[krishnprakash/codeql] 7aa3fd: Remove double spaces from qhelp
0 views
Skip to first unread message
Phileco
May 12, 2026, 10:08:56 PM (5 days ago) May 12
to philecodi...@googlegroups.com
Branch: refs/heads/main
Home: https://github.com/krishnprakash/codeql
Commit: 7aa3fd859a00db4714d3aa2d00d3f37a02603a63
https://github.com/krishnprakash/codeql/commit/7aa3fd859a00db4714d3aa2d00d3f37a02603a63
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-07 (Thu, 07 May 2026)
Changed paths:
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Remove double spaces from qhelp
Commit: 427b73ec9d0d0f963a601499a5ba351772862aab
https://github.com/krishnprakash/codeql/commit/427b73ec9d0d0f963a601499a5ba351772862aab
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-07 (Thu, 07 May 2026)
Changed paths:
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Clarify that deserialization that follows a schema is safe
Commit: f2ea3b98d884a376a3b2c4e6f5a7c975a84b5bfb
https://github.com/krishnprakash/codeql/commit/f2ea3b98d884a376a3b2c4e6f5a7c975a84b5bfb
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-07 (Thu, 07 May 2026)
Changed paths:
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Do not make such a strong security claim
Co-authored-by: Copilot Autofix powered by AI <17572847...@users.noreply.github.com>
Commit: 7bd27b83e070b581b8fdf1c576b423bdda0fed77
https://github.com/krishnprakash/codeql/commit/7bd27b83e070b581b8fdf1c576b423bdda0fed77
Author: Taus <tau...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M shared/yeast/src/lib.rs
M shared/yeast/src/visitor.rs
M shared/yeast/tests/test.rs
Log Message:
-----------
yeast: Mutate parent fields in place; remove redundant Node::id
apply_rules_inner used to handle the "child was rewritten, so the
parent needs new field IDs" case by cloning the parent node, swapping
in the new fields, pushing the clone onto the arena, and returning the
new Id. Every ancestor on the path from the rewrite up to the root was
duplicated this way, with the originals retained as garbage in the
arena.
Switch to in-place mutation: assign `ast.nodes[id].fields = new_fields`
and return the same Id. Rule firings still produce genuinely new nodes
via BuildCtx (their structure differs from the input), but the
ancestor-rebuild spine no longer copies anything.
This is safe because apply_rules_inner already works entirely by Id:
the field snapshot is cloned out before recursing, no &Node references
are held across mutations of the arena, and captures are scoped to a
single rule firing so the now-stable Ids do not break anything.
Memory effect: a desugaring pass that rewrites R leaves of a tree of
average depth d previously appended R*d ancestor clones to the arena.
Now appends 0.
With Ids stable for the lifetime of an Ast, the Node::id field becomes
truly redundant and is removed (along with the Node::id() accessor).
AstCursor switches from caching `node: &Node` to tracking `node_id:
Id` and looking the node up via the arena on each access; ChildrenIter
now yields Ids directly. A new AstCursor::node_id() method gives
callers access to the cursor position by Id.
Commit: 15936a5f8d70511711a5ed7b088dbf4203cf46c0
https://github.com/krishnprakash/codeql/commit/15936a5f8d70511711a5ed7b088dbf4203cf46c0
Author: Taus <tau...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M shared/yeast/src/lib.rs
Log Message:
-----------
yeast: Take fields by ownership in apply_rules_inner
Previously, apply_rules_inner snapshotted a node's fields by cloning
the BTreeMap into a Vec<(FieldId, Vec<Id>)>, then built a fresh
BTreeMap of new_fields for the rewritten Ids. For a node with N
fields, this allocated 2N+1 things per visit (the snapshot Vec, N
cloned children Vecs, the new BTreeMap entries) — even when nothing
in the subtree was rewritten.
Use std::mem::take to swap the parent's fields out by ownership: the
recursion can mutate the AST (including pushing new nodes from rule
firings) without any conflict, since we hold the owned BTreeMap
locally. Iterate values_mut() and only allocate a fresh children Vec
on the first divergence (lazy alloc): unchanged children stay in the
existing slot. When done, swap the fields back.
For a subtree with no rewrites, this is now zero allocations per node
(modulo the recursion itself). For nodes with rewrites, it's one Vec
allocation per field that contains a rewritten child, instead of two
plus the BTreeMap rebuild.
Commit: e2874ac252a8e74fc9531986a3c03cdbcaf1833e
https://github.com/krishnprakash/codeql/commit/e2874ac252a8e74fc9531986a3c03cdbcaf1833e
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Python: Clarify that deserialization following a schema is safe
Commit: 4e47f7706dcea8509f6a870bbe889258c9baeb0a
https://github.com/krishnprakash/codeql/commit/4e47f7706dcea8509f6a870bbe889258c9baeb0a
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
Log Message:
-----------
C#: Clarify that deserialization following a schema is safe
Commit: ed9477aac93fb04a1cf989b96151721180cc214a
https://github.com/krishnprakash/codeql/commit/ed9477aac93fb04a1cf989b96151721180cc214a
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Ruby: Clarify that deserialization following a schema is safe
Commit: 93e05db394547c0e085baf6cfa299f4bbf9448d0
https://github.com/krishnprakash/codeql/commit/93e05db394547c0e085baf6cfa299f4bbf9448d0
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Python: remove doubles spaces from qhelp
Commit: a5ef036465492bf99e947f41c5fd47d4b87a9d2c
https://github.com/krishnprakash/codeql/commit/a5ef036465492bf99e947f41c5fd47d4b87a9d2c
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Note that common standard library types can be vulnerable to gadget-chain attacks
Commit: 9f6bd88171fd632fca92f4c4e8040973e056ea91
https://github.com/krishnprakash/codeql/commit/9f6bd88171fd632fca92f4c4e8040973e056ea91
Author: Taus <tau...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
A unified/extractor/tree-sitter-swift/BUILD.bazel
A unified/extractor/tree-sitter-swift/Cargo.toml
A unified/extractor/tree-sitter-swift/LICENSE
A unified/extractor/tree-sitter-swift/README.md
A unified/extractor/tree-sitter-swift/binding.gyp
A unified/extractor/tree-sitter-swift/bindings/node/binding.cc
A unified/extractor/tree-sitter-swift/bindings/node/index.js
A unified/extractor/tree-sitter-swift/bindings/rust/build.rs
A unified/extractor/tree-sitter-swift/bindings/rust/lib.rs
A unified/extractor/tree-sitter-swift/grammar.js
A unified/extractor/tree-sitter-swift/package.json
A unified/extractor/tree-sitter-swift/queries/folds.scm
A unified/extractor/tree-sitter-swift/queries/highlights.scm
A unified/extractor/tree-sitter-swift/queries/indents.scm
A unified/extractor/tree-sitter-swift/queries/injections.scm
A unified/extractor/tree-sitter-swift/queries/locals.scm
A unified/extractor/tree-sitter-swift/queries/outline.scm
A unified/extractor/tree-sitter-swift/queries/tags.scm
A unified/extractor/tree-sitter-swift/queries/textobjects.scm
A unified/extractor/tree-sitter-swift/src/grammar.json
A unified/extractor/tree-sitter-swift/src/node-types.json
A unified/extractor/tree-sitter-swift/src/parser.c
A unified/extractor/tree-sitter-swift/src/scanner.c
A unified/extractor/tree-sitter-swift/src/tree_sitter/alloc.h
A unified/extractor/tree-sitter-swift/src/tree_sitter/array.h
A unified/extractor/tree-sitter-swift/src/tree_sitter/parser.h
A unified/extractor/tree-sitter-swift/tree-sitter.json
Log Message:
-----------
unified: vendor in tree-sitter-swift
Commit: 60d6429b5d880d5bf22d652742f3b4747f56c161
https://github.com/krishnprakash/codeql/commit/60d6429b5d880d5bf22d652742f3b4747f56c161
Author: Taus <tau...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M Cargo.lock
M Cargo.toml
M MODULE.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-swift-0.7.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
M unified/extractor/BUILD.bazel
M unified/extractor/Cargo.toml
Log Message:
-----------
unified: update build dependencies
Commit: 8f9d5c5217faadeb13b8d04db59363bed63dd932
https://github.com/krishnprakash/codeql/commit/8f9d5c5217faadeb13b8d04db59363bed63dd932
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/go.mod
M go/extractor/go.sum
Log Message:
-----------
Bump the extractor-dependencies group in /go/extractor with 2 updates
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).
Updates `golang.org/x/mod` from 0.35.0 to 0.36.0
- [Commits](https://github.com/golang/mod/compare/v0.35.0...v0.36.0)
Updates `golang.org/x/tools` from 0.44.0 to 0.45.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.44.0...v0.45.0)
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-version: 0.36.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
dependency-version: 0.45.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: extractor-dependencies
...
Signed-off-by: dependabot[bot] <sup...@github.com>
Commit: 3ef4a5836c9aa5b1034cf27c1fa67509b5a93764
https://github.com/krishnprakash/codeql/commit/3ef4a5836c9aa5b1034cf27c1fa67509b5a93764
Author: Arieh Schneier <15041913+Ar...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/extractor.go
A go/extractor/extractor_test.go
Log Message:
-----------
Fix Go extractor to extract root internal test files
When CODEQL_EXTRACTOR_GO_OPTION_EXTRACT_TESTS=true is set, the Go
extractor was incorrectly skipping internal test files (package foo)
at repository roots when the project contains nested test packages.
