
A javascript/ql/src/change-notes/2025-08-27-remote-property-injection-update.md
Log Message:
-----------
JS: add change note
Commit: 1851deb929ee0695fb8d5b48f2ecad92989e490a
https://github.com/krishnprakash/codeql/commit/1851deb929ee0695fb8d5b48f2ecad92989e490a
Author: Napalys Klicius <nap...@github.com>
Date: 2025-07-15 (Tue, 15 Jul 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-776/libxml.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.noent.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.sax.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.saxpush.js
Log Message:
-----------
Removed `libxmljs` from being marked as `sink` for `xml-bomb`.
Commit: 887d80f49f22392bdc62b79b7d173d733a51d488
https://github.com/krishnprakash/codeql/commit/887d80f49f22392bdc62b79b7d173d733a51d488
Author: Napalys Klicius <nap...@github.com>
Date: 2025-07-15 (Tue, 15 Jul 2025)
Changed paths:
A javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
Log Message:
-----------
Added change note
Commit: 638f6498f0058900ff046ef2af8a087a0af027c3
https://github.com/krishnprakash/codeql/commit/638f6498f0058900ff046ef2af8a087a0af027c3
Author: Napalys Klicius <nap...@github.com>
Date: 2025-07-15 (Tue, 15 Jul 2025)
Changed paths:
M python/ql/lib/semmle/python/frameworks/Lxml.qll
M python/ql/test/library-tests/frameworks/lxml/parsing.py
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
Log Message:
-----------
Removed `lxml.etree.XMLParser` from xml bomb sinks
Commit: ea93b392f790f125f648738c46b3f6fb771b1d45
https://github.com/krishnprakash/codeql/commit/ea93b392f790f125f648738c46b3f6fb771b1d45
Author: Napalys Klicius <nap...@github.com>
Date: 2025-07-15 (Tue, 15 Jul 2025)
Changed paths:
A python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
Log Message:
-----------
Added change note for python
Commit: bafe22c50c9eaa5b6f31ddb6946e2ead66651627
https://github.com/krishnprakash/codeql/commit/bafe22c50c9eaa5b6f31ddb6946e2ead66651627
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
M javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-776/libxml.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.noent.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.sax.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.saxpush.js
A python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
M python/ql/lib/semmle/python/frameworks/Lxml.qll
M python/ql/test/library-tests/frameworks/lxml/parsing.py
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
Log Message:
-----------
Merge pull request #20048 from Napalys/js/xml_bomb_sinks
JS: Exclude patched libraries from `xml-bomb` sink
Commit: 0c14d93bc678319a70da5e1a0c2cc26815a6d30b
https://github.com/krishnprakash/codeql/commit/0c14d93bc678319a70da5e1a0c2cc26815a6d30b
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/AnnotatedClass.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/VisibleForTesting.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
Log Message:
-----------
Java: Added new query `java/visible-for-testing-abuse`
Commit: 652e9cba3d8a1fcb3a54a69b63826e2a2715f134
https://github.com/krishnprakash/codeql/commit/652e9cba3d8a1fcb3a54a69b63826e2a2715f134
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
M java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
Log Message:
-----------
Java: Added inline test expectations for `java/visible-for-testing-abuse`
Commit: ff6ddd2893432f2b260455324af7f644a049864b
https://github.com/krishnprakash/codeql/commit/ff6ddd2893432f2b260455324af7f644a049864b
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: Promoted `java/visible-for-testing-abuse` to quality
Commit: 2a16f4829ec658c8181bd35b960aa30a19720023
https://github.com/krishnprakash/codeql/commit/2a16f4829ec658c8181bd35b960aa30a19720023
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
Log Message:
-----------
Java: Expanded test suite of `java/visible-for-testing-abuse`
Commit: fbf18af076129df000de83343475ed2372c7499c
https://github.com/krishnprakash/codeql/commit/fbf18af076129df000de83343475ed2372c7499c
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
Log Message:
-----------
Java: enchanced check if it is within same package
Commit: 9dfb4d4301ae8b53a1fc29a360605e1a133e15cc
https://github.com/krishnprakash/codeql/commit/9dfb4d4301ae8b53a1fc29a360605e1a133e15cc
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
Log Message:
-----------
Java: Enchanced `isWithinType` to also include lambdas, inner classes etc.
Commit: 7e2a1944f6e06b20b18c9d8add6938afa1eb70c9
https://github.com/krishnprakash/codeql/commit/7e2a1944f6e06b20b18c9d8add6938afa1eb70c9
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: Fix Predicate QLDoc style.
Commit: 1e2e6eccd780d48557cc40a8c6f2f878a45005b0
https://github.com/krishnprakash/codeql/commit/1e2e6eccd780d48557cc40a8c6f2f878a45005b0
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
Log Message:
-----------
Java: Test @VisibleForTesting method accessing @VisibleForTesting members
Commit: e4042402bcf37a8796e5e715f0cf5d404f0d431b
https://github.com/krishnprakash/codeql/commit/e4042402bcf37a8796e5e715f0cf5d404f0d431b
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
Log Message:
-----------
Java: Resolve spurious VisibleForTestingAbuse alerts for inner class access patterns
Commit: 225723bfeb13d1ab75575631e385ae20d379a721
https://github.com/krishnprakash/codeql/commit/225723bfeb13d1ab75575631e385ae20d379a721
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
Log Message:
-----------
Java: Exclude @VisibleForTesting-to-@VisibleForTesting access from VisibleForTestingAbuse alerts
Commit: eb46e54c43d553c148571c0435ce9e5ad17e04f2
https://github.com/krishnprakash/codeql/commit/eb46e54c43d553c148571c0435ce9e5ad17e04f2
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: Refactor VisibleForTestingAbuse query to reduce complexity
Commit: ea831a8352250d3422ce8cc2c090239b9b0677b7
https://github.com/krishnprakash/codeql/commit/ea831a8352250d3422ce8cc2c090239b9b0677b7
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/UseWithinAnnotation.java
Log Message:
-----------
Java: Fix VisibleForTestingAbuse false positives in annotations
Commit: d20fd5beba8b2bfcc3f949dcb620a3786da25e75
https://github.com/krishnprakash/codeql/commit/d20fd5beba8b2bfcc3f949dcb620a3786da25e75
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: updated `visible-for-testing-abuse` meta data and docs.
Commit: 0b172080aa59254717acf1187c0d7e6fe239c2ae
https://github.com/krishnprakash/codeql/commit/0b172080aa59254717acf1187c0d7e6fe239c2ae
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Co-authored-by: Copilot <17572847...@users.noreply.github.com>
Commit: 66f2911497e34590d98d348f03753faa44d5705a
https://github.com/krishnprakash/codeql/commit/66f2911497e34590d98d348f03753faa44d5705a
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Co-authored-by: Michael Nebel <michae...@github.com>
Commit: 38b3df07ee86c005b8ebf1fccbe7a165277212a0
https://github.com/krishnprakash/codeql/commit/38b3df07ee86c005b8ebf1fccbe7a165277212a0
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: Address comments
Commit: 4705ad2e321d88e0426af210d616bc80b4a7bdbb
https://github.com/krishnprakash/codeql/commit/4705ad2e321d88e0426af210d616bc80b4a7bdbb
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-22 (Fri, 22 Aug 2025)
Changed paths:
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
Log Message:
-----------
Java: Added extra test cases for fields
Commit: 4149968f33f8d95fb1f82f2b06df8e360d8b145d
https://github.com/krishnprakash/codeql/commit/4149968f33f8d95fb1f82f2b06df8e360d8b145d
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-24 (Sun, 24 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
Log Message:
-----------
Java: Remove the hardcoded path filter that excluded CodeQL's own unit tests from the `java/visible-for-testing-abuse` query.
Commit: 38f517ecfaaa3eb1d6b18d0969900aeaddfca420
https://github.com/krishnprakash/codeql/commit/38f517ecfaaa3eb1d6b18d0969900aeaddfca420
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-24 (Sun, 24 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
M java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
Log Message:
-----------
Java: Add lambda-aware test detection to VisibleForTesting query
Commit: d3be456c5cfa206642706443a0c8ab9d822aadcb
https://github.com/krishnprakash/codeql/commit/d3be456c5cfa206642706443a0c8ab9d822aadcb
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Co-authored-by: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Commit: c836104717a0a10cab8e350693db9d9d38f200bc
https://github.com/krishnprakash/codeql/commit/c836104717a0a10cab8e350693db9d9d38f200bc
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
Log Message:
-----------
Update java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
Co-authored-by: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Commit: 6132900e12d1d41dbcf885224a0cb20b6c30e7df
https://github.com/krishnprakash/codeql/commit/6132900e12d1d41dbcf885224a0cb20b6c30e7df
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
Log Message:
-----------
Java: add full stops for ql docs
Commit: b4d6cb6e5fae5d716372c4dbd7305820388e5eb2
https://github.com/krishnprakash/codeql/commit/b4d6cb6e5fae5d716372c4dbd7305820388e5eb2
Author: Napalys Klicius <nap...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/AnnotatedClass.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/VisibleForTesting.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/UseWithinAnnotation.java
Log Message:
-----------
Merge pull request #20178 from Napalys/java/visible-for-testing-abuse
Java: Added new query `java/visible-for-testing-abuse`
Commit: a145e52fafd78fd20b82a399e76d0b70aee3a2e8
https://github.com/krishnprakash/codeql/commit/a145e52fafd78fd20b82a399e76d0b70aee3a2e8
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/UninitializedLocal.expected
A cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/ms_vacopy.c
Log Message:
-----------
C++: Add uninitialized local test
Commit: 6b580ac12d8f310fafb8015a2463b53cea9b52bb
https://github.com/krishnprakash/codeql/commit/6b580ac12d8f310fafb8015a2463b53cea9b52bb
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/UninitializedLocal.expected
Log Message:
-----------
C++: Update expected test results
Commit: 7c5b04a0da3e898afa7a0846554a3c45061cc917
https://github.com/krishnprakash/codeql/commit/7c5b04a0da3e898afa7a0846554a3c45061cc917
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/ms_vacopy.c
Log Message:
-----------
Merge pull request #20315 from jketema/uninit-test
C++: Add uninitialized local test
Commit: d5e029899919db069537f29c81d8fedbfa99dee9
https://github.com/krishnprakash/codeql/commit/d5e029899919db069537f29c81d8fedbfa99dee9
Author: Taus <tau...@github.com>
Date: 2025-08-25 (Mon, 25 Aug 2025)
Changed paths:
A python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
M python/ql/lib/semmle/python/frameworks/Psycopg2.qll
Log Message:
-----------
Python: Add support for Psycopg2 database connection pools
Our current modelling only treated `psycopg2` insofar as it implemented
PEP 249 (which does not define any notion of connection pool), which
meant we were missing database connections that arose from such pools.
With these changes, we add support for the three classes relating to
database pools that are defined in `psycopg2`. (Note that
`getAnInstance` automatically looks at subclasses, which means this
should also handle cases where the user has defined a new subclass that
inherits from one of these three classes.)
Commit: 1008ca974430eb5ccb72a323c101377ce207e58a
https://github.com/krishnprakash/codeql/commit/1008ca974430eb5ccb72a323c101377ce207e58a
Author: Taus <tau...@github.com>
Date: 2025-08-25 (Mon, 25 Aug 2025)
Changed paths:
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.expected
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.ql
A python/ql/test/library-tests/frameworks/psycopg2/connectionpool.py
Log Message:
-----------
Python: Add `psycopg2.pool` tests
Commit: f89fae39c5f6e01d14d0490058dba1610f1cdece
https://github.com/krishnprakash/codeql/commit/f89fae39c5f6e01d14d0490058dba1610f1cdece
Author: Taus <tau...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
M python/ql/lib/semmle/python/frameworks/Psycopg2.qll
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.expected
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.ql
A python/ql/test/library-tests/frameworks/psycopg2/connectionpool.py
Log Message:
-----------
Merge pull request #20276 from github/tausbn/python-model-psycopg2-connection-pools
Python: Add support for Psycopg2 database connection pools
Commit: 5c90b908cdace044b84e7dd45099c67ec028a057
https://github.com/krishnprakash/codeql/commit/5c90b908cdace044b84e7dd45099c67ec028a057
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql
Log Message:
-----------
Rust: Lower the thresholds in rust/diagnostic/database-quality to more pragmatic numbers.
Commit: 9e0a31cafcb7aefd843eb5ce0126d15d969cecc0
https://github.com/krishnprakash/codeql/commit/9e0a31cafcb7aefd843eb5ce0126d15d969cecc0
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
A rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
Log Message:
-----------
Rust: Change note.
Commit: 45d6fc04cef5cde34dd47cbebbad04d3aa266651
https://github.com/krishnprakash/codeql/commit/45d6fc04cef5cde34dd47cbebbad04d3aa266651
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
M rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql
Log Message:
-----------
Merge pull request #20312 from geoffw0/dbquality
Rust: Tune rust/diagnostic/database-quality
Commit: f135ed957d3d0d23cde0749656d7e6f12223ec53
https://github.com/krishnprakash/codeql/commit/f135ed957d3d0d23cde0749656d7e6f12223ec53
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
Log Message:
-----------
C++: Add testcases with missing model.
Commit: 3e78572a3a0b91128702f613b16ac4ca27309bdf
https://github.com/krishnprakash/codeql/commit/3e78572a3a0b91128702f613b16ac4ca27309bdf
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/lib/ext/ComPtr.model.yml
Log Message:
-----------
C++: Drive-by fix: Add missing '@'.
Commit: e59de9a3d65f9bcd8a7b254d25d0ca9094720e33
https://github.com/krishnprakash/codeql/commit/e59de9a3d65f9bcd8a7b254d25d0ca9094720e33
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/lib/ext/ComPtr.model.yml
A cpp/ql/lib/ext/ComPtrRef.model.yml
Log Message:
-----------
C++: Add models for the remaining member functions (and conversions) in ComPtr.
Commit: ddf0f37dac4b4722cc7e346b7fecadebf85a58af
https://github.com/krishnprakash/codeql/commit/ddf0f37dac4b4722cc7e346b7fecadebf85a58af
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
Log Message:
-----------
C++: Accept test changes.
Commit: 759e339444913807a40600ade0095498163ab72f
https://github.com/krishnprakash/codeql/commit/759e339444913807a40600ade0095498163ab72f
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-08-28-comptr.md
Log Message:
-----------
C++: Add change note.
Commit: b9cd7a80f93be5030c72273e67db66a2e8a40be1
https://github.com/krishnprakash/codeql/commit/b9cd7a80f93be5030c72273e67db66a2e8a40be1
Author: Mathias Vorreiter Pedersen <math...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M cpp/ql/lib/ext/ComPtr.model.yml
Log Message:
-----------
C++: Fix conflation in models.
Commit: b8917c8c197a91e76d900f3a0f617763f8540994
https://github.com/krishnprakash/codeql/commit/b8917c8c197a91e76d900f3a0f617763f8540994
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/old.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/semmlecode.cpp.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/upgrade.properties
A cpp/ql/lib/change-notes/2025-08-27-pch.md
M cpp/ql/lib/cpp.qll
A cpp/ql/lib/semmle/code/cpp/PchFile.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmlecode.cpp.dbscheme
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/old.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/upgrade.properties
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
A csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
M csharp/ql/lib/ext/System.IO.model.yml
M csharp/ql/lib/ext/System.model.yml
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/UnsafeDeserializationUntrustedInput.expected
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.md
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.ql
A java/ql/test/query-tests/ExcessivePublicMethodMocking/Employee.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeRecord.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeStatus.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.expected
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.qlref
A java/ql/test/query-tests/ExcessivePublicMethodMocking/TestORM.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/options
A java/ql/test/stubs/junit-4.13/LICENSE-junit.txt
A java/ql/test/stubs/junit-4.13/org/junit/Assert.java
A java/ql/test/stubs/junit-4.13/org/junit/Test.java
A java/ql/test/stubs/junit-4.13/org/junit/function/ThrowingRunnable.java
A java/ql/test/stubs/mockito-5.14/org/mockito/ArgumentMatchers.java
A java/ql/test/stubs/mockito-5.14/org/mockito/MockSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/Mockito.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/MockitoCore.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/creation/MockSettingsImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerFactory.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/progress/MockingProgress.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/util/MockUtil.java
A java/ql/test/stubs/mockito-5.14/org/mockito/invocation/MockHandler.java
A java/ql/test/stubs/mockito-5.14/org/mockito/mock/MockCreationSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/plugins/MockMaker.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Answer.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/OngoingStubbing.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Stubber.java
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected
M python/ql/integration-tests/query-suite/python-code-quality.qls.expected
M python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected
M python/ql/lib/semmle/python/Class.qll
A python/ql/src/Classes/Comparisons/EqualsOrHash.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrHash.ql
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.ql
A python/ql/src/Classes/Comparisons/IncompleteOrdering.qhelp
A python/ql/src/Classes/Comparisons/IncompleteOrdering.ql
A python/ql/src/Classes/Comparisons/examples/EqualsOrHash.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals1.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals2.py
A python/ql/src/Classes/Comparisons/examples/IncompleteOrdering.py
M python/ql/src/Classes/Equality.qll
R python/ql/src/Classes/EqualsOrHash.py
R python/ql/src/Classes/EqualsOrHash.qhelp
R python/ql/src/Classes/EqualsOrHash.ql
R python/ql/src/Classes/EqualsOrNotEquals.py
R python/ql/src/Classes/EqualsOrNotEquals.qhelp
R python/ql/src/Classes/EqualsOrNotEquals.ql
R python/ql/src/Classes/IncompleteOrdering.py
R python/ql/src/Classes/IncompleteOrdering.qhelp
R python/ql/src/Classes/IncompleteOrdering.ql
R python/ql/src/Classes/SubclassShadowing.py
R python/ql/src/Classes/SubclassShadowing.qhelp
R python/ql/src/Classes/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.qhelp
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingBad.py
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingGood.py
A python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/3/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.expected
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.qlref
R python/ql/test/3/query-tests/Classes/equals-ne/test.py
M python/ql/test/query-tests/Classes/equals-attr/DefineEqualsWhenAddingAttributes.expected
A python/ql/test/query-tests/Classes/equals-attr/attr_eq_test.py
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.expected
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.qlref
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.expected
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/query-tests/Classes/equals-hash/attr_eq_test.py
A python/ql/test/query-tests/Classes/equals-hash/equalsHash.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.expected
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.expected
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/incomplete_ordering.py
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.expected
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.qlref
M python/ql/test/query-tests/Classes/subclass-shadowing/subclass_shadowing.py
M python/ql/test/query-tests/analysis/jump_to_defn/Definitions.expected
M python/ql/test/query-tests/analysis/jump_to_defn/test.py
A rust/ql/lib/change-notes/2025-08-22-fs.md
M rust/ql/lib/codeql/rust/elements/RangeExprExt.qll
A rust/ql/lib/codeql/rust/frameworks/asyncstd/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/stdlib/Stdlib.qll
M rust/ql/lib/codeql/rust/frameworks/stdlib/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/tokio/fs.model.yml
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
M rust/ql/test/library-tests/dataflow/sources/test.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/query-tests/security/CWE-022/Cargo.lock
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-022/options.yml
M rust/ql/test/query-tests/security/CWE-022/src/main.rs
Log Message:
-----------
Merge branch 'main' into add-comptr-model-now-with-more-models
Commit: b361b0f3c307b95f2a723bfbfc7830aabf6f970d
https://github.com/krishnprakash/codeql/commit/b361b0f3c307b95f2a723bfbfc7830aabf6f970d
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-08-28-comptr.md
M cpp/ql/lib/ext/ComPtr.model.yml
A cpp/ql/lib/ext/ComPtrRef.model.yml
M cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
Log Message:
-----------
Merge pull request #20310 from MathiasVP/add-comptr-model-now-with-more-models
C++: Add `ComPtr` conversion operators
Commit: c2bb3797b0a5a1399e5d6871e20605fd5e4ea807
https://github.com/krishnprakash/codeql/commit/c2bb3797b0a5a1399e5d6871e20605fd5e4ea807
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.cs
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
Log Message:
-----------
C#: Add data flow test
Commit: aa3f4e1eca4aa4520a75d758b6217a4d9c4a3e9c
https://github.com/krishnprakash/codeql/commit/aa3f4e1eca4aa4520a75d758b6217a4d9c4a3e9c
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
Log Message:
-----------
C#: Fix context-sensitive dispatch when using `base` qualifier
Commit: 611eca41b90eed14b2a25f85eb0f23821b7e1378
https://github.com/krishnprakash/codeql/commit/611eca41b90eed14b2a25f85eb0f23821b7e1378
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
Log Message:
-----------
Add change note
Commit: aa604425a534ad6cc750b607944744224131f8c8
https://github.com/krishnprakash/codeql/commit/aa604425a534ad6cc750b607944744224131f8c8
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
M csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.cs
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
Log Message:
-----------
Merge pull request #20305 from hvitved/csharp/dataflow-base-non-exact-type
C#: Fix context-sensitive dispatch when using `base` qualifier
Commit: dcf63fc4342ebfd541b1092022a4badc838cd796
https://github.com/krishnprakash/codeql/commit/dcf63fc4342ebfd541b1092022a4badc838cd796
Author: Asger F <asg...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/AST.qll
M javascript/ql/lib/semmle/javascript/Files.qll
M javascript/ql/lib/semmle/javascript/JSON.qll
M javascript/ql/lib/semmle/javascript/Locations.qll
M javascript/ql/lib/semmle/javascript/RestrictedLocations.qll
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/Variables.qll
M javascript/ql/lib/semmle/javascript/XML.qll
M javascript/ql/lib/semmle/javascript/YAML.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableOrThis.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
R javascript/ql/lib/semmle/javascript/internal/Locations.qll
Log Message:
-----------
JS: Remove synthetic locations
Commit: 4a687a12220d75ea1a1c07f5acfc39c33d0f530d
https://github.com/krishnprakash/codeql/commit/4a687a12220d75ea1a1c07f5acfc39c33d0f530d
Author: Asger F <asg...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/Locations.qll
Log Message:
-----------
JS: Add deprecated alias
The old DbLocation class was public, hence the alias
