[krishnprakash/codeql] 54c7c5: Tree sitter extractor: Proper handling of `LGTM_IN...
84 views
Skip to first unread message
Geoffrey White
Feb 26, 2024, 9:18:52 PM2/26/24
to philecodi...@googlegroups.com
Branch: refs/heads/main
Home: https://github.com/krishnprakash/codeql
Commit: 54c7c5e8be789c853751ce0c198789688e330979
https://github.com/krishnprakash/codeql/commit/54c7c5e8be789c853751ce0c198789688e330979
Author: Rasmus Wriedt Larsen <rasm...@github.com>
Date: 2024-01-18 (Thu, 18 Jan 2024)
Changed paths:
M shared/tree-sitter-extractor/src/autobuilder.rs
Log Message:
-----------
Tree sitter extractor: Proper handling of `LGTM_INDEX_FILTERS`
If someone had used `LGTM_INDEX_FILTERS=exclude:**/*\ninclude:*.rb`
before, we would have mistakenly excluded all files :|
(LGTM_INDEX_FILTERS is a prioritized list where later matches take
priority over earlier ones)
This change is needed to support adding `exclude:**/*` as the first
filter if `paths` include a glob, which currently causes bad behavior in
the Python extractor. However, we can first introduce that change once
this PR has been merged.
I realize this change can cause more folders and files to be traversed
(since they are not just skipped with --exclude). We plan to make a
better long term fix which should bring back the previous performance.
Commit: f20d4e22fe1481167da66af25492af9e079260e9
https://github.com/krishnprakash/codeql/commit/f20d4e22fe1481167da66af25492af9e079260e9
Author: Rasmus Wriedt Larsen <rasm...@github.com>
Date: 2024-01-18 (Thu, 18 Jan 2024)
Changed paths:
M shared/tree-sitter-extractor/src/autobuilder.rs
Log Message:
-----------
Handle only `exclude`
Commit: d814decc17e3cca6258fa2e80a2b515afbcb4203
https://github.com/krishnprakash/codeql/commit/d814decc17e3cca6258fa2e80a2b515afbcb4203
Author: Marcono1234 <Marco...@users.noreply.github.com>
Date: 2024-02-10 (Sat, 10 Feb 2024)
Changed paths:
M ruby/ql/lib/CHANGELOG.md
M ruby/ql/lib/change-notes/released/0.8.7.md
Log Message:
-----------
Ruby: Fix formatting in changelog
Commit: 90f3670f3d5a89f63b0820ae6c93977c4c71d3d4
https://github.com/krishnprakash/codeql/commit/90f3670f3d5a89f63b0820ae6c93977c4c71d3d4
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-12 (Mon, 12 Feb 2024)
Changed paths:
M csharp/ql/lib/semmlecode.csharp.dbscheme.stats
Log Message:
-----------
C#: Remove all DB stats
Commit: 15cf6951880898b05069a1ede4f0cb459d7e77d7
https://github.com/krishnprakash/codeql/commit/15cf6951880898b05069a1ede4f0cb459d7e77d7
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-12 (Mon, 12 Feb 2024)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll
M csharp/ql/lib/semmle/code/csharp/Generics.qll
M csharp/ql/lib/semmle/code/csharp/Implements.qll
M csharp/ql/lib/semmle/code/csharp/commons/QualifiedName.qll
M csharp/ql/lib/semmle/code/csharp/commons/StructuralComparison.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/dispatch/OverridableCallable.qll
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql
Log Message:
-----------
C#: Fix various bad joins
Commit: 07223031e8f3d41f85619eac52ca576b003af339
https://github.com/krishnprakash/codeql/commit/07223031e8f3d41f85619eac52ca576b003af339
Author: Rasmus Wriedt Larsen <rasm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .bazelrc
M .bazelversion
A .clang-format
M .github/workflows/check-change-note.yml
M .github/workflows/check-implicit-this.yml
M .github/workflows/check-qldoc.yml
M .github/workflows/check-query-ids.yml
M .github/workflows/close-stale.yml
M .github/workflows/codeql-analysis.yml
M .github/workflows/compile-queries.yml
M .github/workflows/csharp-qltest.yml
M .github/workflows/csv-coverage-metrics.yml
M .github/workflows/csv-coverage-pr-artifacts.yml
M .github/workflows/csv-coverage-pr-comment.yml
M .github/workflows/csv-coverage-timeseries.yml
M .github/workflows/csv-coverage-update.yml
M .github/workflows/csv-coverage.yml
M .github/workflows/fast-forward.yml
M .github/workflows/go-tests-other-os.yml
M .github/workflows/go-tests.yml
M .github/workflows/labeler.yml
M .github/workflows/mad_regenerate-models.yml
M .github/workflows/qhelp-pr-preview.yml
M .github/workflows/ql-for-ql-build.yml
M .github/workflows/ql-for-ql-dataset_measure.yml
M .github/workflows/ql-for-ql-tests.yml
M .github/workflows/query-list.yml
M .github/workflows/ruby-build.yml
M .github/workflows/ruby-dataset-measure.yml
M .github/workflows/ruby-qltest.yml
M .github/workflows/swift.yml
M .github/workflows/sync-files.yml
M .github/workflows/tree-sitter-extractor-test.yml
M .github/workflows/validate-change-notes.yml
M .pre-commit-config.yaml
M CODEOWNERS
A MODULE.bazel
M WORKSPACE.bazel
M config/identical-files.json
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/exprparents.ql
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/for_initialization.ql
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/old.dbscheme
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/semmlecode.cpp.dbscheme
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/stmtparents.ql
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/upgrade.properties
A cpp/downgrades/4f9fabab5124d49108782c081579f45a70571d74/mangled_name.ql
A cpp/downgrades/4f9fabab5124d49108782c081579f45a70571d74/old.dbscheme
A cpp/downgrades/4f9fabab5124d49108782c081579f45a70571d74/semmlecode.cpp.dbscheme
A cpp/downgrades/4f9fabab5124d49108782c081579f45a70571d74/upgrade.properties
M cpp/ql/lib/CHANGELOG.md
M cpp/ql/lib/IDEContextual.qll
A cpp/ql/lib/change-notes/released/0.12.4.md
A cpp/ql/lib/change-notes/released/0.12.5.md
A cpp/ql/lib/change-notes/released/0.12.6.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/lib/semmle/code/cpp/Class.qll
M cpp/ql/lib/semmle/code/cpp/Element.qll
M cpp/ql/lib/semmle/code/cpp/Function.qll
M cpp/ql/lib/semmle/code/cpp/PODType03.qll
M cpp/ql/lib/semmle/code/cpp/PrintAST.qll
M cpp/ql/lib/semmle/code/cpp/Variable.qll
M cpp/ql/lib/semmle/code/cpp/XML.qll
M cpp/ql/lib/semmle/code/cpp/commons/NULL.qll
R cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/internal/CFG.qll
M cpp/ql/lib/semmle/code/cpp/exprs/Assignment.qll
M cpp/ql/lib/semmle/code/cpp/exprs/Expr.qll
A cpp/ql/lib/semmle/code/cpp/headers/PreprocBlock.qll
M cpp/ql/lib/semmle/code/cpp/internal/ResolveClass.qll
A cpp/ql/lib/semmle/code/cpp/internal/ResolveFunction.qll
M cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstructionInternal.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstructionInternal.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/IRConstruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll
M cpp/ql/lib/semmle/code/cpp/models/Models.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Deallocation.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/GetDelim.qll
A cpp/ql/lib/semmle/code/cpp/models/implementations/GetText.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Inet.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/StdContainer.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/StdMap.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/StdSet.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/StdString.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Strcrement.qll
A cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/DataFlow.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/FunctionInputsAndOutputs.qll
A cpp/ql/lib/semmle/code/cpp/models/interfaces/PartialFlow.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/Taint.qll
A cpp/ql/lib/semmle/code/cpp/models/interfaces/Throwing.qll
A cpp/ql/lib/semmle/code/cpp/security/flowafterfree/FlowAfterFree.qll
A cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll
M cpp/ql/lib/semmle/code/cpp/stmts/Stmt.qll
M cpp/ql/lib/semmlecode.cpp.dbscheme
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/exprparents.ql
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/old.dbscheme
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/stmtparents.ql
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/upgrade.properties
A cpp/ql/lib/upgrades/7f34caf73ca98314885030cc5a22b6e328fe687c/mangled_name.ql
A cpp/ql/lib/upgrades/7f34caf73ca98314885030cc5a22b6e328fe687c/old.dbscheme
A cpp/ql/lib/upgrades/7f34caf73ca98314885030cc5a22b6e328fe687c/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/7f34caf73ca98314885030cc5a22b6e328fe687c/upgrade.properties
M cpp/ql/src/CHANGELOG.md
M cpp/ql/src/Critical/DoubleFree.ql
R cpp/ql/src/Critical/FlowAfterFree.qll
M cpp/ql/src/Critical/ScanfChecks.qll
M cpp/ql/src/Critical/UseAfterFree.ql
A cpp/ql/src/Diagnostics/ExtractedFiles.ql
R cpp/ql/src/Diagnostics/SuccessfullyExtractedFiles.ql
M cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql
M cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql
M cpp/ql/src/Microsoft/SAL.qll
M cpp/ql/src/Security/CWE/CWE-497/SystemData.qll
M cpp/ql/src/Security/CWE/CWE-704/WcharCharConversion.ql
R cpp/ql/src/change-notes/2024-01-09-add-exception-to-av-rule-32.md
A cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md
A cpp/ql/src/change-notes/released/0.9.3.md
A cpp/ql/src/change-notes/released/0.9.4.md
A cpp/ql/src/change-notes/released/0.9.5.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-078/WordexpTainted.expected
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/AllocMultiplicationOverflow/AllocMultiplicationOverflow.expected
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/array-access/ArrayAccessProductFlow.expected
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-359/semmle/tests/PrivateCleartextWrite.expected
M cpp/ql/test/include/iterator.h
A cpp/ql/test/library-tests/dataflow/asExpr/test-indirect.expected
A cpp/ql/test/library-tests/dataflow/asExpr/test-indirect.ql
A cpp/ql/test/library-tests/dataflow/asExpr/test.cpp
A cpp/ql/test/library-tests/dataflow/asExpr/test.expected
A cpp/ql/test/library-tests/dataflow/asExpr/test.ql
M cpp/ql/test/library-tests/dataflow/dataflow-tests/BarrierGuard.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/TestBase.qll
M cpp/ql/test/library-tests/dataflow/dataflow-tests/clang.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected
M cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected
M cpp/ql/test/library-tests/dataflow/dataflow-tests/dispatch.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/example.c
M cpp/ql/test/library-tests/dataflow/dataflow-tests/flowOut.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/lambdas.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/ref.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/self_parameter_flow.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/test-source-sink.expected
M cpp/ql/test/library-tests/dataflow/dataflow-tests/test.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/type-bugs.expected
M cpp/ql/test/library-tests/dataflow/dataflow-tests/type-bugs.ql
M cpp/ql/test/library-tests/dataflow/dataflow-tests/uninitialized.expected
M cpp/ql/test/library-tests/dataflow/fields/ir-path-flow.expected
M cpp/ql/test/library-tests/dataflow/fields/path-flow.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/map.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/set.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/string.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/stringstream.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/taint.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/vector.cpp
A cpp/ql/test/library-tests/destructors/PrintAST.expected
A cpp/ql/test/library-tests/destructors/PrintAST.ql
A cpp/ql/test/library-tests/destructors/destructors.expected
A cpp/ql/test/library-tests/destructors/destructors.ql
A cpp/ql/test/library-tests/headers/preprocBlock/header.h
A cpp/ql/test/library-tests/headers/preprocBlock/preprocblock.cpp
A cpp/ql/test/library-tests/headers/preprocBlock/preprocblock.expected
A cpp/ql/test/library-tests/headers/preprocBlock/preprocblock.ql
A cpp/ql/test/library-tests/headers/preprocBlock/preprocinclude.expected
A cpp/ql/test/library-tests/headers/preprocBlock/preprocinclude.ql
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/ir.c
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/operand_locations.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/string_concat/strconcat.expected
M cpp/ql/test/library-tests/syntax-zoo/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/syntax-zoo/raw_consistency.expected
M cpp/ql/test/library-tests/syntax-zoo/unaliased_ssa_consistency.expected
M cpp/ql/test/query-tests/Critical/MemoryFreed/DoubleFree.expected
M cpp/ql/test/query-tests/Critical/MemoryFreed/MemoryFreed.expected
M cpp/ql/test/query-tests/Critical/MemoryFreed/UseAfterFree.expected
M cpp/ql/test/query-tests/Critical/MissingCheckScanf/MissingCheckScanf.expected
M cpp/ql/test/query-tests/Critical/MissingCheckScanf/test.cpp
A cpp/ql/test/query-tests/Diagnostics/ExtractedFiles.expected
A cpp/ql/test/query-tests/Diagnostics/ExtractedFiles.qlref
A cpp/ql/test/query-tests/Diagnostics/ExtractionErrors.expected
A cpp/ql/test/query-tests/Diagnostics/ExtractionErrors.qlref
A cpp/ql/test/query-tests/Diagnostics/ExtractionWarnings.expected
A cpp/ql/test/query-tests/Diagnostics/ExtractionWarnings.qlref
A cpp/ql/test/query-tests/Diagnostics/FailedExtractorInvocations.expected
A cpp/ql/test/query-tests/Diagnostics/FailedExtractorInvocations.qlref
A cpp/ql/test/query-tests/Diagnostics/Info.expected
A cpp/ql/test/query-tests/Diagnostics/Info.ql
A cpp/ql/test/query-tests/Diagnostics/containserror.cpp
A cpp/ql/test/query-tests/Diagnostics/containswarning.cpp
A cpp/ql/test/query-tests/Diagnostics/doesnotcompile.cpp
A cpp/ql/test/query-tests/Diagnostics/header.h
A cpp/ql/test/query-tests/Diagnostics/successful.cpp
M cpp/ql/test/query-tests/Likely Bugs/Conversion/CastArrayPointerArithmetic/CastArrayPointerArithmetic.expected
M cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.c
M cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected
M cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/nested.cpp
M cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-022/SAMATE/TaintedPath/TaintedPath.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-022/semmle/tests/TaintedPath.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-078/SAMATE/ExecTainted/ExecTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-078/semmle/ExecTainted/ExecTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-079/semmle/CgiXss/CgiXss.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-114/SAMATE/UncontrolledProcessOperation/UncontrolledProcessOperation.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-114/semmle/UncontrolledProcessOperation/UncontrolledProcessOperation.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/OverflowDestination.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/UnboundedWrite.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/UnboundedWrite.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-129/SAMATE/ImproperArrayIndexValidation/ImproperArrayIndexValidation.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-129/semmle/ImproperArrayIndexValidation/ImproperArrayIndexValidation.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/SAMATE/UncontrolledFormatString.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/argv/argvLocal.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/consts/NonConstantFormat.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/consts/consts.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/funcs/funcsLocal.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/globalVars/UncontrolledFormatString.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/ifs/ifs.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/SAMATE/ArithmeticTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/SAMATE/ArithmeticUncontrolled.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/ArithmeticUncontrolled/ArithmeticUncontrolled.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/TaintedAllocationSize/TaintedAllocationSize.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/ArithmeticTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-193/InvalidPointerDeref.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/AuthenticationBypass.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/CleartextBufferWrite.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/CleartextFileWrite.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/CleartextTransmission.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/test2.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-319/UseOfHttp/UseOfHttp.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-416/semmle/tests/UseAfterFree/UseAfterFree.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/test.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-497/SAMATE/PotentiallyExposedSystemData.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/ExposedSystemData.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/PotentiallyExposedSystemData.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-611/XXE.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-704/WcharCharConversion.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-807/semmle/TaintedCondition/TaintedCondition.expected
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/cfg.expected
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/cfg.ql
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/forstmt.h
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/forstmt01.cpp
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/forstmt02.cpp
M cpp/ql/test/successor-tests/staticlocals/no_dynamic_init/exprs.expected
M csharp/actions/create-extractor-pack/action.yml
M csharp/autobuilder/Semmle.Autobuild.CSharp.Tests/BuildScripts.cs
M csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs
A csharp/autobuilder/Semmle.Autobuild.CSharp/Constants.cs
M csharp/autobuilder/Semmle.Autobuild.CSharp/DotNetRule.cs
M csharp/autobuilder/Semmle.Autobuild.CSharp/StandaloneBuildRule.cs
M csharp/autobuilder/Semmle.Autobuild.Shared/AutobuildOptions.cs
M csharp/autobuilder/Semmle.Autobuild.Shared/Autobuilder.cs
M csharp/autobuilder/Semmle.Autobuild.Shared/BuildActions.cs
M csharp/codeql-extractor.yml
M csharp/documentation/library-coverage/coverage.csv
M csharp/documentation/library-coverage/coverage.rst
A csharp/downgrades/c9ee11bd1ee96e925a35cedff000be924634447f/old.dbscheme
A csharp/downgrades/c9ee11bd1ee96e925a35cedff000be924634447f/semmlecode.csharp.dbscheme
A csharp/downgrades/c9ee11bd1ee96e925a35cedff000be924634447f/upgrade.properties
A csharp/downgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/old.dbscheme
A csharp/downgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/semmlecode.csharp.dbscheme
A csharp/downgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/upgrade.properties
A csharp/downgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/old.dbscheme
A csharp/downgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/semmlecode.csharp.dbscheme
A csharp/downgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/types.ql