Root Cause:
The extractor selected package variants by longest ID string, but this
heuristic fails when nested packages have tests. For a package like
"github.com/go-git/go-git/v6", packages.Load returns multiple variants:
1. "github.com/go-git/go-git/v6" (19 files, production only)
2. "github.com/go-git/go-git/v6 [github.com/go-git/go-git/v6.test]"
(39 files, production + 20 root tests) ← Should select this
3. "github.com/go-git/go-git/v6 [github.com/go-git/go-git/v6/plumbing/format/packfile.test]"
(19 files, test dependency) ← Was incorrectly selected (longest string)
The old logic selected variant #3 (76 chars) over #2 (68 chars),
causing 20 root test files to be missing from the database.
Fix:
Replace string length comparison with a better heuristic that prefers:
1. Exact test packages (e.g., "pkg [pkg.test]") over nested dependencies
2. Packages with more Syntax nodes (more files to extract)
3. String length as a tiebreaker
This ensures the extractor selects the variant with the most complete
test coverage, particularly for root-level internal tests.
Testing:
- Added comprehensive unit tests covering the selection logic
- Tests simulate the real-world go-git scenario
- All tests pass
Impact:
Root-level external tests (package foo_test) were already extracted
correctly. This fix ensures internal tests (package foo) at the root
are now also extracted when they exist alongside nested test packages.
Co-Authored-By: Claude Sonnet 4.5 <nor...@anthropic.com>
Commit: b94ab8d186bbb5b6bbc19827fb517757fa95ae46
https://github.com/krishnprakash/codeql/commit/b94ab8d186bbb5b6bbc19827fb517757fa95ae46
Author: Arieh Schneier <15041913+Ar...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
A go/ql/integration-tests/root-internal-tests/src/go.mod
A go/ql/integration-tests/root-internal-tests/src/main.go
A go/ql/integration-tests/root-internal-tests/src/main_test.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested_test.go
A go/ql/integration-tests/root-internal-tests/test.expected
A go/ql/integration-tests/root-internal-tests/test.py
A go/ql/integration-tests/root-internal-tests/test.ql
Log Message:
-----------
Add integration test for root internal test extraction
This test verifies that root internal test files (package foo, not
foo_test) are correctly extracted when the repository has both:
1. Root-level internal tests (main_test.go with package main)
2. Nested packages with tests (nested/nested_test.go)
This scenario reproduces the bug that was fixed: the old extractor
would select the wrong package variant and miss root internal test
files.
The test ensures:
- main_test.go (root internal test) is extracted
- nested/nested_test.go (nested test) is extracted
- All test functions from both files are present in the database
This prevents regression of the bug fix.
Co-Authored-By: Claude Sonnet 4.5 <nor...@anthropic.com>
Commit: ec8ff6ff6836ecf6868b54ea2597a0996a4b50ac
https://github.com/krishnprakash/codeql/commit/ec8ff6ff6836ecf6868b54ea2597a0996a4b50ac
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M java/documentation/library-coverage/cwe-sink.csv
Log Message:
-----------
Use all path injection sinks when generating docs
Commit: f91482810d0de5144d11616976fa665aae137379
https://github.com/krishnprakash/codeql/commit/f91482810d0de5144d11616976fa665aae137379
Author: Asger F <asg...@github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M shared/yeast/src/lib.rs
M shared/yeast/src/visitor.rs
M shared/yeast/tests/test.rs
Log Message:
-----------
Merge pull request #21816 from github/tausbn/yeast-mutate-in-place
yeast: Two minor performance optimisations
Commit: 974e7cc3199e707e645a0e0736c44e0849bfa0d2
https://github.com/krishnprakash/codeql/commit/974e7cc3199e707e645a0e0736c44e0849bfa0d2
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/go.mod
M go/extractor/go.sum
Log Message:
-----------
Merge pull request #21825 from github/dependabot/go_modules/go/extractor/extractor-dependencies-0e0a523006
Bump the extractor-dependencies group in /go/extractor with 2 updates
Commit: 151a332f0a0de581688ed6ae811d0b5639470875
https://github.com/krishnprakash/codeql/commit/151a332f0a0de581688ed6ae811d0b5639470875
Author: Arieh Schneier <15041913+Ar...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/BUILD.bazel
Log Message:
-----------
Add Bazel build target for extractor_test.go
Generated by manually applying the output from CI's Gazelle check.
This adds the go_test target for the new extractor_test.go file.
Co-Authored-By: Claude Sonnet 4.5 <nor...@anthropic.com>
Commit: aa1d322fe7e908281bd36c4c8dc504df3bd2439c
https://github.com/krishnprakash/codeql/commit/aa1d322fe7e908281bd36c4c8dc504df3bd2439c
Author: Arieh Schneier <15041913+Ar...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/extractor.go
M go/extractor/extractor_test.go
Log Message:
-----------
Address PR feedback
Changes based on code review:
1. Remove redundant strings.Contains check in isExactTestPackage
The equality check on the next line handles both cases, making
the early return unnecessary.
2. Extract package selection logic into selectBestPackages function
This reduces code duplication and allows the test to call the
actual implementation rather than copying the logic.
3. Add TestSelectBestPackages to test the new function
Comprehensive test covering single packages, test vs production,
exact vs nested tests, and multiple packages.
Co-Authored-By: Claude Sonnet 4.5 <nor...@anthropic.com>
Commit: f212efbe5b0801dcb5cffb6f9eeba951794684c1
https://github.com/krishnprakash/codeql/commit/f212efbe5b0801dcb5cffb6f9eeba951794684c1
Author: Jeroen Ketema <jke...@github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/old.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/swift.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/upgrade.properties
M swift/extractor/translators/DeclTranslator.cpp
M swift/ql/.generated.list
M swift/ql/lib/codeql/swift/generated/Raw.qll
M swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll
M swift/ql/lib/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/old.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.properties
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.ql
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.ql
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.expected
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.ql
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.ql
M swift/schema.py
Log Message:
-----------
Swift: Expose the declared interface type of a type decl
Commit: 0aaa7d0631943d77e862f47fadf0c4e7ccd05d1a
https://github.com/krishnprakash/codeql/commit/0aaa7d0631943d77e862f47fadf0c4e7ccd05d1a
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/ql/integration-tests/root-internal-tests/test.expected
Log Message:
-----------
Update expected test output
Commit: 73a210a442853ddaa79031c3502ea0b89d703ac3
https://github.com/krishnprakash/codeql/commit/73a210a442853ddaa79031c3502ea0b89d703ac3
Author: Jeroen Ketema <jke...@github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
A swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md
Log Message:
-----------
Swift: Add change note
Commit: 6b65866ff4639dd21c6437052952b656636dbe04
https://github.com/krishnprakash/codeql/commit/6b65866ff4639dd21c6437052952b656636dbe04
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/go.mod
M go/extractor/go.sum
M shared/yeast/src/lib.rs
M shared/yeast/src/visitor.rs
M shared/yeast/tests/test.rs
Log Message:
-----------
Merge branch 'main' into fix/go-extractor-root-test-files
Commit: cac7262a45a42336e5d499df2f7165c0ef0d8e75
https://github.com/krishnprakash/codeql/commit/cac7262a45a42336e5d499df2f7165c0ef0d8e75
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/old.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/swift.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/upgrade.properties
M swift/extractor/translators/DeclTranslator.cpp
M swift/ql/.generated.list
A swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md
M swift/ql/lib/codeql/swift/generated/Raw.qll
M swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll
M swift/ql/lib/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/old.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.properties
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.ql
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.ql
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.expected
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.ql
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.ql
M swift/schema.py
Log Message:
-----------
Merge pull request #21831 from jketema/jketema/swift-declared-interface-type
Swift: Expose the declared interface type of a type decl
Commit: c0798f7b1d06356172c93563be08f8a199cefaa2
https://github.com/krishnprakash/codeql/commit/c0798f7b1d06356172c93563be08f8a199cefaa2
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M java/documentation/library-coverage/cwe-sink.csv
Log Message:
-----------
Merge pull request #21829 from owen-mc/static/update-framework-report-sink-kinds
C#, Go, Java: Use all path injection sinks when generating docs
Commit: 592c7c043734f6bb48768a56261d711446cde25f
https://github.com/krishnprakash/codeql/commit/592c7c043734f6bb48768a56261d711446cde25f
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M go/extractor/BUILD.bazel
M go/extractor/extractor.go
A go/extractor/extractor_test.go
A go/ql/integration-tests/root-internal-tests/src/go.mod
A go/ql/integration-tests/root-internal-tests/src/main.go
A go/ql/integration-tests/root-internal-tests/src/main_test.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested_test.go
A go/ql/integration-tests/root-internal-tests/test.expected
A go/ql/integration-tests/root-internal-tests/test.py
A go/ql/integration-tests/root-internal-tests/test.ql
Log Message:
-----------
Merge pull request #21826 from AriehSchneier/fix/go-extractor-root-test-files
Go: Fix extractor to extract root internal test files
Commit: c5ae315dbe56b75e416c8fd08fa13dba0f04bd45
https://github.com/krishnprakash/codeql/commit/c5ae315dbe56b75e416c8fd08fa13dba0f04bd45
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M Cargo.lock
M MODULE.bazel
A unified/extractor/tree-sitter-swift/.gitignore
M unified/extractor/tree-sitter-swift/BUILD.bazel
M unified/extractor/tree-sitter-swift/Cargo.toml
M unified/extractor/tree-sitter-swift/bindings/rust/build.rs
M unified/extractor/tree-sitter-swift/bindings/rust/lib.rs
R unified/extractor/tree-sitter-swift/src/grammar.json
R unified/extractor/tree-sitter-swift/src/node-types.json
R unified/extractor/tree-sitter-swift/src/parser.c
R unified/extractor/tree-sitter-swift/src/tree_sitter/alloc.h
R unified/extractor/tree-sitter-swift/src/tree_sitter/array.h
R unified/extractor/tree-sitter-swift/src/tree_sitter/parser.h
Log Message:
-----------
unified: auto-generate parser files
Uses the `tree-sitter-generate` crate to generate these files on the
fly.