Commit: d117c52d2fd8df48eb264c521f7e1a6ea129a7fb
https://github.com/krishnprakash/codeql/commit/d117c52d2fd8df48eb264c521f7e1a6ea129a7fb
Author: Asger F <asg...@github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
Log Message:
-----------
JS: Use the LHS as the location for SsaExplicitDefinition
Commit: cc8fe1080175c0bfa25463c3f82779ab8536f276
https://github.com/krishnprakash/codeql/commit/cc8fe1080175c0bfa25463c3f82779ab8536f276
Author: Asger F <asg...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M javascript/ql/test/experimental/FormParsers/RemoteFlowSource.expected
M javascript/ql/test/experimental/Security/CWE-094-dataURL/CodeInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueAndKeyInjection/EnvValueAndKeyInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueInjection/EnvValueInjection.expected
M javascript/ql/test/experimental/Security/CWE-347/localsource/decodeJwtWithoutVerificationLocalSource.expected
M javascript/ql/test/experimental/Security/CWE-347/remotesource/decodeJwtWithoutVerification.expected
M javascript/ql/test/experimental/Security/CWE-918/SSRF.expected
M javascript/ql/test/experimental/Security/CWE-942/CorsPermissiveConfiguration.expected
M javascript/ql/test/library-tests/CallGraphs/FullTest/tests.expected
M javascript/ql/test/library-tests/DataFlow/tests.expected
M javascript/ql/test/library-tests/DefUse/DefUsePair.expected
M javascript/ql/test/library-tests/GlobalAccessPaths/GlobalAccessPaths.expected
M javascript/ql/test/library-tests/SSA/GetRhsNode/GetRhsNode.expected
M javascript/ql/test/library-tests/SSA/SSADefinition/SSADefinition.expected
M javascript/ql/test/library-tests/StringConcatenation/StringOps.expected
M javascript/ql/test/library-tests/frameworks/Electron/tests.expected
M javascript/ql/test/library-tests/frameworks/ReactJS/tests.expected
M javascript/ql/test/library-tests/frameworks/koa/tests.expected
M javascript/ql/test/query-tests/Security/CWE-020/UntrustedDataToExternalAPI/UntrustedDataToExternalAPI.expected
M javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
M javascript/ql/test/query-tests/Security/CWE-022/ZipSlip/ZipSlip.expected
M javascript/ql/test/query-tests/Security/CWE-073/TemplateObjectInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/CommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/IndirectCommandInjection/IndirectCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/SecondOrderCommandInjection/SecondOrderCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXssWithResponseThreat/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ExceptionXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ReflectedXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/UnsafeHtmlConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/UnsafeJQueryPlugin.expected
M javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected
M javascript/ql/test/query-tests/Security/CWE-089/local-threat-source/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/typed/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/untyped/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/CodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/HeuristicSourceCodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/ImproperCodeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-094/UnsafeDynamicMethodAccess/UnsafeDynamicMethodAccess.expected
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-117/LogInjection.expected
M javascript/ql/test/query-tests/Security/CWE-200/FileAccessToHttp.expected
M javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected
M javascript/ql/test/query-tests/Security/CWE-327/BrokenCryptoAlgorithm.expected
M javascript/ql/test/query-tests/Security/CWE-338/InsecureRandomness.expected
M javascript/ql/test/query-tests/Security/CWE-346/CorsMisconfigurationForCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-377/InsecureTemporaryFile.expected
M javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-506/HardcodedDataInterpretedAsCode.expected
M javascript/ql/test/query-tests/Security/CWE-522-DecompressionBombs/DecompressionBombs.expected
M javascript/ql/test/query-tests/Security/CWE-601/ClientSideUrlRedirect/ClientSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-611/Xxe.expected
M javascript/ql/test/query-tests/Security/CWE-643/XpathInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-disabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-enabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCall.expected
M javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/ResourceExhaustion.expected
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-807/ConditionalBypass.expected
M javascript/ql/test/query-tests/Security/CWE-829/InsecureDownload.expected
M javascript/ql/test/query-tests/Security/CWE-843/TypeConfusionThroughParameterTampering.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/PrototypePollutingAssignment.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingFunction/PrototypePollutingFunction.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/PrototypePollutingMergeCall.expected
M javascript/ql/test/query-tests/Security/CWE-918/ClientSideRequestForgery.expected
M javascript/ql/test/query-tests/Security/CWE-918/RequestForgery.expected
M javascript/ql/test/tutorials/Analyzing data flow in JavaScript/Local data flow/query1.expected
Log Message:
-----------
JS: Update locations in expected files
Commit: 0d0eaa21a1e9f2146d60f42d14b3b7769d65839c
https://github.com/krishnprakash/codeql/commit/0d0eaa21a1e9f2146d60f42d14b3b7769d65839c
Author: Asger F <asg...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/AST.qll
M javascript/ql/lib/semmle/javascript/Files.qll
M javascript/ql/lib/semmle/javascript/JSON.qll
M javascript/ql/lib/semmle/javascript/Locations.qll
M javascript/ql/lib/semmle/javascript/RestrictedLocations.qll
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/Variables.qll
M javascript/ql/lib/semmle/javascript/XML.qll
M javascript/ql/lib/semmle/javascript/YAML.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableOrThis.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
R javascript/ql/lib/semmle/javascript/internal/Locations.qll
M javascript/ql/test/experimental/FormParsers/RemoteFlowSource.expected
M javascript/ql/test/experimental/Security/CWE-094-dataURL/CodeInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueAndKeyInjection/EnvValueAndKeyInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueInjection/EnvValueInjection.expected
M javascript/ql/test/experimental/Security/CWE-347/localsource/decodeJwtWithoutVerificationLocalSource.expected
M javascript/ql/test/experimental/Security/CWE-347/remotesource/decodeJwtWithoutVerification.expected
M javascript/ql/test/experimental/Security/CWE-918/SSRF.expected
M javascript/ql/test/experimental/Security/CWE-942/CorsPermissiveConfiguration.expected
M javascript/ql/test/library-tests/CallGraphs/FullTest/tests.expected
M javascript/ql/test/library-tests/DataFlow/tests.expected
M javascript/ql/test/library-tests/DefUse/DefUsePair.expected
M javascript/ql/test/library-tests/GlobalAccessPaths/GlobalAccessPaths.expected
M javascript/ql/test/library-tests/SSA/GetRhsNode/GetRhsNode.expected
M javascript/ql/test/library-tests/SSA/SSADefinition/SSADefinition.expected
M javascript/ql/test/library-tests/StringConcatenation/StringOps.expected
M javascript/ql/test/library-tests/frameworks/Electron/tests.expected
M javascript/ql/test/library-tests/frameworks/ReactJS/tests.expected
M javascript/ql/test/library-tests/frameworks/koa/tests.expected
M javascript/ql/test/query-tests/Security/CWE-020/UntrustedDataToExternalAPI/UntrustedDataToExternalAPI.expected
M javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
M javascript/ql/test/query-tests/Security/CWE-022/ZipSlip/ZipSlip.expected
M javascript/ql/test/query-tests/Security/CWE-073/TemplateObjectInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/CommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/IndirectCommandInjection/IndirectCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/SecondOrderCommandInjection/SecondOrderCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXssWithResponseThreat/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ExceptionXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ReflectedXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/UnsafeHtmlConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/UnsafeJQueryPlugin.expected
M javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected
M javascript/ql/test/query-tests/Security/CWE-089/local-threat-source/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/typed/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/untyped/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/CodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/HeuristicSourceCodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/ImproperCodeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-094/UnsafeDynamicMethodAccess/UnsafeDynamicMethodAccess.expected
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-117/LogInjection.expected
M javascript/ql/test/query-tests/Security/CWE-200/FileAccessToHttp.expected
M javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected
M javascript/ql/test/query-tests/Security/CWE-327/BrokenCryptoAlgorithm.expected
M javascript/ql/test/query-tests/Security/CWE-338/InsecureRandomness.expected
M javascript/ql/test/query-tests/Security/CWE-346/CorsMisconfigurationForCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-377/InsecureTemporaryFile.expected
M javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-506/HardcodedDataInterpretedAsCode.expected
M javascript/ql/test/query-tests/Security/CWE-522-DecompressionBombs/DecompressionBombs.expected
M javascript/ql/test/query-tests/Security/CWE-601/ClientSideUrlRedirect/ClientSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-611/Xxe.expected
M javascript/ql/test/query-tests/Security/CWE-643/XpathInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-disabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-enabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCall.expected
M javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/ResourceExhaustion.expected
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-807/ConditionalBypass.expected
M javascript/ql/test/query-tests/Security/CWE-829/InsecureDownload.expected
M javascript/ql/test/query-tests/Security/CWE-843/TypeConfusionThroughParameterTampering.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/PrototypePollutingAssignment.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingFunction/PrototypePollutingFunction.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/PrototypePollutingMergeCall.expected
M javascript/ql/test/query-tests/Security/CWE-918/ClientSideRequestForgery.expected
M javascript/ql/test/query-tests/Security/CWE-918/RequestForgery.expected
M javascript/ql/test/tutorials/Analyzing data flow in JavaScript/Local data flow/query1.expected
Log Message:
-----------
Merge pull request #20302 from asgerf/js/simpler-locations
JS: Remove synthetic locations
Commit: 51f96deb2e3dd04f05322e2effeea9e6fdc594b7
https://github.com/krishnprakash/codeql/commit/51f96deb2e3dd04f05322e2effeea9e6fdc594b7
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Add shared LocOption module for optional types with locations
Commit: fc5501b9c85c0c0b2cdaca5f5b16c53e7f774a5b
https://github.com/krishnprakash/codeql/commit/fc5501b9c85c0c0b2cdaca5f5b16c53e7f774a5b
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Add LocOption2 for types with `getLocation`.
Commit: 8e5efb5fba3fe30fe0faab8944e512ae0d1a5e55
https://github.com/krishnprakash/codeql/commit/8e5efb5fba3fe30fe0faab8944e512ae0d1a5e55
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A shared/util/change-notes/2025-08-25-loc-option.md
Log Message:
-----------
Add change note
Commit: 80ab35c3a0dfbc282009162684635fc81b08bd45
https://github.com/krishnprakash/codeql/commit/80ab35c3a0dfbc282009162684635fc81b08bd45
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/util/change-notes/2025-08-25-loc-option.md
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Apply review suggestions - rename things and clean up style.
Commit: 1b808fed3429ab4af80653e855a19b664c30edd3
https://github.com/krishnprakash/codeql/commit/1b808fed3429ab4af80653e855a19b664c30edd3
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Fix incorrect switch of None and Some cases
Commit: 42e8b32841ad1871c4c0ccb13db46c017fb8cf9c
https://github.com/krishnprakash/codeql/commit/42e8b32841ad1871c4c0ccb13db46c017fb8cf9c
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A shared/util/change-notes/2025-08-25-loc-option.md
M shared/util/codeql/util/Option.qll
Log Message:
-----------
Merge pull request #20280 from joefarebrother/shared-loc-option
Shared: Add Option types with location
Commit: 277f5efa9cc52f64a957d15b588c0962446dda1e
https://github.com/krishnprakash/codeql/commit/277f5efa9cc52f64a957d15b588c0962446dda1e
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
Log Message:
-----------
C++: Update dbscheme stats file
Commit: 93f4721418e53e8ea8492109bbd108b06db203a4
https://github.com/krishnprakash/codeql/commit/93f4721418e53e8ea8492109bbd108b06db203a4
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
Log Message:
-----------
Merge pull request #20316 from jketema/stats
C++: Update dbscheme stats file
Commit: 6e1d9752d20de03d0c65b14a69eebbf67132b97a
https://github.com/krishnprakash/codeql/commit/6e1d9752d20de03d0c65b14a69eebbf67132b97a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M .github/workflows/build-ripunzip.yml
M .github/workflows/buildifier.yml
M .github/workflows/check-implicit-this.yml
M .github/workflows/check-overlay-annotations.yml
M .github/workflows/check-qldoc.yml
M .github/workflows/check-query-ids.yml
M .github/workflows/codeql-analysis.yml
M .github/workflows/compile-queries.yml
M .github/workflows/cpp-swift-analysis.yml
M .github/workflows/csharp-qltest.yml
M .github/workflows/csv-coverage-metrics.yml
M .github/workflows/csv-coverage-pr-artifacts.yml
M .github/workflows/csv-coverage-pr-comment.yml
M .github/workflows/csv-coverage-timeseries.yml
M .github/workflows/csv-coverage-update.yml
M .github/workflows/csv-coverage.yml
M .github/workflows/fast-forward.yml
M .github/workflows/go-tests.yml
M .github/workflows/kotlin-build.yml
M .github/workflows/mad_modelDiff.yml
M .github/workflows/mad_regenerate-models.yml
M .github/workflows/python-tooling.yml
M .github/workflows/qhelp-pr-preview.yml
M .github/workflows/ql-for-ql-build.yml
M .github/workflows/ql-for-ql-dataset_measure.yml
M .github/workflows/ql-for-ql-tests.yml
M .github/workflows/query-list.yml
M .github/workflows/ruby-build.yml
M .github/workflows/ruby-dataset-measure.yml
M .github/workflows/ruby-qltest-rtjo.yml
M .github/workflows/ruby-qltest.yml
M .github/workflows/rust-analysis.yml
M .github/workflows/rust.yml
M .github/workflows/swift.yml
M .github/workflows/sync-files.yml
M .github/workflows/tree-sitter-extractor-test.yml
M .github/workflows/validate-change-notes.yml
M .github/workflows/zipmerge-test.yml
Log Message:
-----------
Bump actions/checkout from 4 to 5
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <sup...@github.com>
Commit: cbdc54adf7b14a6075e580364cbcccf9321b576f
https://github.com/krishnprakash/codeql/commit/cbdc54adf7b14a6075e580364cbcccf9321b576f
Author: Michael B. Gale <m...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M .github/workflows/build-ripunzip.yml
M .github/workflows/buildifier.yml
M .github/workflows/check-implicit-this.yml
M .github/workflows/check-overlay-annotations.yml
M .github/workflows/check-qldoc.yml
M .github/workflows/check-query-ids.yml
M .github/workflows/codeql-analysis.yml
M .github/workflows/compile-queries.yml
M .github/workflows/cpp-swift-analysis.yml
M .github/workflows/csharp-qltest.yml
M .github/workflows/csv-coverage-metrics.yml
M .github/workflows/csv-coverage-pr-artifacts.yml
M .github/workflows/csv-coverage-pr-comment.yml
M .github/workflows/csv-coverage-timeseries.yml
M .github/workflows/csv-coverage-update.yml
M .github/workflows/csv-coverage.yml
M .github/workflows/fast-forward.yml
M .github/workflows/go-tests.yml
M .github/workflows/kotlin-build.yml
M .github/workflows/mad_modelDiff.yml
M .github/workflows/mad_regenerate-models.yml
M .github/workflows/python-tooling.yml
M .github/workflows/qhelp-pr-preview.yml
M .github/workflows/ql-for-ql-build.yml
M .github/workflows/ql-for-ql-dataset_measure.yml
M .github/workflows/ql-for-ql-tests.yml
M .github/workflows/query-list.yml
M .github/workflows/ruby-build.yml
M .github/workflows/ruby-dataset-measure.yml
M .github/workflows/ruby-qltest-rtjo.yml
M .github/workflows/ruby-qltest.yml
M .github/workflows/rust-analysis.yml
M .github/workflows/rust.yml
M .github/workflows/swift.yml
M .github/workflows/sync-files.yml
M .github/workflows/tree-sitter-extractor-test.yml
M .github/workflows/validate-change-notes.yml
M .github/workflows/zipmerge-test.yml
Log Message:
-----------
Merge pull request #20313 from github/dependabot/github_actions/actions/checkout-5
Bump actions/checkout from 4 to 5
Commit: 119837bb1d37477e5a001e488d58f850a0ff1ee0
https://github.com/krishnprakash/codeql/commit/119837bb1d37477e5a001e488d58f850a0ff1ee0
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/controlflow/codeql/controlflow/BasicBlock.qll
Log Message:
-----------
BasicBlock: Add CFG signature.
Commit: bb3abc815f527aff46a41c8d2b2808c728ab26bc
https://github.com/krishnprakash/codeql/commit/bb3abc815f527aff46a41c8d2b2808c728ab26bc
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImplCommon.qll
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/ssa/codeql/ssa/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
SSA: Update input to use member predicates.
Commit: e53b22dfa7ce3663fe690ac4f16d159576ba7529
https://github.com/krishnprakash/codeql/commit/e53b22dfa7ce3663fe690ac4f16d159576ba7529
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/dataflow/qlpack.yml
M shared/ssa/codeql/ssa/Ssa.qll
M shared/ssa/qlpack.yml
Log Message:
-----------
SSA/VariableCapture: Use shared BasicBlock signature.
Commit: f459ddc40a1a25b6dfd5b226e3a1eb392906b39b
https://github.com/krishnprakash/codeql/commit/f459ddc40a1a25b6dfd5b226e3a1eb392906b39b
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/dataflow/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
Languages: Adapt to api changes.
Commit: a7b2a2fa9fa8419bd10305ef87eb44647cff7833
https://github.com/krishnprakash/codeql/commit/a7b2a2fa9fa8419bd10305ef87eb44647cff7833
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
Log Message:
-----------
C++: Sync files.
Commit: 3821f172dfeb84e1daab2e2b60a5966d5ac360e3
https://github.com/krishnprakash/codeql/commit/3821f172dfeb84e1daab2e2b60a5966d5ac360e3
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
M shared/controlflow/codeql/controlflow/Guards.qll
Log Message:
-----------
Guards/Java: Use BasicBlock signature in Guards library.
Commit: 6ffb9b129fc38db5705cd64a37a7bc1233fab07b
https://github.com/krishnprakash/codeql/commit/6ffb9b129fc38db5705cd64a37a7bc1233fab07b
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
Log Message:
-----------
C++: Extend final IRBlock
Commit: e2eb6dbbf26932d03aadb9f3b3229d5888d07ece
https://github.com/krishnprakash/codeql/commit/e2eb6dbbf26932d03aadb9f3b3229d5888d07ece
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M ruby/ql/lib/utils/test/InlineFlowTest.qll
M ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-flow.ql
Log Message:
-----------
Ruby: Fix query compilation.
Commit: 09b2c5abf011b8f16f79d36712828eb73dbc2f80
https://github.com/krishnprakash/codeql/commit/09b2c5abf011b8f16f79d36712828eb73dbc2f80
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
Log Message:
-----------
BasicBlock: Replace entryBlock predicate with subclass.
Commit: 70a871c1e52fa189d603d62c92d74a253cba5e88
https://github.com/krishnprakash/codeql/commit/70a871c1e52fa189d603d62c92d74a253cba5e88
Author: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
M java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/lib/utils/test/InlineFlowTest.qll
M ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-flow.ql
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/Guards.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/dataflow/qlpack.yml
M shared/ssa/codeql/ssa/Ssa.qll
M shared/ssa/qlpack.yml
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/dataflow/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
Merge pull request #20253 from aschackmull/shared/basicblock-signature2
Shared: Add and use a signature for basic blocks
Commit: 55869f28c380ce8105501b7da48dfceef017f8a3
https://github.com/krishnprakash/codeql/commit/55869f28c380ce8105501b7da48dfceef017f8a3
Author: Henry Mercer <henry...@github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M actions/extractor/codeql-extractor.yml
M csharp/codeql-extractor.yml
M go/codeql-extractor.yml
M javascript/resources/codeql-extractor.yml
M python/codeql-extractor.yml
M ruby/codeql-extractor.yml
M rust/codeql-extractor.yml
M swift/codeql-extractor.yml
Log Message:
-----------
Specify default queries in `codeql-extractor.yml`
Commit: d71991fdc0c6bf83aab4c61f9b8a07e6e5d58105
https://github.com/krishnprakash/codeql/commit/d71991fdc0c6bf83aab4c61f9b8a07e6e5d58105
Author: Henry Mercer <henry...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M actions/extractor/codeql-extractor.yml
M csharp/codeql-extractor.yml
M go/codeql-extractor.yml
M javascript/resources/codeql-extractor.yml
M python/codeql-extractor.yml
M ruby/codeql-extractor.yml
M rust/codeql-extractor.yml
M swift/codeql-extractor.yml
Log Message:
-----------
Merge pull request #20320 from github/henrymercer/default-queries
Specify default queries in `codeql-extractor.yml`
Commit: beeb91dd2aaf60ab47ddaf9d94331845b344e67f
https://github.com/krishnprakash/codeql/commit/beeb91dd2aaf60ab47ddaf9d94331845b344e67f
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/ext/System.Xml.model.yml
Log Message:
-----------
C#: Add some XmlDictionaryReader models.
Commit: 1d35bd1a59cbd52989b71cf2ff7731cf49de6806
https://github.com/krishnprakash/codeql/commit/1d35bd1a59cbd52989b71cf2ff7731cf49de6806
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
C#: Update expected test output.
Commit: 8b2ebaa0471e560a5a3eec38ad188aaa6f932aa1
https://github.com/krishnprakash/codeql/commit/8b2ebaa0471e560a5a3eec38ad188aaa6f932aa1
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/ext/System.Xml.model.yml
Log Message:
-----------
C#: Promote some generated- and refine models for XmlReader.
Commit: 8a480b6be1e0e79839d8745d8b05411e337ebde3
https://github.com/krishnprakash/codeql/commit/8a480b6be1e0e79839d8745d8b05411e337ebde3
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
C#: Update test expected output.
Commit: 5cd30f023c033938af7b90c4d2989066114ad5eb
https://github.com/krishnprakash/codeql/commit/5cd30f023c033938af7b90c4d2989066114ad5eb
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/ext/System.Xml.model.yml
Log Message:
-----------
C#: Add some XmlTextReader models.
Commit: 525c0952878975baa55e36b2a461093259bd83bb
https://github.com/krishnprakash/codeql/commit/525c0952878975baa55e36b2a461093259bd83bb
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
C#: Update expected test output.
Commit: aa8a72d6396d917582a3cc0870fdc04d0b6c2564
https://github.com/krishnprakash/codeql/commit/aa8a72d6396d917582a3cc0870fdc04d0b6c2564
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
Log Message:
-----------
C#: Add change-note.
Commit: 55dd098307507a9393ee78ec533c7f55cb85ea11
https://github.com/krishnprakash/codeql/commit/55dd098307507a9393ee78ec533c7f55cb85ea11
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/ext/System.Xml.model.yml
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
C#: Address review comments.
Commit: 0c5c798ca597d8b61dc55dea563e756d4b6fcb59
https://github.com/krishnprakash/codeql/commit/0c5c798ca597d8b61dc55dea563e756d4b6fcb59
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
A csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
M csharp/ql/lib/ext/System.Xml.model.yml
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
Log Message:
-----------
Merge pull request #20290 from michaelnebel/csharp/xmldictionaryreader
C#: Add manual models for more some XML related classes.