A csharp/downgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/upgrade.properties
A csharp/downgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/expressions.ql
A csharp/downgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/old.dbscheme
A csharp/downgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/semmlecode.csharp.dbscheme
A csharp/downgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/upgrade.properties
M csharp/extractor/Semmle.Extraction.CIL.Driver/Program.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/AssemblyCache.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/AssemblyInfo.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/Assets.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DependencyManager.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DotNet.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DotNetCliInvoker.cs
A csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/EnvironmentVariableNames.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FileContent.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FileInfoExtensions.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FilePathFilter.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FrameworkPackageNames.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/IDotNet.cs
R csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/IProgressMonitor.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackages.cs
R csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/ProgressMonitor.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/Razor.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/Runtime.cs
M csharp/extractor/Semmle.Extraction.CSharp.Standalone/Extractor.cs
M csharp/extractor/Semmle.Extraction.CSharp.Standalone/Options.cs
M csharp/extractor/Semmle.Extraction.CSharp.Standalone/Program.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Compilations/Compilation.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Constructor.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Collections/Collection.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Collections/Spread.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ElementAccess.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Factory.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Invocation.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Method.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/NonGeneratedSourceLocation.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/PreprocessorDirectives/LineOrSpanDirective.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/PreprocessorDirectives/PragmaChecksumDirective.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Statement`1.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/Statements/SyntheticEmptyBlock.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/Type.cs
M csharp/extractor/Semmle.Extraction.CSharp/Extractor/Analyser.cs
M csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs
M csharp/extractor/Semmle.Extraction.CSharp/Extractor/StandaloneAnalyser.cs
M csharp/extractor/Semmle.Extraction.CSharp/Extractor/TracingAnalyser.cs
M csharp/extractor/Semmle.Extraction.CSharp/Kinds/ExprKind.cs
M csharp/extractor/Semmle.Extraction.CSharp/Kinds/TypeKind.cs
M csharp/extractor/Semmle.Extraction.CSharp/SymbolExtensions.cs
M csharp/extractor/Semmle.Extraction.CSharp/Tuples.cs
M csharp/extractor/Semmle.Extraction.Tests/Assets.cs
M csharp/extractor/Semmle.Extraction.Tests/DotNet.cs
M csharp/extractor/Semmle.Extraction.Tests/FileContent.cs
M csharp/extractor/Semmle.Extraction.Tests/FilePathFilter.cs
M csharp/extractor/Semmle.Extraction.Tests/LoggerStub.cs
M csharp/extractor/Semmle.Extraction.Tests/Options.cs
M csharp/extractor/Semmle.Extraction.Tests/Runtime.cs
M csharp/extractor/Semmle.Extraction/CsProjFile.cs
M csharp/extractor/Semmle.Extraction/Extractor/Extractor.cs
M csharp/extractor/Semmle.Extraction/Extractor/StandaloneExtractor.cs
M csharp/extractor/Semmle.Extraction/Extractor/TracingExtractor.cs
M csharp/extractor/Semmle.Extraction/Options.cs
M csharp/extractor/Semmle.Util.Tests/CanonicalPathCache.cs
M csharp/extractor/Semmle.Util.Tests/FileUtils.cs
M csharp/extractor/Semmle.Util/CommandLineExtensions.cs
M csharp/extractor/Semmle.Util/FileUtils.cs
R csharp/extractor/Semmle.Util/Logger.cs
R csharp/extractor/Semmle.Util/LoggerUtils.cs
A csharp/extractor/Semmle.Util/Logging/CombinedLogger.cs
A csharp/extractor/Semmle.Util/Logging/ConsoleLogger.cs
A csharp/extractor/Semmle.Util/Logging/FileLogger.cs
A csharp/extractor/Semmle.Util/Logging/ILogger.cs
A csharp/extractor/Semmle.Util/Logging/PidStreamWriter.cs
A csharp/extractor/Semmle.Util/Logging/Severity.cs
A csharp/extractor/Semmle.Util/Logging/Verbosity.cs
A csharp/extractor/Semmle.Util/Logging/VerbosityExtensions.cs
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.7.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.8.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.9.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.7.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.8.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.9.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/consistency-queries/DataFlowConsistency.ql
M csharp/ql/integration-tests/all-platforms/autobuild/test.py
M csharp/ql/integration-tests/all-platforms/cshtml/global.json
M csharp/ql/integration-tests/all-platforms/cshtml/test.py
M csharp/ql/integration-tests/all-platforms/cshtml_standalone/global.json
M csharp/ql/integration-tests/all-platforms/cshtml_standalone/test.py
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/Files.expected
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/Files.ql
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/Program.cs
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/Views/Home/Index.cshtml
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/cshtml.csproj
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/global.json
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/test.py
M csharp/ql/integration-tests/all-platforms/cshtml_standalone_flowsteps/test.py
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/Files.expected
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/Files.ql
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/Program.cs
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/Views/Home/Index.cshtml
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/cshtml.csproj
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/global.json
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/test.py
M csharp/ql/integration-tests/all-platforms/diag_dotnet_incompatible/global.json
M csharp/ql/integration-tests/all-platforms/diag_missing_project_files/global.json
M csharp/ql/integration-tests/all-platforms/diag_missing_xamarin_sdk/global.json
M csharp/ql/integration-tests/all-platforms/diag_recursive_generics/global.json
M csharp/ql/integration-tests/all-platforms/diag_recursive_generics/test.py
M csharp/ql/integration-tests/all-platforms/dotnet_build/global.json
M csharp/ql/integration-tests/all-platforms/dotnet_no_args_inject/global.json
M csharp/ql/integration-tests/all-platforms/dotnet_pack/global.json
M csharp/ql/integration-tests/all-platforms/dotnet_publish/global.json
M csharp/ql/integration-tests/all-platforms/dotnet_run/global.json
M csharp/ql/integration-tests/all-platforms/standalone/global.json
M csharp/ql/integration-tests/all-platforms/standalone/test.py
M csharp/ql/integration-tests/all-platforms/standalone_dependencies_net48/Assemblies.expected
M csharp/ql/integration-tests/all-platforms/standalone_dependencies_net48/Assemblies.ql
M csharp/ql/integration-tests/all-platforms/standalone_dependencies_net48/global.json
M csharp/ql/integration-tests/all-platforms/standalone_dependencies_net48/test.py
A csharp/ql/integration-tests/linux-only/compiler_args/CompilerArgs.expected
A csharp/ql/integration-tests/linux-only/compiler_args/CompilerArgs.ql
A csharp/ql/integration-tests/linux-only/compiler_args/Program.cs
A csharp/ql/integration-tests/linux-only/compiler_args/global.json
A csharp/ql/integration-tests/linux-only/compiler_args/test.csproj
A csharp/ql/integration-tests/linux-only/compiler_args/test.py
M csharp/ql/integration-tests/linux-only/standalone_dependencies_non_utf8_filename/global.json
M csharp/ql/integration-tests/linux-only/standalone_dependencies_non_utf8_filename/test.py
M csharp/ql/integration-tests/posix-only/dotnet_test/global.json
M csharp/ql/integration-tests/posix-only/dotnet_test_mstest/global.json
M csharp/ql/integration-tests/posix-only/inherit-env-vars/global.json
M csharp/ql/integration-tests/posix-only/standalone_dependencies/Assemblies.expected
M csharp/ql/integration-tests/posix-only/standalone_dependencies/Assemblies.ql
M csharp/ql/integration-tests/posix-only/standalone_dependencies/global.json
M csharp/ql/integration-tests/posix-only/standalone_dependencies/test.py
M csharp/ql/integration-tests/posix-only/standalone_dependencies_multi_target/Assemblies.expected
M csharp/ql/integration-tests/posix-only/standalone_dependencies_multi_target/Assemblies.ql
M csharp/ql/integration-tests/posix-only/standalone_dependencies_multi_target/global.json
M csharp/ql/integration-tests/posix-only/standalone_dependencies_multi_target/test.py
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/Assemblies.expected
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/Assemblies.ql
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/Program.cs
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/global.json
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/packages.config
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/skip-on-platform-osx-arm
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/test.py
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/test_old.csproj
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/test_sdk.csproj
M csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget/Assemblies.expected
M csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget/Assemblies.ql
M csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget/global.json
M csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget/test.py
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/Assemblies.expected
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/Assemblies.ql
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/proj/Program.cs
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/proj/nuget.config
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/proj/proj.csproj
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/standalone.sln
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/test.py
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/Assemblies.expected
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/Assemblies.ql
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/nuget.config
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/proj/Program.cs
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/proj/global.json
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/proj/packages.config
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/proj/test.csproj
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/skip-on-platform-osx-arm
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/test.py
M csharp/ql/integration-tests/posix-only/warn_as_error/global.json
M csharp/ql/integration-tests/posix-only/warn_as_error/test.py
M csharp/ql/integration-tests/windows-only/standalone_dependencies/Assemblies.expected
M csharp/ql/integration-tests/windows-only/standalone_dependencies/Assemblies.ql
M csharp/ql/integration-tests/windows-only/standalone_dependencies/global.json
M csharp/ql/integration-tests/windows-only/standalone_dependencies/test.py
M csharp/ql/lib/CHANGELOG.md
M csharp/ql/lib/IDEContextual.qll
R csharp/ql/lib/change-notes/2024-01-10-lambda-param-defaults.md
R csharp/ql/lib/change-notes/2024-01-11-manual-neutral-model-blocks-generated-models.md
A csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md
A csharp/ql/lib/change-notes/released/0.8.7.md
A csharp/ql/lib/change-notes/released/0.8.8.md
A csharp/ql/lib/change-notes/released/0.8.9.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll
M csharp/ql/lib/ext/System.Collections.Immutable.model.yml
M csharp/ql/lib/ext/System.Linq.model.yml
M csharp/ql/lib/ext/System.model.yml
A csharp/ql/lib/genkindenum.pl
M csharp/ql/lib/qlpack.yml
M csharp/ql/lib/semmle/code/asp/WebConfig.qll
M csharp/ql/lib/semmle/code/cil/DataFlow.qll
M csharp/ql/lib/semmle/code/cil/Instructions.qll
M csharp/ql/lib/semmle/code/cil/Ssa.qll
M csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Property.qll
M csharp/ql/lib/semmle/code/csharp/Type.qll
M csharp/ql/lib/semmle/code/csharp/XML.qll
M csharp/ql/lib/semmle/code/csharp/commons/Compilation.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/ContentDataFlow.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Access.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Expr.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/NHibernate.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/Razor.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/Owin.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll
M csharp/ql/lib/semmle/code/csharp/security/Sanitizers.qll
M csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UrlRedirectQuery.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSQuery.qll
A csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/FlowSources.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Local.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Stored.qll
M csharp/ql/lib/semmle/code/dotnet/Element.qll
M csharp/ql/lib/semmlecode.csharp.dbscheme
M csharp/ql/lib/semmlecode.csharp.dbscheme.stats
A csharp/ql/lib/upgrades/1f291d4f424b498e7500c0359ca1fe030628a448/old.dbscheme
A csharp/ql/lib/upgrades/1f291d4f424b498e7500c0359ca1fe030628a448/semmlecode.csharp.dbscheme
A csharp/ql/lib/upgrades/1f291d4f424b498e7500c0359ca1fe030628a448/upgrade.properties
A csharp/ql/lib/upgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/old.dbscheme
A csharp/ql/lib/upgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/semmlecode.csharp.dbscheme
A csharp/ql/lib/upgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/upgrade.properties
A csharp/ql/lib/upgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/old.dbscheme
A csharp/ql/lib/upgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/semmlecode.csharp.dbscheme
A csharp/ql/lib/upgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/upgrade.properties
A csharp/ql/lib/upgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/old.dbscheme
A csharp/ql/lib/upgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/semmlecode.csharp.dbscheme
A csharp/ql/lib/upgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/upgrade.properties
M csharp/ql/src/CHANGELOG.md
R csharp/ql/src/Diagnostics/DiagnosticNoExtractionErrors.ql
A csharp/ql/src/Diagnostics/ExtractedFiles.ql
R csharp/ql/src/Security Features/CWE-022/TaintedPath.cs
M csharp/ql/src/Security Features/CWE-022/TaintedPath.qhelp
M csharp/ql/src/Security Features/CWE-022/ZipSlip.qhelp
R csharp/ql/src/Security Features/CWE-022/ZipSlipBad.cs
R csharp/ql/src/Security Features/CWE-022/ZipSlipGood.cs
A csharp/ql/src/Security Features/CWE-022/examples/TaintedPath.cs
A csharp/ql/src/Security Features/CWE-022/examples/TaintedPathGoodFolder.cs
A csharp/ql/src/Security Features/CWE-022/examples/TaintedPathGoodNormalize.cs
A csharp/ql/src/Security Features/CWE-022/examples/ZipSlipBad.cs
A csharp/ql/src/Security Features/CWE-022/examples/ZipSlipGood.cs
R csharp/ql/src/Security Features/CWE-601/UrlRedirect.cs
M csharp/ql/src/Security Features/CWE-601/UrlRedirect.qhelp
A csharp/ql/src/Security Features/CWE-601/examples/UrlRedirect.cs
A csharp/ql/src/Security Features/CWE-601/examples/UrlRedirectGood.cs
A csharp/ql/src/Security Features/CWE-601/examples/UrlRedirectGoodDomain.cs
M csharp/ql/src/Telemetry/ExtractorInformation.ql
A csharp/ql/src/change-notes/released/0.8.7.md
A csharp/ql/src/change-notes/released/0.8.8.md
A csharp/ql/src/change-notes/released/0.8.9.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql
M csharp/ql/src/experimental/ir/implementation/internal/AliasedSSAStub.qll
M csharp/ql/src/experimental/ir/implementation/internal/TInstructionInternal.qll
M csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll
M csharp/ql/src/experimental/ir/implementation/raw/internal/IRConstruction.qll
M csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll
M csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll
M csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll
R csharp/ql/src/genkindenum.pl
M csharp/ql/src/qlpack.yml
M csharp/ql/test/experimental/CWE-918/RequestForgery.expected
M csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.expected
M csharp/ql/test/experimental/Security Features/backdoor/PotentialTimeBomb.expected
M csharp/ql/test/library-tests/cil/attributes/attribute.expected
M csharp/ql/test/library-tests/cil/dataflow/DataFlow.expected
M csharp/ql/test/library-tests/cil/dataflow/DataFlow.ql
A csharp/ql/test/library-tests/collections/CollectionExpressions.cs
A csharp/ql/test/library-tests/collections/collectionExpressions.expected
A csharp/ql/test/library-tests/collections/collectionExpressions.ql
A csharp/ql/test/library-tests/collections/options
A csharp/ql/test/library-tests/constructors/PrimaryConstructor.expected
A csharp/ql/test/library-tests/constructors/PrimaryConstructor.ql
M csharp/ql/test/library-tests/constructors/PrintAst.expected
M csharp/ql/test/library-tests/constructors/constructors.cs
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/EntryElement.expected
M csharp/ql/test/library-tests/controlflow/graph/ExitElement.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/controlflow/guards/Collections.ql
M csharp/ql/test/library-tests/controlflow/splits/SplittingStressTest.expected
M csharp/ql/test/library-tests/csharp7/GlobalFlow.expected
M csharp/ql/test/library-tests/csharp7/GlobalTaintTracking.expected
M csharp/ql/test/library-tests/csharp7/LocalTaintFlow.expected
M csharp/ql/test/library-tests/csharp7/TaintReaches.expected
M csharp/ql/test/library-tests/csharp8/NullableRefTypes.expected
M csharp/ql/test/library-tests/csharp9/PrintAst.expected
M csharp/ql/test/library-tests/csharp9/nativeInt.expected
M csharp/ql/test/library-tests/dataflow/async/Async.expected
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
M csharp/ql/test/library-tests/dataflow/collections/CollectionFlow.cs
M csharp/ql/test/library-tests/dataflow/collections/CollectionFlow.expected
A csharp/ql/test/library-tests/dataflow/constructors/ConstructorFlow.expected
A csharp/ql/test/library-tests/dataflow/constructors/ConstructorFlow.ql
A csharp/ql/test/library-tests/dataflow/constructors/Constructors.cs
M csharp/ql/test/library-tests/dataflow/delegates/DelegateFlow.cs
M csharp/ql/test/library-tests/dataflow/delegates/DelegateFlow.expected
M csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs
M csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected
M csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ext.yml
R csharp/ql/test/library-tests/dataflow/fields/C_ctor.cs
M csharp/ql/test/library-tests/dataflow/fields/E.cs
M csharp/ql/test/library-tests/dataflow/fields/FieldFlow.expected
M csharp/ql/test/library-tests/dataflow/global/DataFlowPath.expected
M csharp/ql/test/library-tests/dataflow/global/GetAnOutNode.expected
M csharp/ql/test/library-tests/dataflow/global/TaintTrackingPath.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
M csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
M csharp/ql/test/library-tests/dataflow/operators/operatorFlow.expected
M csharp/ql/test/library-tests/dataflow/ssa/Capture.cs
M csharp/ql/test/library-tests/dataflow/ssa/SSAPhi.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaCapturedVariableDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaExplicitDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaImplicitCall.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
A csharp/ql/test/library-tests/dataflow/threat-models/Test.cs
A csharp/ql/test/library-tests/dataflow/threat-models/Test.qll
A csharp/ql/test/library-tests/dataflow/threat-models/TestSources.cs
A csharp/ql/test/library-tests/dataflow/threat-models/options
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.ql
M csharp/ql/test/library-tests/dataflow/tuples/DataFlowStep.expected
M csharp/ql/test/library-tests/dataflow/tuples/PrintAst.expected
M csharp/ql/test/library-tests/dataflow/tuples/Tuples.expected
M csharp/ql/test/library-tests/dataflow/typeflow-dispatch/TypeFlowDispatch.expected
M csharp/ql/test/library-tests/dataflow/types/Types.expected
A csharp/ql/test/library-tests/delegates/Delegates4.expected
A csharp/ql/test/library-tests/delegates/Delegates4.ql
M csharp/ql/test/library-tests/delegates/PrintAst.expected
M csharp/ql/test/library-tests/delegates/delegates.cs
R csharp/ql/test/library-tests/diagnostics/DiagnosticNoExtractorErrors.expected
R csharp/ql/test/library-tests/diagnostics/DiagnosticNoExtractorErrors.qlref
A csharp/ql/test/library-tests/diagnostics/ExtractedFiles.expected
A csharp/ql/test/library-tests/diagnostics/ExtractedFiles.qlref
M csharp/ql/test/library-tests/expressions/AddEventExpr1.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod1.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod2.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod3.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod4.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod5.expected
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation1.expected
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation2.expected
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation3.expected
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation4.expected
A csharp/ql/test/library-tests/expressions/ArrayAccess2.expected
A csharp/ql/test/library-tests/expressions/ArrayAccess2.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation1.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation10.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation11.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation2.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation3.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation4.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation5.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation6.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation7.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation8.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation9.expected
M csharp/ql/test/library-tests/expressions/As1.expected
M csharp/ql/test/library-tests/expressions/BaseAccess1.expected
M csharp/ql/test/library-tests/expressions/Call5.expected
M csharp/ql/test/library-tests/expressions/Call6.expected
M csharp/ql/test/library-tests/expressions/Call7.expected
M csharp/ql/test/library-tests/expressions/Cast1.expected
M csharp/ql/test/library-tests/expressions/ConstructorInitializer2.expected
M csharp/ql/test/library-tests/expressions/ConstructorInitializers.expected
M csharp/ql/test/library-tests/expressions/Default1.expected
M csharp/ql/test/library-tests/expressions/Default2.expected
M csharp/ql/test/library-tests/expressions/DelegateCall1.expected
M csharp/ql/test/library-tests/expressions/DelegateCall2.expected
M csharp/ql/test/library-tests/expressions/DelegateCall3.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation1.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation2.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation3.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation4.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation5.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation6.expected
M csharp/ql/test/library-tests/expressions/EventAccess1.expected
M csharp/ql/test/library-tests/expressions/EventAccess2.expected
M csharp/ql/test/library-tests/expressions/EventAccess3.expected
M csharp/ql/test/library-tests/expressions/ExprsChecked1.expected
M csharp/ql/test/library-tests/expressions/ExprsUnchecked1.expected
M csharp/ql/test/library-tests/expressions/FieldAccess1.expected
M csharp/ql/test/library-tests/expressions/Is1.expected
M csharp/ql/test/library-tests/expressions/Lambda1.expected
M csharp/ql/test/library-tests/expressions/Lambda2.expected
M csharp/ql/test/library-tests/expressions/Lambda3.expected
M csharp/ql/test/library-tests/expressions/Lambda4.expected
M csharp/ql/test/library-tests/expressions/Lambda5.expected
M csharp/ql/test/library-tests/expressions/Lambda6.expected
M csharp/ql/test/library-tests/expressions/LocalConstAccess1.expected
M csharp/ql/test/library-tests/expressions/LocalFunctionAccess.expected
M csharp/ql/test/library-tests/expressions/LocalVarAccess1.expected
M csharp/ql/test/library-tests/expressions/MethodAccess.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation1.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation10.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation11.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation2.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation3.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation4.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation5.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation6.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation7.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation8.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation9.expected
M csharp/ql/test/library-tests/expressions/OperatorCall1.expected
M csharp/ql/test/library-tests/expressions/OperatorCall2.expected
M csharp/ql/test/library-tests/expressions/OperatorCall3.expected
M csharp/ql/test/library-tests/expressions/OperatorCall4.expected
M csharp/ql/test/library-tests/expressions/OperatorCall5.expected
M csharp/ql/test/library-tests/expressions/OperatorCall6.expected
M csharp/ql/test/library-tests/expressions/OperatorCall7.expected
M csharp/ql/test/library-tests/expressions/ParameterAccess3.expected
M csharp/ql/test/library-tests/expressions/PrintAst.expected
M csharp/ql/test/library-tests/expressions/QualifiableExpr.expected
M csharp/ql/test/library-tests/expressions/RemoveEventExpr1.expected
M csharp/ql/test/library-tests/expressions/StripCasts.expected
M csharp/ql/test/library-tests/expressions/ThisAccess1.expected
M csharp/ql/test/library-tests/expressions/Tuples1.expected
M csharp/ql/test/library-tests/expressions/Typeof1.expected
M csharp/ql/test/library-tests/expressions/Typeof2.expected
M csharp/ql/test/library-tests/expressions/Typeof3.expected
M csharp/ql/test/library-tests/expressions/Typeof4.expected
M csharp/ql/test/library-tests/expressions/Typeof5.expected
M csharp/ql/test/library-tests/expressions/expressions.cs
M csharp/ql/test/library-tests/exprorstmtparent/Callable.expected
M csharp/ql/test/library-tests/frameworks/EntityFramework/Dataflow.expected
M csharp/ql/test/library-tests/goto/Goto1.expected
M csharp/ql/test/library-tests/nullable/NullableExpressions.expected
M csharp/ql/test/library-tests/standalone/controlflow/cfg.expected
M csharp/ql/test/library-tests/standalone/errorrecovery/DiagnosticsAndErrors.expected
M csharp/ql/test/library-tests/standalone/errorrecovery/ErrorCalls.expected
M csharp/ql/test/library-tests/structuralcomparison/structuralComparison.expected
A csharp/ql/test/library-tests/types/InlineArrays.expected
A csharp/ql/test/library-tests/types/InlineArrays.ql
M csharp/ql/test/library-tests/types/PrintAst.expected
M csharp/ql/test/library-tests/types/types.cs
M csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatInvalid.expected
M csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/UnsafeYearConstruction.expected
M csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedDataToExternalAPI.expected
M csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.expected
M csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.expected
M csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-078/StoredCommandInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.expected
M csharp/ql/test/query-tests/Security Features/CWE-079/XSS/XSS.expected
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.expected
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Shared_Test18.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Test4_Test17.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/MyAreas_Test4_Test22.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Pages_Shared_Test21.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Template.g
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom2_Test16.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom_Test3_Test15.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test13.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test5.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test6.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test8.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test9.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test12.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test14.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test19.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test2.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test23.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test3.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test1.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test10.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test11.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test12.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test14.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test2.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test3.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test4_Test20.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test1.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test3.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test4.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test7.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.expected
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/TestModel.cs
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/TestPage.cshtml
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/TestPage.cshtml.g.cs
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/options
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/test.expected
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/test.ql
M csharp/ql/test/query-tests/Security Features/CWE-089/SecondOrderSqlInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-090/StoredLDAPInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/XMLInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.expected
M csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/AssemblyPathInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.expected
M csharp/ql/test/query-tests/Security Features/CWE-117/LogForgingAsp.cs
M csharp/ql/test/query-tests/Security Features/CWE-134/UncontrolledFormatString.expected
M csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.expected
M csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.expected
M csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.expected
M csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.expected
M csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.expected
M csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.expected
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/UnsafeDeserializationUntrustedInput.expected
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInputNewtonsoftJson/UnsafeDeserializationUntrustedInput.expected
M csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.cs
M csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.expected
A csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect2.cs
M csharp/ql/test/query-tests/Security Features/CWE-611/UntrustedDataInsecureXml.expected
M csharp/ql/test/query-tests/Security Features/CWE-643/StoredXPathInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ReDoS.expected
M csharp/ql/test/query-tests/Security Features/CWE-730/ReDoSGlobalTimeout/ReDoS.expected
M csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.expected
M csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.expected
M csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.expected
M csharp/scripts/create-extractor-pack.sh
M csharp/scripts/stubs/helpers.py
R docs/codeql/codeql-cli/about-codeql-packs.rst
R docs/codeql/codeql-cli/about-codeql-workspaces.rst
R docs/codeql/codeql-cli/about-ql-packs.rst
R docs/codeql/codeql-cli/about-the-codeql-cli.rst
R docs/codeql/codeql-cli/analyzing-databases-with-the-codeql-cli.rst
R docs/codeql/codeql-cli/codeql-cli-reference.rst
R docs/codeql/codeql-cli/creating-and-working-with-codeql-packs.rst
R docs/codeql/codeql-cli/creating-codeql-databases.rst
R docs/codeql/codeql-cli/creating-codeql-query-suites.rst
R docs/codeql/codeql-cli/exit-codes.rst
R docs/codeql/codeql-cli/extractor-options.rst
R docs/codeql/codeql-cli/getting-started-with-the-codeql-cli.rst
R docs/codeql/codeql-cli/index.rst
R docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst
R docs/codeql/codeql-cli/query-reference-files.rst
R docs/codeql/codeql-cli/sarif-output.rst
R docs/codeql/codeql-cli/specifying-command-options-in-a-codeql-configuration-file.rst
R docs/codeql/codeql-cli/testing-custom-queries.rst
R docs/codeql/codeql-cli/testing-query-help-files.rst
R docs/codeql/codeql-cli/using-custom-queries-with-the-codeql-cli.rst
R docs/codeql/codeql-cli/using-the-codeql-cli.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.10.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.11.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.11.6.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.12.4.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.12.7.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.13.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.13.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.14.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.14.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.14.6.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.15.4.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.15.5.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.16.0.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.16.1.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.16.2.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.4.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.4.6.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.1.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.2.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.4.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.9.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.6.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.7.6.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.8.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.9.4.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M docs/codeql/contents.rst
M docs/codeql/index.html
M docs/codeql/reusables/supported-frameworks.rst
M docs/codeql/reusables/supported-versions-compilers.rst
M go/codeql-extractor.yml
M go/documentation/library-coverage/coverage.csv
M go/documentation/library-coverage/coverage.rst
M go/documentation/library-coverage/frameworks.csv
A go/extractor/autobuilder/build-environment.go
A go/extractor/autobuilder/build-environment_test.go
M go/extractor/cli/go-autobuilder/go-autobuilder.go
M go/extractor/cli/go-autobuilder/go-autobuilder_test.go
M go/extractor/diagnostics/diagnostics.go
M go/extractor/extractor.go
M go/extractor/go.mod
M go/extractor/go.sum
M go/extractor/gomodextractor.go
A go/extractor/project/project.go
A go/extractor/toolchain/toolchain.go
A go/extractor/toolchain/toolchain_test.go
M go/extractor/vendor/golang.org/x/tools/go/packages/doc.go
M go/extractor/vendor/golang.org/x/tools/go/packages/external.go
M go/extractor/vendor/golang.org/x/tools/go/packages/golist.go
M go/extractor/vendor/golang.org/x/tools/go/packages/packages.go
M go/extractor/vendor/golang.org/x/tools/internal/gcimporter/iimport.go
M go/extractor/vendor/modules.txt
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/0.0.6.md
A go/ql/consistency-queries/change-notes/released/0.0.7.md
A go/ql/consistency-queries/change-notes/released/0.0.8.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
R go/ql/lib/change-notes/2023-09-18-add-support-for-fasthttp-framework.md
R go/ql/lib/change-notes/2024-01-09-fmt-apprender-or-sprinter-deprecated.md
A go/ql/lib/change-notes/released/0.7.7.md
A go/ql/lib/change-notes/released/0.7.8.md
A go/ql/lib/change-notes/released/0.7.9.md
M go/ql/lib/codeql-pack.release.yml
A go/ql/lib/ext/github.com.cristalhq.jwt.model.yml
A go/ql/lib/ext/github.com.dgrijalva.jwt-go.model.yml
A go/ql/lib/ext/github.com.form3tech-oss.jwt-go.model.yml
A go/ql/lib/ext/github.com.go-chi.jwtauth.model.yml
A go/ql/lib/ext/github.com.go-jose.go-jose.model.yml
A go/ql/lib/ext/github.com.go-kit.kit.auth.jwt.model.yml
A go/ql/lib/ext/github.com.golang-jwt.jwt.model.yml
A go/ql/lib/ext/github.com.kataras.iris.middleware.jwt.model.yml
A go/ql/lib/ext/github.com.kataras.jwt.model.yml
A go/ql/lib/ext/github.com.lestrrat-go.jwx.jwk.model.yml
A go/ql/lib/ext/github.com.lestrrat-go.jwx.model.yml
A go/ql/lib/ext/github.com.lestrrat.go-jwx.jwk.model.yml
A go/ql/lib/ext/github.com.ory.fosite.token.jwt.model.yml
A go/ql/lib/ext/gopkg.in.square.go-jose.model.yml
A go/ql/lib/ext/math.big.model.yml
M go/ql/lib/go.qll
M go/ql/lib/ideContextual.qll
M go/ql/lib/qlpack.yml
M go/ql/lib/semmle/go/Files.qll
M go/ql/lib/semmle/go/Util.qll
M go/ql/lib/semmle/go/concepts/HTTP.qll
A go/ql/lib/semmle/go/frameworks/AwsLambda.qll
M go/ql/lib/semmle/go/frameworks/Gin.qll
A go/ql/lib/semmle/go/frameworks/GoJose.qll