Commit: 2e9de7878b3178c0dd0278000aa308eea4bd1734
https://github.com/krishnprakash/codeql/commit/2e9de7878b3178c0dd0278000aa308eea4bd1734
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bindgen-0.72.1.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo-util-schemas-0.8.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo_metadata-0.21.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cexpr-0.6.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.chalk-solve-0.103.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.clang-sys-1.8.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.convert_case-0.8.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.fastrand-2.4.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.foldhash-0.2.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.16.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.17.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.11.4.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.14.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indoc-2.0.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.libloading-0.8.9.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.minimal-lexical-0.2.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.nom-7.1.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.pathdiff-0.2.3.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.petgraph-0.6.5.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_generator-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_shared-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.prettyplease-0.2.37.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.proc-macro-crate-3.5.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_base_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_def-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_ty-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_ide_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_proc_macro_api-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_project_model-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_vfs-0.0.301.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.relative-path-2.0.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-core-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-macro-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-sys-0.10.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.salsa-0.23.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.26.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.28.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_json-1.0.145.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_yaml-0.9.34+deprecated.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.siphasher-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.smallbitvec-2.6.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.18.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.18.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml-0.9.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_datetime-1.1.1+spec-1.1.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.22.27.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.25.11+spec-1.1.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.1.2+spec-1.1.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.topological-sort-0.2.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-generate-0.26.8.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.unicode-segmentation-1.13.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.winnow-1.0.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
Log Message:
-----------
unified: update build dependencies
Commit: 9c958a420ac55f8faa98fce67310e1313ae35bda
https://github.com/krishnprakash/codeql/commit/9c958a420ac55f8faa98fce67310e1313ae35bda
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M Cargo.lock
M Cargo.toml
M MODULE.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bindgen-0.72.1.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo-util-schemas-0.8.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo_metadata-0.21.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cexpr-0.6.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.chalk-solve-0.103.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.clang-sys-1.8.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.convert_case-0.8.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.fastrand-2.4.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.foldhash-0.2.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.16.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.17.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.11.4.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.14.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indoc-2.0.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.libloading-0.8.9.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.minimal-lexical-0.2.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.nom-7.1.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.pathdiff-0.2.3.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.petgraph-0.6.5.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_generator-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_shared-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.prettyplease-0.2.37.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.proc-macro-crate-3.5.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_base_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_def-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_ty-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_ide_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_proc_macro_api-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_project_model-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_vfs-0.0.301.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.relative-path-2.0.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-core-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-macro-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-sys-0.10.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.salsa-0.23.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.26.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.28.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_json-1.0.145.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_yaml-0.9.34+deprecated.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.siphasher-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.smallbitvec-2.6.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.18.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.18.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml-0.9.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_datetime-1.1.1+spec-1.1.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.22.27.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.25.11+spec-1.1.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.1.2+spec-1.1.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.topological-sort-0.2.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-generate-0.26.8.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-swift-0.7.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.unicode-segmentation-1.13.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.winnow-1.0.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
M unified/extractor/BUILD.bazel
M unified/extractor/Cargo.toml
A unified/extractor/tree-sitter-swift/.gitignore
A unified/extractor/tree-sitter-swift/BUILD.bazel
A unified/extractor/tree-sitter-swift/Cargo.toml
A unified/extractor/tree-sitter-swift/LICENSE
A unified/extractor/tree-sitter-swift/README.md
A unified/extractor/tree-sitter-swift/binding.gyp
A unified/extractor/tree-sitter-swift/bindings/node/binding.cc
A unified/extractor/tree-sitter-swift/bindings/node/index.js
A unified/extractor/tree-sitter-swift/bindings/rust/build.rs
A unified/extractor/tree-sitter-swift/bindings/rust/lib.rs
A unified/extractor/tree-sitter-swift/grammar.js
A unified/extractor/tree-sitter-swift/package.json
A unified/extractor/tree-sitter-swift/queries/folds.scm
A unified/extractor/tree-sitter-swift/queries/highlights.scm
A unified/extractor/tree-sitter-swift/queries/indents.scm
A unified/extractor/tree-sitter-swift/queries/injections.scm
A unified/extractor/tree-sitter-swift/queries/locals.scm
A unified/extractor/tree-sitter-swift/queries/outline.scm
A unified/extractor/tree-sitter-swift/queries/tags.scm
A unified/extractor/tree-sitter-swift/queries/textobjects.scm
A unified/extractor/tree-sitter-swift/src/scanner.c
A unified/extractor/tree-sitter-swift/tree-sitter.json
Log Message:
-----------
Merge pull request #21819 from github/tausbn/unified-vendor-in-tree-sitter-swift
unified: use a vendored-in copy of tree-sitter-swift
Commit: 513c7bb30baac0f9a5ad1879a9f56f54d3ea87ae
https://github.com/krishnprakash/codeql/commit/513c7bb30baac0f9a5ad1879a9f56f54d3ea87ae
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/AGENTS.md
A unified/extractor/tree-sitter-swift/node-types.yml
A unified/scripts/regenerate-grammar.sh
Log Message:
-----------
unified: Add scripts for automatically rebuilding Swift grammar
Commit: e709650449fcc04e0b545681894fbcc4de03d086
https://github.com/krishnprakash/codeql/commit/e709650449fcc04e0b545681894fbcc4de03d086
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: Rebuild generated files
The astute reader will note that we seem to _lose_ some node types in
the process. Apparently, these were unreachable in the grammar, and the
newer version of tree-sitter removes such "dead code".
Commit: 9062bba168d2bec4c55f9e589b431bb2ba858f3b
https://github.com/krishnprakash/codeql/commit/9062bba168d2bec4c55f9e589b431bb2ba858f3b
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: get rid of undesirable self-recursion in _expression
This caused any field containing an _expression to appear as if it could
countain any number of such nodes. It also threw away the information
that there was a `?` marker there.
To fix it, we simply move the definition into its own named node.
Commit: 76a1a87c41d5da9d5d481b07691174d0670321db
https://github.com/krishnprakash/codeql/commit/76a1a87c41d5da9d5d481b07691174d0670321db
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 7854a534fdf66dda813a1b02fe5f1062dfcffe45
https://github.com/krishnprakash/codeql/commit/7854a534fdf66dda813a1b02fe5f1062dfcffe45
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: stop operators bleeding through everywhere
We make _referenceable_operator a named node. This prevents it from
bleeding through to the _expression definition. It likely also makes the
output easier to deal with, as bare operators used as arguments now have
a named node wrapping them in the AST.
Also removes a duplicated inclusion of _comparison_operator that served
no purpose.
Commit: 5c16b0faf96f6d32c7d7eb7aeff011c00047da5f
https://github.com/krishnprakash/codeql/commit/5c16b0faf96f6d32c7d7eb7aeff011c00047da5f
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: c0efc52cc768c4ea302c1d79a4e6869afbf3b6d5
https://github.com/krishnprakash/codeql/commit/c0efc52cc768c4ea302c1d79a4e6869afbf3b6d5
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: make if-condition nodes named, to stop bleed
Before, the `condition` field of an if statement supposedly could
contain things like parentheses and commas, due to bleeding from
referenced anonymous nodes. Making the node named makes this issue go
away.
Commit: c7c6e45254bbcf04579ca327ba5a03b8fb1b0215
https://github.com/krishnprakash/codeql/commit/c7c6e45254bbcf04579ca327ba5a03b8fb1b0215
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 38473f9e0b972df283838a2b1dc926027eeec666
https://github.com/krishnprakash/codeql/commit/38473f9e0b972df283838a2b1dc926027eeec666
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: make `expression` named and a supertype
Supertypes are a honking great idea. We should use more of them.
This massively cleans up the node types, without polluting the AST with
`expression` nodes.
Commit: 9abfaca98ce3dd341a3325e44c9ee4d8d23c9216
https://github.com/krishnprakash/codeql/commit/9abfaca98ce3dd341a3325e44c9ee4d8d23c9216
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 70f3fd1158fafd330b60492b349dcb71975b3c53
https://github.com/krishnprakash/codeql/commit/70f3fd1158fafd330b60492b349dcb71975b3c53
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: make `unannotated_type` named and supertype
Gets rid of a bunch of ad-hoc node type unions.
Commit: 37e1e3c879af1c501abba126a8d6fb6793ea1f97
https://github.com/krishnprakash/codeql/commit/37e1e3c879af1c501abba126a8d6fb6793ea1f97
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 91a46f0340c77168b28756ae419e3ce48cbe4283
https://github.com/krishnprakash/codeql/commit/91a46f0340c77168b28756ae419e3ce48cbe4283
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: stop `"!"` bleeding through
You know the drill. We just make an anonymous node named instead. In
this case, however, we have to be a bit more clever about how to rewrite
it. We turn the sequence of a type followed by an optional ! into a
_choice_ between mere type or type followed by bang (the latter being
our new named node).