Commit: 5b51bb2ef0c92075dd9029b61471d7c8eddf9de4
https://github.com/krishnprakash/codeql/commit/5b51bb2ef0c92075dd9029b61471d7c8eddf9de4
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll
M rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql
M rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
M rust/ql/test/query-tests/security/CWE-825/main.rs
Log Message:
-----------
Rust: Deref as taint step
Commit: 1130595c676ab142f8badc4195217657993892c4
https://github.com/krishnprakash/codeql/commit/1130595c676ab142f8badc4195217657993892c4
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll
M rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql
M rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
M rust/ql/test/query-tests/security/CWE-825/main.rs
Log Message:
-----------
Merge pull request #20340 from hvitved/rust/taint-tracking-implicit-deref-at-sinks
Rust: Deref as taint step
Commit: c1c7127894a50626f3349636e2f93a354b2de4f7
https://github.com/krishnprakash/codeql/commit/c1c7127894a50626f3349636e2f93a354b2de4f7
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-08-30 (Sat, 30 Aug 2025)
Changed paths:
M rust/ql/test/library-tests/path-resolution/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/main.rs
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
Log Message:
-----------
Rust: Add examples where trait visibility affects path and method resolution
Commit: 322ef4d9856f61d96c07ccdb7d75b04d38e8fb0b
https://github.com/krishnprakash/codeql/commit/322ef4d9856f61d96c07ccdb7d75b04d38e8fb0b
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/main.rs
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/query-tests/security/CWE-117/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/query-tests/security/CWE-312/CONSISTENCY/PathResolutionConsistency.expected
R rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected
Log Message:
-----------
Rust: Account for trait visibility when resolving paths and methods
Commit: 0ed6428a94f7759c7d3135b225754fd92b09074b
https://github.com/krishnprakash/codeql/commit/0ed6428a94f7759c7d3135b225754fd92b09074b
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/main.rs
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/query-tests/security/CWE-117/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/query-tests/security/CWE-312/CONSISTENCY/PathResolutionConsistency.expected
R rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected
Log Message:
-----------
Merge pull request #20321 from paldepind/rust/trait-method-scope-2
Rust: Take trait visibility into account when resolving paths and methods
Commit: d6d0645d7b739109989a2f60a2b9a5458b7dec17
https://github.com/krishnprakash/codeql/commit/d6d0645d7b739109989a2f60a2b9a5458b7dec17
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/codeql-extractor.yml
M rust/extractor/src/config.rs
M rust/extractor/src/main.rs
R rust/ql/test/extractor-tests/canonical_path_disabled/options.yml
Log Message:
-----------
Rust: Remove skip_path_resolution config variable (hardhoded to true).
Commit: 456f56096f176cb1507349fd02fa5232b99a951c
https://github.com/krishnprakash/codeql/commit/456f56096f176cb1507349fd02fa5232b99a951c
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/main.rs
M rust/extractor/src/translate.rs
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove ResolvePaths enum and resolve_paths arguments up to Translator::new (hardcode to false).
Commit: 078fbc6427af4ba354d76755bccd8d8baa1f6567
https://github.com/krishnprakash/codeql/commit/078fbc6427af4ba354d76755bccd8d8baa1f6567
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove resolve_paths from the translator.
Commit: dd00df74dda0746e3f3de8824d3b916ab05eed5c
https://github.com/krishnprakash/codeql/commit/dd00df74dda0746e3f3de8824d3b916ab05eed5c
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove unused wiring.
Commit: bd5f863efc7373076bed0119e2c3d1e9e3e65b29
https://github.com/krishnprakash/codeql/commit/bd5f863efc7373076bed0119e2c3d1e9e3e65b29
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove uncalled methods.
Commit: 70600fe6d9173800e12a2bc735636ffad0123dba
https://github.com/krishnprakash/codeql/commit/70600fe6d9173800e12a2bc735636ffad0123dba
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/mappings.rs
Log Message:
-----------
Rust: Remove unused traits and things.
Commit: a8f7f74812417cd6a42d2800181639f8ea91fc45
https://github.com/krishnprakash/codeql/commit/a8f7f74812417cd6a42d2800181639f8ea91fc45
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/extractor/src/translate/base.rs
M rust/extractor/src/translate/mappings.rs
Log Message:
-----------
Rust: Remove unused use decls.
Commit: 3cd057fe39ebd99deb3acd9c666207017e721eb2
https://github.com/krishnprakash/codeql/commit/3cd057fe39ebd99deb3acd9c666207017e721eb2
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-26 (Tue, 26 Aug 2025)
Changed paths:
M rust/schema/annotations.py
M rust/schema/prelude.py
Log Message:
-----------
Rust: Remove Resolvable from the schema.
Commit: c7947a0afa00a46bd117285a234fd204c85c0a15
https://github.com/krishnprakash/codeql/commit/c7947a0afa00a46bd117285a234fd204c85c0a15
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/schema/prelude.py
Log Message:
-----------
Rust: Remove built-in methods from Addressable in the schema.
Commit: 152ae1d29bec1ca196cde4450806ae64e6723901
https://github.com/krishnprakash/codeql/commit/152ae1d29bec1ca196cde4450806ae64e6723901
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/extractor/src/generated/.generated.list
M rust/extractor/src/generated/top.rs
M rust/ql/.generated.list
M rust/ql/.gitattributes
M rust/ql/lib/codeql/rust/elements.qll
M rust/ql/lib/codeql/rust/elements/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/PathAstNode.qll
R rust/ql/lib/codeql/rust/elements/Resolvable.qll
R rust/ql/lib/codeql/rust/elements/internal/ResolvableImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Addressable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/ParentChild.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/PathAstNode.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
R rust/ql/lib/codeql/rust/elements/internal/generated/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Synth.qll
M rust/ql/lib/rust.dbscheme
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.ql
M rust/ql/test/extractor-tests/generated/Const/Const.ql
M rust/ql/test/extractor-tests/generated/Enum/Enum.ql
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.ql
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.ql
M rust/ql/test/extractor-tests/generated/Function/Function.ql
M rust/ql/test/extractor-tests/generated/Impl/Impl.ql
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.ql
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.ql
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.ql
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.ql
M rust/ql/test/extractor-tests/generated/Module/Module.ql
M rust/ql/test/extractor-tests/generated/Path/PathExpr.ql
M rust/ql/test/extractor-tests/generated/Path/PathPat.ql
M rust/ql/test/extractor-tests/generated/Static/Static.ql
M rust/ql/test/extractor-tests/generated/Struct/Struct.ql
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.ql
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.ql
M rust/ql/test/extractor-tests/generated/Trait/Trait.ql
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.ql
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.ql
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.ql
M rust/ql/test/extractor-tests/generated/Union/Union.ql
M rust/ql/test/extractor-tests/generated/Use/Use.ql
M rust/ql/test/extractor-tests/generated/Variant/Variant.ql
Log Message:
-----------
Rust: Codegen.
Commit: 5d060d621b6f06d8276fbfaa2cf6cbfc87424ffc
https://github.com/krishnprakash/codeql/commit/5d060d621b6f06d8276fbfaa2cf6cbfc87424ffc
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ql/lib/codeql/rust/elements/internal/CallExprBaseImpl.qll
Log Message:
-----------
Rust: Remove leftover QL use of Resolvable.
Commit: 1d815b16d65b46e979ac1533341bd4881b6a5643
https://github.com/krishnprakash/codeql/commit/1d815b16d65b46e979ac1533341bd4881b6a5643
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.expected
M rust/ql/test/extractor-tests/generated/Const/Const.expected
M rust/ql/test/extractor-tests/generated/Enum/Enum.expected
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.expected
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.expected
M rust/ql/test/extractor-tests/generated/Function/Function.expected
M rust/ql/test/extractor-tests/generated/Impl/Impl.expected
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.expected
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.expected
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.expected
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.expected
M rust/ql/test/extractor-tests/generated/Module/Module.expected
M rust/ql/test/extractor-tests/generated/Path/PathExpr.expected
M rust/ql/test/extractor-tests/generated/Path/PathPat.expected
M rust/ql/test/extractor-tests/generated/Static/Static.expected
M rust/ql/test/extractor-tests/generated/Struct/Struct.expected
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.expected
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.expected
M rust/ql/test/extractor-tests/generated/Trait/Trait.expected
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.expected
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.expected
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.expected
M rust/ql/test/extractor-tests/generated/Union/Union.expected
M rust/ql/test/extractor-tests/generated/Use/Use.expected
M rust/ql/test/extractor-tests/generated/Variant/Variant.expected
Log Message:
-----------
Rust: Update test expectations.
Commit: a075ed595cf84589d2678ac22f31a70d1c3f376a
https://github.com/krishnprakash/codeql/commit/a075ed595cf84589d2678ac22f31a70d1c3f376a
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ql/src/queries/telemetry/ExtractorInformation.ql
R rust/ql/src/queries/telemetry/RustAnalyzerComparison.qll
Log Message:
-----------
Rust: Remove telemetry about extractor generated paths.
Commit: 2e747bb05ceb7643c86187c3ee0a988b8dea1afc
https://github.com/krishnprakash/codeql/commit/2e747bb05ceb7643c86187c3ee0a988b8dea1afc
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
A cpp/ql/lib/ext/ComPtr.model.yml
M cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql
M cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.22.4.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-scanning.qls.expected
M java/ql/integration-tests/java/query-suite/java-security-and-quality.qls.expected
M java/ql/integration-tests/java/query-suite/java-security-extended.qls.expected
M java/ql/integration-tests/java/query-suite/not_included_in_qls.expected
M java/ql/lib/semmle/code/configfiles/ConfigFiles.qll
A java/ql/lib/semmle/code/java/security/SpringBootActuatorsConfigQuery.qll
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/SpringBootActuatorsConfig.qhelp
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/SpringBootActuatorsConfig.ql
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/application_bad.properties
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/application_good.properties
A java/ql/src/Security/CWE/CWE-200/SpringBootActuatorsConfig/pom_good.xml
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.java
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.qhelp
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.ql
A java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.qhelp
R java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql
R java/ql/src/experimental/Security/CWE/CWE-016/application.properties
R java/ql/src/experimental/Security/CWE/CWE-016/pom_bad.xml
R java/ql/src/experimental/Security/CWE/CWE-016/pom_good.xml
R java/ql/test/experimental/query-tests/security/CWE-016/InsecureSpringActuatorConfig.expected
R java/ql/test/experimental/query-tests/security/CWE-016/InsecureSpringActuatorConfig.qlref
R java/ql/test/experimental/query-tests/security/CWE-016/SensitiveInfo.java
R java/ql/test/experimental/query-tests/security/CWE-016/application.properties
R java/ql/test/experimental/query-tests/security/CWE-016/options
R java/ql/test/experimental/query-tests/security/CWE-016/pom.xml
A java/ql/test/query-tests/CallsToSystemExit/CallsToSystemExit.expected
A java/ql/test/query-tests/CallsToSystemExit/CallsToSystemExit.qlref
A java/ql/test/query-tests/CallsToSystemExit/ExampleRuntimeExit.java
A java/ql/test/query-tests/CallsToSystemExit/ExampleRuntimeHalt.java
A java/ql/test/query-tests/CallsToSystemExit/ExampleSystemExit.java
A java/ql/test/query-tests/CallsToSystemExit/LocalClassInTestMethod.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/SpringBootActuatorsConfig.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/SpringBootActuatorsConfig.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/bad/default/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/bad/default/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/bad/false/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/bad/false/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/good/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.0.x-1.4.x/good/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.5.x/bad/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.5.x/bad/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.5.x/good/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version1.5.x/good/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/expose/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/expose/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/exposure-include/all-exposed/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/exposure-include/all-exposed/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/exposure-include/some-exposed/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/bad/exposure-include/some-exposed/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/good/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version2.x/good/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/bad/all-exposed/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/bad/all-exposed/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/bad/some-exposed/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/bad/some-exposed/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/good/application.properties
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/Version3.x/good/pom.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SpringBootActuatorsConfig/options
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod.py
M python/ql/src/Functions/IncorrectRaiseInSpecialMethod.qhelp
M python/ql/src/Functions/IncorrectRaiseInSpecialMethod.ql
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod2.py
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod3.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod2.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod3.py
A python/ql/src/change-notes/2025-07-25-unexpected-raise-special-method.md
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/IncorrectRaiseInSpecialMethod.expected
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/IncorrectRaiseInSpecialMethod.qlref
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/test.py
R python/ql/test/query-tests/Functions/general/IncorrectRaiseInSpecialMethod.expected
R python/ql/test/query-tests/Functions/general/IncorrectRaiseInSpecialMethod.qlref
M rust/extractor/src/main.rs
M rust/extractor/src/rust_analyzer.rs
M rust/extractor/src/translate/base.rs
M rust/extractor/src/trap.rs
M rust/ql/.generated.list
M rust/ql/integration-tests/hello-project/ExtractionWarnings.expected
M rust/ql/integration-tests/hello-project/summary.expected
A rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
M rust/ql/lib/codeql/rust/controlflow/internal/generated/CfgNodes.qll
M rust/ql/lib/codeql/rust/elements/StructExpr.qll
M rust/ql/lib/codeql/rust/elements/TupleExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/MacroCallImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/StructExprImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/TupleExprImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/StructExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/TupleExpr.qll
M rust/ql/lib/codeql/rust/internal/Type.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/lib/codeql/rust/internal/TypeMention.qll
M rust/ql/test/extractor-tests/generated/.generated_tests.list
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.expected
M rust/ql/test/extractor-tests/generated/StructExpr/gen_struct_expr.rs
M rust/ql/test/extractor-tests/generated/TupleExpr/TupleExpr.expected
M rust/ql/test/extractor-tests/generated/TupleExpr/gen_tuple_expr.rs
M rust/ql/test/extractor-tests/macro-expansion/CONSISTENCY/ExtractionConsistency.expected
M rust/ql/test/extractor-tests/macro-expansion/test.expected
R rust/ql/test/library-tests/type-inference/CONSISTENCY/ExtractionConsistency.expected
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/query-tests/diagnostics/CONSISTENCY/ExtractionConsistency.expected
M rust/ql/test/query-tests/diagnostics/ExtractionWarnings.expected
R rust/ql/test/query-tests/unusedentities/CONSISTENCY/ExtractionConsistency.expected
M rust/schema/annotations.py
Log Message:
-----------
Merge branch 'main' into oldpaths1 (some generated files are left unmerged).
Commit: 83df1137b6d10d496ffb174c51ca4148d7dbe5f2
https://github.com/krishnprakash/codeql/commit/83df1137b6d10d496ffb174c51ca4148d7dbe5f2
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ql/.generated.list
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
Log Message:
-----------
Rust: Codegen.
Commit: 9efb6ea995f126887c057d91365bdc8b261f7302
https://github.com/krishnprakash/codeql/commit/9efb6ea995f126887c057d91365bdc8b261f7302
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/extractor/src/main.rs
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Cargo fmt.
Commit: f838494bf01bad9f5e0d45cb9695b4ea54f2f3a2
https://github.com/krishnprakash/codeql/commit/f838494bf01bad9f5e0d45cb9695b4ea54f2f3a2
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/ast-generator/src/main.rs
M rust/extractor/src/translate/base.rs
Log Message:
-----------
Rust: Remove empty impls.
Commit: 194363c1075c4d7923d4a1d37c6a0e08a20e9ff6
https://github.com/krishnprakash/codeql/commit/194363c1075c4d7923d4a1d37c6a0e08a20e9ff6
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M rust/extractor/src/translate/generated.rs
Log Message:
-----------
Rust: Codegen.
Commit: 1e46dd8412ff7a3ceb23d6d1a09597c15a276fdb
https://github.com/krishnprakash/codeql/commit/1e46dd8412ff7a3ceb23d6d1a09597c15a276fdb
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
M rust/extractor/src/translate/mappings.rs
Log Message:
-----------
Rust: Remove redundant code.
Commit: e860600712eb516a527831acb121517112c02893
https://github.com/krishnprakash/codeql/commit/e860600712eb516a527831acb121517112c02893
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
R rust/ql/test/extractor-tests/canonical_path_disabled/Cargo.lock
R rust/ql/test/extractor-tests/canonical_path_disabled/anonymous.rs
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.expected
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.qlref
R rust/ql/test/extractor-tests/canonical_path_disabled/regular.rs
Log Message:
-----------
Rust: Remove the canonical_path_disabled test entirely.
Commit: 5d14ef5fd39abddaa408651eaf9cf5a3a7ff7843
https://github.com/krishnprakash/codeql/commit/5d14ef5fd39abddaa408651eaf9cf5a3a7ff7843
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-28 (Thu, 28 Aug 2025)
Changed paths:
A rust/ql/lib/change-notes/2025-08-28-path-resolution.md
Log Message:
-----------
Rust: Change note.
Commit: a6bdab15f6b5f602dcb2e94053ac0360a2feb8d2
https://github.com/krishnprakash/codeql/commit/a6bdab15f6b5f602dcb2e94053ac0360a2feb8d2
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/old.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/semmlecode.cpp.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/upgrade.properties
A cpp/ql/lib/change-notes/2025-08-27-pch.md
M cpp/ql/lib/cpp.qll
A cpp/ql/lib/semmle/code/cpp/PchFile.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmlecode.cpp.dbscheme
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/old.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/upgrade.properties
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
A csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
M csharp/ql/lib/ext/System.IO.model.yml
M csharp/ql/lib/ext/System.model.yml
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/UnsafeDeserializationUntrustedInput.expected
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.md
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.ql
A java/ql/test/query-tests/ExcessivePublicMethodMocking/Employee.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeRecord.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeStatus.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.expected
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.qlref
A java/ql/test/query-tests/ExcessivePublicMethodMocking/TestORM.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/options
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/AnnotatedClass.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/VisibleForTesting.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/UseWithinAnnotation.java
A java/ql/test/stubs/junit-4.13/LICENSE-junit.txt
A java/ql/test/stubs/junit-4.13/org/junit/Assert.java
A java/ql/test/stubs/junit-4.13/org/junit/Test.java
A java/ql/test/stubs/junit-4.13/org/junit/function/ThrowingRunnable.java
A java/ql/test/stubs/mockito-5.14/org/mockito/ArgumentMatchers.java
A java/ql/test/stubs/mockito-5.14/org/mockito/MockSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/Mockito.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/MockitoCore.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/creation/MockSettingsImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerFactory.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/progress/MockingProgress.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/util/MockUtil.java
A java/ql/test/stubs/mockito-5.14/org/mockito/invocation/MockHandler.java
A java/ql/test/stubs/mockito-5.14/org/mockito/mock/MockCreationSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/plugins/MockMaker.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Answer.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/OngoingStubbing.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Stubber.java
A javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
M javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-776/libxml.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.noent.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.sax.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.saxpush.js
M python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected
M python/ql/integration-tests/query-suite/python-code-quality.qls.expected
M python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected
A python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/frameworks/Lxml.qll
A python/ql/src/Classes/Comparisons/EqualsOrHash.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrHash.ql
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.ql
A python/ql/src/Classes/Comparisons/IncompleteOrdering.qhelp
A python/ql/src/Classes/Comparisons/IncompleteOrdering.ql
A python/ql/src/Classes/Comparisons/examples/EqualsOrHash.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals1.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals2.py
A python/ql/src/Classes/Comparisons/examples/IncompleteOrdering.py
M python/ql/src/Classes/Equality.qll
R python/ql/src/Classes/EqualsOrHash.py
R python/ql/src/Classes/EqualsOrHash.qhelp
R python/ql/src/Classes/EqualsOrHash.ql
R python/ql/src/Classes/EqualsOrNotEquals.py
R python/ql/src/Classes/EqualsOrNotEquals.qhelp
R python/ql/src/Classes/EqualsOrNotEquals.ql
R python/ql/src/Classes/IncompleteOrdering.py
R python/ql/src/Classes/IncompleteOrdering.qhelp
R python/ql/src/Classes/IncompleteOrdering.ql
R python/ql/src/Classes/SubclassShadowing.py
R python/ql/src/Classes/SubclassShadowing.qhelp
R python/ql/src/Classes/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.qhelp
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingBad.py
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingGood.py
A python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/3/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.expected
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.qlref
R python/ql/test/3/query-tests/Classes/equals-ne/test.py
M python/ql/test/library-tests/frameworks/lxml/parsing.py
M python/ql/test/query-tests/Classes/equals-attr/DefineEqualsWhenAddingAttributes.expected
A python/ql/test/query-tests/Classes/equals-attr/attr_eq_test.py
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.expected
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.qlref
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.expected
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/query-tests/Classes/equals-hash/attr_eq_test.py
A python/ql/test/query-tests/Classes/equals-hash/equalsHash.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.expected
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.expected
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/incomplete_ordering.py
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.expected
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.qlref
M python/ql/test/query-tests/Classes/subclass-shadowing/subclass_shadowing.py
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
M python/ql/test/query-tests/analysis/jump_to_defn/Definitions.expected
M python/ql/test/query-tests/analysis/jump_to_defn/test.py
A rust/ql/lib/change-notes/2025-08-22-fs.md
M rust/ql/lib/codeql/rust/elements/RangeExprExt.qll
M rust/ql/lib/codeql/rust/elements/internal/TypeParamImpl.qll
A rust/ql/lib/codeql/rust/frameworks/asyncstd/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/stdlib/Stdlib.qll
M rust/ql/lib/codeql/rust/frameworks/stdlib/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/tokio/fs.model.yml
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/PathResolutionConsistency.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/extractor-tests/macro-expansion/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
M rust/ql/test/library-tests/dataflow/sources/test.rs
M rust/ql/test/library-tests/path-resolution/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/query-tests/security/CWE-022/Cargo.lock
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-022/options.yml
M rust/ql/test/query-tests/security/CWE-022/src/main.rs
R rust/ql/test/query-tests/security/CWE-696/CONSISTENCY/PathResolutionConsistency.expected
Log Message:
-----------
Merge branch 'main' into oldpaths1
Commit: bdc1f1715d562e92494ad9d3fabf7a87c343add3
https://github.com/krishnprakash/codeql/commit/bdc1f1715d562e92494ad9d3fabf7a87c343add3
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/old.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/rust.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/upgrade.properties
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/old.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/upgrade.properties
Log Message:
-----------
Rust: Add upgrade and downgrade scripts (template).
Commit: d650d56485721c4dfe1e16dc9ffa15c1b162afdf
https://github.com/krishnprakash/codeql/commit/d650d56485721c4dfe1e16dc9ffa15c1b162afdf
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2025-08-29 (Fri, 29 Aug 2025)
Changed paths:
M rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/upgrade.properties
M rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/upgrade.properties
Log Message:
-----------
Rust: Implement upgrade and downgrade scripts.