A go/ql/lib/semmle/go/frameworks/Gogf.qll
M go/ql/lib/semmle/go/frameworks/Iris.qll
A go/ql/lib/semmle/go/frameworks/Jwt.qll
M go/ql/lib/semmle/go/frameworks/NoSQL.qll
M go/ql/lib/semmle/go/frameworks/Stdlib.qll
M go/ql/lib/semmle/go/security/ExternalAPIs.qll
A go/ql/lib/semmle/go/security/HardcodedCredentials.qll
A go/ql/lib/semmle/go/security/MissingJwtSignatureCheck.qll
A go/ql/lib/semmle/go/security/MissingJwtSignatureCheckCustomizations.qll
M go/ql/lib/semmle/go/security/Xss.qll
M go/ql/src/CHANGELOG.md
A go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.qhelp
A go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql
A go/ql/src/Security/CWE-347/MissingJwtSignatureCheckBad.go
A go/ql/src/Security/CWE-347/MissingJwtSignatureCheckGood.go
M go/ql/src/Security/CWE-798/HardcodedCredentials.ql
R go/ql/src/change-notes/2024-01-09-cleartext-logging-new-sources-and-sinks.md
R go/ql/src/change-notes/2024-01-10-insecure-randomness-index-flowstep.md
A go/ql/src/change-notes/released/0.7.7.md
A go/ql/src/change-notes/released/0.7.8.md
A go/ql/src/change-notes/released/0.7.9.md
M go/ql/src/codeql-pack.release.yml
R go/ql/src/experimental/CWE-321/HardcodedKeys.qhelp
R go/ql/src/experimental/CWE-321/HardcodedKeys.ql
R go/ql/src/experimental/CWE-321/HardcodedKeysBad.go
R go/ql/src/experimental/CWE-321/HardcodedKeysGood.go
R go/ql/src/experimental/CWE-321/HardcodedKeysLib.qll
R go/ql/src/experimental/CWE-347/Example.go
R go/ql/src/experimental/CWE-347/ParseJWTWithoutVerification.qhelp
R go/ql/src/experimental/CWE-347/ParseJWTWithoutVerification.ql
M go/ql/src/qlpack.yml
M go/ql/test/experimental/CWE-090/LDAPInjection.expected
M go/ql/test/experimental/CWE-1004/CookieWithoutHttpOnly.expected
M go/ql/test/experimental/CWE-203/Timing.expected
M go/ql/test/experimental/CWE-287/ImproperLdapAuth.expected
M go/ql/test/experimental/CWE-321-V2/HardCodedKeys.expected
R go/ql/test/experimental/CWE-321/HardcodedKeys.expected
R go/ql/test/experimental/CWE-321/HardcodedKeys.qlref
R go/ql/test/experimental/CWE-321/HardcodedKeysBad.go
R go/ql/test/experimental/CWE-321/HardcodedKeysGood.go
R go/ql/test/experimental/CWE-321/go.mod
R go/ql/test/experimental/CWE-321/main.go
R go/ql/test/experimental/CWE-321/sanitizer.go
R go/ql/test/experimental/CWE-321/vendor/github.com/appleboy/gin-jwt/v2/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/cristalhq/jwt/v3/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/gin-gonic/gin/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/go-kit/kit/auth/jwt/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/gogf/gf-jwt/v2/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/golang-jwt/jwt/v4/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/iris-contrib/middleware/jwt/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/kataras/iris/v12/middleware/jwt/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/kataras/jwt/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/lestrrat/go-jwx/jwk/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/square/go-jose/v3/stub.go
R go/ql/test/experimental/CWE-321/vendor/gopkg.in/square/go-jose.v2/stub.go
R go/ql/test/experimental/CWE-321/vendor/modules.txt
R go/ql/test/experimental/CWE-347/ParseJWTWithoutVerification.expected
R go/ql/test/experimental/CWE-347/ParseJWTWithoutVerification.qlref
R go/ql/test/experimental/CWE-347/go-jose.v3.go
R go/ql/test/experimental/CWE-347/go.mod
R go/ql/test/experimental/CWE-347/golang-jwt-v5.go
R go/ql/test/experimental/CWE-347/vendor/github.com/go-jose/go-jose/v3/jwt/stub.go
R go/ql/test/experimental/CWE-347/vendor/github.com/golang-jwt/jwt/v5/stub.go
R go/ql/test/experimental/CWE-347/vendor/modules.txt
M go/ql/test/experimental/CWE-369/DivideByZero.expected
M go/ql/test/experimental/CWE-74/DsnInjection.expected
M go/ql/test/experimental/CWE-74/DsnInjectionLocal.expected
M go/ql/test/experimental/CWE-79/HTMLTemplateEscapingPassthrough.expected
M go/ql/test/experimental/CWE-918/SSRF.expected
M go/ql/test/experimental/Unsafe/WrongUsageOfUnsafe.expected
M go/ql/test/library-tests/semmle/go/Function/TypeParamType.expected
M go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.expected
M go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.expected
M go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.expected
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/go.mod
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.expected
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.go
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/vendor/github.com/aws/aws-lambda-go/lambda/stub.go
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/vendor/modules.txt
M go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected
M go/ql/test/library-tests/semmle/go/frameworks/BeegoOrm/SqlInjection.expected
M go/ql/test/library-tests/semmle/go/frameworks/BeegoOrm/StoredXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Chi/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Echo/OpenRedirect.expected
M go/ql/test/library-tests/semmle/go/frameworks/Echo/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Echo/TaintedPath.expected
M go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected
M go/ql/test/library-tests/semmle/go/frameworks/Gin/TaintedPath.expected
M go/ql/test/library-tests/semmle/go/frameworks/GoMicro/LogInjection.expected
M go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.expected
M go/ql/test/library-tests/semmle/go/frameworks/Revel/OpenRedirect.expected
M go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected
M go/ql/test/library-tests/semmle/go/frameworks/Twirp/RequestForgery.expected
M go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/SqlInjection.expected
M go/ql/test/query-tests/InconsistentCode/UnhandledCloseWritableHandle/UnhandledCloseWritableHandle.expected
M go/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegexp/IncompleteHostnameRegexp.expected
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.expected
M go/ql/test/query-tests/Security/CWE-022/UnsafeUnzipSymlink.expected
M go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected
M go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected
M go/ql/test/query-tests/Security/CWE-078/StoredCommand.expected
M go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected
M go/ql/test/query-tests/Security/CWE-079/StoredXss.expected
M go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected
M go/ql/test/query-tests/Security/CWE-089/StringBreak.expected
M go/ql/test/query-tests/Security/CWE-190/AllocationSizeOverflow.expected
M go/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
M go/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
M go/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.expected
M go/ql/test/query-tests/Security/CWE-326/InsufficientKeySize.expected
M go/ql/test/query-tests/Security/CWE-327/UnsafeTLS.expected
M go/ql/test/query-tests/Security/CWE-327/WeakCryptoAlgorithm.expected
M go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected
A go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected
A go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.qlref
A go/ql/test/query-tests/Security/CWE-347/go-jose.v3.go
A go/ql/test/query-tests/Security/CWE-347/go.mod
A go/ql/test/query-tests/Security/CWE-347/golang-jwt-v5.go
A go/ql/test/query-tests/Security/CWE-347/vendor/github.com/go-jose/go-jose/v3/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-347/vendor/github.com/golang-jwt/jwt/v5/stub.go
A go/ql/test/query-tests/Security/CWE-347/vendor/modules.txt
M go/ql/test/query-tests/Security/CWE-352/ConstantOauth2State.expected
M go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected
M go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected
M go/ql/test/query-tests/Security/CWE-640/EmailInjection.expected
M go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected
M go/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
A go/ql/test/query-tests/Security/CWE-798/HardcodedKeysBad.go
A go/ql/test/query-tests/Security/CWE-798/HardcodedKeysGood.go
A go/ql/test/query-tests/Security/CWE-798/go.mod
A go/ql/test/query-tests/Security/CWE-798/jwt.go
A go/ql/test/query-tests/Security/CWE-798/sanitizer.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/appleboy/gin-jwt/v2/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/cristalhq/jwt/v3/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/gin-gonic/gin/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/go-kit/kit/auth/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/gogf/gf-jwt/v2/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/golang-jwt/jwt/v4/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/iris-contrib/middleware/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/kataras/iris/v12/middleware/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/kataras/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/lestrrat/go-jwx/jwk/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/square/go-jose/v3/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/gopkg.in/square/go-jose.v2/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/modules.txt
M go/ql/test/query-tests/Security/CWE-918/RequestForgery.expected
M java/documentation/library-coverage/coverage.csv
M java/documentation/library-coverage/coverage.rst
M java/kotlin-extractor/kotlin_plugin_versions.py
M java/kotlin-extractor/src/main/kotlin/KotlinExtractorExtension.kt
M java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt
M java/kotlin-extractor/src/main/kotlin/comments/CommentExtractor.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_5_0/JvmDefaultModeEnabled.kt
M java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_9_0-Beta/CommentExtractorLighterAST.kt
R java/kotlin-extractor/src/main/kotlin/utils/versions/v_2.0.0-Beta1/IrSymbolInternals.kt
R java/kotlin-extractor/src/main/kotlin/utils/versions/v_2.0.0-Beta1/JavaBinarySourceElement.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/IrSymbolInternals.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/JavaBinarySourceElement.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/JvmDefaultModeEnabled.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/Psi2Ir.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/parents.kt
R java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_255-SNAPSHOT/parents.kt
M java/ql/automodel/src/AutomodelApplicationModeCharacteristics.qll
M java/ql/automodel/src/AutomodelApplicationModeExtractCandidates.ql
M java/ql/automodel/src/AutomodelApplicationModeExtractNegativeExamples.ql
M java/ql/automodel/src/AutomodelApplicationModeExtractPositiveExamples.ql
M java/ql/automodel/src/AutomodelFrameworkModeCharacteristics.qll
M java/ql/automodel/src/AutomodelFrameworkModeExtractCandidates.ql
M java/ql/automodel/src/AutomodelFrameworkModeExtractNegativeExamples.ql
M java/ql/automodel/src/AutomodelFrameworkModeExtractPositiveExamples.ql
M java/ql/automodel/src/AutomodelJavaUtil.qll
M java/ql/automodel/src/AutomodelSharedCharacteristics.qll
M java/ql/automodel/src/CHANGELOG.md
A java/ql/automodel/src/change-notes/released/0.0.13.md
A java/ql/automodel/src/change-notes/released/0.0.14.md
A java/ql/automodel/src/change-notes/released/0.0.15.md
A java/ql/automodel/src/change-notes/released/0.0.16.md
M java/ql/automodel/src/codeql-pack.release.yml
M java/ql/automodel/src/qlpack.yml
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractCandidates.expected
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractCandidates.qlref
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractNegativeExamples.expected
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractNegativeExamples.qlref
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractPositiveExamples.expected
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractPositiveExamples.qlref
A java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractionTests.expected
A java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractionTests.ql
M java/ql/automodel/test/AutomodelApplicationModeExtraction/PluginImpl.java
M java/ql/automodel/test/AutomodelApplicationModeExtraction/Test.java
A java/ql/automodel/test/AutomodelExtractionTests.qll
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractCandidates.expected
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractCandidates.qlref
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractNegativeExamples.expected
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractNegativeExamples.qlref
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractPositiveExamples.expected
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractPositiveExamples.qlref
A java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractionTests.expected
A java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractionTests.ql
A java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/MyWriter.java
M java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicClass.java
M java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicInterface.java
M java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/io/File.java
M java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/nio/file/Files.java
M java/ql/automodel/test/qlpack.yml
M java/ql/integration-tests/all-platforms/java/buildless-gradle/diagnostics.expected
M java/ql/integration-tests/all-platforms/java/buildless-maven-multimodule/diagnostics.expected
R java/ql/integration-tests/all-platforms/java/buildless-maven/buildless-fetches.actual
M java/ql/integration-tests/all-platforms/java/buildless-maven/diagnostics.expected
R java/ql/integration-tests/all-platforms/java/buildless-maven/test.actual
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/buildless-fetches.expected
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/diagnostics.expected
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/force_sequential_test_execution
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/.gitattributes
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/.gitignore
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/build.gradle
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradle/verification-metadata.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradle/wrapper/gradle-wrapper.jar
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradle/wrapper/gradle-wrapper.properties
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradlew
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradlew.bat
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/settings.gradle
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/src/main/java/com/example/App.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/src/test/java/com/example/AppTest.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/.gitattributes
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/.gitignore
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/build.gradle
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradle/verification-metadata.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradle/wrapper/gradle-wrapper.jar
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradle/wrapper/gradle-wrapper.properties
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradlew
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradlew.bat
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/settings.gradle
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/src/main/java/com/example/App2.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/src/test/java/com/example/AppTest2.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/pom.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/main/java/com/example/App3.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/main/resources/my-app.properties
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/main/resources/page.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/main/resources/struts.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/test/java/com/example/AppTest3.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/pom.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/main/java/com/example/App4.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/main/resources/my-app.properties
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/main/resources/page.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/main/resources/struts.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/test/java/com/example/AppTest4.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/test.expected
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/test.py
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/test.ql
M java/ql/integration-tests/all-platforms/kotlin/kotlin_java_static_fields/test.expected
A java/ql/integration-tests/all-platforms/kotlin/path_transformer/classes.expected
A java/ql/integration-tests/all-platforms/kotlin/path_transformer/classes.ql
A java/ql/integration-tests/all-platforms/kotlin/path_transformer/kotlin_source.kt
A java/ql/integration-tests/all-platforms/kotlin/path_transformer/test.py
M java/ql/lib/CHANGELOG.md
M java/ql/lib/IDEContextual.qll
R java/ql/lib/change-notes/2024-01-02-gson-model-updates.md
R java/ql/lib/change-notes/2024-01-06-regex-flag-parsing.md
R java/ql/lib/change-notes/2024-01-10-new-jdk-models.md
A java/ql/lib/change-notes/released/0.8.7.md
A java/ql/lib/change-notes/released/0.8.8.md
A java/ql/lib/change-notes/released/0.8.9.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/ext/android.app.model.yml
M java/ql/lib/ext/androidx.core.app.model.yml
M java/ql/lib/ext/com.fasterxml.jackson.databind.model.yml
M java/ql/lib/ext/java.awt.model.yml
M java/ql/lib/ext/java.io.model.yml
M java/ql/lib/ext/java.lang.model.yml
M java/ql/lib/ext/java.net.http.model.yml
M java/ql/lib/ext/java.net.model.yml
M java/ql/lib/ext/java.nio.file.model.yml
M java/ql/lib/ext/java.util.zip.model.yml
M java/ql/lib/ext/javax.servlet.http.model.yml
M java/ql/lib/ext/javax.servlet.model.yml
M java/ql/lib/ext/org.apache.commons.io.model.yml
M java/ql/lib/ext/org.apache.hadoop.fs.model.yml
A java/ql/lib/ext/org.apache.hadoop.fs.s3a.model.yml
M java/ql/lib/ext/org.eclipse.jetty.client.model.yml
M java/ql/lib/ext/org.gradle.api.file.model.yml
M java/ql/lib/qlpack.yml
M java/ql/lib/semmle/code/java/Expr.qll
M java/ql/lib/semmle/code/java/J2EE.qll
M java/ql/lib/semmle/code/java/JMX.qll
M java/ql/lib/semmle/code/java/NumberFormatException.qll
M java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/deadcode/DeadField.qll
M java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll
M java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll
M java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll
M java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll
M java/ql/lib/semmle/code/java/frameworks/Camel.qll
M java/ql/lib/semmle/code/java/frameworks/JAXB.qll
M java/ql/lib/semmle/code/java/frameworks/Servlets.qll
M java/ql/lib/semmle/code/java/frameworks/UnboundId.qll
M java/ql/lib/semmle/code/java/frameworks/android/Intent.qll