Commit: caa9b04ad8faa88f31d558542a2eaa3aa97654e6
https://github.com/krishnprakash/codeql/commit/caa9b04ad8faa88f31d558542a2eaa3aa97654e6
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 8b977ef8e15b9779bbfa5b27d6f123aebf9a64a3
https://github.com/krishnprakash/codeql/commit/8b977ef8e15b9779bbfa5b27d6f123aebf9a64a3
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: Get rid of some `"."` bleed
Adds a new type `nested_type_identifier`, which contains the
choice-branch that previously allowed those tokens to bleed through into
the closest parent field.
Commit: a720e258aca32e2d8783b7ffc860bbddf3f6715f
https://github.com/krishnprakash/codeql/commit/a720e258aca32e2d8783b7ffc860bbddf3f6715f
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 994b27bdbd8cceb54cf044499917867f7e340f22
https://github.com/krishnprakash/codeql/commit/994b27bdbd8cceb54cf044499917867f7e340f22
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: convert _type into a named rule
Because `_type` was anonymous, its body was inlined in all of the places
it appeared. Because this body contained a `name` field, this field was
_also_ inlined. This caused a bunch of nodes to have spurious `name`
fields, and for some of them (that already had such a field) it caused
that field have multiplicity greater than one.
To fix this, we make the `_type` node named, which prevents the errant
field from escaping.
Commit: e9822f67ee149169782eb0ddb315d06b9d8bdd77
https://github.com/krishnprakash/codeql/commit/e9822f67ee149169782eb0ddb315d06b9d8bdd77
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 31386f566c9dfa7de21c928181bf20f1816572b7
https://github.com/krishnprakash/codeql/commit/31386f566c9dfa7de21c928181bf20f1816572b7
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: drop `element` field on `_parenthesized_type`
Same pattern we've seen many times before: a field on an anonymous node
gets attached to the parent node instead.
I'm not 100% sure this is the right solution, but it seemed wrong to
just make `_parenthesized_type` named instead (we don't usually name
parentheticals). At the very least, this cleans up the spurious
navigation_expression.element and tuple_type_item.element fields.
Commit: f9e7f908963faa4c3c78126a8d4fa50d6ff432e7
https://github.com/krishnprakash/codeql/commit/f9e7f908963faa4c3c78126a8d4fa50d6ff432e7
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 2608db9fd98a75409c3b2536342aa942b3bf0407
https://github.com/krishnprakash/codeql/commit/2608db9fd98a75409c3b2536342aa942b3bf0407
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: Prevent field bleed-through from `_if_let_binding`
Same procedure as before -- we change the anonymous node to a named
node, and the problem magically goes away.
Commit: a5a1312e51dd7ba94af1553b717f36d6157db0fc
https://github.com/krishnprakash/codeql/commit/a5a1312e51dd7ba94af1553b717f36d6157db0fc
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: ff5c0b40f161a41d0f14c4ad427640d5afd9cade
https://github.com/krishnprakash/codeql/commit/ff5c0b40f161a41d0f14c4ad427640d5afd9cade
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: add supertypes for various kinds of declarations
Hides a bunch of huge unions under (hopefully) sensible supertypes.
Commit: 911e59caeff7330641234c35483e0027ef96f5bd
https://github.com/krishnprakash/codeql/commit/911e59caeff7330641234c35483e0027ef96f5bd
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 5508b1576f7d716b398e5fed0e48b7d2131ee256
https://github.com/krishnprakash/codeql/commit/5508b1576f7d716b398e5fed0e48b7d2131ee256
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/AGENTS.md
M unified/extractor/tree-sitter-swift/grammar.js
A unified/extractor/tree-sitter-swift/node-types.yml
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
A unified/scripts/regenerate-grammar.sh
Log Message:
-----------
Merge pull request #21821 from github/tausbn/unified-swift-grammar-cleanup-phase-1
unified: Swift grammar cleanup part 1
Commit: 0b808e11703a7438f3a9aaca53c734ed0e39f694
https://github.com/krishnprakash/codeql/commit/0b808e11703a7438f3a9aaca53c734ed0e39f694
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Merge pull request #21807 from owen-mc/java/improve-qhelp-unsafe-deserialization
Shared: improve qhelp for unsafe deserialization queries
Commit: 2bd2ee45fdc442f1e28245900184d78a84c766c7
https://github.com/krishnprakash/codeql/commit/2bd2ee45fdc442f1e28245900184d78a84c766c7
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-05-13 (Wed, 13 May 2026)
Changed paths:
M Cargo.lock
M Cargo.toml
M MODULE.bazel
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
M go/extractor/BUILD.bazel
M go/extractor/extractor.go
A go/extractor/extractor_test.go
A go/ql/integration-tests/root-internal-tests/src/go.mod
A go/ql/integration-tests/root-internal-tests/src/main.go
A go/ql/integration-tests/root-internal-tests/src/main_test.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested_test.go
A go/ql/integration-tests/root-internal-tests/test.expected
A go/ql/integration-tests/root-internal-tests/test.py
A go/ql/integration-tests/root-internal-tests/test.ql
M java/documentation/library-coverage/cwe-sink.csv
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bindgen-0.72.1.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo-util-schemas-0.8.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo_metadata-0.21.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cexpr-0.6.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.chalk-solve-0.103.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.clang-sys-1.8.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.convert_case-0.8.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.fastrand-2.4.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.foldhash-0.2.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.16.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.17.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.11.4.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.14.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indoc-2.0.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.libloading-0.8.9.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.minimal-lexical-0.2.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.nom-7.1.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.pathdiff-0.2.3.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.petgraph-0.6.5.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_generator-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_shared-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.prettyplease-0.2.37.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.proc-macro-crate-3.5.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_base_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_def-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_ty-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_ide_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_proc_macro_api-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_project_model-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_vfs-0.0.301.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.relative-path-2.0.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-core-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-macro-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-sys-0.10.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.salsa-0.23.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.26.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.28.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_json-1.0.145.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_yaml-0.9.34+deprecated.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.siphasher-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.smallbitvec-2.6.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.18.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.18.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml-0.9.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_datetime-1.1.1+spec-1.1.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.22.27.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.25.11+spec-1.1.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.1.2+spec-1.1.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.topological-sort-0.2.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-generate-0.26.8.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-swift-0.7.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.unicode-segmentation-1.13.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.winnow-1.0.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
M shared/yeast/src/lib.rs
M shared/yeast/src/visitor.rs
M shared/yeast/tests/test.rs
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/old.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/swift.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/upgrade.properties
M swift/extractor/translators/DeclTranslator.cpp
M swift/ql/.generated.list
A swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md
M swift/ql/lib/codeql/swift/generated/Raw.qll
M swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll
M swift/ql/lib/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/old.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.properties
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.ql
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.ql
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.expected
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.ql
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.ql
M swift/schema.py
M unified/AGENTS.md
M unified/extractor/BUILD.bazel
M unified/extractor/Cargo.toml
A unified/extractor/tree-sitter-swift/.gitignore
A unified/extractor/tree-sitter-swift/BUILD.bazel
A unified/extractor/tree-sitter-swift/Cargo.toml
A unified/extractor/tree-sitter-swift/LICENSE
A unified/extractor/tree-sitter-swift/README.md
A unified/extractor/tree-sitter-swift/binding.gyp
A unified/extractor/tree-sitter-swift/bindings/node/binding.cc
A unified/extractor/tree-sitter-swift/bindings/node/index.js
A unified/extractor/tree-sitter-swift/bindings/rust/build.rs
A unified/extractor/tree-sitter-swift/bindings/rust/lib.rs
A unified/extractor/tree-sitter-swift/grammar.js
A unified/extractor/tree-sitter-swift/node-types.yml
A unified/extractor/tree-sitter-swift/package.json
A unified/extractor/tree-sitter-swift/queries/folds.scm
A unified/extractor/tree-sitter-swift/queries/highlights.scm
A unified/extractor/tree-sitter-swift/queries/indents.scm
A unified/extractor/tree-sitter-swift/queries/injections.scm
A unified/extractor/tree-sitter-swift/queries/locals.scm
A unified/extractor/tree-sitter-swift/queries/outline.scm
A unified/extractor/tree-sitter-swift/queries/tags.scm
A unified/extractor/tree-sitter-swift/queries/textobjects.scm
A unified/extractor/tree-sitter-swift/src/scanner.c
A unified/extractor/tree-sitter-swift/tree-sitter.json
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
A unified/scripts/regenerate-grammar.sh
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/8f2c6b0e7712...2bd2ee45fdc4
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Home: https://github.com/krishnprakash/codeql
Commit: 7aa3fd859a00db4714d3aa2d00d3f37a02603a63
https://github.com/krishnprakash/codeql/commit/7aa3fd859a00db4714d3aa2d00d3f37a02603a63
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-07 (Thu, 07 May 2026)
Changed paths:
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Remove double spaces from qhelp
Commit: 427b73ec9d0d0f963a601499a5ba351772862aab
https://github.com/krishnprakash/codeql/commit/427b73ec9d0d0f963a601499a5ba351772862aab
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-07 (Thu, 07 May 2026)
Changed paths:
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Clarify that deserialization that follows a schema is safe
Commit: f2ea3b98d884a376a3b2c4e6f5a7c975a84b5bfb
https://github.com/krishnprakash/codeql/commit/f2ea3b98d884a376a3b2c4e6f5a7c975a84b5bfb
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-07 (Thu, 07 May 2026)
Changed paths:
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Do not make such a strong security claim
Co-authored-by: Copilot Autofix powered by AI <17572847...@users.noreply.github.com>
Commit: 7bd27b83e070b581b8fdf1c576b423bdda0fed77
https://github.com/krishnprakash/codeql/commit/7bd27b83e070b581b8fdf1c576b423bdda0fed77
Author: Taus <tau...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M shared/yeast/src/lib.rs
M shared/yeast/src/visitor.rs
M shared/yeast/tests/test.rs
Log Message:
-----------
yeast: Mutate parent fields in place; remove redundant Node::id
apply_rules_inner used to handle the "child was rewritten, so the
parent needs new field IDs" case by cloning the parent node, swapping
in the new fields, pushing the clone onto the arena, and returning the
new Id. Every ancestor on the path from the rewrite up to the root was
duplicated this way, with the originals retained as garbage in the
arena.