Commit: 9bae0bfb35584952a5054e2db6c8ef32197370f8
https://github.com/krishnprakash/codeql/commit/9bae0bfb35584952a5054e2db6c8ef32197370f8
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ast-generator/src/main.rs
M rust/codeql-extractor.yml
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/old.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/rust.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/upgrade.properties
M rust/extractor/src/config.rs
M rust/extractor/src/generated/.generated.list
M rust/extractor/src/generated/top.rs
M rust/extractor/src/main.rs
M rust/extractor/src/translate.rs
M rust/extractor/src/translate/base.rs
M rust/extractor/src/translate/generated.rs
M rust/extractor/src/translate/mappings.rs
M rust/ql/.generated.list
M rust/ql/.gitattributes
A rust/ql/lib/change-notes/2025-08-28-path-resolution.md
M rust/ql/lib/codeql/rust/elements.qll
M rust/ql/lib/codeql/rust/elements/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/PathAstNode.qll
R rust/ql/lib/codeql/rust/elements/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/CallExprBaseImpl.qll
R rust/ql/lib/codeql/rust/elements/internal/ResolvableImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Addressable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/ParentChild.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/PathAstNode.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
R rust/ql/lib/codeql/rust/elements/internal/generated/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Synth.qll
M rust/ql/lib/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/old.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/upgrade.properties
M rust/ql/src/queries/telemetry/ExtractorInformation.ql
R rust/ql/src/queries/telemetry/RustAnalyzerComparison.qll
R rust/ql/test/extractor-tests/canonical_path_disabled/Cargo.lock
R rust/ql/test/extractor-tests/canonical_path_disabled/anonymous.rs
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.expected
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.qlref
R rust/ql/test/extractor-tests/canonical_path_disabled/options.yml
R rust/ql/test/extractor-tests/canonical_path_disabled/regular.rs
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.expected
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.ql
M rust/ql/test/extractor-tests/generated/Const/Const.expected
M rust/ql/test/extractor-tests/generated/Const/Const.ql
M rust/ql/test/extractor-tests/generated/Enum/Enum.expected
M rust/ql/test/extractor-tests/generated/Enum/Enum.ql
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.expected
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.ql
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.expected
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.ql
M rust/ql/test/extractor-tests/generated/Function/Function.expected
M rust/ql/test/extractor-tests/generated/Function/Function.ql
M rust/ql/test/extractor-tests/generated/Impl/Impl.expected
M rust/ql/test/extractor-tests/generated/Impl/Impl.ql
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.expected
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.ql
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.expected
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.ql
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.expected
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.ql
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.expected
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.ql
M rust/ql/test/extractor-tests/generated/Module/Module.expected
M rust/ql/test/extractor-tests/generated/Module/Module.ql
M rust/ql/test/extractor-tests/generated/Path/PathExpr.expected
M rust/ql/test/extractor-tests/generated/Path/PathExpr.ql
M rust/ql/test/extractor-tests/generated/Path/PathPat.expected
M rust/ql/test/extractor-tests/generated/Path/PathPat.ql
M rust/ql/test/extractor-tests/generated/Static/Static.expected
M rust/ql/test/extractor-tests/generated/Static/Static.ql
M rust/ql/test/extractor-tests/generated/Struct/Struct.expected
M rust/ql/test/extractor-tests/generated/Struct/Struct.ql
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.expected
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.ql
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.expected
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.ql
M rust/ql/test/extractor-tests/generated/Trait/Trait.expected
M rust/ql/test/extractor-tests/generated/Trait/Trait.ql
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.expected
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.ql
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.expected
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.ql
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.expected
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.ql
M rust/ql/test/extractor-tests/generated/Union/Union.expected
M rust/ql/test/extractor-tests/generated/Union/Union.ql
M rust/ql/test/extractor-tests/generated/Use/Use.expected
M rust/ql/test/extractor-tests/generated/Use/Use.ql
M rust/ql/test/extractor-tests/generated/Variant/Variant.expected
M rust/ql/test/extractor-tests/generated/Variant/Variant.ql
M rust/schema/annotations.py
M rust/schema/prelude.py
Log Message:
-----------
Merge pull request #20295 from geoffw0/oldpaths1
Rust: Remove extractor path resolution.
Commit: 6872f517252bfa82d9e078c603d2d681a276912c
https://github.com/krishnprakash/codeql/commit/6872f517252bfa82d9e078c603d2d681a276912c
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
M javascript/ql/lib/semmlecode.javascript.dbscheme
M javascript/ql/lib/semmlecode.javascript.dbscheme.stats
Log Message:
-----------
JS: Add metadata to dbscheme and stats
Commit: c1df8a95cbebac021a2eb757aefb6896d9924113
https://github.com/krishnprakash/codeql/commit/c1df8a95cbebac021a2eb757aefb6896d9924113
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
M javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
A javascript/extractor/src/com/semmle/js/extractor/OverlayChanges.java
M javascript/resources/codeql-extractor.yml
Log Message:
-----------
JS: Overlay extraction support
Commit: 30baf0acecc6f4e2f5939f7e428ca4209142d3b9
https://github.com/krishnprakash/codeql/commit/30baf0acecc6f4e2f5939f7e428ca4209142d3b9
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
M javascript/ql/lib/semmlecode.javascript.dbscheme
M javascript/ql/lib/semmlecode.javascript.dbscheme.stats
M javascript/resources/codeql-extractor.yml
Log Message:
-----------
JS: Add overlayChangedFiles
Commit: ba585b8af5e78c77416b3e99f62fffa82c89db41
https://github.com/krishnprakash/codeql/commit/ba585b8af5e78c77416b3e99f62fffa82c89db41
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/old.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/semmlecode.javascript.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/upgrade.properties
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/old.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/semmlecode.javascript.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/upgrade.properties
Log Message:
-----------
JS: Add upgrade/downgrade scripts
Commit: 678345621354a6c4cb0d900ece5dadd2aa1f2cf8
https://github.com/krishnprakash/codeql/commit/678345621354a6c4cb0d900ece5dadd2aa1f2cf8
Author: Asger F <asg...@github.com>
Date: 2025-08-19 (Tue, 19 Aug 2025)
Changed paths:
M javascript/ql/lib/javascript.qll
A javascript/ql/lib/semmle/javascript/internal/Overlay.qll
Log Message:
-----------
JS: Add discard predicates
Commit: 67a1c2ffef2afcb958676a3cf6b9b8ea403286c3
https://github.com/krishnprakash/codeql/commit/67a1c2ffef2afcb958676a3cf6b9b8ea403286c3
Author: Asger F <asg...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
Log Message:
-----------
Update javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
Co-authored-by: Copilot <17572847...@users.noreply.github.com>
Commit: 19fa29d52704a947c64f448849f1202fdc325e25
https://github.com/krishnprakash/codeql/commit/19fa29d52704a947c64f448849f1202fdc325e25
Author: Asger F <asg...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/old.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/semmlecode.javascript.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/upgrade.properties
M javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
A javascript/extractor/src/com/semmle/js/extractor/OverlayChanges.java
M javascript/ql/lib/javascript.qll
A javascript/ql/lib/semmle/javascript/internal/Overlay.qll
M javascript/ql/lib/semmlecode.javascript.dbscheme
M javascript/ql/lib/semmlecode.javascript.dbscheme.stats
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/old.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/semmlecode.javascript.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/upgrade.properties
M javascript/resources/codeql-extractor.yml
Log Message:
-----------
Merge pull request #20307 from asgerf/js/overlay-extract-and-discard-only
JS: Add overlay support to extractor
Commit: 011f8dd3b3fb32c5f7b6f7a5785330e5241b2b9a
https://github.com/krishnprakash/codeql/commit/011f8dd3b3fb32c5f7b6f7a5785330e5241b2b9a
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M swift/ql/lib/codeql/swift/elements/decl/internal/EnumDeclImpl.qll
Log Message:
-----------
Swift: Fix a Ql4Ql violation.
Commit: f73f9a0447335f10320106497af88bd7b30d0ecd
https://github.com/krishnprakash/codeql/commit/f73f9a0447335f10320106497af88bd7b30d0ecd
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M swift/ql/lib/codeql/swift/elements/decl/internal/EnumDeclImpl.qll
Log Message:
-----------
Merge pull request #20334 from michaelnebel/swift/ql4ql
Swift: Fix a Ql4Ql violation.
Commit: 74913522789f3bd512ff0c5330f626f2cd5ccc09
https://github.com/krishnprakash/codeql/commit/74913522789f3bd512ff0c5330f626f2cd5ccc09
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/printAst.ql
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Member.qll
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
M csharp/ql/lib/semmle/code/csharp/serialization/Deserializers.qll
M csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll
M csharp/ql/src/Language Abuse/UselessUpcast.ql
M csharp/ql/src/Telemetry/DatabaseQuality.qll
Log Message:
-----------
C#: Fix some Ql4Ql violations.
Commit: ef4b41ab6d2c1f7c18145c9c13fc5949c13622da
https://github.com/krishnprakash/codeql/commit/ef4b41ab6d2c1f7c18145c9c13fc5949c13622da
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
Log Message:
-----------
C#: Replace exists with any.
Commit: 39d3741a9141c53b1579859baf1a426ca30e6e74
https://github.com/krishnprakash/codeql/commit/39d3741a9141c53b1579859baf1a426ca30e6e74
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M csharp/ql/lib/printAst.ql
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Member.qll
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
M csharp/ql/lib/semmle/code/csharp/serialization/Deserializers.qll
M csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll
M csharp/ql/src/Language Abuse/UselessUpcast.ql
M csharp/ql/src/Telemetry/DatabaseQuality.qll
Log Message:
-----------
Merge pull request #20326 from michaelnebel/csharp/ql4ql
C#: Fix some Ql4Ql violations.
Commit: ea664e08d1d79eef07760289e122a11e519d4d86
https://github.com/krishnprakash/codeql/commit/ea664e08d1d79eef07760289e122a11e519d4d86
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M go/ql/lib/semmle/go/StringOps.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowUtil.qll
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
Log Message:
-----------
Go: Fix some Ql4Ql violations.
Commit: d0323a6425c380cac284aca0c7207ced4b424a2f
https://github.com/krishnprakash/codeql/commit/d0323a6425c380cac284aca0c7207ced4b424a2f
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
Log Message:
-----------
Fix one more violation.
Commit: 55e5281429fac51505945a966f06a1946ca408e8
https://github.com/krishnprakash/codeql/commit/55e5281429fac51505945a966f06a1946ca408e8
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
Log Message:
-----------
Go: Fix a couple more spelling errors.
Commit: 9a88e38d6f2587c8637e484ef77c797876f7f1e2
https://github.com/krishnprakash/codeql/commit/9a88e38d6f2587c8637e484ef77c797876f7f1e2
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M go/ql/lib/semmle/go/StringOps.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowUtil.qll
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
Log Message:
-----------
Merge pull request #20327 from michaelnebel/go/ql4ql
Go: Fix some Ql4Ql violations.
Commit: 11309e99ce62b0e59531b3a310805ce09231ac70
https://github.com/krishnprakash/codeql/commit/11309e99ce62b0e59531b3a310805ce09231ac70
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M shared/util/change-notes/2025-08-25-loc-option.md
Log Message:
-----------
Fix changenote
Commit: ab641b3144126839862ba99483f12de58ac6e607
https://github.com/krishnprakash/codeql/commit/ab641b3144126839862ba99483f12de58ac6e607
Author: Joe Farebrother <joefare...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M shared/util/change-notes/2025-08-25-loc-option.md
Log Message:
-----------
Merge pull request #20344 from joefarebrother/fix-changenote
Shared: Fix changenote
Commit: 77113b2e42ac0d9d30aeca91d616363d0ac45c7c
https://github.com/krishnprakash/codeql/commit/77113b2e42ac0d9d30aeca91d616363d0ac45c7c
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M java/ql/lib/experimental/quantum/JCA.qll
M java/ql/lib/experimental/quantum/Language.qll
M java/ql/lib/printAst.ql
M java/ql/lib/semmle/code/java/Concurrency.qll
M java/ql/lib/semmle/code/java/Conversions.qll
M java/ql/lib/semmle/code/java/Statement.qll
M java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
M java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll
M java/ql/lib/semmle/code/java/frameworks/Mockito.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
M java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll
M java/ql/lib/semmle/code/java/security/FileWritable.qll
M java/ql/lib/semmle/code/java/security/TempDirUtils.qll
M java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
M java/ql/src/Likely Bugs/Comparison/HashedButNoHash.ql
M java/ql/src/Likely Bugs/Concurrency/NotifyWithoutSynch.ql
M java/ql/src/Likely Bugs/Termination/SpinOnField.ql
M java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll
M java/ql/src/Violations of Best Practice/Naming Conventions/ConfusingOverloading.ql
M java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
M java/ql/src/experimental/quantum/Examples/BrokenCrypto.ql
M java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll
Log Message:
-----------
Java: Fix some Ql4Ql violations.
Commit: a732b36fa87f33fc9e0bc9ad3fa221ba2498f69d
https://github.com/krishnprakash/codeql/commit/a732b36fa87f33fc9e0bc9ad3fa221ba2498f69d
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
Log Message:
-----------
Update java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
Co-authored-by: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Commit: 2a932f0748fb7b30df2e4fa1a4bf80028d14951d
https://github.com/krishnprakash/codeql/commit/2a932f0748fb7b30df2e4fa1a4bf80028d14951d
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M java/ql/lib/experimental/quantum/JCA.qll
M java/ql/lib/experimental/quantum/Language.qll
M java/ql/lib/printAst.ql
M java/ql/lib/semmle/code/java/Concurrency.qll
M java/ql/lib/semmle/code/java/Conversions.qll
M java/ql/lib/semmle/code/java/Statement.qll
M java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
M java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll
M java/ql/lib/semmle/code/java/frameworks/Mockito.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
M java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll
M java/ql/lib/semmle/code/java/security/FileWritable.qll
M java/ql/lib/semmle/code/java/security/TempDirUtils.qll
M java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
M java/ql/src/Likely Bugs/Comparison/HashedButNoHash.ql
M java/ql/src/Likely Bugs/Concurrency/NotifyWithoutSynch.ql
M java/ql/src/Likely Bugs/Termination/SpinOnField.ql
M java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll
M java/ql/src/Violations of Best Practice/Naming Conventions/ConfusingOverloading.ql
M java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
M java/ql/src/experimental/quantum/Examples/BrokenCrypto.ql
M java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll
Log Message:
-----------
Merge pull request #20328 from michaelnebel/java/ql4ql
Java: Fix some Ql4Ql violations.
Commit: 367027e777aa5aa934c5c1c5e7924031571d6f3a
https://github.com/krishnprakash/codeql/commit/367027e777aa5aa934c5c1c5e7924031571d6f3a
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M ql/ql/src/codeql_ql/style/RedundantCastQuery.qll
M ql/ql/test/queries/performance/VarUnusedInDisjunct/Test.qll
M ql/ql/test/queries/style/Misspelling/Misspelling.expected
M ql/ql/test/queries/style/Misspelling/Test.qll
M ql/ql/test/queries/style/UseInstanceofExtension/Foo.qll
M ql/ql/test/queries/style/UseInstanceofExtension/UseInstanceofExtension.expected
M ql/ql/test/queries/style/UseSetLiteral/UseSetLiteral.expected
M ql/ql/test/queries/style/UseSetLiteral/test.qll
Log Message:
-----------
Ql: Fix some Ql4Ql violations.
Commit: 88ee20f189f8d053dbe58708516bf4b509503ec7
https://github.com/krishnprakash/codeql/commit/88ee20f189f8d053dbe58708516bf4b509503ec7
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M ql/ql/src/codeql_ql/style/RedundantCastQuery.qll
M ql/ql/test/queries/performance/VarUnusedInDisjunct/Test.qll
M ql/ql/test/queries/style/Misspelling/Misspelling.expected
M ql/ql/test/queries/style/Misspelling/Test.qll
M ql/ql/test/queries/style/UseInstanceofExtension/Foo.qll
M ql/ql/test/queries/style/UseInstanceofExtension/UseInstanceofExtension.expected
M ql/ql/test/queries/style/UseSetLiteral/UseSetLiteral.expected
M ql/ql/test/queries/style/UseSetLiteral/test.qll
Log Message:
-----------
Merge pull request #20331 from michaelnebel/ql/ql4ql
Ql: Fix some Ql4Ql violations.
Commit: c5cf46bc2cd5ed380e1bbe091fda4b5f2a561736
https://github.com/krishnprakash/codeql/commit/c5cf46bc2cd5ed380e1bbe091fda4b5f2a561736
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M ruby/ql/lib/codeql/ruby/ApiGraphs.qll
M ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll
M ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll
M ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll
Log Message:
-----------
Ruby: Fix some Ql4Ql violations.
Commit: 7ae5d405fc8e4b3a868247ffa7a8aac0dffd3834
https://github.com/krishnprakash/codeql/commit/7ae5d405fc8e4b3a868247ffa7a8aac0dffd3834
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M ruby/ql/lib/codeql/ruby/ApiGraphs.qll
M ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll
M ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll
M ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll
Log Message:
-----------
Merge pull request #20332 from michaelnebel/ruby/ql4ql
Ruby: Fix some Ql4Ql violations.
Commit: 37997c05610f6fe5e55d9a570ff6d8de8f5a43c3
https://github.com/krishnprakash/codeql/commit/37997c05610f6fe5e55d9a570ff6d8de8f5a43c3
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
M rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll
M rust/ql/lib/codeql/rust/internal/Type.qll
Log Message:
-----------
Rust: Fix some Ql4Ql violations.
Commit: 464d8b13a85bb9cbd618ea8823169bd10ff421fd
https://github.com/krishnprakash/codeql/commit/464d8b13a85bb9cbd618ea8823169bd10ff421fd
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
Log Message:
-----------
Rust: Address review comments.
Commit: 6f5da528a469bc32c3550cd4b3401c6eb1dfee04
https://github.com/krishnprakash/codeql/commit/6f5da528a469bc32c3550cd4b3401c6eb1dfee04
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
Log Message:
-----------
Update rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
Co-authored-by: Simon Friis Vindum <pald...@github.com>
Commit: 9d521e9cb60da771138528e49a50a35435b38b77
https://github.com/krishnprakash/codeql/commit/9d521e9cb60da771138528e49a50a35435b38b77
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
M rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll
M rust/ql/lib/codeql/rust/internal/Type.qll
Log Message:
-----------
Merge pull request #20333 from michaelnebel/rust/ql4ql
Rust: Fix some Ql4Ql violations.
Commit: dbd31259b3e62de0ffd7bb7103b402d4616d06cd
https://github.com/krishnprakash/codeql/commit/dbd31259b3e62de0ffd7bb7103b402d4616d06cd
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
M python/ql/lib/experimental/cryptography/CryptoArtifact.qll
M python/ql/lib/experimental/cryptography/modules/CryptographyModule.qll
M python/ql/lib/experimental/cryptography/modules/stdlib/HashlibModule.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/objects/ObjectInternal.qll
M python/ql/lib/semmle/python/types/FunctionObject.qll
M python/ql/src/Security/CWE-327/FluentApiModel.qll
M python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql
Log Message:
-----------
Python: Fix some Ql4Ql violations.
Commit: 90caded4fe8d8dad1cbc179a89d048a88d640ec2
https://github.com/krishnprakash/codeql/commit/90caded4fe8d8dad1cbc179a89d048a88d640ec2
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M python/ql/src/Security/CWE-327/FluentApiModel.qll
Log Message:
-----------
Apply suggestion from @aschackmull
Co-authored-by: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Commit: d3d737b3838e4b360150533f2f27ad08ec60e92d
https://github.com/krishnprakash/codeql/commit/d3d737b3838e4b360150533f2f27ad08ec60e92d
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
M python/ql/lib/experimental/cryptography/CryptoArtifact.qll
M python/ql/lib/experimental/cryptography/modules/CryptographyModule.qll
M python/ql/lib/experimental/cryptography/modules/stdlib/HashlibModule.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/objects/ObjectInternal.qll
M python/ql/lib/semmle/python/types/FunctionObject.qll
M python/ql/src/Security/CWE-327/FluentApiModel.qll
M python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql
Log Message:
-----------
Merge pull request #20330 from michaelnebel/python/ql4ql
Python: Fix some Ql4Ql violations.
Commit: 8434dc3890801b7584a99f5becd552bbfeda3514
https://github.com/krishnprakash/codeql/commit/8434dc3890801b7584a99f5becd552bbfeda3514
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
A shared/controlflow/codeql/controlflow/SuccessorType.qll
Log Message:
-----------
Controlflow: Add a shared SuccessorType implementation.
Commit: 8b50ac291fbc056fb638f5e12511209953505982
https://github.com/krishnprakash/codeql/commit/8b50ac291fbc056fb638f5e12511209953505982
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/Caching.qll
M csharp/ql/lib/semmle/code/csharp/commons/Constants.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
M csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
M csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
M csharp/ql/test/library-tests/controlflow/graph/Condition.ql
M csharp/ql/test/library-tests/controlflow/graph/Nodes.ql
Log Message:
-----------
C#: Use shared SuccessorType.
Commit: d8c193df18379f70baa7c1d41af50f05be683f69
https://github.com/krishnprakash/codeql/commit/d8c193df18379f70baa7c1d41af50f05be683f69
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M ruby/ql/consistency-queries/DataFlowConsistency.ql
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/controlflow/ControlFlowGraph.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Completion.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Guards.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Splitting.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql
Log Message:
-----------
Ruby: Use shared SuccessorType.
Commit: cf9196fb5579405f5bda53990649b5582d963bd3
https://github.com/krishnprakash/codeql/commit/cf9196fb5579405f5bda53990649b5582d963bd3
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/controlflow/ControlFlowGraph.qll
M rust/ql/lib/codeql/rust/controlflow/internal/Completion.qll
M rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll
R rust/ql/lib/codeql/rust/controlflow/internal/SuccessorType.qll
M rust/ql/lib/codeql/rust/internal/CachedStages.qll
Log Message:
-----------
Rust: Use shared SuccessorType.
Commit: c1662cf05c1107d09644476e0a9f6660f09489a5
https://github.com/krishnprakash/codeql/commit/c1662cf05c1107d09644476e0a9f6660f09489a5
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/test/library-tests/assignables/AssignableDefinitionNode.expected
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.expected
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/csharp8/switchexprcontrolflow.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaExplicitDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaRead.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
M csharp/ql/test/library-tests/goto/Goto1.expected
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.expected
M ruby/ql/test/library-tests/controlflow/graph/Cfg.expected
M ruby/ql/test/library-tests/controlflow/graph/Nodes.expected
Log Message:
-----------
C#/Ruby: Accept qltest changes.