A java/ql/lib/semmle/code/java/frameworks/android/Layout.qll
M java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll
M java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll
M java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
A java/ql/lib/semmle/code/java/security/AndroidLocalAuthQuery.qll
M java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll
M java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
M java/ql/lib/semmle/code/java/security/Encryption.qll
M java/ql/lib/semmle/code/java/security/ExecTaintedLocalQuery.qll
M java/ql/lib/semmle/code/java/security/HttpsUrlsQuery.qll
M java/ql/lib/semmle/code/java/security/JndiInjectionQuery.qll
M java/ql/lib/semmle/code/java/security/LdapInjection.qll
M java/ql/lib/semmle/code/java/security/LogInjection.qll
M java/ql/lib/semmle/code/java/security/OgnlInjectionQuery.qll
R java/ql/lib/semmle/code/java/security/OverlyLargeRangeQuery.qll
M java/ql/lib/semmle/code/java/security/PathCreation.qll
M java/ql/lib/semmle/code/java/security/PathSanitizer.qll
M java/ql/lib/semmle/code/java/security/RequestForgery.qll
M java/ql/lib/semmle/code/java/security/ResponseSplittingQuery.qll
A java/ql/lib/semmle/code/java/security/Sanitizers.qll
M java/ql/lib/semmle/code/java/security/SensitiveKeyboardCacheQuery.qll
M java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
A java/ql/lib/semmle/code/java/security/SensitiveUiQuery.qll
M java/ql/lib/semmle/code/java/security/SqlConcatenatedQuery.qll
M java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll
M java/ql/lib/semmle/code/java/security/SqlTaintedLocalQuery.qll
M java/ql/lib/semmle/code/java/security/StaticInitializationVectorQuery.qll
M java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll
M java/ql/lib/semmle/code/java/security/TemplateInjection.qll
M java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
M java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll
M java/ql/lib/semmle/code/java/security/UrlRedirect.qll
M java/ql/lib/semmle/code/java/security/UrlRedirectQuery.qll
M java/ql/lib/semmle/code/java/security/XmlParsers.qll
M java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll
M java/ql/lib/semmle/code/java/security/ZipSlipQuery.qll
R java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll
R java/ql/lib/semmle/code/java/security/regexp/NfaUtils.qll
M java/ql/lib/semmle/code/java/security/regexp/PolynomialReDoSQuery.qll
R java/ql/lib/semmle/code/java/security/regexp/SuperlinearBackTracking.qll
M java/ql/lib/semmle/code/xml/XML.qll
M java/ql/src/CHANGELOG.md
R java/ql/src/Security/CWE/CWE-022/TaintedPath.java
M java/ql/src/Security/CWE/CWE-022/TaintedPath.qhelp
M java/ql/src/Security/CWE/CWE-022/TaintedPath.ql
R java/ql/src/Security/CWE/CWE-022/TaintedPathGood.java
M java/ql/src/Security/CWE/CWE-022/TaintedPathLocal.ql
M java/ql/src/Security/CWE/CWE-022/ZipSlip.qhelp
R java/ql/src/Security/CWE/CWE-022/ZipSlipBad.java
R java/ql/src/Security/CWE/CWE-022/ZipSlipGood.java
A java/ql/src/Security/CWE/CWE-022/examples/TaintedPath.java
A java/ql/src/Security/CWE/CWE-022/examples/TaintedPathGoodFolder.java
A java/ql/src/Security/CWE/CWE-022/examples/TaintedPathGoodNormalize.java
A java/ql/src/Security/CWE/CWE-022/examples/ZipSlipBad.java
A java/ql/src/Security/CWE/CWE-022/examples/ZipSlipGood.java
M java/ql/src/Security/CWE/CWE-074/JndiInjection.qhelp
M java/ql/src/Security/CWE/CWE-078/ExecRelative.ql
M java/ql/src/Security/CWE/CWE-113/NettyRequestSplitting.java
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveNotifications.java
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveNotifications.qhelp
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveNotifications.ql
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextBad.java
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextField.qhelp
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextField.ql
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextGood.java
M java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureKeys.qhelp
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureKeys.ql
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureKeysBad.java
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureKeysGood.java
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthentication.qhelp
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthentication.ql
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthenticationBad.java
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthenticationGood.java
R java/ql/src/change-notes/2024-01-09-environment-variable-injection-query.md
R java/ql/src/change-notes/2024-01-11-manual-neutral-model-blocks-generated-models.md
A java/ql/src/change-notes/2024-02-12-android-insecure-keys.md
M java/ql/src/change-notes/released/0.8.6.md
A java/ql/src/change-notes/released/0.8.7.md
A java/ql/src/change-notes/released/0.8.8.md
A java/ql/src/change-notes/released/0.8.9.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-078/CommandInjectionRuntimeExec.qll
M java/ql/src/experimental/Security/CWE/CWE-089/MyBatisAnnotationSqlInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql
M java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll
M java/ql/src/qlpack.yml
M java/ql/test-kotlin2/library-tests/arrays/arrayAccesses.expected
M java/ql/test-kotlin2/library-tests/arrays/assignExprs.expected
M java/ql/test-kotlin2/library-tests/comments/comments.expected
M java/ql/test-kotlin2/library-tests/comments/comments.kt
M java/ql/test-kotlin2/library-tests/controlflow/basic/bbStmts.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/bbStrictDominance.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/bbSuccessor.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/getASuccessor.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/strictDominance.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/strictPostDominance.expected
M java/ql/test-kotlin2/library-tests/controlflow/dominance/dominator.expected
M java/ql/test-kotlin2/library-tests/data-classes/PrintAst.expected
M java/ql/test-kotlin2/library-tests/data-classes/callees.expected
M java/ql/test-kotlin2/library-tests/dataflow/func/kotlinx_coroutines_stubs.kt
M java/ql/test-kotlin2/library-tests/exprs/binop.expected
M java/ql/test-kotlin2/library-tests/exprs/exprs.expected
M java/ql/test-kotlin2/library-tests/exprs/funcExprs.expected
M java/ql/test-kotlin2/library-tests/exprs/unaryOp.expected
M java/ql/test-kotlin2/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin2/library-tests/methods/exprs.expected
M java/ql/test-kotlin2/library-tests/methods/methods.expected
M java/ql/test-kotlin2/library-tests/methods/parameters.expected
R java/ql/test-kotlin2/library-tests/ministdlib/MiniStdLib.kt
R java/ql/test-kotlin2/library-tests/ministdlib/MyClass.kt
R java/ql/test-kotlin2/library-tests/ministdlib/classes.expected
R java/ql/test-kotlin2/library-tests/ministdlib/classes.ql
R java/ql/test-kotlin2/library-tests/ministdlib/options
M java/ql/test-kotlin2/library-tests/multiple_files/method_accesses.expected
M java/ql/test-kotlin2/library-tests/operator-overloads/PrintAst.expected
M java/ql/test-kotlin2/library-tests/parameter-defaults/defaults.expected
M java/ql/test-kotlin2/library-tests/stmts/PrintAst.expected
M java/ql/test-kotlin2/library-tests/stmts/exprs.expected
M java/ql/test-kotlin2/library-tests/stmts/stmts.expected
M java/ql/test/experimental/query-tests/security/CWE-020/Log4jInjectionTest.expected
M java/ql/test/experimental/query-tests/security/CWE-073/FilePathInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-078/CommandInjectionRuntimeExecLocal.expected
M java/ql/test/experimental/query-tests/security/CWE-078/ExecTainted.expected
M java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisMapperXmlSqlInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/BeanShellInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/JShellInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/JakartaExpressionInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/JythonInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/ScriptInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-1004/SensitiveCookieNotHttpOnly.expected
M java/ql/test/experimental/query-tests/security/CWE-200/InsecureWebResourceResponse.expected
M java/ql/test/experimental/query-tests/security/CWE-200/SensitiveAndroidFileLeak.expected
M java/ql/test/experimental/query-tests/security/CWE-208/NotConstantTimeCheckOnSignature/Test.expected
M java/ql/test/experimental/query-tests/security/CWE-208/TimingAttackAgainstSignagure/Test.expected
M java/ql/test/experimental/query-tests/security/CWE-299/DisabledRevocationChecking.expected
M java/ql/test/experimental/query-tests/security/CWE-327/UnsafeTlsVersion.expected
M java/ql/test/experimental/query-tests/security/CWE-346/UnvalidatedCors.expected
M java/ql/test/experimental/query-tests/security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.expected
M java/ql/test/experimental/query-tests/security/CWE-352/JsonpInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-400/LocalThreadResourceAbuse.expected
M java/ql/test/experimental/query-tests/security/CWE-400/ThreadResourceAbuse.expected
M java/ql/test/experimental/query-tests/security/CWE-470/LoadClassNoSignatureCheck.expected
M java/ql/test/experimental/query-tests/security/CWE-470/UnsafeReflection.expected
M java/ql/test/experimental/query-tests/security/CWE-502/UnsafeDeserializationRmi.expected
M java/ql/test/experimental/query-tests/security/CWE-552/UnsafeUrlForward.expected
M java/ql/test/experimental/query-tests/security/CWE-598/SensitiveGetQuery.expected
M java/ql/test/experimental/query-tests/security/CWE-600/UncaughtServletException.expected
M java/ql/test/experimental/query-tests/security/CWE-601/SpringUrlRedirect.expected
M java/ql/test/experimental/query-tests/security/CWE-625/PermissiveDotRegex.expected
M java/ql/test/experimental/query-tests/security/CWE-652/XQueryInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-755/NFEAndroidDoS.expected
M java/ql/test/experimental/query-tests/security/CWE-759/HashWithoutSalt.expected
M java/ql/test/library-tests/dataflow/call-sensitivity/flow.expected
A java/ql/test/library-tests/dataflow/flowfeature/A.java
A java/ql/test/library-tests/dataflow/flowfeature/flow.expected
A java/ql/test/library-tests/dataflow/flowfeature/flow.ql
M java/ql/test/library-tests/dataflow/inoutbarriers/A.java
M java/ql/test/library-tests/dataflow/inoutbarriers/test.expected
M java/ql/test/library-tests/dataflow/inoutbarriers/test.ql
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
M java/ql/test/library-tests/frameworks/JaxWs/UrlRedirect.expected
M java/ql/test/library-tests/frameworks/android/notification/Test.java
M java/ql/test/library-tests/neutrals/neutralsinks/Test.java
M java/ql/test/library-tests/pathcreation/PathCreation.expected
M java/ql/test/library-tests/pathsanitizer/Test.java
M java/ql/test/library-tests/pathsanitizer/TestKt.kt
M java/ql/test/library-tests/properties/Properties.expected
A java/ql/test/library-tests/properties/largeKey.properties
M java/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.expected
M java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected
M java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.java
A java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.ql
R java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.qlref
M java/ql/test/query-tests/security/CWE-022/semmle/tests/Test.java
M java/ql/test/query-tests/security/CWE-022/semmle/tests/ZipSlip.expected
R java/ql/test/query-tests/security/CWE-022/semmle/tests/mad/Test.java
M java/ql/test/query-tests/security/CWE-078/ExecTaintedLocal.expected
M java/ql/test/query-tests/security/CWE-089/semmle/examples/SqlTaintedLocal.expected
M java/ql/test/query-tests/security/CWE-090/LdapInjection.expected
M java/ql/test/query-tests/security/CWE-094/InsecureBeanValidation.expected
M java/ql/test/query-tests/security/CWE-113/semmle/tests/ResponseSplitting.expected
M java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionCodeSpecified.expected
M java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionLocal.expected
M java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexCodeSpecified.expected
M java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexLocal.expected
M java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatString.expected
M java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatStringLocal.expected
M java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected
M java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticUncontrolled.expected
M java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticWithExtremeValues.expected
R java/ql/test/query-tests/security/CWE-200/semmle/tests/Files.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveNotification/Test.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveNotification/options
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveNotification/test.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveNotification/test.ql
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/AndroidManifest.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/R.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/Test.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/options
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/res/layout/Test.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/test.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/test.ql
R java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure.expected
R java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/Files.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/TempDirLocalInformationDisclosure.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/TempDirLocalInformationDisclosure.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/Test.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/TestSafe.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/options
R java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java
R java/ql/test/query-tests/security/CWE-200/semmle/tests/TestSafe.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewContentAccess.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewContentAccess.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewContentAccess.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewFileAccess.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewFileAccess.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewFileAccess.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/options
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewFileAccess.expected
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewFileAccess.java
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewFileAccess.qlref
R java/ql/test/query-tests/security/CWE-200/semmle/tests/options
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/InsecureKeys.expected
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/InsecureKeys.ql
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/Test.java
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/options
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test2/InsecureKeys.expected
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test2/InsecureKeys.ql
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test2/Test.java
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test2/options
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/InsecureLocalAuth.expected
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/InsecureLocalAuth.ql
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/Test.java
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/Test2.java
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/options
M java/ql/test/query-tests/security/CWE-297/UnsafeHostnameVerification.expected
M java/ql/test/query-tests/security/CWE-311/CWE-319/HttpsUrls.expected
M java/ql/test/query-tests/security/CWE-327/semmle/tests/BrokenCryptoAlgorithm.expected
M java/ql/test/query-tests/security/CWE-601/semmle/tests/UrlRedirect.expected
M java/ql/test/query-tests/security/CWE-601/semmle/tests/UrlRedirect.java
M java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected
M java/ql/test/query-tests/security/CWE-807/semmle/tests/TaintedPermissionsCheck.expected
M java/ql/test/stubs/google-android-9.0.0/android/app/Notification.java
A java/ql/test/stubs/google-android-9.0.0/android/content/pm/ShortcutInfo.java
A java/ql/test/stubs/google-android-9.0.0/android/hardware/biometrics/BiometricPrompt.java
A java/ql/test/stubs/google-android-9.0.0/android/hardware/fingerprint/FingerprintManager.java
M java/ql/test/stubs/google-android-9.0.0/android/os/Bundle.java
M java/ql/test/stubs/google-android-9.0.0/android/os/Parcel.java
A java/ql/test/stubs/google-android-9.0.0/android/security/identity/IdentityCredential.java
A java/ql/test/stubs/google-android-9.0.0/android/security/identity/PersonalizationData.java
A java/ql/test/stubs/google-android-9.0.0/android/security/identity/PresentationSession.java
A java/ql/test/stubs/google-android-9.0.0/android/security/identity/ResultData.java
A java/ql/test/stubs/google-android-9.0.0/android/security/keystore/KeyGenParameterSpec.java
A java/ql/test/stubs/google-android-9.0.0/android/security/keystore/KeyProperties.java
M java/ql/test/stubs/google-android-9.0.0/android/util/ArrayMap.java
A java/ql/test/stubs/google-android-9.0.0/android/widget/LinearLayout.java
A java/ql/test/stubs/google-android-9.0.0/androidx/biometric/BiometricPrompt.java
M java/ql/test/stubs/google-android-9.0.0/androidx/core/app/NotificationCompat.java
A java/ql/test/stubs/google-android-9.0.0/androidx/core/app/Person.java
A java/ql/test/stubs/google-android-9.0.0/androidx/core/content/LocusIdCompat.java
A java/ql/test/stubs/google-android-9.0.0/androidx/core/content/pm/ShortcutInfoCompat.java
M java/ql/test/utils/modeleditor/ApplicationModeEndpoints.expected
M javascript/BUILD.bazel
M javascript/downgrades/BUILD.bazel
M javascript/externs/BUILD.bazel
M javascript/extractor/BUILD.bazel
M javascript/extractor/lib/typescript/BUILD.bazel
M javascript/extractor/test/com/semmle/js/extractor/test/AllTests.java
M javascript/extractor/test/com/semmle/js/extractor/test/BUILD.bazel
R javascript/extractor/test/com/semmle/js/extractor/test/run_tests.sh
M javascript/extractor/tests/project-layout
M javascript/ql/lib/CHANGELOG.md
M javascript/ql/lib/IDEContextual.qll
R javascript/ql/lib/change-notes/2024-01-17-successfully-extracted-diagnostic.md
A javascript/ql/lib/change-notes/released/0.8.7.md
A javascript/ql/lib/change-notes/released/0.8.8.md
A javascript/ql/lib/change-notes/released/0.8.9.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/lib/semmle/javascript/ApiGraphs.qll
M javascript/ql/lib/semmle/javascript/Classes.qll
M javascript/ql/lib/semmle/javascript/ES2015Modules.qll
M javascript/ql/lib/semmle/javascript/JsonStringifiers.qll
M javascript/ql/lib/semmle/javascript/NPM.qll