Switch to in-place mutation: assign `ast.nodes[id].fields = new_fields`
and return the same Id. Rule firings still produce genuinely new nodes
via BuildCtx (their structure differs from the input), but the
ancestor-rebuild spine no longer copies anything.
This is safe because apply_rules_inner already works entirely by Id:
the field snapshot is cloned out before recursing, no &Node references
are held across mutations of the arena, and captures are scoped to a
single rule firing so the now-stable Ids do not break anything.
Memory effect: a desugaring pass that rewrites R leaves of a tree of
average depth d previously appended R*d ancestor clones to the arena.
Now appends 0.
With Ids stable for the lifetime of an Ast, the Node::id field becomes
truly redundant and is removed (along with the Node::id() accessor).
AstCursor switches from caching `node: &Node` to tracking `node_id:
Id` and looking the node up via the arena on each access; ChildrenIter
now yields Ids directly. A new AstCursor::node_id() method gives
callers access to the cursor position by Id.
Commit: 15936a5f8d70511711a5ed7b088dbf4203cf46c0
https://github.com/krishnprakash/codeql/commit/15936a5f8d70511711a5ed7b088dbf4203cf46c0
Author: Taus <tau...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M shared/yeast/src/lib.rs
Log Message:
-----------
yeast: Take fields by ownership in apply_rules_inner
Previously, apply_rules_inner snapshotted a node's fields by cloning
the BTreeMap into a Vec<(FieldId, Vec<Id>)>, then built a fresh
BTreeMap of new_fields for the rewritten Ids. For a node with N
fields, this allocated 2N+1 things per visit (the snapshot Vec, N
cloned children Vecs, the new BTreeMap entries) — even when nothing
in the subtree was rewritten.
Use std::mem::take to swap the parent's fields out by ownership: the
recursion can mutate the AST (including pushing new nodes from rule
firings) without any conflict, since we hold the owned BTreeMap
locally. Iterate values_mut() and only allocate a fresh children Vec
on the first divergence (lazy alloc): unchanged children stay in the
existing slot. When done, swap the fields back.
For a subtree with no rewrites, this is now zero allocations per node
(modulo the recursion itself). For nodes with rewrites, it's one Vec
allocation per field that contains a rewritten child, instead of two
plus the BTreeMap rebuild.
Commit: e2874ac252a8e74fc9531986a3c03cdbcaf1833e
https://github.com/krishnprakash/codeql/commit/e2874ac252a8e74fc9531986a3c03cdbcaf1833e
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Python: Clarify that deserialization following a schema is safe
Commit: 4e47f7706dcea8509f6a870bbe889258c9baeb0a
https://github.com/krishnprakash/codeql/commit/4e47f7706dcea8509f6a870bbe889258c9baeb0a
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
Log Message:
-----------
C#: Clarify that deserialization following a schema is safe
Commit: ed9477aac93fb04a1cf989b96151721180cc214a
https://github.com/krishnprakash/codeql/commit/ed9477aac93fb04a1cf989b96151721180cc214a
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Ruby: Clarify that deserialization following a schema is safe
Commit: 93e05db394547c0e085baf6cfa299f4bbf9448d0
https://github.com/krishnprakash/codeql/commit/93e05db394547c0e085baf6cfa299f4bbf9448d0
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Python: remove doubles spaces from qhelp
Commit: a5ef036465492bf99e947f41c5fd47d4b87a9d2c
https://github.com/krishnprakash/codeql/commit/a5ef036465492bf99e947f41c5fd47d4b87a9d2c
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Note that common standard library types can be vulnerable to gadget-chain attacks
Commit: 9f6bd88171fd632fca92f4c4e8040973e056ea91
https://github.com/krishnprakash/codeql/commit/9f6bd88171fd632fca92f4c4e8040973e056ea91
Author: Taus <tau...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
A unified/extractor/tree-sitter-swift/BUILD.bazel
A unified/extractor/tree-sitter-swift/Cargo.toml
A unified/extractor/tree-sitter-swift/LICENSE
A unified/extractor/tree-sitter-swift/README.md
A unified/extractor/tree-sitter-swift/binding.gyp
A unified/extractor/tree-sitter-swift/bindings/node/binding.cc
A unified/extractor/tree-sitter-swift/bindings/node/index.js
A unified/extractor/tree-sitter-swift/bindings/rust/build.rs
A unified/extractor/tree-sitter-swift/bindings/rust/lib.rs
A unified/extractor/tree-sitter-swift/grammar.js
A unified/extractor/tree-sitter-swift/package.json
A unified/extractor/tree-sitter-swift/queries/folds.scm
A unified/extractor/tree-sitter-swift/queries/highlights.scm
A unified/extractor/tree-sitter-swift/queries/indents.scm
A unified/extractor/tree-sitter-swift/queries/injections.scm
A unified/extractor/tree-sitter-swift/queries/locals.scm
A unified/extractor/tree-sitter-swift/queries/outline.scm
A unified/extractor/tree-sitter-swift/queries/tags.scm
A unified/extractor/tree-sitter-swift/queries/textobjects.scm
A unified/extractor/tree-sitter-swift/src/grammar.json
A unified/extractor/tree-sitter-swift/src/node-types.json
A unified/extractor/tree-sitter-swift/src/parser.c
A unified/extractor/tree-sitter-swift/src/scanner.c
A unified/extractor/tree-sitter-swift/src/tree_sitter/alloc.h
A unified/extractor/tree-sitter-swift/src/tree_sitter/array.h
A unified/extractor/tree-sitter-swift/src/tree_sitter/parser.h
A unified/extractor/tree-sitter-swift/tree-sitter.json
Log Message:
-----------
unified: vendor in tree-sitter-swift
Commit: 60d6429b5d880d5bf22d652742f3b4747f56c161
https://github.com/krishnprakash/codeql/commit/60d6429b5d880d5bf22d652742f3b4747f56c161
Author: Taus <tau...@github.com>
Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths:
M Cargo.lock
M Cargo.toml
M MODULE.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-swift-0.7.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
M unified/extractor/BUILD.bazel
M unified/extractor/Cargo.toml
Log Message:
-----------
unified: update build dependencies
Commit: 8f9d5c5217faadeb13b8d04db59363bed63dd932
https://github.com/krishnprakash/codeql/commit/8f9d5c5217faadeb13b8d04db59363bed63dd932
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/go.mod
M go/extractor/go.sum
Log Message:
-----------
Bump the extractor-dependencies group in /go/extractor with 2 updates
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).
Updates `golang.org/x/mod` from 0.35.0 to 0.36.0
- [Commits](https://github.com/golang/mod/compare/v0.35.0...v0.36.0)
Updates `golang.org/x/tools` from 0.44.0 to 0.45.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.44.0...v0.45.0)
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-version: 0.36.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
dependency-version: 0.45.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: extractor-dependencies
...
Signed-off-by: dependabot[bot] <sup...@github.com>
Commit: 3ef4a5836c9aa5b1034cf27c1fa67509b5a93764
https://github.com/krishnprakash/codeql/commit/3ef4a5836c9aa5b1034cf27c1fa67509b5a93764
Author: Arieh Schneier <15041913+Ar...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/extractor.go
A go/extractor/extractor_test.go
Log Message:
-----------
Fix Go extractor to extract root internal test files
When CODEQL_EXTRACTOR_GO_OPTION_EXTRACT_TESTS=true is set, the Go
extractor was incorrectly skipping internal test files (package foo)
at repository roots when the project contains nested test packages.
Root Cause:
The extractor selected package variants by longest ID string, but this
heuristic fails when nested packages have tests. For a package like
"github.com/go-git/go-git/v6", packages.Load returns multiple variants:
1. "github.com/go-git/go-git/v6" (19 files, production only)
2. "github.com/go-git/go-git/v6 [github.com/go-git/go-git/v6.test]"
(39 files, production + 20 root tests) ← Should select this
3. "github.com/go-git/go-git/v6 [github.com/go-git/go-git/v6/plumbing/format/packfile.test]"
(19 files, test dependency) ← Was incorrectly selected (longest string)
The old logic selected variant #3 (76 chars) over #2 (68 chars),
causing 20 root test files to be missing from the database.
Fix:
Replace string length comparison with a better heuristic that prefers:
1. Exact test packages (e.g., "pkg [pkg.test]") over nested dependencies
2. Packages with more Syntax nodes (more files to extract)
3. String length as a tiebreaker
This ensures the extractor selects the variant with the most complete
test coverage, particularly for root-level internal tests.