Mostly toString changes, and a slight change to
splitting in C#.
Commit: 1e25b4de4b392af578af356f2a2fc9df0321bd22
https://github.com/krishnprakash/codeql/commit/1e25b4de4b392af578af356f2a2fc9df0321bd22
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/controlflow/ControlFlowGraph.qll
M swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplSpecific.qll
M swift/ql/lib/codeql/swift/security/PathInjectionExtensions.qll
Log Message:
-----------
Swift: Use shared SuccessorType.
Commit: 92fcda3cc70ea1b964476892ec11fba30427aa7c
https://github.com/krishnprakash/codeql/commit/92fcda3cc70ea1b964476892ec11fba30427aa7c
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/actions/controlflow/internal/Cfg.qll
Log Message:
-----------
Actions: Use shared SuccessorType.
Commit: 4685b4f8a9eb4caed4eafa81c5f7b8e15c822b97
https://github.com/krishnprakash/codeql/commit/4685b4f8a9eb4caed4eafa81c5f7b8e15c822b97
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
R java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll
Log Message:
-----------
Java: Use shared SuccessorType.
Commit: 144e34c669c0f0238ce00d18d9abd1a18da3f9eb
https://github.com/krishnprakash/codeql/commit/144e34c669c0f0238ce00d18d9abd1a18da3f9eb
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/actions/controlflow/internal/Cfg.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/EdgeKind.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/Guards.qll
M shared/controlflow/codeql/controlflow/SuccessorType.qll
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplSpecific.qll
Log Message:
-----------
Shared: Use shared SuccessorType in shared Cfg and BasicBlock libs.
Commit: bbf799510092248780107c9ba944639c0fd86915
https://github.com/krishnprakash/codeql/commit/bbf799510092248780107c9ba944639c0fd86915
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
Log Message:
-----------
C#: Fix caching dependencies.
Commit: 0d9b8d059250427434bc13f58d55895638c7bf27
https://github.com/krishnprakash/codeql/commit/0d9b8d059250427434bc13f58d55895638c7bf27
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M shared/controlflow/codeql/controlflow/Cfg.qll
Log Message:
-----------
Cfg: Allow for multiple exception successors.
Commit: 4e706276292e57b5d1fa0f1034a4b5c184d58c6b
https://github.com/krishnprakash/codeql/commit/4e706276292e57b5d1fa0f1034a4b5c184d58c6b
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
M shared/controlflow/codeql/controlflow/Guards.qll
Log Message:
-----------
Guards: Use shared SuccessorType.
Commit: 3d4d347150224d68a2048d4f0195cb42b34b28ca
https://github.com/krishnprakash/codeql/commit/3d4d347150224d68a2048d4f0195cb42b34b28ca
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Splitting.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/SuccessorType.qll
Log Message:
-----------
SuccessorType: Address review comments.
Commit: f833fe0e6eb881b982c5b96b63ddbcd1f5748897
https://github.com/krishnprakash/codeql/commit/f833fe0e6eb881b982c5b96b63ddbcd1f5748897
Author: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/actions/controlflow/internal/Cfg.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/EdgeKind.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M csharp/ql/lib/semmle/code/csharp/Caching.qll
M csharp/ql/lib/semmle/code/csharp/commons/Constants.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
M csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
M csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
M csharp/ql/test/library-tests/assignables/AssignableDefinitionNode.expected
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.ql
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.ql
M csharp/ql/test/library-tests/csharp8/switchexprcontrolflow.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaExplicitDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaRead.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
M csharp/ql/test/library-tests/goto/Goto1.expected
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
R java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
M python/ql/lib/semmle/python/Flow.qll
M ruby/ql/consistency-queries/DataFlowConsistency.ql
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/controlflow/ControlFlowGraph.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Completion.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Guards.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Splitting.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.expected
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/controlflow/graph/Cfg.expected
M ruby/ql/test/library-tests/controlflow/graph/Nodes.expected
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/controlflow/ControlFlowGraph.qll
M rust/ql/lib/codeql/rust/controlflow/internal/Completion.qll
M rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll
R rust/ql/lib/codeql/rust/controlflow/internal/SuccessorType.qll
M rust/ql/lib/codeql/rust/internal/CachedStages.qll
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/Guards.qll
A shared/controlflow/codeql/controlflow/SuccessorType.qll
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/controlflow/ControlFlowGraph.qll
M swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplSpecific.qll
M swift/ql/lib/codeql/swift/security/PathInjectionExtensions.qll
Log Message:
-----------
Merge pull request #20300 from aschackmull/cfg/successortype
Shared: Add a shared SuccessorType implementation
Commit: 0bfa93828b3ec126c9c1cf170f00b3a167a4c4f7
https://github.com/krishnprakash/codeql/commit/0bfa93828b3ec126c9c1cf170f00b3a167a4c4f7
Author: github-actions[bot] <github-...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.16.md
M actions/ql/lib/codeql-pack.release.yml
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
A actions/ql/src/change-notes/released/0.6.8.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/qlpack.yml
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2025-08-19-virtual-dispatch.md
R cpp/ql/lib/change-notes/2025-08-27-pch.md
R cpp/ql/lib/change-notes/2025-08-28-comptr.md
A cpp/ql/lib/change-notes/released/5.5.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/src/CHANGELOG.md
R cpp/ql/src/change-notes/2025-08-20-add-customizations.md
A cpp/ql/src/change-notes/released/1.4.7.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/lib/CHANGELOG.md
R csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
R csharp/ql/lib/change-notes/2025-08-18-implicit-reads-at-sinks.md
R csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
R csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
A csharp/ql/lib/change-notes/released/5.2.3.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/CHANGELOG.md
A csharp/ql/src/change-notes/released/1.3.4.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/qlpack.yml
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.30.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/released/4.3.3.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/src/CHANGELOG.md
A go/ql/src/change-notes/released/1.4.4.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/qlpack.yml
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/released/7.6.1.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/qlpack.yml
M java/ql/src/CHANGELOG.md
R java/ql/src/change-notes/2024-10-03-remove-java-query.md
R java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/change-notes/2025-07-19-adjust-tags.md
R java/ql/src/change-notes/2025-08-22-nullness-fn.md
A java/ql/src/change-notes/released/1.7.0.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/qlpack.yml
M javascript/ql/lib/CHANGELOG.md
R javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
A javascript/ql/lib/change-notes/released/2.6.10.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.0.3.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.30.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/ql/lib/CHANGELOG.md
R python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
R python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
A python/ql/lib/change-notes/released/4.0.14.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/qlpack.yml
M python/ql/src/CHANGELOG.md
R python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/src/change-notes/2025-07-25-unexpected-raise-special-method.md
A python/ql/src/change-notes/released/1.6.4.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/qlpack.yml
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/released/5.0.3.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/released/1.4.4.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/CHANGELOG.md
R rust/ql/lib/change-notes/2025-08-22-fs.md
R rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
R rust/ql/lib/change-notes/2025-08-28-path-resolution.md
A rust/ql/lib/change-notes/released/0.1.15.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/qlpack.yml
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2025-08-18-log-injection.md
R rust/ql/src/change-notes/2025-08-20-add-customizations.md
R rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
A rust/ql/src/change-notes/released/0.1.15.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.4.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.14.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.0.14.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.30.md
M shared/mad/codeql-pack.release.yml
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.8.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.30.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.30.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.6.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.30.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.30.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.30.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.11.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.14.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.30.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
R shared/util/change-notes/2025-08-25-loc-option.md
A shared/util/change-notes/released/2.0.17.md
M shared/util/codeql-pack.release.yml
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.30.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.30.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/released/5.0.6.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2025-08-20-add-customizations.md
A swift/ql/src/change-notes/released/1.2.4.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Release preparation for version 2.23.0
Commit: 28f02c07d7d744d761520fbfb354f96827a11f6c
https://github.com/krishnprakash/codeql/commit/28f02c07d7d744d761520fbfb354f96827a11f6c
Author: Arthur Baars <aib...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.16.md
M actions/ql/lib/codeql-pack.release.yml
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
A actions/ql/src/change-notes/released/0.6.8.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/qlpack.yml
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2025-08-19-virtual-dispatch.md
R cpp/ql/lib/change-notes/2025-08-27-pch.md
R cpp/ql/lib/change-notes/2025-08-28-comptr.md
A cpp/ql/lib/change-notes/released/5.5.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/src/CHANGELOG.md
R cpp/ql/src/change-notes/2025-08-20-add-customizations.md
A cpp/ql/src/change-notes/released/1.4.7.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/lib/CHANGELOG.md
R csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
R csharp/ql/lib/change-notes/2025-08-18-implicit-reads-at-sinks.md
R csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
R csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
A csharp/ql/lib/change-notes/released/5.2.3.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/CHANGELOG.md
A csharp/ql/src/change-notes/released/1.3.4.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/qlpack.yml
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.30.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/released/4.3.3.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/src/CHANGELOG.md
A go/ql/src/change-notes/released/1.4.4.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/qlpack.yml
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/released/7.6.1.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/qlpack.yml
M java/ql/src/CHANGELOG.md
R java/ql/src/change-notes/2024-10-03-remove-java-query.md
R java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/change-notes/2025-07-19-adjust-tags.md
R java/ql/src/change-notes/2025-08-22-nullness-fn.md
A java/ql/src/change-notes/released/1.7.0.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/qlpack.yml
M javascript/ql/lib/CHANGELOG.md
R javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
A javascript/ql/lib/change-notes/released/2.6.10.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.0.3.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.30.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/ql/lib/CHANGELOG.md
R python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
R python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
A python/ql/lib/change-notes/released/4.0.14.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/qlpack.yml
M python/ql/src/CHANGELOG.md
R python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/src/change-notes/2025-07-25-unexpected-raise-special-method.md
A python/ql/src/change-notes/released/1.6.4.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/qlpack.yml
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/released/5.0.3.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/released/1.4.4.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/CHANGELOG.md
R rust/ql/lib/change-notes/2025-08-22-fs.md
R rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
R rust/ql/lib/change-notes/2025-08-28-path-resolution.md
A rust/ql/lib/change-notes/released/0.1.15.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/qlpack.yml
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2025-08-18-log-injection.md
R rust/ql/src/change-notes/2025-08-20-add-customizations.md
R rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
A rust/ql/src/change-notes/released/0.1.15.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.4.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.14.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.0.14.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.30.md
M shared/mad/codeql-pack.release.yml
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.8.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.30.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.30.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.6.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.30.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.30.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.30.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.11.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.14.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.30.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
R shared/util/change-notes/2025-08-25-loc-option.md
A shared/util/change-notes/released/2.0.17.md
M shared/util/codeql-pack.release.yml
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.30.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.30.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/released/5.0.6.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2025-08-20-add-customizations.md
A swift/ql/src/change-notes/released/1.2.4.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Merge pull request #20346 from github/release-prep/2.23.0
Release preparation for version 2.23.0
Commit: e8a2600a0ca34ab3440813eb54f4811db2e7bd63
https://github.com/krishnprakash/codeql/commit/e8a2600a0ca34ab3440813eb54f4811db2e7bd63
Author: github-actions[bot] <github-...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/qlpack.yml
M actions/ql/src/qlpack.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/src/qlpack.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/qlpack.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/qlpack.yml
M go/ql/src/qlpack.yml
M java/ql/lib/qlpack.yml
M java/ql/src/qlpack.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/src/qlpack.yml
M misc/suite-helpers/qlpack.yml
M python/ql/lib/qlpack.yml
M python/ql/src/qlpack.yml
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/qlpack.yml
M rust/ql/src/qlpack.yml
M shared/concepts/qlpack.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/qlpack.yml
M shared/mad/qlpack.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/qlpack.yml
M shared/ssa/qlpack.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/qlpack.yml
M shared/typos/qlpack.yml
M shared/util/qlpack.yml
M shared/xml/qlpack.yml
M shared/yaml/qlpack.yml
M swift/ql/lib/qlpack.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Post-release preparation for codeql-cli-2.23.0
Commit: 0bb7fdccf68ea3922536d136a95c61aff0205417
https://github.com/krishnprakash/codeql/commit/0bb7fdccf68ea3922536d136a95c61aff0205417
Author: Arthur Baars <aib...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.16.md
M actions/ql/lib/codeql-pack.release.yml
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
A actions/ql/src/change-notes/released/0.6.8.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/qlpack.yml
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2025-08-19-virtual-dispatch.md
R cpp/ql/lib/change-notes/2025-08-27-pch.md
R cpp/ql/lib/change-notes/2025-08-28-comptr.md
A cpp/ql/lib/change-notes/released/5.5.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/src/CHANGELOG.md
R cpp/ql/src/change-notes/2025-08-20-add-customizations.md
A cpp/ql/src/change-notes/released/1.4.7.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/lib/CHANGELOG.md
R csharp/ql/lib/change-notes/2025-08-18-byte-char-bulk-types.md
R csharp/ql/lib/change-notes/2025-08-18-implicit-reads-at-sinks.md
R csharp/ql/lib/change-notes/2025-08-26-xmlreader-models.md
R csharp/ql/lib/change-notes/2025-08-29-base-qualifier-dispatch.md
A csharp/ql/lib/change-notes/released/5.2.3.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/qlpack.yml
M csharp/ql/src/CHANGELOG.md
A csharp/ql/src/change-notes/released/1.3.4.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/qlpack.yml
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.30.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/released/4.3.3.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/src/CHANGELOG.md
A go/ql/src/change-notes/released/1.4.4.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/qlpack.yml
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/released/7.6.1.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/qlpack.yml
M java/ql/src/CHANGELOG.md
R java/ql/src/change-notes/2024-10-03-remove-java-query.md
R java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/change-notes/2025-07-19-adjust-tags.md
R java/ql/src/change-notes/2025-08-22-nullness-fn.md
A java/ql/src/change-notes/released/1.7.0.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/qlpack.yml
M javascript/ql/lib/CHANGELOG.md
R javascript/ql/lib/change-notes/2025-07-15-xml-bomb-sinks.md
A javascript/ql/lib/change-notes/released/2.6.10.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.0.3.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.30.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/ql/lib/CHANGELOG.md
R python/ql/lib/change-notes/2025-07-15-xml-bomb-sinks-python.md
R python/ql/lib/change-notes/2025-08-25-psycopg2-connection-pool-modelling.md
A python/ql/lib/change-notes/released/4.0.14.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/qlpack.yml
M python/ql/src/CHANGELOG.md
R python/ql/src/change-notes/2025-07-14-comparisons.md
R python/ql/src/change-notes/2025-07-25-unexpected-raise-special-method.md
A python/ql/src/change-notes/released/1.6.4.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/qlpack.yml
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/released/5.0.3.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/released/1.4.4.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/CHANGELOG.md
R rust/ql/lib/change-notes/2025-08-22-fs.md
R rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
R rust/ql/lib/change-notes/2025-08-28-path-resolution.md
A rust/ql/lib/change-notes/released/0.1.15.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/qlpack.yml
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2025-08-18-log-injection.md
R rust/ql/src/change-notes/2025-08-20-add-customizations.md
R rust/ql/src/change-notes/2025-08-28-diagnostic-database-quality.md
A rust/ql/src/change-notes/released/0.1.15.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.4.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.14.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.0.14.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.30.md
M shared/mad/codeql-pack.release.yml
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.8.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.30.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.30.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.6.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.30.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.30.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.30.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.11.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.14.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.30.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
R shared/util/change-notes/2025-08-25-loc-option.md
A shared/util/change-notes/released/2.0.17.md
M shared/util/codeql-pack.release.yml
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.30.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.30.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/released/5.0.6.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2025-08-20-add-customizations.md
A swift/ql/src/change-notes/released/1.2.4.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Merge pull request #20347 from github/post-release-prep/codeql-cli-2.23.0
Post-release preparation for codeql-cli-2.23.0
Commit: 7490d8ddd202b66a8be5f35f4b8d7de69a307cf7
https://github.com/krishnprakash/codeql/commit/7490d8ddd202b66a8be5f35f4b8d7de69a307cf7
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll
M ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll
M shared/quantum/codeql/quantum/experimental/Model.qll
Log Message:
-----------
Shared and Sync: Fix some Ql4Ql violations.
Commit: 31852985e5bb79ff2e923fffe73e900d7ea9fd06
https://github.com/krishnprakash/codeql/commit/31852985e5bb79ff2e923fffe73e900d7ea9fd06
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll
M ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll
M shared/quantum/codeql/quantum/experimental/Model.qll
Log Message:
-----------
Merge pull request #20335 from michaelnebel/shared/ql4ql
Shared and Sync: Fix some Ql4Ql violations.
Commit: 8a92b2d611cabd9fedd08d8d25e944f2d75559dd
https://github.com/krishnprakash/codeql/commit/8a92b2d611cabd9fedd08d8d25e944f2d75559dd
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/type-inference/closure.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.ql
Log Message:
-----------
Rust: Change inline expectation annotation for certain inferred types
Commit: 17d23a9b78eee15367f8784f99765dbbce29cf86
https://github.com/krishnprakash/codeql/commit/17d23a9b78eee15367f8784f99765dbbce29cf86
Author: Simon Friis Vindum <sim...@gmail.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/test/library-tests/type-inference/closure.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.ql
Log Message:
-----------
Merge pull request #20343 from paldepind/rust/certain-type-inline-expectation
Rust: Change inline expectation annotation for inferred certain types
Commit: 60845001dd22dd5c35849597b424c08bd160774e
https://github.com/krishnprakash/codeql/commit/60845001dd22dd5c35849597b424c08bd160774e
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Add `sizeof` VLA IR test cases
Commit: d9320b3c16b08818e8a189bacaa1dee8cc3ae2ae
https://github.com/krishnprakash/codeql/commit/d9320b3c16b08818e8a189bacaa1dee8cc3ae2ae
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Support `sizeof` VLAs in the IR
Commit: dc7833052964fbab41425a9e4148a1fc3393e448
https://github.com/krishnprakash/codeql/commit/dc7833052964fbab41425a9e4148a1fc3393e448
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Update expected test results
Commit: 5bd08e817444b909b8b541d2f23a68e61f58beab
https://github.com/krishnprakash/codeql/commit/5bd08e817444b909b8b541d2f23a68e61f58beab
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Add more `sizeof` VLA tests
Commit: fdab63fd5fb92b5f56a3da4b206eeb8c68c2a499
https://github.com/krishnprakash/codeql/commit/fdab63fd5fb92b5f56a3da4b206eeb8c68c2a499
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Handle `ArrayExpr`s in `sizeof` VLAs
Commit: 74f5687660c680b3eeb2c2e86106d9aec97233b4
https://github.com/krishnprakash/codeql/commit/74f5687660c680b3eeb2c2e86106d9aec97233b4
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Update expected test results
Commit: 6e8f44da42103da4b86b531df389d63789a041ed
https://github.com/krishnprakash/codeql/commit/6e8f44da42103da4b86b531df389d63789a041ed
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Handle `sizeof` VLAs with typedefs
Commit: ffbc83deebf30a5c20a32f9be3d51f00586245fc
https://github.com/krishnprakash/codeql/commit/ffbc83deebf30a5c20a32f9be3d51f00586245fc
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Update expected test results
Commit: 6a9324fab033c596892a6be91ee848eb7ab94b10
https://github.com/krishnprakash/codeql/commit/6a9324fab033c596892a6be91ee848eb7ab94b10
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
Log Message:
-----------
C++: Fix obtaining the base type of a VLA
Commit: f0f66c6d5880054c240726b458fbd6696171099b
https://github.com/krishnprakash/codeql/commit/f0f66c6d5880054c240726b458fbd6696171099b
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmle/code/cpp/stmts/Stmt.qll
Log Message:
-----------
C++: Minor refactor
* Introduce new instruction tag for the base size
* Introduce some convenience predicates on `VlaDeclStmt`
Commit: f68d3477d4be389ae9b9ec5b0c11921996419a76
https://github.com/krishnprakash/codeql/commit/f68d3477d4be389ae9b9ec5b0c11921996419a76
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
Log Message:
-----------
C++: Output necessary conversions in the `sizeof` VLA IR
Commit: 8a7553232f0d0f96a364e34c05df94927ded98a6
https://github.com/krishnprakash/codeql/commit/8a7553232f0d0f96a364e34c05df94927ded98a6
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Add more `sizeof` VLA tests
Commit: 438cc961da4629f2aedef0ae4acc5f893988a92c
https://github.com/krishnprakash/codeql/commit/438cc961da4629f2aedef0ae4acc5f893988a92c
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Document `TranslatedSizeofExpr`
Commit: f4df3881f8f3d7151d947e44e2861de5f27fb90c
https://github.com/krishnprakash/codeql/commit/f4df3881f8f3d7151d947e44e2861de5f27fb90c
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
Log Message:
-----------
C++: Handle `*&` sequences in `sizeof` VLA expressions
Commit: 9431b0c754f6e0d21a1655be2bd7a87d6d9495d5
https://github.com/krishnprakash/codeql/commit/9431b0c754f6e0d21a1655be2bd7a87d6d9495d5
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-09-02-vla.md
Log Message:
-----------
C++: Add change note for new `VlaDeclStmt` predicates
Commit: 8de1ed0d851594c3a350f58af4ec60d867f08322
https://github.com/krishnprakash/codeql/commit/8de1ed0d851594c3a350f58af4ec60d867f08322
Author: Jeroen Ketema <jke...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Log Message:
-----------
C++: Address review comments
Commit: ab3ad20a1ef35ce65964150e56b5e257f4b74da8
https://github.com/krishnprakash/codeql/commit/ab3ad20a1ef35ce65964150e56b5e257f4b74da8
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-09-02-vla.md
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmle/code/cpp/stmts/Stmt.qll
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
Log Message:
-----------
Merge pull request #20319 from jketema/ir-vla-sizeof
C++: Support `sizeof` VLAs in the IR
Commit: 45b8158fe53acc55a0acf09da53b1f6a5ac9c950
https://github.com/krishnprakash/codeql/commit/45b8158fe53acc55a0acf09da53b1f6a5ac9c950
Author: Asger F <asg...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
JS: Remove totalorder()
This was once as input to the shared data flow library, but has since been removed from the input signature.