M javascript/ql/lib/semmle/javascript/Regexp.qll
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/Stmt.qll
M javascript/ql/lib/semmle/javascript/XML.qll
M javascript/ql/lib/semmle/javascript/YAML.qll
M javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/BasicExprTypeInference.qll
A javascript/ql/lib/semmle/javascript/endpoints/EndpointNaming.qll
M javascript/ql/lib/semmle/javascript/frameworks/Electron.qll
M javascript/ql/lib/semmle/javascript/frameworks/Emscripten.qll
M javascript/ql/lib/semmle/javascript/frameworks/GWT.qll
M javascript/ql/lib/semmle/javascript/frameworks/HTTP.qll
M javascript/ql/lib/semmle/javascript/frameworks/Testing.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll
R javascript/ql/lib/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedData.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/internal/SensitiveDataHeuristics.qll
R javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll
R javascript/ql/lib/semmle/javascript/security/regexp/NfaUtils.qll
R javascript/ql/lib/semmle/javascript/security/regexp/SuperlinearBackTracking.qll
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/Diagnostics/ExtractedFiles.ql
R javascript/ql/src/Diagnostics/SuccessfullyExtractedFiles.ql
R javascript/ql/src/Expressions/TypoDatabase.qll
M javascript/ql/src/LanguageFeatures/SpuriousArguments.ql
R javascript/ql/src/change-notes/2023-12-18-dot-templates.md
A javascript/ql/src/change-notes/released/0.8.7.md
A javascript/ql/src/change-notes/released/0.8.8.md
A javascript/ql/src/change-notes/released/0.8.9.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M javascript/ql/test/library-tests/DataFlow/tests.expected
A javascript/ql/test/library-tests/EndpointNaming/EndpointNaming.expected
A javascript/ql/test/library-tests/EndpointNaming/EndpointNaming.ql
A javascript/ql/test/library-tests/EndpointNaming/pack1/main.js
A javascript/ql/test/library-tests/EndpointNaming/pack1/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack10/foo.js
A javascript/ql/test/library-tests/EndpointNaming/pack10/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack10/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack11/index.ts
A javascript/ql/test/library-tests/EndpointNaming/pack11/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack12/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack12/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack2/lib.js
A javascript/ql/test/library-tests/EndpointNaming/pack2/main.js
A javascript/ql/test/library-tests/EndpointNaming/pack2/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack3/lib.js
A javascript/ql/test/library-tests/EndpointNaming/pack3/main.js
A javascript/ql/test/library-tests/EndpointNaming/pack3/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack4/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack4/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack5/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack5/src/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack6/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack6/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack7/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack7/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack8/foo.js
A javascript/ql/test/library-tests/EndpointNaming/pack8/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack8/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack9/foo.js
A javascript/ql/test/library-tests/EndpointNaming/pack9/index.ts
A javascript/ql/test/library-tests/EndpointNaming/pack9/package.json
M javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
M javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected
A javascript/ql/test/library-tests/TaintTracking/logical-and.js
M javascript/ql/test/qlpack.yml
A javascript/ql/test/query-tests/Diagnostics/ExtractedFiles.expected
A javascript/ql/test/query-tests/Diagnostics/ExtractedFiles.qlref
R javascript/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.expected
R javascript/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.qlref
M javascript/ql/test/query-tests/LanguageFeatures/SpuriousArguments/tst.js
M javascript/ql/test/query-tests/Security/CWE-020/SuspiciousRegexpRange/tst.js
M javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialBackTracking.expected
M javascript/ql/test/query-tests/Statements/UselessConditional/UselessConditional.expected
A javascript/ql/test/testUtilities/InlineExpectationsTest.qll
A javascript/ql/test/testUtilities/internal/InlineExpectationsTestImpl.qll
M misc/bazel/cmake/cmake.bzl
M misc/bazel/cmake/setup.cmake
A misc/bazel/semmle_code_stub/MODULE.bazel
A misc/bazel/semmle_code_stub/WORKSPACE.bazel
M misc/bazel/workspace.bzl
M misc/bazel/workspace_deps.bzl
R misc/codegen/requirements.txt
A misc/codegen/requirements_in.txt
A misc/codegen/requirements_lock.txt
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/0.7.7.md
A misc/suite-helpers/change-notes/released/0.7.8.md
A misc/suite-helpers/change-notes/released/0.7.9.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/BUILD.bazel
A python/downgrades/BUILD.bazel
M python/ql/lib/CHANGELOG.md
M python/ql/lib/analysis/IDEContextual.qll
R python/ql/lib/change-notes/2024-01-17-successfully-extracted-diagnostic.md
A python/ql/lib/change-notes/released/0.11.7.md
A python/ql/lib/change-notes/released/0.11.8.md
A python/ql/lib/change-notes/released/0.11.9.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/python.qll
M python/ql/lib/qlpack.yml
M python/ql/lib/semmle/python/Concepts.qll
M python/ql/lib/semmle/python/Frameworks.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/frameworks/Django.qll
A python/ql/lib/semmle/python/frameworks/Psycopg.qll
M python/ql/lib/semmle/python/frameworks/Starlette.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/Stdlib/Urllib.qll
M python/ql/lib/semmle/python/frameworks/Yarl.qll
M python/ql/lib/semmle/python/objects/TObject.qll
M python/ql/lib/semmle/python/pointsto/Base.qll
M python/ql/lib/semmle/python/pointsto/Filters.qll
M python/ql/lib/semmle/python/pointsto/PointsToContext.qll
R python/ql/lib/semmle/python/protocols.qll
M python/ql/lib/semmle/python/regexp/internal/ParseRegExp.qll
R python/ql/lib/semmle/python/security/BadTagFilterQuery.qll
R python/ql/lib/semmle/python/security/OverlyLargeRangeQuery.qll
M python/ql/lib/semmle/python/security/dataflow/UrlRedirectCustomizations.qll
M python/ql/lib/semmle/python/security/dataflow/UrlRedirectQuery.qll
M python/ql/lib/semmle/python/security/internal/SensitiveDataHeuristics.qll
R python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll
R python/ql/lib/semmle/python/security/regexp/NfaUtils.qll
R python/ql/lib/semmle/python/security/regexp/RegexpMatching.qll
R python/ql/lib/semmle/python/security/regexp/SuperlinearBackTracking.qll
M python/ql/lib/semmle/python/xml/XML.qll
M python/ql/src/CHANGELOG.md
A python/ql/src/Diagnostics/ExtractedFiles.ql
R python/ql/src/Diagnostics/SuccessfullyExtractedFiles.ql
M python/ql/src/Security/CWE-601/UrlRedirect.qhelp
M python/ql/src/Security/CWE-601/examples/redirect_good2.py
A python/ql/src/Security/CWE-601/examples/redirect_good3.py
A python/ql/src/change-notes/released/0.9.7.md
A python/ql/src/change-notes/released/0.9.8.md
A python/ql/src/change-notes/released/0.9.9.md
M python/ql/src/codeql-pack.release.yml
A python/ql/src/experimental/Security/CWE-409/DecompressionBombs.qhelp
A python/ql/src/experimental/Security/CWE-409/DecompressionBombs.ql
A python/ql/src/experimental/Security/CWE-409/example_bad.py
A python/ql/src/experimental/Security/CWE-409/example_good.py
M python/ql/src/experimental/semmle/python/frameworks/Django.qll
M python/ql/src/experimental/semmle/python/frameworks/LDAP.qll
A python/ql/src/experimental/semmle/python/security/DecompressionBomb.qll
A python/ql/src/experimental/semmle/python/security/FileAndFormRemoteFlowSource.qll
M python/ql/src/qlpack.yml
M python/ql/src/semmle/python/functions/ModificationOfParameterWithDefault.qll
M python/ql/src/semmle/python/functions/ModificationOfParameterWithDefaultCustomizations.qll
M python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll
M python/ql/test/experimental/dataflow/summaries/summaries.expected
M python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/TarSlip.expected
M python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/ZipSlip.expected
M python/ql/test/experimental/query-tests/Security/CWE-022-UnsafeUnpacking/UnsafeUnpack.expected
M python/ql/test/experimental/query-tests/Security/CWE-074-TemplateInjection/TemplateInjection.expected
M python/ql/test/experimental/query-tests/Security/CWE-074-paramiko/paramiko.expected
M python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.expected
M python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltInjection.expected
M python/ql/test/experimental/query-tests/Security/CWE-113/HeaderInjection.expected
M python/ql/test/experimental/query-tests/Security/CWE-1236/CsvInjection.expected
M python/ql/test/experimental/query-tests/Security/CWE-176/UnicodeBypassValidation.expected
M python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.expected
M python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstSensitiveInfo/PossibleTimingAttackAgainstSensitiveInfo.expected
M python/ql/test/experimental/query-tests/Security/CWE-287-ConstantSecretKey/ConstantSecretKey.expected
M python/ql/test/experimental/query-tests/Security/CWE-327-UnsafeUsageOfClientSideEncryptionVersion/UnsafeUsageOfClientSideEncryptionVersion.expected
M python/ql/test/experimental/query-tests/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.expected
A python/ql/test/experimental/query-tests/Security/CWE-409/DataflowQueryTest.expected
A python/ql/test/experimental/query-tests/Security/CWE-409/DataflowQueryTest.ql
A python/ql/test/experimental/query-tests/Security/CWE-409/DecompressionBombs.expected
A python/ql/test/experimental/query-tests/Security/CWE-409/DecompressionBombs.qlref
A python/ql/test/experimental/query-tests/Security/CWE-409/test.py
M python/ql/test/experimental/query-tests/Security/CWE-522/LdapInsecureAuth.expected
M python/ql/test/experimental/query-tests/Security/CWE-614/CookieInjection.expected
M python/ql/test/library-tests/frameworks/django-orm/ReflectedXss.expected
M python/ql/test/library-tests/frameworks/modeling-example/NaiveModel.expected
M python/ql/test/library-tests/frameworks/modeling-example/ProperModel.expected
A python/ql/test/library-tests/frameworks/psycopg/ConceptsTest.expected
A python/ql/test/library-tests/frameworks/psycopg/ConceptsTest.ql
A python/ql/test/library-tests/frameworks/psycopg/pep249.py
A python/ql/test/library-tests/frameworks/stdlib/test_html.py
M python/ql/test/library-tests/regex/Characters.expected
M python/ql/test/library-tests/regex/FirstLast.expected
M python/ql/test/library-tests/regex/GroupContents.expected
M python/ql/test/library-tests/regex/Mode.expected
M python/ql/test/library-tests/regex/Qualified.expected
M python/ql/test/library-tests/regex/Regex.expected
M python/ql/test/library-tests/regex/test.py
A python/ql/test/query-tests/Diagnostics/ExtractedFiles.expected
A python/ql/test/query-tests/Diagnostics/ExtractedFiles.qlref
R python/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.expected
R python/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.qlref
M python/ql/test/query-tests/Functions/ModificationOfParameterWithDefault/ModificationOfParameterWithDefault.expected
A python/ql/test/query-tests/Functions/ModificationOfParameterWithDefault/options
M python/ql/test/query-tests/Functions/ModificationOfParameterWithDefault/test.py
M python/ql/test/query-tests/Functions/general/DeprecatedSliceMethod.expected
R python/ql/test/query-tests/Functions/general/ModificationOfParameterWithDefault.expected
R python/ql/test/query-tests/Functions/general/ModificationOfParameterWithDefault.qlref
M python/ql/test/query-tests/Functions/general/functions_test.py
M python/ql/test/query-tests/Functions/general/options
M python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected
M python/ql/test/query-tests/Security/CWE-022-PathInjection/PathInjection.expected
M python/ql/test/query-tests/Security/CWE-022-TarSlip/TarSlip.expected
M python/ql/test/query-tests/Security/CWE-078-CommandInjection-py2/CommandInjection.expected
M python/ql/test/query-tests/Security/CWE-078-CommandInjection/CommandInjection.expected
M python/ql/test/query-tests/Security/CWE-078-UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M python/ql/test/query-tests/Security/CWE-079-ReflectedXss/ReflectedXss.expected
M python/ql/test/query-tests/Security/CWE-089-SqlInjection/SqlInjection.expected
M python/ql/test/query-tests/Security/CWE-090-LdapInjection/LdapInjection.expected
M python/ql/test/query-tests/Security/CWE-094-CodeInjection/CodeInjection.expected
M python/ql/test/query-tests/Security/CWE-117-LogInjection/LogInjection.expected
M python/ql/test/query-tests/Security/CWE-209-StackTraceExposure/StackTraceExposure.expected
M python/ql/test/query-tests/Security/CWE-285-PamAuthorization/PamAuthorization.expected
M python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
M python/ql/test/query-tests/Security/CWE-312-CleartextStorage-py3/CleartextStorage.expected
M python/ql/test/query-tests/Security/CWE-312-CleartextStorage/CleartextStorage.expected
M python/ql/test/query-tests/Security/CWE-327-WeakSensitiveDataHashing/WeakSensitiveDataHashing.expected
M python/ql/test/query-tests/Security/CWE-502-UnsafeDeserialization/UnsafeDeserialization.expected
M python/ql/test/query-tests/Security/CWE-601-UrlRedirect/UrlRedirect.expected
M python/ql/test/query-tests/Security/CWE-601-UrlRedirect/test.py
M python/ql/test/query-tests/Security/CWE-611-Xxe/Xxe.expected
M python/ql/test/query-tests/Security/CWE-643-XPathInjection/XpathInjection.expected
M python/ql/test/query-tests/Security/CWE-730-PolynomialReDoS/PolynomialReDoS.expected
M python/ql/test/query-tests/Security/CWE-730-RegexInjection/RegexInjection.expected
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
M python/ql/test/query-tests/Security/CWE-798-HardcodedCredentials/HardcodedCredentials.expected
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.expected
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/PartialServerSideRequestForgery.expected
M python/ql/test/query-tests/Security/CWE-943-NoSqlInjection/NoSqlInjection.expected
M python/tools/recorded-call-graph-metrics/ql/lib/RecordedCalls.qll
M ql/Cargo.lock
M ql/buramu/Cargo.toml
M ql/codeql-extractor.yml
M ql/extractor/Cargo.toml
M ql/ql/src/codeql/IDEContextual.qll
R ql/ql/src/codeql_ql/style/TypoDatabase.qll
M ruby/codeql-extractor.yml
M ruby/ql/lib/CHANGELOG.md
R ruby/ql/lib/change-notes/2024-01-17-successfully-extracted-diagnostic.md
A ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md
A ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md
A ruby/ql/lib/change-notes/released/0.8.7.md
A ruby/ql/lib/change-notes/released/0.8.8.md
A ruby/ql/lib/change-notes/released/0.8.9.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/codeql/IDEContextual.qll
M ruby/ql/lib/codeql/ruby/ApiGraphs.qll
M ruby/ql/lib/codeql/ruby/Concepts.qll
M ruby/ql/lib/codeql/ruby/Frameworks.qll
M ruby/ql/lib/codeql/ruby/ast/Call.qll
M ruby/ql/lib/codeql/ruby/ast/Erb.qll
M ruby/ql/lib/codeql/ruby/dataflow/FlowSummary.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll
M ruby/ql/lib/codeql/ruby/frameworks/ActionView.qll
M ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll
M ruby/ql/lib/codeql/ruby/frameworks/Rails.qll
A ruby/ql/lib/codeql/ruby/frameworks/ViewComponent.qll
M ruby/ql/lib/codeql/ruby/frameworks/actiondispatch/internal/Request.qll
R ruby/ql/lib/codeql/ruby/security/BadTagFilterQuery.qll
M ruby/ql/lib/codeql/ruby/security/CodeInjectionQuery.qll
A ruby/ql/lib/codeql/ruby/security/InsecureRandomnessCustomizations.qll
A ruby/ql/lib/codeql/ruby/security/InsecureRandomnessQuery.qll
M ruby/ql/lib/codeql/ruby/security/OpenSSL.qll
R ruby/ql/lib/codeql/ruby/security/OverlyLargeRangeQuery.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/XSS.qll
M ruby/ql/lib/codeql/ruby/security/internal/SensitiveDataHeuristics.qll
R ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll
R ruby/ql/lib/codeql/ruby/security/regexp/NfaUtils.qll
R ruby/ql/lib/codeql/ruby/security/regexp/RegexpMatching.qll
R ruby/ql/lib/codeql/ruby/security/regexp/SuperlinearBackTracking.qll
M ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll
M ruby/ql/lib/codeql/ruby/typetracking/internal/TypeTrackingImpl.qll
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md
A ruby/ql/src/change-notes/released/0.8.7.md
A ruby/ql/src/change-notes/released/0.8.8.md
A ruby/ql/src/change-notes/released/0.8.9.md
M ruby/ql/src/codeql-pack.release.yml
A ruby/ql/src/experimental/insecure-randomness/InsecureRandomness.qhelp
A ruby/ql/src/experimental/insecure-randomness/InsecureRandomness.ql
A ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
A ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessGood.rb
M ruby/ql/src/qlpack.yml
A ruby/ql/src/queries/diagnostics/ExtractedFiles.ql
R ruby/ql/src/queries/diagnostics/SuccessfullyExtractedFiles.ql
M ruby/ql/src/queries/modeling/internal/Types.qll
M ruby/ql/src/queries/modeling/internal/Util.qll
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
M ruby/ql/src/queries/security/cwe-502/examples/UnsafeDeserializationBad.rb
A ruby/ql/src/utils/modeleditor/FrameworkModeAccessPaths.ql
M ruby/ql/src/utils/modeleditor/ModelEditor.qll
M ruby/ql/test/library-tests/dataflow/array-flow/array-flow.expected
M ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.expected
M ruby/ql/test/library-tests/dataflow/call-sensitivity/call_sensitivity.rb
A ruby/ql/test/library-tests/dataflow/erb/erb.expected
A ruby/ql/test/library-tests/dataflow/erb/erb.ql
A ruby/ql/test/library-tests/dataflow/erb/main.rb
A ruby/ql/test/library-tests/dataflow/erb/view1.html.erb
A ruby/ql/test/library-tests/dataflow/erb/view1.rb
A ruby/ql/test/library-tests/dataflow/erb/view2.html.erb
A ruby/ql/test/library-tests/dataflow/erb/view2.rb
A ruby/ql/test/library-tests/dataflow/erb/view3.html.erb
A ruby/ql/test/library-tests/dataflow/erb/view3.rb
A ruby/ql/test/library-tests/dataflow/erb/view4.rb
M ruby/ql/test/library-tests/dataflow/flow-summaries/semantics.expected
M ruby/ql/test/library-tests/dataflow/global/Flow.expected
M ruby/ql/test/library-tests/dataflow/global/captured_variables.rb
M ruby/ql/test/library-tests/dataflow/hash-flow/hash-flow.expected
M ruby/ql/test/library-tests/dataflow/local/DataflowStep.expected
M ruby/ql/test/library-tests/dataflow/local/InlineFlowTest.expected
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
M ruby/ql/test/library-tests/dataflow/local/local_dataflow.rb
M ruby/ql/test/library-tests/dataflow/params/TypeTracker.expected
M ruby/ql/test/library-tests/dataflow/params/params-flow.expected
M ruby/ql/test/library-tests/dataflow/ssa-flow/ssa-flow.expected
M ruby/ql/test/library-tests/dataflow/string-flow/string-flow.expected
M ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