Testing:
- Added comprehensive unit tests covering the selection logic
- Tests simulate the real-world go-git scenario
- All tests pass
Impact:
Root-level external tests (package foo_test) were already extracted
correctly. This fix ensures internal tests (package foo) at the root
are now also extracted when they exist alongside nested test packages.
Co-Authored-By: Claude Sonnet 4.5 <nor...@anthropic.com>
Commit: b94ab8d186bbb5b6bbc19827fb517757fa95ae46
https://github.com/krishnprakash/codeql/commit/b94ab8d186bbb5b6bbc19827fb517757fa95ae46
Author: Arieh Schneier <15041913+Ar...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
A go/ql/integration-tests/root-internal-tests/src/go.mod
A go/ql/integration-tests/root-internal-tests/src/main.go
A go/ql/integration-tests/root-internal-tests/src/main_test.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested_test.go
A go/ql/integration-tests/root-internal-tests/test.expected
A go/ql/integration-tests/root-internal-tests/test.py
A go/ql/integration-tests/root-internal-tests/test.ql
Log Message:
-----------
Add integration test for root internal test extraction
This test verifies that root internal test files (package foo, not
foo_test) are correctly extracted when the repository has both:
1. Root-level internal tests (main_test.go with package main)
2. Nested packages with tests (nested/nested_test.go)
This scenario reproduces the bug that was fixed: the old extractor
would select the wrong package variant and miss root internal test
files.
The test ensures:
- main_test.go (root internal test) is extracted
- nested/nested_test.go (nested test) is extracted
- All test functions from both files are present in the database
This prevents regression of the bug fix.
Co-Authored-By: Claude Sonnet 4.5 <nor...@anthropic.com>
Commit: ec8ff6ff6836ecf6868b54ea2597a0996a4b50ac
https://github.com/krishnprakash/codeql/commit/ec8ff6ff6836ecf6868b54ea2597a0996a4b50ac
Author: Owen Mansel-Chan <owe...@github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M java/documentation/library-coverage/cwe-sink.csv
Log Message:
-----------
Use all path injection sinks when generating docs
Commit: f91482810d0de5144d11616976fa665aae137379
https://github.com/krishnprakash/codeql/commit/f91482810d0de5144d11616976fa665aae137379
Author: Asger F <asg...@github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M shared/yeast/src/lib.rs
M shared/yeast/src/visitor.rs
M shared/yeast/tests/test.rs
Log Message:
-----------
Merge pull request #21816 from github/tausbn/yeast-mutate-in-place
yeast: Two minor performance optimisations
Commit: 974e7cc3199e707e645a0e0736c44e0849bfa0d2
https://github.com/krishnprakash/codeql/commit/974e7cc3199e707e645a0e0736c44e0849bfa0d2
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/go.mod
M go/extractor/go.sum
Log Message:
-----------
Merge pull request #21825 from github/dependabot/go_modules/go/extractor/extractor-dependencies-0e0a523006
Bump the extractor-dependencies group in /go/extractor with 2 updates
Commit: 151a332f0a0de581688ed6ae811d0b5639470875
https://github.com/krishnprakash/codeql/commit/151a332f0a0de581688ed6ae811d0b5639470875
Author: Arieh Schneier <15041913+Ar...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/BUILD.bazel
Log Message:
-----------
Add Bazel build target for extractor_test.go
Generated by manually applying the output from CI's Gazelle check.
This adds the go_test target for the new extractor_test.go file.
Co-Authored-By: Claude Sonnet 4.5 <nor...@anthropic.com>
Commit: aa1d322fe7e908281bd36c4c8dc504df3bd2439c
https://github.com/krishnprakash/codeql/commit/aa1d322fe7e908281bd36c4c8dc504df3bd2439c
Author: Arieh Schneier <15041913+Ar...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/extractor.go
M go/extractor/extractor_test.go
Log Message:
-----------
Address PR feedback
Changes based on code review:
1. Remove redundant strings.Contains check in isExactTestPackage
The equality check on the next line handles both cases, making
the early return unnecessary.
2. Extract package selection logic into selectBestPackages function
This reduces code duplication and allows the test to call the
actual implementation rather than copying the logic.
3. Add TestSelectBestPackages to test the new function
Comprehensive test covering single packages, test vs production,
exact vs nested tests, and multiple packages.
Co-Authored-By: Claude Sonnet 4.5 <nor...@anthropic.com>
Commit: f212efbe5b0801dcb5cffb6f9eeba951794684c1
https://github.com/krishnprakash/codeql/commit/f212efbe5b0801dcb5cffb6f9eeba951794684c1
Author: Jeroen Ketema <jke...@github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/old.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/swift.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/upgrade.properties
M swift/extractor/translators/DeclTranslator.cpp
M swift/ql/.generated.list
M swift/ql/lib/codeql/swift/generated/Raw.qll
M swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll
M swift/ql/lib/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/old.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.properties
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.ql
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.ql
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.expected
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.ql
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.ql
M swift/schema.py
Log Message:
-----------
Swift: Expose the declared interface type of a type decl
Commit: 0aaa7d0631943d77e862f47fadf0c4e7ccd05d1a
https://github.com/krishnprakash/codeql/commit/0aaa7d0631943d77e862f47fadf0c4e7ccd05d1a
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/ql/integration-tests/root-internal-tests/test.expected
Log Message:
-----------
Update expected test output
Commit: 73a210a442853ddaa79031c3502ea0b89d703ac3
https://github.com/krishnprakash/codeql/commit/73a210a442853ddaa79031c3502ea0b89d703ac3
Author: Jeroen Ketema <jke...@github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
A swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md
Log Message:
-----------
Swift: Add change note
Commit: 6b65866ff4639dd21c6437052952b656636dbe04
https://github.com/krishnprakash/codeql/commit/6b65866ff4639dd21c6437052952b656636dbe04
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
M go/extractor/go.mod
M go/extractor/go.sum
M shared/yeast/src/lib.rs
M shared/yeast/src/visitor.rs
M shared/yeast/tests/test.rs
Log Message:
-----------
Merge branch 'main' into fix/go-extractor-root-test-files
Commit: cac7262a45a42336e5d499df2f7165c0ef0d8e75
https://github.com/krishnprakash/codeql/commit/cac7262a45a42336e5d499df2f7165c0ef0d8e75
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/old.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/swift.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/upgrade.properties
M swift/extractor/translators/DeclTranslator.cpp
M swift/ql/.generated.list
A swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md
M swift/ql/lib/codeql/swift/generated/Raw.qll
M swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll
M swift/ql/lib/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/old.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.properties
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.ql
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.ql
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.expected
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.ql
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.ql
M swift/schema.py
Log Message:
-----------
Merge pull request #21831 from jketema/jketema/swift-declared-interface-type
Swift: Expose the declared interface type of a type decl
Commit: c0798f7b1d06356172c93563be08f8a199cefaa2
https://github.com/krishnprakash/codeql/commit/c0798f7b1d06356172c93563be08f8a199cefaa2
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M java/documentation/library-coverage/cwe-sink.csv
Log Message:
-----------
Merge pull request #21829 from owen-mc/static/update-framework-report-sink-kinds
C#, Go, Java: Use all path injection sinks when generating docs
Commit: 592c7c043734f6bb48768a56261d711446cde25f
https://github.com/krishnprakash/codeql/commit/592c7c043734f6bb48768a56261d711446cde25f
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M go/extractor/BUILD.bazel
M go/extractor/extractor.go
A go/extractor/extractor_test.go
A go/ql/integration-tests/root-internal-tests/src/go.mod
A go/ql/integration-tests/root-internal-tests/src/main.go
A go/ql/integration-tests/root-internal-tests/src/main_test.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested_test.go
A go/ql/integration-tests/root-internal-tests/test.expected
A go/ql/integration-tests/root-internal-tests/test.py
A go/ql/integration-tests/root-internal-tests/test.ql
Log Message:
-----------
Merge pull request #21826 from AriehSchneier/fix/go-extractor-root-test-files
Go: Fix extractor to extract root internal test files
Commit: c5ae315dbe56b75e416c8fd08fa13dba0f04bd45
https://github.com/krishnprakash/codeql/commit/c5ae315dbe56b75e416c8fd08fa13dba0f04bd45
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M Cargo.lock
M MODULE.bazel
A unified/extractor/tree-sitter-swift/.gitignore
M unified/extractor/tree-sitter-swift/BUILD.bazel
M unified/extractor/tree-sitter-swift/Cargo.toml
M unified/extractor/tree-sitter-swift/bindings/rust/build.rs
M unified/extractor/tree-sitter-swift/bindings/rust/lib.rs
R unified/extractor/tree-sitter-swift/src/grammar.json
R unified/extractor/tree-sitter-swift/src/node-types.json
R unified/extractor/tree-sitter-swift/src/parser.c
R unified/extractor/tree-sitter-swift/src/tree_sitter/alloc.h
R unified/extractor/tree-sitter-swift/src/tree_sitter/array.h
R unified/extractor/tree-sitter-swift/src/tree_sitter/parser.h
Log Message:
-----------
unified: auto-generate parser files
Uses the `tree-sitter-generate` crate to generate these files on the
fly.