Commit: 1ea843f23c70b153a8bcb0963bd70c20a1084734
https://github.com/krishnprakash/codeql/commit/1ea843f23c70b153a8bcb0963bd70c20a1084734
Author: Asger F <asg...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
Log Message:
-----------
Merge pull request #20323 from asgerf/js/remove-totalorder
JS: Remove totalorder()
Commit: 9f31f02c12a3544dc91c01516a78c454437b6acb
https://github.com/krishnprakash/codeql/commit/9f31f02c12a3544dc91c01516a78c454437b6acb
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M csharp/documentation/library-coverage/coverage.csv
M csharp/documentation/library-coverage/coverage.rst
Log Message:
-----------
Add changed framework coverage reports
Commit: fb1387340ff6f19f6237c61acf56eb6d2c730ee5
https://github.com/krishnprakash/codeql/commit/fb1387340ff6f19f6237c61acf56eb6d2c730ee5
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M csharp/documentation/library-coverage/coverage.csv
M csharp/documentation/library-coverage/coverage.rst
Log Message:
-----------
Merge pull request #20349 from github/workflow/coverage/update
Update CSV framework coverage reports
Commit: dff5ed7d295e260d8bc30b5bfac8e9ec6eee58a7
https://github.com/krishnprakash/codeql/commit/dff5ed7d295e260d8bc30b5bfac8e9ec6eee58a7
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/test/library-tests/dataflow/global/viableCallable.expected
A rust/ql/test/library-tests/dataflow/global/viableCallable.qlref
Log Message:
-----------
Rust: Assign locations to all `DataFlowCallable`s
Commit: f2b8ac127f42d484a8838faef69de248a37c66f8
https://github.com/krishnprakash/codeql/commit/f2b8ac127f42d484a8838faef69de248a37c66f8
Author: Tom Hvitved <hvi...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/test/library-tests/dataflow/global/viableCallable.expected
A rust/ql/test/library-tests/dataflow/global/viableCallable.qlref
Log Message:
-----------
Merge pull request #20351 from hvitved/rust/summarized-callable-location
Rust: Assign locations to all `DataFlowCallable`s
Commit: 64f9758c29eca0d36a637c6fe12b2bb0bc594735
https://github.com/krishnprakash/codeql/commit/64f9758c29eca0d36a637c6fe12b2bb0bc594735
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/Locations.qll
M actions/ql/lib/codeql/actions/Ast.qll
M actions/ql/lib/codeql/actions/ast/internal/Ast.qll
M actions/ql/lib/codeql/actions/controlflow/BasicBlocks.qll
M actions/ql/lib/codeql/actions/dataflow/ExternalFlow.qll
M actions/ql/lib/codeql/actions/dataflow/FlowSources.qll
M actions/ql/lib/codeql/actions/security/ArgumentInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/ArtifactPoisoningQuery.qll
M actions/ql/lib/codeql/actions/security/ControlChecks.qll
M actions/ql/lib/codeql/actions/security/EnvVarInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/OutputClobberingQuery.qll
M actions/ql/lib/codeql/actions/security/UseOfUnversionedImmutableAction.qll
M actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
Log Message:
-----------
Actions: Fix some Ql4Ql violations.
Commit: a9baf34629fbdaf620003f67952b28f95959d7f1
https://github.com/krishnprakash/codeql/commit/a9baf34629fbdaf620003f67952b28f95959d7f1
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M actions/ql/lib/codeql/Locations.qll
M actions/ql/lib/codeql/actions/Ast.qll
M actions/ql/lib/codeql/actions/ast/internal/Ast.qll
M actions/ql/lib/codeql/actions/controlflow/BasicBlocks.qll
M actions/ql/lib/codeql/actions/dataflow/ExternalFlow.qll
M actions/ql/lib/codeql/actions/dataflow/FlowSources.qll
M actions/ql/lib/codeql/actions/security/ArgumentInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/ArtifactPoisoningQuery.qll
M actions/ql/lib/codeql/actions/security/ControlChecks.qll
M actions/ql/lib/codeql/actions/security/EnvVarInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/OutputClobberingQuery.qll
M actions/ql/lib/codeql/actions/security/UseOfUnversionedImmutableAction.qll
M actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
Log Message:
-----------
Merge pull request #20324 from michaelnebel/actions/ql4ql
Actions: Fix some Ql4Ql violations.
Commit: 8fc81f4263ea67d0d3411a02998e82a9767f4432
https://github.com/krishnprakash/codeql/commit/8fc81f4263ea67d0d3411a02998e82a9767f4432
Author: Napalys Klicius <nap...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M .github/workflows/build-ripunzip.yml
M .github/workflows/buildifier.yml
M .github/workflows/check-implicit-this.yml
M .github/workflows/check-overlay-annotations.yml
M .github/workflows/check-qldoc.yml
M .github/workflows/check-query-ids.yml
M .github/workflows/codeql-analysis.yml
M .github/workflows/compile-queries.yml
M .github/workflows/cpp-swift-analysis.yml
M .github/workflows/csharp-qltest.yml
M .github/workflows/csv-coverage-metrics.yml
M .github/workflows/csv-coverage-pr-artifacts.yml
M .github/workflows/csv-coverage-pr-comment.yml
M .github/workflows/csv-coverage-timeseries.yml
M .github/workflows/csv-coverage-update.yml
M .github/workflows/csv-coverage.yml
M .github/workflows/fast-forward.yml
M .github/workflows/go-tests.yml
M .github/workflows/kotlin-build.yml
M .github/workflows/mad_modelDiff.yml
M .github/workflows/mad_regenerate-models.yml
M .github/workflows/python-tooling.yml
M .github/workflows/qhelp-pr-preview.yml
M .github/workflows/ql-for-ql-build.yml
M .github/workflows/ql-for-ql-dataset_measure.yml
M .github/workflows/ql-for-ql-tests.yml
M .github/workflows/query-list.yml
M .github/workflows/ruby-build.yml
M .github/workflows/ruby-dataset-measure.yml
M .github/workflows/ruby-qltest-rtjo.yml
M .github/workflows/ruby-qltest.yml
M .github/workflows/rust-analysis.yml
M .github/workflows/rust.yml
M .github/workflows/swift.yml
M .github/workflows/sync-files.yml
M .github/workflows/tree-sitter-extractor-test.yml
M .github/workflows/validate-change-notes.yml
M .github/workflows/zipmerge-test.yml
M actions/extractor/codeql-extractor.yml
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.16.md
M actions/ql/lib/codeql-pack.release.yml
M actions/ql/lib/codeql/Locations.qll
M actions/ql/lib/codeql/actions/Ast.qll
M actions/ql/lib/codeql/actions/ast/internal/Ast.qll
M actions/ql/lib/codeql/actions/controlflow/BasicBlocks.qll
M actions/ql/lib/codeql/actions/controlflow/internal/Cfg.qll
M actions/ql/lib/codeql/actions/dataflow/ExternalFlow.qll
M actions/ql/lib/codeql/actions/dataflow/FlowSources.qll
M actions/ql/lib/codeql/actions/security/ArgumentInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/ArtifactPoisoningQuery.qll
M actions/ql/lib/codeql/actions/security/ControlChecks.qll
M actions/ql/lib/codeql/actions/security/EnvVarInjectionQuery.qll
M actions/ql/lib/codeql/actions/security/OutputClobberingQuery.qll
M actions/ql/lib/codeql/actions/security/UseOfUnversionedImmutableAction.qll
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
A actions/ql/src/change-notes/released/0.6.8.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
M actions/ql/src/qlpack.yml
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/old.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/semmlecode.cpp.dbscheme
A cpp/downgrades/c16b29b27f71247023321cc0d0360998b318837c/upgrade.properties
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2025-08-19-virtual-dispatch.md
A cpp/ql/lib/change-notes/2025-09-02-vla.md
A cpp/ql/lib/change-notes/released/5.5.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/cpp.qll
A cpp/ql/lib/ext/ComPtr.model.yml
A cpp/ql/lib/ext/ComPtrRef.model.yml
M cpp/ql/lib/qlpack.yml
A cpp/ql/lib/semmle/code/cpp/PchFile.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImpl.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/EdgeKind.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRBlock.qll
M cpp/ql/lib/semmle/code/cpp/stmts/Stmt.qll
M cpp/ql/lib/semmlecode.cpp.dbscheme
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/old.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/5340d6d5f428557632b1a50113e406430f29ef7d/upgrade.properties
M cpp/ql/src/CHANGELOG.md
R cpp/ql/src/change-notes/2025-08-20-add-customizations.md
A cpp/ql/src/change-notes/released/1.4.7.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M cpp/ql/test/library-tests/dataflow/external-models/validatemodels.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/atl.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
A cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/ms_vacopy.c
M csharp/codeql-extractor.yml
M csharp/documentation/library-coverage/coverage.csv
M csharp/documentation/library-coverage/coverage.rst
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.47.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/lib/CHANGELOG.md
R csharp/ql/lib/change-notes/2025-08-18-implicit-reads-at-sinks.md
A csharp/ql/lib/change-notes/released/5.2.3.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/ext/System.IO.model.yml
M csharp/ql/lib/ext/System.Xml.model.yml
M csharp/ql/lib/ext/System.model.yml
M csharp/ql/lib/printAst.ql
M csharp/ql/lib/qlpack.yml
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Caching.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Member.qll
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
M csharp/ql/lib/semmle/code/csharp/commons/Constants.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreSsa.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/SuccessorType.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
M csharp/ql/lib/semmle/code/csharp/serialization/Deserializers.qll
M csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
M csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll
M csharp/ql/src/CHANGELOG.md
M csharp/ql/src/Language Abuse/UselessUpcast.ql
M csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
M csharp/ql/src/Telemetry/DatabaseQuality.qll
A csharp/ql/src/change-notes/released/1.3.4.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/qlpack.yml
M csharp/ql/test/library-tests/assignables/AssignableDefinitionNode.expected
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.ql
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.ql
M csharp/ql/test/library-tests/csharp8/switchexprcontrolflow.expected
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.cs
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaExplicitDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaRead.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
M csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.expected
M csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref
M csharp/ql/test/library-tests/goto/Goto1.expected
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/UnsafeDeserializationUntrustedInput.expected
M go/codeql-extractor.yml
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.30.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/released/4.3.3.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/lib/semmle/go/StringOps.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowUtil.qll
M go/ql/src/CHANGELOG.md
A go/ql/src/change-notes/released/1.4.4.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
M go/ql/src/qlpack.yml
M java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected
M java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected
M java/ql/integration-tests/java/query-suite/not_included_in_qls.expected
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/released/7.6.1.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/experimental/quantum/JCA.qll
M java/ql/lib/experimental/quantum/Language.qll
M java/ql/lib/printAst.ql
M java/ql/lib/qlpack.yml
M java/ql/lib/semmle/code/java/Concurrency.qll
M java/ql/lib/semmle/code/java/Conversions.qll
M java/ql/lib/semmle/code/java/Statement.qll
M java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll
M java/ql/lib/semmle/code/java/controlflow/Guards.qll
R java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll
M java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll
M java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll
M java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll
M java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll
M java/ql/lib/semmle/code/java/frameworks/Mockito.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
M java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll
M java/ql/lib/semmle/code/java/security/FileWritable.qll
M java/ql/lib/semmle/code/java/security/TempDirUtils.qll
M java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
M java/ql/src/CHANGELOG.md
M java/ql/src/Likely Bugs/Comparison/HashedButNoHash.ql
M java/ql/src/Likely Bugs/Concurrency/NotifyWithoutSynch.ql
M java/ql/src/Likely Bugs/Termination/SpinOnField.ql
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.md
A java/ql/src/Violations of Best Practice/Implementation Hiding/VisibleForTestingAbuse.ql
M java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll
M java/ql/src/Violations of Best Practice/Naming Conventions/ConfusingOverloading.ql
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.md
A java/ql/src/Violations of Best Practice/Testing/ExcessivePublicMethodMocking.ql
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.java
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.qhelp
M java/ql/src/Violations of Best Practice/Undesirable Calls/CallsToSystemExit.ql
R java/ql/src/change-notes/2024-10-03-remove-java-query.md
R java/ql/src/change-notes/2025-07-17-spring-actuators-config-promo.md
R java/ql/src/change-notes/2025-07-19-adjust-tags.md
R java/ql/src/change-notes/2025-08-22-nullness-fn.md
A java/ql/src/change-notes/released/1.7.0.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/experimental/quantum/Analysis/ArtifactReuse.qll
M java/ql/src/experimental/quantum/Examples/BrokenCrypto.ql
M java/ql/src/qlpack.yml
M java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll
A java/ql/test/query-tests/CallsToSystemExit/CallsToSystemExit.expected
A java/ql/test/query-tests/CallsToSystemExit/CallsToSystemExit.qlref
A java/ql/test/query-tests/CallsToSystemExit/ExampleRuntimeExit.java
A java/ql/test/query-tests/CallsToSystemExit/ExampleRuntimeHalt.java
A java/ql/test/query-tests/CallsToSystemExit/ExampleSystemExit.java
A java/ql/test/query-tests/CallsToSystemExit/LocalClassInTestMethod.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/Employee.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeRecord.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/EmployeeStatus.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.expected
A java/ql/test/query-tests/ExcessivePublicMethodMocking/ExcessivePublicMethodMocking.qlref
A java/ql/test/query-tests/ExcessivePublicMethodMocking/TestORM.java
A java/ql/test/query-tests/ExcessivePublicMethodMocking/options
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.expected
A java/ql/test/query-tests/VisibleForTestingAbuse/VisibleForTestingAbuse.qlref
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/AnnotatedClass.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/SourcePackage1.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packageone/VisibleForTesting.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Annotated.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Source.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/Test.java
A java/ql/test/query-tests/VisibleForTestingAbuse/packagetwo/UseWithinAnnotation.java
A java/ql/test/stubs/junit-4.13/LICENSE-junit.txt
A java/ql/test/stubs/junit-4.13/org/junit/Assert.java
A java/ql/test/stubs/junit-4.13/org/junit/Test.java
A java/ql/test/stubs/junit-4.13/org/junit/function/ThrowingRunnable.java
A java/ql/test/stubs/mockito-5.14/org/mockito/ArgumentMatchers.java
A java/ql/test/stubs/mockito-5.14/org/mockito/MockSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/Mockito.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/MockitoCore.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/creation/MockSettingsImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerFactory.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/handler/MockHandlerImpl.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/progress/MockingProgress.java
A java/ql/test/stubs/mockito-5.14/org/mockito/internal/util/MockUtil.java
A java/ql/test/stubs/mockito-5.14/org/mockito/invocation/MockHandler.java
A java/ql/test/stubs/mockito-5.14/org/mockito/mock/MockCreationSettings.java
A java/ql/test/stubs/mockito-5.14/org/mockito/plugins/MockMaker.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Answer.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/OngoingStubbing.java
A java/ql/test/stubs/mockito-5.14/org/mockito/stubbing/Stubber.java
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/old.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/semmlecode.javascript.dbscheme
A javascript/downgrades/76a926a00d5f3bc199c203a1437796fd7b2835ba/upgrade.properties
M javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
A javascript/extractor/src/com/semmle/js/extractor/OverlayChanges.java
M javascript/ql/lib/CHANGELOG.md
A javascript/ql/lib/change-notes/released/2.6.10.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/javascript.qll
M javascript/ql/lib/qlpack.yml
M javascript/ql/lib/semmle/javascript/AST.qll
M javascript/ql/lib/semmle/javascript/Files.qll
M javascript/ql/lib/semmle/javascript/JSON.qll
M javascript/ql/lib/semmle/javascript/Locations.qll
M javascript/ql/lib/semmle/javascript/RestrictedLocations.qll
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/Variables.qll
M javascript/ql/lib/semmle/javascript/XML.qll
M javascript/ql/lib/semmle/javascript/YAML.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableOrThis.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll
M javascript/ql/lib/semmle/javascript/frameworks/XmlParsers.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M javascript/ql/lib/semmle/javascript/internal/BasicBlockInternal.qll
R javascript/ql/lib/semmle/javascript/internal/Locations.qll
A javascript/ql/lib/semmle/javascript/internal/Overlay.qll
M javascript/ql/lib/semmlecode.javascript.dbscheme
M javascript/ql/lib/semmlecode.javascript.dbscheme.stats
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/old.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/semmlecode.javascript.dbscheme
A javascript/ql/lib/upgrades/ccefb5e2d49318eea4aeafd4c6ae2af9f94ac72a/upgrade.properties
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.0.3.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M javascript/ql/test/experimental/FormParsers/RemoteFlowSource.expected
M javascript/ql/test/experimental/Security/CWE-094-dataURL/CodeInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueAndKeyInjection/EnvValueAndKeyInjection.expected
M javascript/ql/test/experimental/Security/CWE-099/EnvValueInjection/EnvValueInjection.expected
M javascript/ql/test/experimental/Security/CWE-347/localsource/decodeJwtWithoutVerificationLocalSource.expected
M javascript/ql/test/experimental/Security/CWE-347/remotesource/decodeJwtWithoutVerification.expected
M javascript/ql/test/experimental/Security/CWE-918/SSRF.expected
M javascript/ql/test/experimental/Security/CWE-942/CorsPermissiveConfiguration.expected
M javascript/ql/test/library-tests/CallGraphs/FullTest/tests.expected
M javascript/ql/test/library-tests/DataFlow/tests.expected
M javascript/ql/test/library-tests/DefUse/DefUsePair.expected
M javascript/ql/test/library-tests/GlobalAccessPaths/GlobalAccessPaths.expected
M javascript/ql/test/library-tests/SSA/GetRhsNode/GetRhsNode.expected
M javascript/ql/test/library-tests/SSA/SSADefinition/SSADefinition.expected
M javascript/ql/test/library-tests/StringConcatenation/StringOps.expected
M javascript/ql/test/library-tests/frameworks/Electron/tests.expected
M javascript/ql/test/library-tests/frameworks/ReactJS/tests.expected
M javascript/ql/test/library-tests/frameworks/koa/tests.expected
M javascript/ql/test/query-tests/Security/CWE-020/UntrustedDataToExternalAPI/UntrustedDataToExternalAPI.expected
M javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
M javascript/ql/test/query-tests/Security/CWE-022/ZipSlip/ZipSlip.expected
M javascript/ql/test/query-tests/Security/CWE-073/TemplateObjectInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/CommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/IndirectCommandInjection/IndirectCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/SecondOrderCommandInjection/SecondOrderCommandInjection.expected
M javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
M javascript/ql/test/query-tests/Security/CWE-079/DomBasedXssWithResponseThreat/Xss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ExceptionXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ReflectedXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/UnsafeHtmlConstruction.expected
M javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/UnsafeJQueryPlugin.expected
M javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected
M javascript/ql/test/query-tests/Security/CWE-089/local-threat-source/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/typed/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-089/untyped/SqlInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/CodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/HeuristicSourceCodeInjection.expected
M javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/ImproperCodeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-094/UnsafeDynamicMethodAccess/UnsafeDynamicMethodAccess.expected
M javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteHtmlAttributeSanitization.expected
M javascript/ql/test/query-tests/Security/CWE-117/LogInjection.expected
M javascript/ql/test/query-tests/Security/CWE-200/FileAccessToHttp.expected
M javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
M javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected
M javascript/ql/test/query-tests/Security/CWE-327/BrokenCryptoAlgorithm.expected
M javascript/ql/test/query-tests/Security/CWE-338/InsecureRandomness.expected
M javascript/ql/test/query-tests/Security/CWE-346/CorsMisconfigurationForCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-377/InsecureTemporaryFile.expected
M javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
M javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
M javascript/ql/test/query-tests/Security/CWE-506/HardcodedDataInterpretedAsCode.expected
M javascript/ql/test/query-tests/Security/CWE-522-DecompressionBombs/DecompressionBombs.expected
M javascript/ql/test/query-tests/Security/CWE-601/ClientSideUrlRedirect/ClientSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirect.expected
M javascript/ql/test/query-tests/Security/CWE-611/Xxe.expected
M javascript/ql/test/query-tests/Security/CWE-643/XpathInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-disabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-730/Threat-models-enabled/RegExpInjection.expected
M javascript/ql/test/query-tests/Security/CWE-754/UnvalidatedDynamicMethodCall.expected
M javascript/ql/test/query-tests/Security/CWE-770/ResourceExhaustion/ResourceExhaustion.expected
M javascript/ql/test/query-tests/Security/CWE-776/XmlBomb.expected
M javascript/ql/test/query-tests/Security/CWE-776/libxml.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.noent.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.sax.js
M javascript/ql/test/query-tests/Security/CWE-776/libxml.saxpush.js
M javascript/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
M javascript/ql/test/query-tests/Security/CWE-807/ConditionalBypass.expected
M javascript/ql/test/query-tests/Security/CWE-829/InsecureDownload.expected
M javascript/ql/test/query-tests/Security/CWE-843/TypeConfusionThroughParameterTampering.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingAssignment/PrototypePollutingAssignment.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingFunction/PrototypePollutingFunction.expected
M javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/PrototypePollutingMergeCall.expected
M javascript/ql/test/query-tests/Security/CWE-918/ClientSideRequestForgery.expected
M javascript/ql/test/query-tests/Security/CWE-918/RequestForgery.expected
M javascript/ql/test/tutorials/Analyzing data flow in JavaScript/Local data flow/query1.expected
M javascript/resources/codeql-extractor.yml
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.30.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/codeql-extractor.yml
M python/ql/integration-tests/query-suite/python-code-quality-extended.qls.expected
M python/ql/integration-tests/query-suite/python-code-quality.qls.expected
M python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected
M python/ql/lib/CHANGELOG.md
M python/ql/lib/analysis/DefinitionTracking.qll
A python/ql/lib/change-notes/released/4.0.14.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/experimental/cryptography/CryptoArtifact.qll
M python/ql/lib/experimental/cryptography/modules/CryptographyModule.qll
M python/ql/lib/experimental/cryptography/modules/stdlib/HashlibModule.qll
M python/ql/lib/qlpack.yml
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/frameworks/Lxml.qll
M python/ql/lib/semmle/python/frameworks/Psycopg2.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll
M python/ql/lib/semmle/python/objects/ObjectInternal.qll
M python/ql/lib/semmle/python/types/FunctionObject.qll
M python/ql/src/CHANGELOG.md
A python/ql/src/Classes/Comparisons/EqualsOrHash.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrHash.ql
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.qhelp
A python/ql/src/Classes/Comparisons/EqualsOrNotEquals.ql
A python/ql/src/Classes/Comparisons/IncompleteOrdering.qhelp
A python/ql/src/Classes/Comparisons/IncompleteOrdering.ql
A python/ql/src/Classes/Comparisons/examples/EqualsOrHash.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals1.py
A python/ql/src/Classes/Comparisons/examples/EqualsOrNotEquals2.py