M ruby/ql/test/library-tests/dataflow/type-tracker/TypeTracker.expected
M ruby/ql/test/library-tests/frameworks/action_controller/ActionController.expected
M ruby/ql/test/library-tests/frameworks/action_controller/Filters.expected
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/application_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/comments_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/foo/bars_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/photos_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/posts_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/tags_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/users/notifications_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/comments/create.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/comments/destroy.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/comments/index.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/comments/show.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/notifications/mark_as_read.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/photos/foo.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/photos/show.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/posts/index.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/posts/show.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/posts/upvote.html.erb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/application_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/comments_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/foo/bars_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/photos_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/posts_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/tags_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/users/notifications_controller.rb
M ruby/ql/test/library-tests/frameworks/action_controller/input_access.rb
M ruby/ql/test/library-tests/frameworks/action_controller/params-flow.expected
M ruby/ql/test/library-tests/frameworks/action_mailer/params-flow.expected
M ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.expected
M ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.rb
M ruby/ql/test/library-tests/frameworks/active_support/ActiveSupportDataFlow.expected
M ruby/ql/test/library-tests/frameworks/arel/Arel.expected
M ruby/ql/test/library-tests/frameworks/json/JsonDataFlow.expected
M ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected
M ruby/ql/test/library-tests/variables/ssa.expected
A ruby/ql/test/query-tests/diagnostics/ExtractedFiles.expected
A ruby/ql/test/query-tests/diagnostics/ExtractedFiles.qlref
R ruby/ql/test/query-tests/diagnostics/SuccessfullyExtractedFiles.expected
R ruby/ql/test/query-tests/diagnostics/SuccessfullyExtractedFiles.qlref
M ruby/ql/test/query-tests/experimental/ImproperLdapAuth/ImproperLdapAuth.expected
A ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.expected
A ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.qlref
A ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
M ruby/ql/test/query-tests/experimental/LdapInjection/Ldapinjection.expected
M ruby/ql/test/query-tests/experimental/TemplateInjection/TemplateInjection.expected
M ruby/ql/test/query-tests/experimental/XPathInjection/XPathInjection.expected
M ruby/ql/test/query-tests/experimental/cwe-022-ZipSlip/ZipSlip.expected
M ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected
M ruby/ql/test/query-tests/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.expected
M ruby/ql/test/query-tests/experimental/weak-params/WeakParams.expected
M ruby/ql/test/query-tests/security/cwe-020/MissingFullAnchor/MissingFullAnchor.expected
M ruby/ql/test/query-tests/security/cwe-022/PathInjection.expected
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
M ruby/ql/test/query-tests/security/cwe-078/KernelOpen/KernelOpen.expected
M ruby/ql/test/query-tests/security/cwe-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M ruby/ql/test/query-tests/security/cwe-079/ReflectedXSS.expected
M ruby/ql/test/query-tests/security/cwe-079/StoredXSS.expected
M ruby/ql/test/query-tests/security/cwe-079/UnsafeHtmlConstruction.expected
M ruby/ql/test/query-tests/security/cwe-079/app/views/foo/bars/show.html.erb
M ruby/ql/test/query-tests/security/cwe-089/ActiveRecordInjection.rb
M ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected
M ruby/ql/test/query-tests/security/cwe-117/LogInjection.expected
M ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.expected
M ruby/ql/test/query-tests/security/cwe-1333-regexp-injection/RegExpInjection.expected
M ruby/ql/test/query-tests/security/cwe-134/TaintedFormatString.expected
M ruby/ql/test/query-tests/security/cwe-209/StackTraceExposure.expected
M ruby/ql/test/query-tests/security/cwe-312/CleartextLogging.expected
M ruby/ql/test/query-tests/security/cwe-312/CleartextStorage.expected
M ruby/ql/test/query-tests/security/cwe-502/oj-global-options/UnsafeDeserialization.expected
A ruby/ql/test/query-tests/security/cwe-502/ox-global-options/OxGlobalOptions.rb
A ruby/ql/test/query-tests/security/cwe-502/ox-global-options/Startup.rb
A ruby/ql/test/query-tests/security/cwe-502/ox-global-options/UnsafeDeserialization.expected
A ruby/ql/test/query-tests/security/cwe-502/ox-global-options/UnsafeDeserialization.qlref
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
M ruby/ql/test/query-tests/security/cwe-506/HardcodedDataInterpretedAsCode.expected
M ruby/ql/test/query-tests/security/cwe-601/UrlRedirect.expected
M ruby/ql/test/query-tests/security/cwe-611/libxml-backend/Xxe.expected
M ruby/ql/test/query-tests/security/cwe-611/xxe/Xxe.expected
M ruby/ql/test/query-tests/security/cwe-732/WeakFilePermissions.expected
M ruby/ql/test/query-tests/security/cwe-798/HardcodedCredentials.expected
M ruby/ql/test/query-tests/security/cwe-807-user-controlled-bypass/ConditionalBypass.expected
M ruby/ql/test/query-tests/security/cwe-829/InsecureDownload.expected
M ruby/ql/test/query-tests/security/cwe-912/HttpToFileAccess.expected
M ruby/ql/test/query-tests/security/cwe-918/ServerSideRequestForgery.expected
M ruby/ql/test/query-tests/security/decompression-api/DecompressionApi.expected
A ruby/ql/test/query-tests/utils/modeleditor/FrameworkModeAccessPaths.expected
A ruby/ql/test/query-tests/utils/modeleditor/FrameworkModeAccessPaths.qlref
M ruby/ql/test/query-tests/utils/modeleditor/FrameworkModeEndpoints.expected
M ruby/ql/test/query-tests/utils/modeleditor/GenerateModel.expected
M ruby/ql/test/query-tests/utils/modeleditor/lib/mylib.rb
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/0.1.7.md
A shared/controlflow/change-notes/released/0.1.8.md
A shared/controlflow/change-notes/released/0.1.9.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/0.1.7.md
A shared/dataflow/change-notes/released/0.1.8.md
A shared/dataflow/change-notes/released/0.2.0.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/codeql/dataflow/DataFlow.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll
M shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/0.2.7.md
A shared/mad/change-notes/released/0.2.8.md
A shared/mad/change-notes/released/0.2.9.md
M shared/mad/codeql-pack.release.yml
M shared/mad/codeql/mad/ModelValidation.qll
M shared/mad/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/0.0.6.md
A shared/rangeanalysis/change-notes/released/0.0.7.md
A shared/rangeanalysis/change-notes/released/0.0.8.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/0.2.7.md
A shared/regex/change-notes/released/0.2.8.md
A shared/regex/change-notes/released/0.2.9.md
M shared/regex/codeql-pack.release.yml
M shared/regex/codeql/regex/OverlyLargeRangeQuery.qll
M shared/regex/codeql/regex/nfa/NfaUtils.qll
M shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/0.2.7.md
A shared/ssa/change-notes/released/0.2.8.md
A shared/ssa/change-notes/released/0.2.9.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/codeql/ssa/Ssa.qll
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/0.0.6.md
A shared/threat-models/change-notes/released/0.0.7.md
A shared/threat-models/change-notes/released/0.0.8.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tree-sitter-extractor/src/extractor/mod.rs
M shared/tree-sitter-extractor/src/trap.rs
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/0.2.7.md
A shared/tutorial/change-notes/released/0.2.8.md
A shared/tutorial/change-notes/released/0.2.9.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/0.2.7.md
A shared/typetracking/change-notes/released/0.2.8.md
A shared/typetracking/change-notes/released/0.2.9.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/0.2.7.md
A shared/typos/change-notes/released/0.2.8.md
A shared/typos/change-notes/released/0.2.9.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
A shared/util/change-notes/released/0.2.7.md
A shared/util/change-notes/released/0.2.8.md
A shared/util/change-notes/released/0.2.9.md
M shared/util/codeql-pack.release.yml
M shared/util/codeql/util/FileSystem.qll
M shared/util/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/0.2.7.md
A shared/yaml/change-notes/released/0.2.8.md
A shared/yaml/change-notes/released/0.2.9.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/BUILD.bazel
M swift/codeql-extractor.yml
M swift/extractor/config/BUILD.bazel
M swift/extractor/infra/SwiftDispatcher.h
M swift/extractor/infra/SwiftLocationExtractor.h
M swift/extractor/remapping/SwiftFileInterception.cpp
M swift/extractor/translators/PatternTranslator.cpp
M swift/extractor/trap/TrapLabel.h
A swift/integration-tests/.clang-format
M swift/logging/SwiftLogging.h
M swift/ql/lib/CHANGELOG.md
R swift/ql/lib/change-notes/2024-01-05-parameterized-cfg-library.md
R swift/ql/lib/change-notes/2024-01-09-swift-5.9.2.md
A swift/ql/lib/change-notes/released/0.3.7.md
A swift/ql/lib/change-notes/released/0.3.8.md
A swift/ql/lib/change-notes/released/0.3.9.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/codeql/swift/elements/File.qll
A swift/ql/lib/codeql/swift/security/UnsafeUnpackExtensions.qll
A swift/ql/lib/codeql/swift/security/UnsafeUnpackQuery.qll
M swift/ql/lib/codeql/swift/security/internal/SensitiveDataHeuristics.qll
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2023-12-15-weak-password-hashing.md
A swift/ql/src/change-notes/released/0.3.7.md
A swift/ql/src/change-notes/released/0.3.8.md
A swift/ql/src/change-notes/released/0.3.9.md
M swift/ql/src/codeql-pack.release.yml
A swift/ql/src/diagnostics/ExtractedFiles.ql
R swift/ql/src/diagnostics/SuccessfullyExtractedFiles.ql
A swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.qhelp
A swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.ql
A swift/ql/src/experimental/Security/CWE-022/ZipArchiveGood.swift
A swift/ql/src/experimental/Security/CWE-022/ZipBad.swift
A swift/ql/src/experimental/Security/CWE-022/ZipFoundationBad.swift
M swift/ql/src/qlpack.yml
M swift/ql/test/extractor-tests/run_under/Strings.expected
M swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
M swift/ql/test/library-tests/dataflow/taint/core/Taint.expected
A swift/ql/test/query-tests/Diagnostics/ExtractedFiles.expected
A swift/ql/test/query-tests/Diagnostics/ExtractedFiles.qlref
A swift/ql/test/query-tests/Diagnostics/Info.expected
A swift/ql/test/query-tests/Diagnostics/Info.ql
R swift/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.expected
R swift/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.qlref
A swift/ql/test/query-tests/Security/CWE-022/PathInjection/PathInjectionTest.expected
A swift/ql/test/query-tests/Security/CWE-022/PathInjection/PathInjectionTest.ql
A swift/ql/test/query-tests/Security/CWE-022/PathInjection/testPathInjection.swift
R swift/ql/test/query-tests/Security/CWE-022/PathInjectionTest.expected
R swift/ql/test/query-tests/Security/CWE-022/PathInjectionTest.ql
A swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.expected
A swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.qlref
A swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.swift
R swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift
M swift/ql/test/query-tests/Security/CWE-078/CommandInjection.expected
M swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.expected
M swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected
M swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
M swift/ql/test/query-tests/Security/CWE-1204/StaticInitializationVector.expected
M swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected
M swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected
M swift/ql/test/query-tests/Security/CWE-259/ConstantPassword.expected
M swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected
M swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
M swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.expected
M swift/ql/test/query-tests/Security/CWE-321/HardcodedEncryptionKey.expected
M swift/ql/test/query-tests/Security/CWE-327/ECBEncryption.expected
M swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.expected
M swift/ql/test/query-tests/Security/CWE-730/RegexInjection.expected
M swift/ql/test/query-tests/Security/CWE-757/InsecureTLS.expected
M swift/ql/test/query-tests/Security/CWE-760/ConstantSalt.expected
M swift/ql/test/query-tests/Security/CWE-916/InsufficientHashIterations.expected
M swift/third_party/BUILD.picosha2.bazel
M swift/third_party/BUILD.swift-llvm-support.bazel
M swift/third_party/load.bzl
M swift/third_party/swift-llvm-support/BUILD.bazel
M swift/tools/qltest.sh
M swift/tools/test/qltest/utils.py
Log Message:
-----------
Merge branch 'main' into lgtm_index_filter_handling
Commit: 03a125de383538e8b4da9aacf9bddd0c48089227
https://github.com/krishnprakash/codeql/commit/03a125de383538e8b4da9aacf9bddd0c48089227
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/CHANGELOG.md
M ruby/ql/lib/change-notes/released/0.8.7.md
Log Message:
-----------
Merge pull request #15562 from Marcono1234/patch-2
Ruby: Fix formatting in changelog
Commit: 788100d4756a2433c731c5f2615330b60f211dad
https://github.com/krishnprakash/codeql/commit/788100d4756a2433c731c5f2615330b60f211dad
Author: Jeroen Ketema <jke...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/test/library-tests/arguments/arguments.expected
Log Message:
-----------
C++: Update test after extractor changes
Commit: 403a1ac4830ca7db797b5ceac978c5c1dbbc95a5
https://github.com/krishnprakash/codeql/commit/403a1ac4830ca7db797b5ceac978c5c1dbbc95a5
Author: Joe Farebrother <joefare...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md
Log Message:
-----------
Fix change note formatting
Commit: dab8e237e66308df4bd816d688573081824045e2
https://github.com/krishnprakash/codeql/commit/dab8e237e66308df4bd816d688573081824045e2
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .github/workflows/compile-queries.yml
Log Message:
-----------
Workflows: Run format check on shared.
Commit: 5f5bcf686dd21554651437ed5b27e385bba4c3de
https://github.com/krishnprakash/codeql/commit/5f5bcf686dd21554651437ed5b27e385bba4c3de
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll
Log Message:
-----------
Update csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll
Co-authored-by: Michael Nebel <michae...@github.com>
Commit: 4ede553b2168a7fabfd75e6c86517592d4e358eb
https://github.com/krishnprakash/codeql/commit/4ede553b2168a7fabfd75e6c86517592d4e358eb
Author: Rasmus Wriedt Larsen <rasm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M shared/tree-sitter-extractor/src/autobuilder.rs
Log Message:
-----------
Merge pull request #15365 from RasmusWL/lgtm_index_filter_handling
Tree sitter extractor: Proper handling of `LGTM_INDEX_FILTERS`
Commit: acf3a99dffb711752623b8670dccb37198ebe339
https://github.com/krishnprakash/codeql/commit/acf3a99dffb711752623b8670dccb37198ebe339
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/test/library-tests/arguments/arguments.expected
Log Message:
-----------
Merge pull request #15716 from jketema/command-line-options
C++: Update test after extractor changes
Commit: fb06e9f6b287d5bcd7c0d2f5721c0520369fd9df
https://github.com/krishnprakash/codeql/commit/fb06e9f6b287d5bcd7c0d2f5721c0520369fd9df
Author: Joe Farebrother <joefare...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md
Log Message:
-----------
Merge pull request #15719 from joefarebrother/ruby-changenote-formatting
Ruby: Fix change note formatting
Commit: c22cbf5b019f4f2f3da6c8c789a309ac5fa3481f
https://github.com/krishnprakash/codeql/commit/c22cbf5b019f4f2f3da6c8c789a309ac5fa3481f
Author: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .github/workflows/compile-queries.yml
Log Message:
-----------
Merge pull request #15721 from aschackmull/workflows/format-check-shared
Workflows: Run format check on shared.
Commit: fd85c441291fb9fad515fce28b1fff56298c7eac
https://github.com/krishnprakash/codeql/commit/fd85c441291fb9fad515fce28b1fff56298c7eac
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .github/workflows/ruby-build.yml
A ruby/BUILD.bazel
A ruby/downgrades/BUILD.bazel
A ruby/extractor/BUILD.bazel
A ruby/extractor/Cargo.Bazel.lock
M ruby/extractor/Cargo.lock
M ruby/extractor/Cargo.toml
R ruby/extractor/Cross.toml
A ruby/ql/lib/BUILD.bazel
A ruby/tools/BUILD.bazel
Log Message:
-----------
Ruby: Start building the language pack using bazel.
This PR introduces a bazel and `rules_rust`-based build system
for the ruby extractor and language pack.
This replacese the existing, `cargo` and `cross`-based build system.
For local development, nothing changes, and the existing `cargo`-based
build still keeps working as-is.
We no longer need to use `cross` to compile our Linux binaries,
as we now can link against our hermetic C++ toolchain, which ships
with an old enough glibc, so that we don't run into symbol version issues
when deploying the binaries to older systems.
Besides the one change in dependency (explained in detail in `Cargo.toml`
and in https://github.com/github/codeql/pull/15595), nothing ought to
change in how we build the extractor.
Commit: b82ffd40e7cb02a3df07d1829917bbc826089bf2
https://github.com/krishnprakash/codeql/commit/b82ffd40e7cb02a3df07d1829917bbc826089bf2
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .github/workflows/ruby-build.yml
Log Message:
-----------
Fix windows CI build.
As we're now checking out the `codeql` repo in a sub-path,
we need to enable long paths on Windows.
Commit: 688b9955a01f13cc53b4d2e5be0149646b08493f
https://github.com/krishnprakash/codeql/commit/688b9955a01f13cc53b4d2e5be0149646b08493f
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .gitattributes
M ruby/BUILD.bazel
M ruby/extractor/BUILD.bazel
R ruby/extractor/Cargo.Bazel.lock
M ruby/extractor/Cargo.toml
A ruby/extractor/cargo-bazel-lock.json
M ruby/tools/BUILD.bazel
Log Message:
-----------
Address review, start accomodating bzlmod.
Commit: 1657b314c1ac5b0c9b0dc0f6d6d3b59dd91a76b6
https://github.com/krishnprakash/codeql/commit/1657b314c1ac5b0c9b0dc0f6d6d3b59dd91a76b6
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/extractor/cargo-bazel-lock.json
Log Message:
-----------
Re-pin ruby extractor deps.