Commit: 2e9de7878b3178c0dd0278000aa308eea4bd1734
https://github.com/krishnprakash/codeql/commit/2e9de7878b3178c0dd0278000aa308eea4bd1734
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bindgen-0.72.1.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo-util-schemas-0.8.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo_metadata-0.21.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cexpr-0.6.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.chalk-solve-0.103.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.clang-sys-1.8.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.convert_case-0.8.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.fastrand-2.4.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.foldhash-0.2.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.16.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.17.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.11.4.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.14.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indoc-2.0.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.libloading-0.8.9.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.minimal-lexical-0.2.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.nom-7.1.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.pathdiff-0.2.3.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.petgraph-0.6.5.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_generator-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_shared-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.prettyplease-0.2.37.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.proc-macro-crate-3.5.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_base_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_def-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_ty-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_ide_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_proc_macro_api-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_project_model-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_vfs-0.0.301.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.relative-path-2.0.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-core-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-macro-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-sys-0.10.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.salsa-0.23.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.26.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.28.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_json-1.0.145.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_yaml-0.9.34+deprecated.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.siphasher-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.smallbitvec-2.6.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.18.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.18.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml-0.9.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_datetime-1.1.1+spec-1.1.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.22.27.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.25.11+spec-1.1.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.1.2+spec-1.1.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.topological-sort-0.2.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-generate-0.26.8.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.unicode-segmentation-1.13.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.winnow-1.0.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
Log Message:
-----------
unified: update build dependencies
Commit: 9c958a420ac55f8faa98fce67310e1313ae35bda
https://github.com/krishnprakash/codeql/commit/9c958a420ac55f8faa98fce67310e1313ae35bda
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M Cargo.lock
M Cargo.toml
M MODULE.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bindgen-0.72.1.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo-util-schemas-0.8.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo_metadata-0.21.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cexpr-0.6.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.chalk-solve-0.103.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.clang-sys-1.8.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.convert_case-0.8.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.fastrand-2.4.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.foldhash-0.2.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.16.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.17.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.11.4.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.14.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indoc-2.0.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.libloading-0.8.9.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.minimal-lexical-0.2.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.nom-7.1.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.pathdiff-0.2.3.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.petgraph-0.6.5.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_generator-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_shared-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.prettyplease-0.2.37.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.proc-macro-crate-3.5.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_base_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_def-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_ty-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_ide_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_proc_macro_api-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_project_model-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_vfs-0.0.301.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.relative-path-2.0.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-core-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-macro-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-sys-0.10.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.salsa-0.23.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.26.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.28.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_json-1.0.145.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_yaml-0.9.34+deprecated.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.siphasher-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.smallbitvec-2.6.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.18.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.18.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml-0.9.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_datetime-1.1.1+spec-1.1.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.22.27.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.25.11+spec-1.1.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.1.2+spec-1.1.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.topological-sort-0.2.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-generate-0.26.8.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-swift-0.7.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.unicode-segmentation-1.13.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.winnow-1.0.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
M unified/extractor/BUILD.bazel
M unified/extractor/Cargo.toml
A unified/extractor/tree-sitter-swift/.gitignore
A unified/extractor/tree-sitter-swift/BUILD.bazel
A unified/extractor/tree-sitter-swift/Cargo.toml
A unified/extractor/tree-sitter-swift/LICENSE
A unified/extractor/tree-sitter-swift/README.md
A unified/extractor/tree-sitter-swift/binding.gyp
A unified/extractor/tree-sitter-swift/bindings/node/binding.cc
A unified/extractor/tree-sitter-swift/bindings/node/index.js
A unified/extractor/tree-sitter-swift/bindings/rust/build.rs
A unified/extractor/tree-sitter-swift/bindings/rust/lib.rs
A unified/extractor/tree-sitter-swift/grammar.js
A unified/extractor/tree-sitter-swift/package.json
A unified/extractor/tree-sitter-swift/queries/folds.scm
A unified/extractor/tree-sitter-swift/queries/highlights.scm
A unified/extractor/tree-sitter-swift/queries/indents.scm
A unified/extractor/tree-sitter-swift/queries/injections.scm
A unified/extractor/tree-sitter-swift/queries/locals.scm
A unified/extractor/tree-sitter-swift/queries/outline.scm
A unified/extractor/tree-sitter-swift/queries/tags.scm
A unified/extractor/tree-sitter-swift/queries/textobjects.scm
A unified/extractor/tree-sitter-swift/src/scanner.c
A unified/extractor/tree-sitter-swift/tree-sitter.json
Log Message:
-----------
Merge pull request #21819 from github/tausbn/unified-vendor-in-tree-sitter-swift
unified: use a vendored-in copy of tree-sitter-swift
Commit: 513c7bb30baac0f9a5ad1879a9f56f54d3ea87ae
https://github.com/krishnprakash/codeql/commit/513c7bb30baac0f9a5ad1879a9f56f54d3ea87ae
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/AGENTS.md
A unified/extractor/tree-sitter-swift/node-types.yml
A unified/scripts/regenerate-grammar.sh
Log Message:
-----------
unified: Add scripts for automatically rebuilding Swift grammar
Commit: e709650449fcc04e0b545681894fbcc4de03d086
https://github.com/krishnprakash/codeql/commit/e709650449fcc04e0b545681894fbcc4de03d086
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: Rebuild generated files
The astute reader will note that we seem to _lose_ some node types in
the process. Apparently, these were unreachable in the grammar, and the
newer version of tree-sitter removes such "dead code".
Commit: 9062bba168d2bec4c55f9e589b431bb2ba858f3b
https://github.com/krishnprakash/codeql/commit/9062bba168d2bec4c55f9e589b431bb2ba858f3b
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: get rid of undesirable self-recursion in _expression
This caused any field containing an _expression to appear as if it could
countain any number of such nodes. It also threw away the information
that there was a `?` marker there.
To fix it, we simply move the definition into its own named node.
Commit: 76a1a87c41d5da9d5d481b07691174d0670321db
https://github.com/krishnprakash/codeql/commit/76a1a87c41d5da9d5d481b07691174d0670321db
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 7854a534fdf66dda813a1b02fe5f1062dfcffe45
https://github.com/krishnprakash/codeql/commit/7854a534fdf66dda813a1b02fe5f1062dfcffe45
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: stop operators bleeding through everywhere
We make _referenceable_operator a named node. This prevents it from
bleeding through to the _expression definition. It likely also makes the
output easier to deal with, as bare operators used as arguments now have
a named node wrapping them in the AST.
Also removes a duplicated inclusion of _comparison_operator that served
no purpose.
Commit: 5c16b0faf96f6d32c7d7eb7aeff011c00047da5f
https://github.com/krishnprakash/codeql/commit/5c16b0faf96f6d32c7d7eb7aeff011c00047da5f
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: c0efc52cc768c4ea302c1d79a4e6869afbf3b6d5
https://github.com/krishnprakash/codeql/commit/c0efc52cc768c4ea302c1d79a4e6869afbf3b6d5
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: make if-condition nodes named, to stop bleed
Before, the `condition` field of an if statement supposedly could
contain things like parentheses and commas, due to bleeding from
referenced anonymous nodes. Making the node named makes this issue go
away.
Commit: c7c6e45254bbcf04579ca327ba5a03b8fb1b0215
https://github.com/krishnprakash/codeql/commit/c7c6e45254bbcf04579ca327ba5a03b8fb1b0215
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 38473f9e0b972df283838a2b1dc926027eeec666
https://github.com/krishnprakash/codeql/commit/38473f9e0b972df283838a2b1dc926027eeec666
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: make `expression` named and a supertype
Supertypes are a honking great idea. We should use more of them.
This massively cleans up the node types, without polluting the AST with
`expression` nodes.
Commit: 9abfaca98ce3dd341a3325e44c9ee4d8d23c9216
https://github.com/krishnprakash/codeql/commit/9abfaca98ce3dd341a3325e44c9ee4d8d23c9216
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 70f3fd1158fafd330b60492b349dcb71975b3c53
https://github.com/krishnprakash/codeql/commit/70f3fd1158fafd330b60492b349dcb71975b3c53
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: make `unannotated_type` named and supertype
Gets rid of a bunch of ad-hoc node type unions.
Commit: 37e1e3c879af1c501abba126a8d6fb6793ea1f97
https://github.com/krishnprakash/codeql/commit/37e1e3c879af1c501abba126a8d6fb6793ea1f97
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 91a46f0340c77168b28756ae419e3ce48cbe4283
https://github.com/krishnprakash/codeql/commit/91a46f0340c77168b28756ae419e3ce48cbe4283
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: stop `"!"` bleeding through
You know the drill. We just make an anonymous node named instead. In
this case, however, we have to be a bit more clever about how to rewrite
it. We turn the sequence of a type followed by an optional ! into a
_choice_ between mere type or type followed by bang (the latter being
our new named node).
Commit: caa9b04ad8faa88f31d558542a2eaa3aa97654e6
https://github.com/krishnprakash/codeql/commit/caa9b04ad8faa88f31d558542a2eaa3aa97654e6
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 8b977ef8e15b9779bbfa5b27d6f123aebf9a64a3
https://github.com/krishnprakash/codeql/commit/8b977ef8e15b9779bbfa5b27d6f123aebf9a64a3
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: Get rid of some `"."` bleed
Adds a new type `nested_type_identifier`, which contains the
choice-branch that previously allowed those tokens to bleed through into
the closest parent field.