A python/ql/src/Classes/Comparisons/examples/IncompleteOrdering.py
M python/ql/src/Classes/Equality.qll
R python/ql/src/Classes/EqualsOrHash.py
R python/ql/src/Classes/EqualsOrHash.qhelp
R python/ql/src/Classes/EqualsOrHash.ql
R python/ql/src/Classes/EqualsOrNotEquals.py
R python/ql/src/Classes/EqualsOrNotEquals.qhelp
R python/ql/src/Classes/EqualsOrNotEquals.ql
R python/ql/src/Classes/IncompleteOrdering.py
R python/ql/src/Classes/IncompleteOrdering.qhelp
R python/ql/src/Classes/IncompleteOrdering.ql
R python/ql/src/Classes/SubclassShadowing.py
R python/ql/src/Classes/SubclassShadowing.qhelp
R python/ql/src/Classes/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.qhelp
A python/ql/src/Classes/SubclassShadowing/SubclassShadowing.ql
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingBad.py
A python/ql/src/Classes/SubclassShadowing/examples/SubclassShadowingGood.py
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod.py
M python/ql/src/Functions/IncorrectRaiseInSpecialMethod.qhelp
M python/ql/src/Functions/IncorrectRaiseInSpecialMethod.ql
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod2.py
R python/ql/src/Functions/IncorrectRaiseInSpecialMethod3.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod2.py
A python/ql/src/Functions/examples/IncorrectRaiseInSpecialMethod3.py
M python/ql/src/Security/CWE-327/FluentApiModel.qll
A python/ql/src/change-notes/released/1.6.4.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql
M python/ql/src/qlpack.yml
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.expected
R python/ql/test/2/query-tests/Classes/equals-hash/EqualsOrNotEquals.qlref
R python/ql/test/2/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.expected
R python/ql/test/3/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/3/query-tests/Classes/equals-hash/equals_hash.py
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.expected
R python/ql/test/3/query-tests/Classes/equals-ne/EqualsOrNotEquals.qlref
R python/ql/test/3/query-tests/Classes/equals-ne/test.py
M python/ql/test/library-tests/frameworks/lxml/parsing.py
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.expected
A python/ql/test/library-tests/frameworks/psycopg2/ConceptsTest.ql
A python/ql/test/library-tests/frameworks/psycopg2/connectionpool.py
M python/ql/test/query-tests/Classes/equals-attr/DefineEqualsWhenAddingAttributes.expected
A python/ql/test/query-tests/Classes/equals-attr/attr_eq_test.py
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.expected
R python/ql/test/query-tests/Classes/equals-hash/DefineEqualsWhenAddingFields.qlref
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.expected
A python/ql/test/query-tests/Classes/equals-hash/EqualsOrHash.qlref
R python/ql/test/query-tests/Classes/equals-hash/attr_eq_test.py
A python/ql/test/query-tests/Classes/equals-hash/equalsHash.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.expected
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.py
A python/ql/test/query-tests/Classes/equals-not-equals/EqualsOrNotEquals.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.expected
M python/ql/test/query-tests/Classes/incomplete-ordering/IncompleteOrdering.qlref
M python/ql/test/query-tests/Classes/incomplete-ordering/incomplete_ordering.py
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.expected
M python/ql/test/query-tests/Classes/subclass-shadowing/SubclassShadowing.qlref
M python/ql/test/query-tests/Classes/subclass-shadowing/subclass_shadowing.py
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/IncorrectRaiseInSpecialMethod.expected
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/IncorrectRaiseInSpecialMethod.qlref
A python/ql/test/query-tests/Functions/IncorrectRaiseInSpecialMethod/test.py
R python/ql/test/query-tests/Functions/general/IncorrectRaiseInSpecialMethod.expected
R python/ql/test/query-tests/Functions/general/IncorrectRaiseInSpecialMethod.qlref
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
M python/ql/test/query-tests/analysis/jump_to_defn/Definitions.expected
M python/ql/test/query-tests/analysis/jump_to_defn/test.py
M ql/ql/src/codeql_ql/style/RedundantCastQuery.qll
M ql/ql/test/queries/performance/VarUnusedInDisjunct/Test.qll
M ql/ql/test/queries/style/Misspelling/Misspelling.expected
M ql/ql/test/queries/style/Misspelling/Test.qll
M ql/ql/test/queries/style/UseInstanceofExtension/Foo.qll
M ql/ql/test/queries/style/UseInstanceofExtension/UseInstanceofExtension.expected
M ql/ql/test/queries/style/UseSetLiteral/UseSetLiteral.expected
M ql/ql/test/queries/style/UseSetLiteral/test.qll
M ruby/codeql-extractor.yml
M ruby/ql/consistency-queries/DataFlowConsistency.ql
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/released/5.0.3.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/codeql/ruby/ApiGraphs.qll
M ruby/ql/lib/codeql/ruby/controlflow/BasicBlocks.qll
M ruby/ql/lib/codeql/ruby/controlflow/ControlFlowGraph.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Completion.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/ControlFlowGraphImpl.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Guards.qll
M ruby/ql/lib/codeql/ruby/controlflow/internal/Splitting.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/lib/codeql/ruby/frameworks/core/Kernel.qll
M ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/Excon.qll
M ruby/ql/lib/codeql/ruby/frameworks/http_clients/NetHttp.qll
M ruby/ql/lib/codeql/ruby/regexp/internal/ParseRegExp.qll
M ruby/ql/lib/codeql/ruby/security/ImproperMemoizationQuery.qll
M ruby/ql/lib/qlpack.yml
M ruby/ql/lib/utils/test/InlineFlowTest.qll
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/released/1.4.4.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M ruby/ql/src/queries/performance/DatabaseQueryInLoop.ql
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.expected
M ruby/ql/test/library-tests/controlflow/graph/BasicBlocks.ql
M ruby/ql/test/library-tests/controlflow/graph/Cfg.expected
M ruby/ql/test/library-tests/controlflow/graph/Nodes.expected
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-flow.ql
M ruby/ql/test/library-tests/dataflow/barrier-guards/barrier-guards.ql
M rust/ast-generator/src/main.rs
M rust/codeql-extractor.yml
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/old.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/rust.dbscheme
A rust/downgrades/dfade44a27bd44db996ae8c5095a11effc883aba/upgrade.properties
M rust/extractor/src/config.rs
M rust/extractor/src/generated/.generated.list
M rust/extractor/src/generated/top.rs
M rust/extractor/src/main.rs
M rust/extractor/src/translate.rs
M rust/extractor/src/translate/base.rs
M rust/extractor/src/translate/generated.rs
M rust/extractor/src/translate/mappings.rs
M rust/ql/.generated.list
M rust/ql/.gitattributes
M rust/ql/lib/CHANGELOG.md
R rust/ql/lib/change-notes/2025-08-25-in-macro-expansion.md
A rust/ql/lib/change-notes/released/0.1.15.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/codeql/rust/controlflow/BasicBlocks.qll
M rust/ql/lib/codeql/rust/controlflow/ControlFlowGraph.qll
M rust/ql/lib/codeql/rust/controlflow/internal/Completion.qll
M rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll
R rust/ql/lib/codeql/rust/controlflow/internal/SuccessorType.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
M rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/TaintTrackingImpl.qll
M rust/ql/lib/codeql/rust/elements.qll
M rust/ql/lib/codeql/rust/elements/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/PathAstNode.qll
M rust/ql/lib/codeql/rust/elements/RangeExprExt.qll
R rust/ql/lib/codeql/rust/elements/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/CallExprBaseImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll
R rust/ql/lib/codeql/rust/elements/internal/ResolvableImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/TypeParamImpl.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Addressable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/MethodCallExpr.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/ParentChild.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/PathAstNode.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Raw.qll
R rust/ql/lib/codeql/rust/elements/internal/generated/Resolvable.qll
M rust/ql/lib/codeql/rust/elements/internal/generated/Synth.qll
A rust/ql/lib/codeql/rust/frameworks/asyncstd/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/stdlib/Stdlib.qll
M rust/ql/lib/codeql/rust/frameworks/stdlib/fs.model.yml
M rust/ql/lib/codeql/rust/frameworks/tokio/fs.model.yml
M rust/ql/lib/codeql/rust/internal/CachedStages.qll
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/PathResolutionConsistency.qll
M rust/ql/lib/codeql/rust/internal/Type.qll
M rust/ql/lib/codeql/rust/internal/TypeInference.qll
M rust/ql/lib/qlpack.yml
M rust/ql/lib/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/old.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/rust.dbscheme
A rust/ql/lib/upgrades/b41e55c0dba14a139d01dbee713aca5efe5b818a/upgrade.properties
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2025-08-18-log-injection.md
R rust/ql/src/change-notes/2025-08-20-add-customizations.md
A rust/ql/src/change-notes/released/0.1.15.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql
M rust/ql/src/queries/telemetry/DatabaseQualityDiagnostics.ql
M rust/ql/src/queries/telemetry/ExtractorInformation.ql
R rust/ql/src/queries/telemetry/RustAnalyzerComparison.qll
R rust/ql/test/extractor-tests/canonical_path_disabled/Cargo.lock
R rust/ql/test/extractor-tests/canonical_path_disabled/anonymous.rs
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.expected
R rust/ql/test/extractor-tests/canonical_path_disabled/canonical_paths.qlref
R rust/ql/test/extractor-tests/canonical_path_disabled/options.yml
R rust/ql/test/extractor-tests/canonical_path_disabled/regular.rs
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.expected
M rust/ql/test/extractor-tests/generated/AsmExpr/AsmExpr.ql
M rust/ql/test/extractor-tests/generated/Const/Const.expected
M rust/ql/test/extractor-tests/generated/Const/Const.ql
M rust/ql/test/extractor-tests/generated/Enum/Enum.expected
M rust/ql/test/extractor-tests/generated/Enum/Enum.ql
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.expected
M rust/ql/test/extractor-tests/generated/ExternBlock/ExternBlock.ql
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.expected
M rust/ql/test/extractor-tests/generated/ExternCrate/ExternCrate.ql
M rust/ql/test/extractor-tests/generated/Function/Function.expected
M rust/ql/test/extractor-tests/generated/Function/Function.ql
M rust/ql/test/extractor-tests/generated/Impl/Impl.expected
M rust/ql/test/extractor-tests/generated/Impl/Impl.ql
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.expected
M rust/ql/test/extractor-tests/generated/MacroCall/MacroCall.ql
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.expected
M rust/ql/test/extractor-tests/generated/MacroDef/MacroDef.ql
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.expected
M rust/ql/test/extractor-tests/generated/MacroRules/MacroRules.ql
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.expected
M rust/ql/test/extractor-tests/generated/MethodCallExpr/MethodCallExpr.ql
M rust/ql/test/extractor-tests/generated/Module/Module.expected
M rust/ql/test/extractor-tests/generated/Module/Module.ql
M rust/ql/test/extractor-tests/generated/Path/PathExpr.expected
M rust/ql/test/extractor-tests/generated/Path/PathExpr.ql
M rust/ql/test/extractor-tests/generated/Path/PathPat.expected
M rust/ql/test/extractor-tests/generated/Path/PathPat.ql
M rust/ql/test/extractor-tests/generated/Static/Static.expected
M rust/ql/test/extractor-tests/generated/Static/Static.ql
M rust/ql/test/extractor-tests/generated/Struct/Struct.expected
M rust/ql/test/extractor-tests/generated/Struct/Struct.ql
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.expected
M rust/ql/test/extractor-tests/generated/StructExpr/StructExpr.ql
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.expected
M rust/ql/test/extractor-tests/generated/StructPat/StructPat.ql
M rust/ql/test/extractor-tests/generated/Trait/Trait.expected
M rust/ql/test/extractor-tests/generated/Trait/Trait.ql
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.expected
M rust/ql/test/extractor-tests/generated/TraitAlias/TraitAlias.ql
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.expected
M rust/ql/test/extractor-tests/generated/TupleStructPat/TupleStructPat.ql
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.expected
M rust/ql/test/extractor-tests/generated/TypeAlias/TypeAlias.ql
M rust/ql/test/extractor-tests/generated/Union/Union.expected
M rust/ql/test/extractor-tests/generated/Union/Union.ql
M rust/ql/test/extractor-tests/generated/Use/Use.expected
M rust/ql/test/extractor-tests/generated/Use/Use.ql
M rust/ql/test/extractor-tests/generated/Variant/Variant.expected
M rust/ql/test/extractor-tests/generated/Variant/Variant.ql
M rust/ql/test/extractor-tests/macro-expansion/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/global/viableCallable.expected
A rust/ql/test/library-tests/dataflow/global/viableCallable.qlref
M rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M rust/ql/test/library-tests/dataflow/sources/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/dataflow/sources/TaintSources.expected
M rust/ql/test/library-tests/dataflow/sources/test.rs
M rust/ql/test/library-tests/dataflow/strings/inline-taint-flow.expected
M rust/ql/test/library-tests/path-resolution/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/path-resolution/main.rs
M rust/ql/test/library-tests/path-resolution/path-resolution.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/closure.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/pattern_matching.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/library-tests/type-inference/type-inference.ql
M rust/ql/test/query-tests/security/CWE-022/Cargo.lock
M rust/ql/test/query-tests/security/CWE-022/TaintedPath.expected
M rust/ql/test/query-tests/security/CWE-022/options.yml
M rust/ql/test/query-tests/security/CWE-022/src/main.rs
M rust/ql/test/query-tests/security/CWE-117/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/query-tests/security/CWE-312/CONSISTENCY/PathResolutionConsistency.expected
R rust/ql/test/query-tests/security/CWE-696/CONSISTENCY/PathResolutionConsistency.expected
R rust/ql/test/query-tests/security/CWE-770/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected
M rust/ql/test/query-tests/security/CWE-825/main.rs
M rust/schema/annotations.py
M rust/schema/prelude.py
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.4.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.14.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/codeql/controlflow/BasicBlock.qll
M shared/controlflow/codeql/controlflow/Cfg.qll
M shared/controlflow/codeql/controlflow/Guards.qll
A shared/controlflow/codeql/controlflow/SuccessorType.qll
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.0.14.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.30.md
M shared/mad/codeql-pack.release.yml
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.8.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/codeql/quantum/experimental/Model.qll
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.30.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.30.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.6.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/codeql/ssa/Ssa.qll
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.30.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.30.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.30.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.11.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.14.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.30.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
A shared/util/change-notes/released/2.0.17.md
M shared/util/codeql-pack.release.yml
M shared/util/codeql/util/Option.qll
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.30.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.30.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/codeql-extractor.yml
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/released/5.0.6.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/codeql/swift/controlflow/BasicBlocks.qll
M swift/ql/lib/codeql/swift/controlflow/ControlFlowGraph.qll
M swift/ql/lib/codeql/swift/controlflow/internal/Completion.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
M swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImplSpecific.qll
M swift/ql/lib/codeql/swift/dataflow/Ssa.qll
M swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
M swift/ql/lib/codeql/swift/elements/decl/internal/EnumDeclImpl.qll
M swift/ql/lib/codeql/swift/security/PathInjectionExtensions.qll
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2025-08-20-add-customizations.md
A swift/ql/src/change-notes/released/1.2.4.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
Log Message:
-----------
Merge branch 'main' into js/remote-property-injection-update
Commit: 7cbaa114a335105fad23dec24ec54dddb20e92a4
https://github.com/krishnprakash/codeql/commit/7cbaa114a335105fad23dec24ec54dddb20e92a4
Author: Napalys Klicius <nap...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/security/dataflow/RemotePropertyInjectionQuery.qll
A javascript/ql/src/change-notes/2025-08-27-remote-property-injection-update.md
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.expected
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/RemotePropertyInjection.qlref
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tst.js
A javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tstNonExpr.js
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.expected
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/RemotePropertyInjection.qlref
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/tst.js
R javascript/ql/test/query-tests/Security/CWE-400/RemovePropertyInjection/tstNonExpr.js
Log Message:
-----------
Merge pull request #20296 from Napalys/js/remote-property-injection-update
JS: Detect property injection via object enumeration patterns
Commit: 504ae0f35ab9d19265cbbdd8547e814519f1dd5a
https://github.com/krishnprakash/codeql/commit/504ae0f35ab9d19265cbbdd8547e814519f1dd5a
Author: Kevin Stubbings <kwst...@github.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
A go/ql/lib/change-notes/2025-07-15-path-injection-sanitizers.md
M go/ql/lib/ext/os.model.yml
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.expected
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.go
Log Message:
-----------
Update go path sanitizers and sinks
Commit: f86152d3bd45e57cd2b64aacd7bd28e3c3317ebb
https://github.com/krishnprakash/codeql/commit/f86152d3bd45e57cd2b64aacd7bd28e3c3317ebb
Author: Kevin Stubbings <kwst...@github.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M go/ql/lib/change-notes/2025-07-15-path-injection-sanitizers.md
M go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.expected
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.go
Log Message:
-----------
Add sanitizer changes and fix test
Commit: b4b848a25c8663942af6c80ee18fda7ee2acaf09
https://github.com/krishnprakash/codeql/commit/b4b848a25c8663942af6c80ee18fda7ee2acaf09
Author: Kevin Stubbings <kwst...@github.com>
Date: 2025-07-21 (Mon, 21 Jul 2025)
Changed paths:
M go/ql/lib/ext/os.model.yml
M go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
M go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Os.go
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.go
Log Message:
-----------
Fix tests and simplify sanitizer
Commit: e2f3c9d1b6c84b48c3d3dbcef86ce9b8ec02918a
https://github.com/krishnprakash/codeql/commit/e2f3c9d1b6c84b48c3d3dbcef86ce9b8ec02918a
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2025-07-22 (Tue, 22 Jul 2025)
Changed paths:
M go/ql/lib/change-notes/2025-07-15-path-injection-sanitizers.md
Log Message:
-----------
Reword change note
Commit: 2a45b28e5fb97eed90886568ebd47ab1b91db69a
https://github.com/krishnprakash/codeql/commit/2a45b28e5fb97eed90886568ebd47ab1b91db69a
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
A go/ql/lib/change-notes/2025-07-15-path-injection-sanitizers.md
M go/ql/lib/ext/os.model.yml
M go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
M go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Os.go
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.expected
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.go
Log Message:
-----------
Merge pull request #20064 from Kwstubbs/go-path-separator
Update Go Path Injection Sanitizer and Sink
Commit: 9cc6e9c8a9efdd646aa0a20db70c1348d91dc57f
https://github.com/krishnprakash/codeql/commit/9cc6e9c8a9efdd646aa0a20db70c1348d91dc57f
Author: Kasper Svendsen <kasp...@github.com>
Date: 2025-08-27 (Wed, 27 Aug 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Member.qll
M java/ql/lib/semmle/code/java/Type.qll
Log Message:
-----------
Overlay: Add discarding for Java classes, interfaces & fields
Commit: dd99a2d3bd5d849f2d7c2a1ff2d8580e467e4f34
https://github.com/krishnprakash/codeql/commit/dd99a2d3bd5d849f2d7c2a1ff2d8580e467e4f34
Author: Kasper Svendsen <kasp...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Member.qll
M java/ql/lib/semmle/code/java/Type.qll
Log Message:
-----------
Merge pull request #20294 from github/kaspersv/discard-fields-and-classes
Overlay: Add discarding for Java classes, interfaces & fields
Commit: 8b10ad49d745a22f94e5b172b3f49fefb0155603
https://github.com/krishnprakash/codeql/commit/8b10ad49d745a22f94e5b172b3f49fefb0155603
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-01 (Mon, 01 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/dataflow/FlowSummary.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/BarrierGuards.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/frameworks/Babel.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Arrays.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/AsyncAwait.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Generators.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Iterators.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Maps.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Promises.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Sets.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Strings.qll
M javascript/ql/lib/semmle/javascript/security/TaintedUrlSuffixCustomizations.qll
M javascript/ql/src/Declarations/UnreachableMethodOverloads.ql
M javascript/ql/test/library-tests/FlowSummary/test.ql
Log Message:
-----------
JS: Fix some Ql4Ql violations.
Commit: 8009ddebced1988b87aef3c246b2b4cf8a5775e4
https://github.com/krishnprakash/codeql/commit/8009ddebced1988b87aef3c246b2b4cf8a5775e4
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M javascript/ql/lib/semmle/javascript/dataflow/FlowSummary.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/BarrierGuards.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll
M javascript/ql/lib/semmle/javascript/frameworks/Babel.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Arrays.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/AsyncAwait.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Generators.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Iterators.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Maps.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Promises.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Sets.qll
M javascript/ql/lib/semmle/javascript/internal/flow_summaries/Strings.qll
M javascript/ql/lib/semmle/javascript/security/TaintedUrlSuffixCustomizations.qll
M javascript/ql/src/Declarations/UnreachableMethodOverloads.ql
M javascript/ql/test/library-tests/FlowSummary/test.ql
Log Message:
-----------
Merge pull request #20329 from michaelnebel/javascript/ql4ql
JS: Fix some Ql4Ql violations.
Commit: 83d53baf82981685af77a3547078100ae4d5ba02
https://github.com/krishnprakash/codeql/commit/83d53baf82981685af77a3547078100ae4d5ba02
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M cpp/ql/lib/Options.qll
M cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll
M cpp/ql/lib/semmle/code/cpp/Concept.qll
M cpp/ql/lib/semmle/code/cpp/Declaration.qll
M cpp/ql/lib/semmle/code/cpp/commons/Printf.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/Dominance.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/internal/CFG.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
M cpp/ql/lib/semmle/code/cpp/ir/internal/IRUtilities.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/FunctionInputsAndOutputs.qll
M cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticExpr.qll
M cpp/ql/lib/semmle/code/cpp/security/FileWrite.qll
M cpp/ql/lib/semmle/code/cpp/security/boostorg/asio/protocols.qll
M cpp/ql/lib/semmle/code/cpp/valuenumbering/HashCons.qll
M cpp/ql/src/Best Practices/Magic Constants/MagicConstants.qll
M cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll
M cpp/ql/src/Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql
M cpp/ql/src/Metrics/Internal/CallableExtents.ql
M cpp/ql/src/Security/CWE/CWE-190/IntegerOverflowTainted.ql
M cpp/ql/src/Security/CWE/CWE-457/UninitializedVariables.qll
M cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql
M cpp/ql/src/definitions.ql
M cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql
M cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql
M cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql
M cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql
M cpp/ql/src/experimental/Security/CWE/CWE-416/UseAfterExpiredLifetime.ql
M cpp/ql/src/external/DefectFilter.qll
M cpp/ql/src/external/MetricFilter.qll
M cpp/ql/src/jsf/4.10 Classes/AV Rule 96.ql
Log Message:
-----------
C++: Fix some Ql4Ql violations.