Commit: a720e258aca32e2d8783b7ffc860bbddf3f6715f
https://github.com/krishnprakash/codeql/commit/a720e258aca32e2d8783b7ffc860bbddf3f6715f
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 994b27bdbd8cceb54cf044499917867f7e340f22
https://github.com/krishnprakash/codeql/commit/994b27bdbd8cceb54cf044499917867f7e340f22
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: convert _type into a named rule
Because `_type` was anonymous, its body was inlined in all of the places
it appeared. Because this body contained a `name` field, this field was
_also_ inlined. This caused a bunch of nodes to have spurious `name`
fields, and for some of them (that already had such a field) it caused
that field have multiplicity greater than one.
To fix this, we make the `_type` node named, which prevents the errant
field from escaping.
Commit: e9822f67ee149169782eb0ddb315d06b9d8bdd77
https://github.com/krishnprakash/codeql/commit/e9822f67ee149169782eb0ddb315d06b9d8bdd77
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 31386f566c9dfa7de21c928181bf20f1816572b7
https://github.com/krishnprakash/codeql/commit/31386f566c9dfa7de21c928181bf20f1816572b7
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: drop `element` field on `_parenthesized_type`
Same pattern we've seen many times before: a field on an anonymous node
gets attached to the parent node instead.
I'm not 100% sure this is the right solution, but it seemed wrong to
just make `_parenthesized_type` named instead (we don't usually name
parentheticals). At the very least, this cleans up the spurious
navigation_expression.element and tuple_type_item.element fields.
Commit: f9e7f908963faa4c3c78126a8d4fa50d6ff432e7
https://github.com/krishnprakash/codeql/commit/f9e7f908963faa4c3c78126a8d4fa50d6ff432e7
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 2608db9fd98a75409c3b2536342aa942b3bf0407
https://github.com/krishnprakash/codeql/commit/2608db9fd98a75409c3b2536342aa942b3bf0407
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: Prevent field bleed-through from `_if_let_binding`
Same procedure as before -- we change the anonymous node to a named
node, and the problem magically goes away.
Commit: a5a1312e51dd7ba94af1553b717f36d6157db0fc
https://github.com/krishnprakash/codeql/commit/a5a1312e51dd7ba94af1553b717f36d6157db0fc
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: ff5c0b40f161a41d0f14c4ad427640d5afd9cade
https://github.com/krishnprakash/codeql/commit/ff5c0b40f161a41d0f14c4ad427640d5afd9cade
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/extractor/tree-sitter-swift/grammar.js
M unified/extractor/tree-sitter-swift/node-types.yml
Log Message:
-----------
unified: add supertypes for various kinds of declarations
Hides a bunch of huge unions under (hopefully) sensible supertypes.
Commit: 911e59caeff7330641234c35483e0027ef96f5bd
https://github.com/krishnprakash/codeql/commit/911e59caeff7330641234c35483e0027ef96f5bd
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
Log Message:
-----------
unified: regenerate files
Commit: 5508b1576f7d716b398e5fed0e48b7d2131ee256
https://github.com/krishnprakash/codeql/commit/5508b1576f7d716b398e5fed0e48b7d2131ee256
Author: Taus <tau...@github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M unified/AGENTS.md
M unified/extractor/tree-sitter-swift/grammar.js
A unified/extractor/tree-sitter-swift/node-types.yml
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
A unified/scripts/regenerate-grammar.sh
Log Message:
-----------
Merge pull request #21821 from github/tausbn/unified-swift-grammar-cleanup-phase-1
unified: Swift grammar cleanup part 1
Commit: 0b808e11703a7438f3a9aaca53c734ed0e39f694
https://github.com/krishnprakash/codeql/commit/0b808e11703a7438f3a9aaca53c734ed0e39f694
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
Log Message:
-----------
Merge pull request #21807 from owen-mc/java/improve-qhelp-unsafe-deserialization
Shared: improve qhelp for unsafe deserialization queries
Commit: 2bd2ee45fdc442f1e28245900184d78a84c766c7
https://github.com/krishnprakash/codeql/commit/2bd2ee45fdc442f1e28245900184d78a84c766c7
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-05-13 (Wed, 13 May 2026)
Changed paths:
M Cargo.lock
M Cargo.toml
M MODULE.bazel
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp
M go/extractor/BUILD.bazel
M go/extractor/extractor.go
A go/extractor/extractor_test.go
A go/ql/integration-tests/root-internal-tests/src/go.mod
A go/ql/integration-tests/root-internal-tests/src/main.go
A go/ql/integration-tests/root-internal-tests/src/main_test.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested.go
A go/ql/integration-tests/root-internal-tests/src/nested/nested_test.go
A go/ql/integration-tests/root-internal-tests/test.expected
A go/ql/integration-tests/root-internal-tests/test.py
A go/ql/integration-tests/root-internal-tests/test.ql
M java/documentation/library-coverage/cwe-sink.csv
M java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.bindgen-0.72.1.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo-util-schemas-0.8.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cargo_metadata-0.21.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.cexpr-0.6.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.chalk-solve-0.103.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.clang-sys-1.8.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.convert_case-0.8.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.fastrand-2.4.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.foldhash-0.2.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.16.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.hashbrown-0.17.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.11.4.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indexmap-2.14.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.indoc-2.0.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.libloading-0.8.9.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.minimal-lexical-0.2.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.nom-7.1.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.pathdiff-0.2.3.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.petgraph-0.6.5.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_generator-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.phf_shared-0.13.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.prettyplease-0.2.37.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.proc-macro-crate-3.5.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_base_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_def-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_hir_ty-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_ide_db-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_proc_macro_api-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_project_model-0.0.301.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.ra_ap_vfs-0.0.301.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.relative-path-2.0.1.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-core-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-macro-0.10.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.rquickjs-sys-0.10.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.salsa-0.23.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.26.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.semver-1.0.28.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_json-1.0.145.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.serde_yaml-0.9.34+deprecated.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.siphasher-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.smallbitvec-2.6.1.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-2.0.18.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.16.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.thiserror-impl-2.0.18.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml-0.9.7.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_datetime-1.1.1+spec-1.1.0.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.22.27.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_edit-0.25.11+spec-1.1.0.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.0.3.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.toml_parser-1.1.2+spec-1.1.0.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.topological-sort-0.2.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-generate-0.26.8.bazel
R misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.tree-sitter-swift-0.7.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.unicode-segmentation-1.13.2.bazel
A misc/bazel/3rdparty/tree_sitter_extractors_deps/BUILD.winnow-1.0.2.bazel
M misc/bazel/3rdparty/tree_sitter_extractors_deps/defs.bzl
M python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
M shared/yeast/src/lib.rs
M shared/yeast/src/visitor.rs
M shared/yeast/tests/test.rs
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/old.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/swift.dbscheme
A swift/downgrades/1bb163e31d206f30146738adcd93def10fdabefa/upgrade.properties
M swift/extractor/translators/DeclTranslator.cpp
M swift/ql/.generated.list
A swift/ql/lib/change-notes/2026-05-11-declared-interface-type.md
M swift/ql/lib/codeql/swift/generated/Raw.qll
M swift/ql/lib/codeql/swift/generated/decl/TypeDecl.qll
M swift/ql/lib/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/old.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/swift.dbscheme
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.properties
A swift/ql/lib/upgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.ql
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/AssociatedTypeDecl/AssociatedTypeDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ClassDecl/ClassDecl.ql
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.expected
M swift/ql/test/extractor-tests/generated/decl/EnumDecl/EnumDecl.ql
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected
M swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.ql
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.expected
M swift/ql/test/extractor-tests/generated/decl/OpaqueTypeDecl/OpaqueTypeDecl.ql
M swift/schema.py
M unified/AGENTS.md
M unified/extractor/BUILD.bazel
M unified/extractor/Cargo.toml
A unified/extractor/tree-sitter-swift/.gitignore
A unified/extractor/tree-sitter-swift/BUILD.bazel
A unified/extractor/tree-sitter-swift/Cargo.toml
A unified/extractor/tree-sitter-swift/LICENSE
A unified/extractor/tree-sitter-swift/README.md
A unified/extractor/tree-sitter-swift/binding.gyp
A unified/extractor/tree-sitter-swift/bindings/node/binding.cc
A unified/extractor/tree-sitter-swift/bindings/node/index.js
A unified/extractor/tree-sitter-swift/bindings/rust/build.rs
A unified/extractor/tree-sitter-swift/bindings/rust/lib.rs
A unified/extractor/tree-sitter-swift/grammar.js
A unified/extractor/tree-sitter-swift/node-types.yml
A unified/extractor/tree-sitter-swift/package.json
A unified/extractor/tree-sitter-swift/queries/folds.scm
A unified/extractor/tree-sitter-swift/queries/highlights.scm
A unified/extractor/tree-sitter-swift/queries/indents.scm
A unified/extractor/tree-sitter-swift/queries/injections.scm
A unified/extractor/tree-sitter-swift/queries/locals.scm
A unified/extractor/tree-sitter-swift/queries/outline.scm
A unified/extractor/tree-sitter-swift/queries/tags.scm
A unified/extractor/tree-sitter-swift/queries/textobjects.scm
A unified/extractor/tree-sitter-swift/src/scanner.c
A unified/extractor/tree-sitter-swift/tree-sitter.json
M unified/ql/lib/codeql/unified/Ast.qll
M unified/ql/lib/unified.dbscheme
A unified/scripts/regenerate-grammar.sh
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/8f2c6b0e7712...2bd2ee45fdc4
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Reply all
Reply to author
Forward
0 new messages