Commit: 61e8ad264f07a7c2e2570cc01d484d7633b3eb27
https://github.com/krishnprakash/codeql/commit/61e8ad264f07a7c2e2570cc01d484d7633b3eb27
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
A cpp/ql/lib/change-notes/2025-09-03-rename-api.md
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/valuenumbering/HashCons.qll
M cpp/ql/src/Metrics/Internal/CallableExtents.ql
A cpp/ql/src/change-notes/2025-09-03-rename-api.md
Log Message:
-----------
C++: Address review comments.
Commit: 64d68feab3712034bedbd525c647267bda45925b
https://github.com/krishnprakash/codeql/commit/64d68feab3712034bedbd525c647267bda45925b
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M cpp/ql/lib/Options.qll
A cpp/ql/lib/change-notes/2025-09-03-rename-api.md
M cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll
M cpp/ql/lib/semmle/code/cpp/Concept.qll
M cpp/ql/lib/semmle/code/cpp/Declaration.qll
M cpp/ql/lib/semmle/code/cpp/commons/Printf.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/Dominance.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/internal/CFG.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
M cpp/ql/lib/semmle/code/cpp/ir/internal/IRUtilities.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/FunctionInputsAndOutputs.qll
M cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticExpr.qll
M cpp/ql/lib/semmle/code/cpp/security/FileWrite.qll
M cpp/ql/lib/semmle/code/cpp/security/boostorg/asio/protocols.qll
M cpp/ql/src/Best Practices/Magic Constants/MagicConstants.qll
M cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll
M cpp/ql/src/Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql
M cpp/ql/src/Metrics/Internal/CallableExtents.ql
M cpp/ql/src/Security/CWE/CWE-190/IntegerOverflowTainted.ql
M cpp/ql/src/Security/CWE/CWE-457/UninitializedVariables.qll
M cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql
A cpp/ql/src/change-notes/2025-09-03-rename-api.md
M cpp/ql/src/definitions.ql
M cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql
M cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql
M cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql
M cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql
M cpp/ql/src/experimental/Security/CWE/CWE-416/UseAfterExpiredLifetime.ql
M cpp/ql/src/external/DefectFilter.qll
M cpp/ql/src/external/MetricFilter.qll
M cpp/ql/src/jsf/4.10 Classes/AV Rule 96.ql
Log Message:
-----------
Merge pull request #20325 from michaelnebel/cpp/ql4ql
C++: Fix some Ql4Ql violations.
Commit: 462d6396275f0666aa5407dcc986eb7fc59f1f00
https://github.com/krishnprakash/codeql/commit/462d6396275f0666aa5407dcc986eb7fc59f1f00
Author: Michael Nebel <michae...@github.com>
Date: 2025-09-03 (Wed, 03 Sep 2025)
Changed paths:
M cpp/ql/lib/experimental/cryptography/CryptoArtifact.qll
M cpp/ql/lib/experimental/cryptography/modules/OpenSSL.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoFunction.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/DataBuilders.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/PassthroughFunction.qll
Log Message:
-----------
C++: Fix some Ql4Ql violations.
Commit: af82da5db33fe1560fd4079aa217547a844493e9
https://github.com/krishnprakash/codeql/commit/af82da5db33fe1560fd4079aa217547a844493e9
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M cpp/ql/lib/experimental/cryptography/CryptoArtifact.qll
M cpp/ql/lib/experimental/cryptography/modules/OpenSSL.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoFunction.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/DataBuilders.qll
M cpp/ql/lib/experimental/cryptography/utils/OpenSSL/PassthroughFunction.qll
Log Message:
-----------
Merge pull request #20350 from michaelnebel/cpp/ql4qlexperimental
C++: Fix some Ql4Ql violations (crypto).
Commit: 5d2268fa80510db204f2dd181f899b8b7ef32994
https://github.com/krishnprakash/codeql/commit/5d2268fa80510db204f2dd181f899b8b7ef32994
Author: idrissrio <idri...@github.com>
Date: 2025-09-02 (Tue, 02 Sep 2025)
Changed paths:
M java/ql/test-kotlin1/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin1/library-tests/reflection/reflection.expected
M java/ql/test-kotlin2/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin2/library-tests/reflection/reflection.expected
Log Message:
-----------
Java: accept new test results after extractor update
Commit: c5e5b8a585945e7b6fd1949a22dd32cf14ed90d7
https://github.com/krishnprakash/codeql/commit/c5e5b8a585945e7b6fd1949a22dd32cf14ed90d7
Author: Idriss Riouak <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/test-kotlin1/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin1/library-tests/reflection/reflection.expected
M java/ql/test-kotlin2/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin2/library-tests/reflection/reflection.expected
Log Message:
-----------
Merge pull request #20247 from github/idrissrio/java-upgrade-fix
Java: accept new test results after extractor update
Commit: de6d9f4d50cdf68fee0ed6f3fe0cb678ca491cec
https://github.com/krishnprakash/codeql/commit/de6d9f4d50cdf68fee0ed6f3fe0cb678ca491cec
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
A java/ql/test/library-tests/flexible-constructors/CONSISTENCY/diags.expected
A java/ql/test/library-tests/flexible-constructors/FlexibleConstructors.java
A java/ql/test/library-tests/flexible-constructors/PrintAst.expected
A java/ql/test/library-tests/flexible-constructors/PrintAst.qlref
A java/ql/test/library-tests/flexible-constructors/options
Log Message:
-----------
Java: Add test for flexible constructor support
Commit: 6b022edf06e8ed5201899660222f356277bd2290
https://github.com/krishnprakash/codeql/commit/6b022edf06e8ed5201899660222f356277bd2290
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/test/library-tests/flexible-constructors/FlexibleConstructors.java
M java/ql/test/library-tests/flexible-constructors/PrintAst.expected
Log Message:
-----------
Java: Address review comment. Add prologue field initialization tests
Commit: fffb4c03b0d08c7fb24aee2cd1437f48940ed304
https://github.com/krishnprakash/codeql/commit/fffb4c03b0d08c7fb24aee2cd1437f48940ed304
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
A java/ql/test/library-tests/flexible-constructors/SuperPredecessor.expected
A java/ql/test/library-tests/flexible-constructors/SuperPredecessor.ql
Log Message:
-----------
Java: add flexible constructor test including CFG predecessor query
Commit: 6c773a74737b24a42dd33edcbb89afd8cf0b5690
https://github.com/krishnprakash/codeql/commit/6c773a74737b24a42dd33edcbb89afd8cf0b5690
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/test/library-tests/flexible-constructors/FlexibleConstructors.java
A java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.expected
A java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.ql
A java/ql/test/library-tests/flexible-constructors/PrettyPrint.expected
A java/ql/test/library-tests/flexible-constructors/PrettyPrint.ql
M java/ql/test/library-tests/flexible-constructors/PrintAst.expected
M java/ql/test/library-tests/flexible-constructors/SuperPredecessor.expected
M java/ql/test/library-tests/flexible-constructors/options
Log Message:
-----------
Java: Add test to verify that the AST does not capture instance initializers
Commit: 160543833347007f1dc9edce70368bd0313337b5
https://github.com/krishnprakash/codeql/commit/160543833347007f1dc9edce70368bd0313337b5
Author: idrissrio <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
M java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.expected
M java/ql/test/library-tests/flexible-constructors/PrettyPrint.expected
M java/ql/test/library-tests/flexible-constructors/PrintAst.expected
Log Message:
-----------
Java: Accept new test result after extractor changes
Commit: 2100dc1288596e26da20998161336b252c4262aa
https://github.com/krishnprakash/codeql/commit/2100dc1288596e26da20998161336b252c4262aa
Author: Idriss Riouak <idri...@github.com>
Date: 2025-09-04 (Thu, 04 Sep 2025)
Changed paths:
A java/ql/test/library-tests/flexible-constructors/CONSISTENCY/diags.expected
A java/ql/test/library-tests/flexible-constructors/FlexibleConstructors.java
A java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.expected
A java/ql/test/library-tests/flexible-constructors/InstanceInitializerCalls.ql
A java/ql/test/library-tests/flexible-constructors/PrettyPrint.expected
A java/ql/test/library-tests/flexible-constructors/PrettyPrint.ql
A java/ql/test/library-tests/flexible-constructors/PrintAst.expected
A java/ql/test/library-tests/flexible-constructors/PrintAst.qlref
A java/ql/test/library-tests/flexible-constructors/SuperPredecessor.expected
A java/ql/test/library-tests/flexible-constructors/SuperPredecessor.ql
A java/ql/test/library-tests/flexible-constructors/options
Log Message:
-----------
Merge pull request #20136 from github/idrissrio/flexible-constructors
Java: Add test for flexible constructor support
Commit: f51ee4c04f5749e9084e5bd8ccf41b1814ab1b48
https://github.com/krishnprakash/codeql/commit/f51ee4c04f5749e9084e5bd8ccf41b1814ab1b48
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/lib/config/semmlecode.dbscheme
Log Message:
-----------
Java: Add `isImplicitClass` table to keep track of compact source files
Commit: 81b1e73e18314f68016733cd28a34b12c3b2d554
https://github.com/krishnprakash/codeql/commit/81b1e73e18314f68016733cd28a34b12c3b2d554
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/CompilationUnit.qll
M java/ql/lib/semmle/code/java/Type.qll
Log Message:
-----------
Java: Add `isImplict` predicate to CompilationUnit and Class
Commit: 9363bc318a8f896f16ee311bc986bd875b7c5d3f
https://github.com/krishnprakash/codeql/commit/9363bc318a8f896f16ee311bc986bd875b7c5d3f
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.expected
A java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.ql
A java/ql/test/library-tests/compact-source-files/CompactSourceDetection.expected
A java/ql/test/library-tests/compact-source-files/CompactSourceDetection.ql
A java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.expected
A java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.ql
A java/ql/test/library-tests/compact-source-files/PrintAst.expected
A java/ql/test/library-tests/compact-source-files/PrintAst.qlref
A java/ql/test/library-tests/compact-source-files/Test.java
A java/ql/test/library-tests/compact-source-files/options
Log Message:
-----------
Java: Add compact source file tests
Commit: 3a9a559d259222535c0d3fdbf8c5c33dddc2ed41
https://github.com/krishnprakash/codeql/commit/3a9a559d259222535c0d3fdbf8c5c33dddc2ed41
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/old.dbscheme
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/semmlecode.dbscheme
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/upgrade.properties
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/old.dbscheme
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/semmlecode.dbscheme
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/upgrade.properties
Log Message:
-----------
Java: Add upgrade and downgrade script
Commit: c26a56a3323a0a00a9d54f270136f4fbdeb68482
https://github.com/krishnprakash/codeql/commit/c26a56a3323a0a00a9d54f270136f4fbdeb68482
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/ql/lib/change-notes/2025-07-23-compact-source-files.md
Log Message:
-----------
Java: Add change note
Commit: a6b68ec7de9f59c80101589f1b15f0d7fee6815a
https://github.com/krishnprakash/codeql/commit/a6b68ec7de9f59c80101589f1b15f0d7fee6815a
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/lib/config/semmlecode.dbscheme.stats
Log Message:
-----------
Java: Update stats file
Commit: b2ef60c165e2d22363e85c2ca238063757b285ca
https://github.com/krishnprakash/codeql/commit/b2ef60c165e2d22363e85c2ca238063757b285ca
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/ql/test/library-tests/compact-source-files/MethodInCompactSource.expected
A java/ql/test/library-tests/compact-source-files/MethodInCompactSource.ql
M java/ql/test/library-tests/compact-source-files/PrintAst.expected
M java/ql/test/library-tests/compact-source-files/Test.java
Log Message:
-----------
Java: add tests for compact source files
Commit: fc1b9277b3b24fc4cfc38988caf4aa9fbc4bd284
https://github.com/krishnprakash/codeql/commit/fc1b9277b3b24fc4cfc38988caf4aa9fbc4bd284
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Type.qll
Log Message:
-----------
Java: extend definition of `isCompilerGenerated` for classes
Commit: f1186432c1f4ea543fe745723a2648b06f16d8fd
https://github.com/krishnprakash/codeql/commit/f1186432c1f4ea543fe745723a2648b06f16d8fd
Author: idrissrio <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
R java/ql/test/library-tests/flexible-constructors/CONSISTENCY/diags.expected
Log Message:
-----------
Java: Accept new test result after extractor changes
Commit: e719dd912ddc14a2d5255828dbd2db9a6af0014e
https://github.com/krishnprakash/codeql/commit/e719dd912ddc14a2d5255828dbd2db9a6af0014e
Author: Idriss Riouak <idri...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/old.dbscheme
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/semmlecode.dbscheme
A java/downgrades/9f6026c400996c13842974b24f076a486ad1f69c/upgrade.properties
A java/ql/lib/change-notes/2025-07-23-compact-source-files.md
M java/ql/lib/config/semmlecode.dbscheme
M java/ql/lib/config/semmlecode.dbscheme.stats
M java/ql/lib/semmle/code/java/CompilationUnit.qll
M java/ql/lib/semmle/code/java/Type.qll
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/old.dbscheme
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/semmlecode.dbscheme
A java/ql/lib/upgrades/1b8f5f4c747e4249f4731796ccaa0661c7434d8a/upgrade.properties
A java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.expected
A java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.ql
A java/ql/test/library-tests/compact-source-files/CompactSourceDetection.expected
A java/ql/test/library-tests/compact-source-files/CompactSourceDetection.ql
A java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.expected
A java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.ql
A java/ql/test/library-tests/compact-source-files/MethodInCompactSource.expected
A java/ql/test/library-tests/compact-source-files/MethodInCompactSource.ql
A java/ql/test/library-tests/compact-source-files/PrintAst.expected
A java/ql/test/library-tests/compact-source-files/PrintAst.qlref
A java/ql/test/library-tests/compact-source-files/Test.java
A java/ql/test/library-tests/compact-source-files/options
R java/ql/test/library-tests/flexible-constructors/CONSISTENCY/diags.expected
Log Message:
-----------
Merge pull request #20116 from github/idrissrio/compact-soruce-file
Java: Add support to Compact Source Files
Commit: 5d3ec35e292271050b4081d1ee75f53b664ff4b1
https://github.com/krishnprakash/codeql/commit/5d3ec35e292271050b4081d1ee75f53b664ff4b1
Author: Arthur Baars <aib...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M .github/workflows/query-list.yml
M actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md
M actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md
M actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md
M docs/codeql/ql-language-reference/expressions.rst
M go/old-change-notes/2020-10-01-gomod-extraction.md
M go/ql/lib/semmle/go/Architectures.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll
M go/ql/lib/semmle/go/frameworks/Beego.qll
M go/ql/src/InconsistentCode/MissingErrorCheck.qhelp
M go/ql/src/InconsistentCode/MissingErrorCheck.ql
M go/ql/src/Security/CWE-327/InsecureTLS.ql
M go/ql/test/library-tests/semmle/go/frameworks/Beego/test.go
M go/ql/test/library-tests/semmle/go/frameworks/Revel/EndToEnd.go
M javascript/documentation/library-customization.rst
M javascript/ql/src/experimental/Security/CWE-918/SSRF.js
M javascript/ql/src/experimental/Security/CWE-918/SSRFGood.js
M javascript/ql/test/library-tests/TypeScript/RegressionTests/EmptyName/test.ts
M javascript/ql/test/library-tests/TypeScript/RegressionTests/SemicolonInName/test.ts
M misc/scripts/shared-code-metrics.py
M python/extractor/tsg-python/python.tsg
M python/ql/test/library-tests/dataflow/global-flow/known.py
M python/ql/test/library-tests/dataflow/typetracking/attribute_tests.py
M ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
M ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
M ruby/ql/test/query-tests/security/cwe-915/test.rb
Log Message:
-----------
Remove non-breaking spaces from code
Commit: 82476b9efd92f31ace5ff2963df6583ab2075a74
https://github.com/krishnprakash/codeql/commit/82476b9efd92f31ace5ff2963df6583ab2075a74
Author: Arthur Baars <aib...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M .github/workflows/query-list.yml
M actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md
M actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md
M actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md
M docs/codeql/ql-language-reference/expressions.rst
M go/old-change-notes/2020-10-01-gomod-extraction.md
M go/ql/lib/semmle/go/Architectures.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll
M go/ql/lib/semmle/go/frameworks/Beego.qll
M go/ql/src/InconsistentCode/MissingErrorCheck.qhelp
M go/ql/src/InconsistentCode/MissingErrorCheck.ql
M go/ql/src/Security/CWE-327/InsecureTLS.ql
M go/ql/test/library-tests/semmle/go/frameworks/Beego/test.go
M go/ql/test/library-tests/semmle/go/frameworks/Revel/EndToEnd.go
M javascript/documentation/library-customization.rst
M javascript/ql/src/experimental/Security/CWE-918/SSRF.js
M javascript/ql/src/experimental/Security/CWE-918/SSRFGood.js
M javascript/ql/test/library-tests/TypeScript/RegressionTests/EmptyName/test.ts
M javascript/ql/test/library-tests/TypeScript/RegressionTests/SemicolonInName/test.ts
M misc/scripts/shared-code-metrics.py
M python/extractor/tsg-python/python.tsg
M python/ql/test/library-tests/dataflow/global-flow/known.py
M python/ql/test/library-tests/dataflow/typetracking/attribute_tests.py
M ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
M ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
M ruby/ql/test/query-tests/security/cwe-915/test.rb
Log Message:
-----------
Merge pull request #20373 from github/aibaars/drop-nbsp
Remove non-breaking spaces from code
Commit: 8c13faf3d8dc845a4cce19bdc3efcecff33a2b58
https://github.com/krishnprakash/codeql/commit/8c13faf3d8dc845a4cce19bdc3efcecff33a2b58
Author: Michael B. Gale <m...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M go/extractor/cli/go-autobuilder/go-autobuilder.go
M go/extractor/cli/go-extractor/BUILD.bazel
M go/extractor/cli/go-extractor/go-extractor.go
M go/extractor/util/BUILD.bazel
A go/extractor/util/logging.go
A go/extractor/util/logging_test.go
Log Message:
-----------
Go: Set log level based on `CODEQL_VERBOSITY`
Commit: e18b049d108648cd050b960c98154b7257213791
https://github.com/krishnprakash/codeql/commit/e18b049d108648cd050b960c98154b7257213791
Author: Michael B. Gale <m...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M go/extractor/cli/go-autobuilder/go-autobuilder.go
M go/extractor/cli/go-extractor/BUILD.bazel
M go/extractor/cli/go-extractor/go-extractor.go
M go/extractor/util/BUILD.bazel
A go/extractor/util/logging.go
A go/extractor/util/logging_test.go
Log Message:
-----------
Merge pull request #20376 from github/mbg/go/use-codeql-verbosity
Commit: fe7426740bb9c883efbbe2dadf8d19804b9c7b94
https://github.com/krishnprakash/codeql/commit/fe7426740bb9c883efbbe2dadf8d19804b9c7b94
Author: Alex Eyers-Taylor <ale...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/integration-tests/java/buildless-erroneous/ExtractorInformation.expected
Log Message:
-----------
Javba: Update tests results with disabled annotation processing.
Commit: 61485908b90a9d5c8dc0f7977a72d940ca8abd40
https://github.com/krishnprakash/codeql/commit/61485908b90a9d5c8dc0f7977a72d940ca8abd40
Author: Alexander Eyers-Taylor <ale...@github.com>
Date: 2025-09-05 (Fri, 05 Sep 2025)
Changed paths:
M java/ql/integration-tests/java/buildless-erroneous/ExtractorInformation.expected
Log Message:
-----------
Merge pull request #20355 from github/alexet/update-java-tests-no-annotation=-proc
Java: Update tests results with disabled annotation processing when lombok is not used.
Commit: c5ee0f3c22183f6785f50f9c1c4ca5b1a47d717a
https://github.com/krishnprakash/codeql/commit/c5ee0f3c22183f6785f50f9c1c4ca5b1a47d717a
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Import.qll
Log Message:
-----------
Java: Add `ModuleImportDeclaration` QL class
Commit: 039b5af2e0f11b234e656cf0d2a0699dc2f06823
https://github.com/krishnprakash/codeql/commit/039b5af2e0f11b234e656cf0d2a0699dc2f06823
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
A java/ql/test/library-tests/module-import-declarations/ImportedPackage.expected
A java/ql/test/library-tests/module-import-declarations/ImportedPackage.ql
A java/ql/test/library-tests/module-import-declarations/ImportedType.expected
A java/ql/test/library-tests/module-import-declarations/ImportedType.ql
A java/ql/test/library-tests/module-import-declarations/Test.java
A java/ql/test/library-tests/module-import-declarations/options
Log Message:
-----------
Java: Add module import declaration test
Commit: 7d479704e8ec3b52c258b6140a708cdd709049eb
https://github.com/krishnprakash/codeql/commit/7d479704e8ec3b52c258b6140a708cdd709049eb
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
A java/ql/lib/change-notes/2025-07-21-module-import-declarations.md
Log Message:
-----------
Java: Add change note
Commit: 1caf18ede10511f57b291eea66a4a4496eff1352
https://github.com/krishnprakash/codeql/commit/1caf18ede10511f57b291eea66a4a4496eff1352
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Import.qll
Log Message:
-----------
Java: Address review comment. Improve module-import documentation
Commit: ed9ed439237bedb22ddd317297dab512791d9394
https://github.com/krishnprakash/codeql/commit/ed9ed439237bedb22ddd317297dab512791d9394
Author: idrissrio <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
M java/ql/lib/semmle/code/java/Import.qll
Log Message:
-----------
Java: Address review comment. Improve `getAnImportedType` definition
Commit: c5cb86ac24321aee475817062ec4d4c7018198bc
https://github.com/krishnprakash/codeql/commit/c5cb86ac24321aee475817062ec4d4c7018198bc
Author: Idriss Riouak <idri...@github.com>
Date: 2025-09-06 (Sat, 06 Sep 2025)
Changed paths:
A java/ql/lib/change-notes/2025-07-21-module-import-declarations.md
M java/ql/lib/semmle/code/java/Import.qll
A java/ql/test/library-tests/module-import-declarations/ImportedPackage.expected
A java/ql/test/library-tests/module-import-declarations/ImportedPackage.ql
A java/ql/test/library-tests/module-import-declarations/ImportedType.expected
A java/ql/test/library-tests/module-import-declarations/ImportedType.ql
A java/ql/test/library-tests/module-import-declarations/Test.java
A java/ql/test/library-tests/module-import-declarations/options
Log Message:
-----------
Merge pull request #20097 from github/idrissrio/module-import-declarations
Java: Add support to `ModuleImportDeclaration`
Compare: https://github.com/krishnprakash/codeql/compare/38ebb940ee75...c5cb86ac2432
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Reply all
Reply to author
Forward
0 new messages