Commit: 1410574f769c3474bb621554597723bfb144f3e7
https://github.com/krishnprakash/codeql/commit/1410574f769c3474bb621554597723bfb144f3e7
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.qlref
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/YAMLUnsafeDeserialization.rb
Log Message:
-----------
make seperate steps for YAML.parse* and use `getAsuccessor*()` to reach final to_ruby method call, All parts have Rewritten with API graphs exclusively
Commit: 474a4f8abdbad932b8a07ba4ba1fb57fa7706be4
https://github.com/krishnprakash/codeql/commit/474a4f8abdbad932b8a07ba4ba1fb57fa7706be4
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
thanks @asgerf for informing me that Successor wants to be deprecated and thank him that providing the solution
Commit: a75a0049428c5fe45cd2c429baf337877bd5fa3a
https://github.com/krishnprakash/codeql/commit/a75a0049428c5fe45cd2c429baf337877bd5fa3a
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
add more additional steps, change parse* sinks to reciever of them
Commit: 18fa91bde43bf26b75b6c27877a8b73955f2408a
https://github.com/krishnprakash/codeql/commit/18fa91bde43bf26b75b6c27877a8b73955f2408a
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
add transform method that is an alias for to_ruby
Commit: 464e2e429175ec0aa22b66c01b234a9cc99a5b25
https://github.com/krishnprakash/codeql/commit/464e2e429175ec0aa22b66c01b234a9cc99a5b25
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
R ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/PlistUnsafeDeserialization.rb
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
R ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/YAMLUnsafeDeserialization.rb
Log Message:
-----------
fix qldoc and test files
Commit: 9c5c8c8362b6f4eca6c957c458a855a8826bc3e3
https://github.com/krishnprakash/codeql/commit/9c5c8c8362b6f4eca6c957c458a855a8826bc3e3
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
Log Message:
-----------
fix test file
Commit: 1c1a6f13dfc7e092dde2f4d2038767e0d00953d7
https://github.com/krishnprakash/codeql/commit/1c1a6f13dfc7e092dde2f4d2038767e0d00953d7
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
Log Message:
-----------
fix QLDoc style
Commit: c582ea626d647979aee3ce24339d64337184731d
https://github.com/krishnprakash/codeql/commit/c582ea626d647979aee3ce24339d64337184731d
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
Log Message:
-----------
update expected test file
Commit: 32f5667bb61398352dd03a771a6cfc715479646d
https://github.com/krishnprakash/codeql/commit/32f5667bb61398352dd03a771a6cfc715479646d
Author: amammad <77095239...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qhelp
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.ql
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qll
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserializationCustomizations.qll
A ruby/ql/src/experimental/cwe-502/Yaml.qll
A ruby/ql/src/experimental/cwe-502/examples/UnsafeDeserializationBad.rb
A ruby/ql/src/experimental/cwe-502/examples/UnsafeDeserializationGood.rb
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.expected
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.qlref
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.rb
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.qlref
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
Log Message:
-----------
revert YAML.qll and yaml sinks to previous PR, make a separate experimental query only for yaml
Commit: 8a670fe9a2972bd4648c0e9914c60d61cb792ab9
https://github.com/krishnprakash/codeql/commit/8a670fe9a2972bd4648c0e9914c60d61cb792ab9
Author: Harry Maclean <hm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/src/experimental/cwe-502/Yaml.qll
Log Message:
-----------
Ruby: formatting
Commit: 606a8fed0c57d1c4cad02f2c48acc3fa331d92a2
https://github.com/krishnprakash/codeql/commit/606a8fed0c57d1c4cad02f2c48acc3fa331d92a2
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll
M csharp/ql/lib/semmle/code/csharp/Generics.qll
M csharp/ql/lib/semmle/code/csharp/Implements.qll
M csharp/ql/lib/semmle/code/csharp/commons/QualifiedName.qll
M csharp/ql/lib/semmle/code/csharp/commons/StructuralComparison.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/dispatch/OverridableCallable.qll
M csharp/ql/lib/semmlecode.csharp.dbscheme.stats
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql
Log Message:
-----------
Merge pull request #15406 from hvitved/csharp/no-stats-experiment
C#: Remove all DB stats
Commit: dd0c721e8cef09c3b0fa72d81f02465556bd035a
https://github.com/krishnprakash/codeql/commit/dd0c721e8cef09c3b0fa72d81f02465556bd035a
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md
A csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md
Log Message:
-----------
C#: Add change note
Commit: b86643fab2dcb382b932fc697aac15cef69514ff
https://github.com/krishnprakash/codeql/commit/b86643fab2dcb382b932fc697aac15cef69514ff
Author: Harry Maclean <hm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qll
Log Message:
-----------
Ruby: doc fixes
Commit: 8212f5de1bd7b3a4f0d0afc834e5d9560b8dce35
https://github.com/krishnprakash/codeql/commit/8212f5de1bd7b3a4f0d0afc834e5d9560b8dce35
Author: Harry Maclean <hm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.expected
Log Message:
-----------
Ruby: Update test
Commit: f92c10697250edf46be8b847aff70f2f8f4fe16f
https://github.com/krishnprakash/codeql/commit/f92c10697250edf46be8b847aff70f2f8f4fe16f
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md
A csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md
Log Message:
-----------
Merge pull request #15724 from hvitved/csharp-change-note
C#: Add change note
Commit: 6ff0054e52890c85808eaf1e8d9ef222776ac69e
https://github.com/krishnprakash/codeql/commit/6ff0054e52890c85808eaf1e8d9ef222776ac69e
Author: Harry Maclean <hm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qhelp
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.ql
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qll
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserializationCustomizations.qll
A ruby/ql/src/experimental/cwe-502/Yaml.qll
A ruby/ql/src/experimental/cwe-502/examples/UnsafeDeserializationBad.rb
A ruby/ql/src/experimental/cwe-502/examples/UnsafeDeserializationGood.rb
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.expected
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.qlref
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.rb
R ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/PlistUnsafeDeserialization.rb
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
R ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/YAMLUnsafeDeserialization.rb
Log Message:
-----------
Merge pull request #13431 from am0o0/amammad-ruby-YAMLunsafeLoad
Ruby: add seperate additional steps between `YAML.parse*` methods and `to_ruby`
Commit: e9b5394cd567e456412f7f310c428072126cbf97
https://github.com/krishnprakash/codeql/commit/e9b5394cd567e456412f7f310c428072126cbf97
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M javascript/extractor/BUILD.bazel
Log Message:
-----------
JS: Remove empty build target.
The `resources` folder never existed, this was probably introduced
as a copy-paste mistake. Remove the rule.
Commit: 5c4543f16727be78f9e2f40ceb66715c5a17674a
https://github.com/krishnprakash/codeql/commit/5c4543f16727be78f9e2f40ceb66715c5a17674a
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/AddressFlow.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowVar.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingUtil.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll
Log Message:
-----------
C++: Mark internal files in the old dataflow library as deprecated (the public imports already are).
Commit: 234623ec0d9eff188ba0063889cacb35536c9a39
https://github.com/krishnprakash/codeql/commit/234623ec0d9eff188ba0063889cacb35536c9a39
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M javascript/extractor/BUILD.bazel
Log Message:
-----------
Merge pull request #15726 from github/criemen/js
JS: Remove empty build target.
Commit: 4bb725cbf5c2e43256f1cbb8bcdd9247e9df0068
https://github.com/krishnprakash/codeql/commit/4bb725cbf5c2e43256f1cbb8bcdd9247e9df0068
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .gitattributes
M .github/workflows/ruby-build.yml
A ruby/BUILD.bazel
A ruby/downgrades/BUILD.bazel
A ruby/extractor/BUILD.bazel
M ruby/extractor/Cargo.lock
M ruby/extractor/Cargo.toml
R ruby/extractor/Cross.toml
A ruby/extractor/cargo-bazel-lock.json
A ruby/ql/lib/BUILD.bazel
A ruby/tools/BUILD.bazel
Log Message:
-----------
Merge pull request #15656 from github/criemen/ruby-bazel
Ruby: Start building the language pack using bazel.
Commit: 2e66392353fa909b9837c0f22f4114cc43bc810f
https://github.com/krishnprakash/codeql/commit/2e66392353fa909b9837c0f22f4114cc43bc810f
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/controlflow/SubBasicBlocks.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll
Log Message:
-----------
C++: Update deprecated note to respect identical files.
Commit: 408a5504670be29f6ce0a8c79c28b4b1109eeb01
https://github.com/krishnprakash/codeql/commit/408a5504670be29f6ce0a8c79c28b4b1109eeb01
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/controlflow/SubBasicBlocks.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/AddressFlow.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowVar.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingUtil.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll
Log Message:
-----------
Merge pull request #15727 from geoffw0/qldoc4
C++: Mark internal files in the old dataflow library as deprecated
Compare: https://github.com/krishnprakash/codeql/compare/2683e40038fe...408a5504670b
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Home: https://github.com/krishnprakash/codeql
Commit: 54c7c5e8be789c853751ce0c198789688e330979
https://github.com/krishnprakash/codeql/commit/54c7c5e8be789c853751ce0c198789688e330979
Author: Rasmus Wriedt Larsen <rasm...@github.com>
Date: 2024-01-18 (Thu, 18 Jan 2024)
Changed paths:
M shared/tree-sitter-extractor/src/autobuilder.rs
Log Message:
-----------
Tree sitter extractor: Proper handling of `LGTM_INDEX_FILTERS`
If someone had used `LGTM_INDEX_FILTERS=exclude:**/*\ninclude:*.rb`
before, we would have mistakenly excluded all files :|
(LGTM_INDEX_FILTERS is a prioritized list where later matches take
priority over earlier ones)
This change is needed to support adding `exclude:**/*` as the first
filter if `paths` include a glob, which currently causes bad behavior in
the Python extractor. However, we can first introduce that change once
this PR has been merged.
I realize this change can cause more folders and files to be traversed
(since they are not just skipped with --exclude). We plan to make a
better long term fix which should bring back the previous performance.
Commit: f20d4e22fe1481167da66af25492af9e079260e9
https://github.com/krishnprakash/codeql/commit/f20d4e22fe1481167da66af25492af9e079260e9
Author: Rasmus Wriedt Larsen <rasm...@github.com>
Date: 2024-01-18 (Thu, 18 Jan 2024)
Changed paths:
M shared/tree-sitter-extractor/src/autobuilder.rs
Log Message:
-----------
Handle only `exclude`
Commit: d814decc17e3cca6258fa2e80a2b515afbcb4203
https://github.com/krishnprakash/codeql/commit/d814decc17e3cca6258fa2e80a2b515afbcb4203
Author: Marcono1234 <Marco...@users.noreply.github.com>
Date: 2024-02-10 (Sat, 10 Feb 2024)
Changed paths:
M ruby/ql/lib/CHANGELOG.md
M ruby/ql/lib/change-notes/released/0.8.7.md
Log Message:
-----------
Ruby: Fix formatting in changelog
Commit: 90f3670f3d5a89f63b0820ae6c93977c4c71d3d4
https://github.com/krishnprakash/codeql/commit/90f3670f3d5a89f63b0820ae6c93977c4c71d3d4
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-12 (Mon, 12 Feb 2024)
Changed paths:
M csharp/ql/lib/semmlecode.csharp.dbscheme.stats
Log Message:
-----------
C#: Remove all DB stats
Commit: 15cf6951880898b05069a1ede4f0cb459d7e77d7
https://github.com/krishnprakash/codeql/commit/15cf6951880898b05069a1ede4f0cb459d7e77d7
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-12 (Mon, 12 Feb 2024)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll
M csharp/ql/lib/semmle/code/csharp/Generics.qll
M csharp/ql/lib/semmle/code/csharp/Implements.qll
M csharp/ql/lib/semmle/code/csharp/commons/QualifiedName.qll
M csharp/ql/lib/semmle/code/csharp/commons/StructuralComparison.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/dispatch/OverridableCallable.qll
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql
Log Message:
-----------
C#: Fix various bad joins
Commit: 07223031e8f3d41f85619eac52ca576b003af339
https://github.com/krishnprakash/codeql/commit/07223031e8f3d41f85619eac52ca576b003af339
Author: Rasmus Wriedt Larsen <rasm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .bazelrc
M .bazelversion
A .clang-format
M .github/workflows/check-change-note.yml
M .github/workflows/check-implicit-this.yml
M .github/workflows/check-qldoc.yml
M .github/workflows/check-query-ids.yml
M .github/workflows/close-stale.yml
M .github/workflows/codeql-analysis.yml
M .github/workflows/compile-queries.yml
M .github/workflows/csharp-qltest.yml
M .github/workflows/csv-coverage-metrics.yml
M .github/workflows/csv-coverage-pr-artifacts.yml
M .github/workflows/csv-coverage-pr-comment.yml
M .github/workflows/csv-coverage-timeseries.yml
M .github/workflows/csv-coverage-update.yml
M .github/workflows/csv-coverage.yml
M .github/workflows/fast-forward.yml
M .github/workflows/go-tests-other-os.yml
M .github/workflows/go-tests.yml
M .github/workflows/labeler.yml
M .github/workflows/mad_regenerate-models.yml
M .github/workflows/qhelp-pr-preview.yml
M .github/workflows/ql-for-ql-build.yml
M .github/workflows/ql-for-ql-dataset_measure.yml
M .github/workflows/ql-for-ql-tests.yml
M .github/workflows/query-list.yml
M .github/workflows/ruby-build.yml
M .github/workflows/ruby-dataset-measure.yml
M .github/workflows/ruby-qltest.yml
M .github/workflows/swift.yml
M .github/workflows/sync-files.yml
M .github/workflows/tree-sitter-extractor-test.yml
M .github/workflows/validate-change-notes.yml
M .pre-commit-config.yaml
M CODEOWNERS
A MODULE.bazel
M WORKSPACE.bazel
M config/identical-files.json
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/exprparents.ql
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/for_initialization.ql
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/old.dbscheme
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/semmlecode.cpp.dbscheme
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/stmtparents.ql
A cpp/downgrades/298438feb146335af824002589cd6d4e96e5dbf9/upgrade.properties
A cpp/downgrades/4f9fabab5124d49108782c081579f45a70571d74/mangled_name.ql
A cpp/downgrades/4f9fabab5124d49108782c081579f45a70571d74/old.dbscheme
A cpp/downgrades/4f9fabab5124d49108782c081579f45a70571d74/semmlecode.cpp.dbscheme
A cpp/downgrades/4f9fabab5124d49108782c081579f45a70571d74/upgrade.properties
M cpp/ql/lib/CHANGELOG.md
M cpp/ql/lib/IDEContextual.qll
A cpp/ql/lib/change-notes/released/0.12.4.md
A cpp/ql/lib/change-notes/released/0.12.5.md
A cpp/ql/lib/change-notes/released/0.12.6.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/lib/semmle/code/cpp/Class.qll
M cpp/ql/lib/semmle/code/cpp/Element.qll
M cpp/ql/lib/semmle/code/cpp/Function.qll
M cpp/ql/lib/semmle/code/cpp/PODType03.qll
M cpp/ql/lib/semmle/code/cpp/PrintAST.qll
M cpp/ql/lib/semmle/code/cpp/Variable.qll
M cpp/ql/lib/semmle/code/cpp/XML.qll
M cpp/ql/lib/semmle/code/cpp/commons/NULL.qll
R cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll
M cpp/ql/lib/semmle/code/cpp/controlflow/internal/CFG.qll
M cpp/ql/lib/semmle/code/cpp/exprs/Assignment.qll
M cpp/ql/lib/semmle/code/cpp/exprs/Expr.qll
A cpp/ql/lib/semmle/code/cpp/headers/PreprocBlock.qll
M cpp/ql/lib/semmle/code/cpp/internal/ResolveClass.qll
A cpp/ql/lib/semmle/code/cpp/internal/ResolveFunction.qll
M cpp/ql/lib/semmle/code/cpp/internal/ResolveGlobalVariable.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll
M cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstructionInternal.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstructionInternal.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/IRConstruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll
M cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll
M cpp/ql/lib/semmle/code/cpp/models/Models.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Deallocation.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/GetDelim.qll
A cpp/ql/lib/semmle/code/cpp/models/implementations/GetText.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Inet.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/StdContainer.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/StdMap.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/StdSet.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/StdString.qll
M cpp/ql/lib/semmle/code/cpp/models/implementations/Strcrement.qll
A cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/DataFlow.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/FunctionInputsAndOutputs.qll
A cpp/ql/lib/semmle/code/cpp/models/interfaces/PartialFlow.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/Taint.qll
A cpp/ql/lib/semmle/code/cpp/models/interfaces/Throwing.qll
A cpp/ql/lib/semmle/code/cpp/security/flowafterfree/FlowAfterFree.qll
A cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll
M cpp/ql/lib/semmle/code/cpp/stmts/Stmt.qll
M cpp/ql/lib/semmlecode.cpp.dbscheme
M cpp/ql/lib/semmlecode.cpp.dbscheme.stats
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/exprparents.ql
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/old.dbscheme
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/stmtparents.ql
A cpp/ql/lib/upgrades/4f9fabab5124d49108782c081579f45a70571d74/upgrade.properties
A cpp/ql/lib/upgrades/7f34caf73ca98314885030cc5a22b6e328fe687c/mangled_name.ql
A cpp/ql/lib/upgrades/7f34caf73ca98314885030cc5a22b6e328fe687c/old.dbscheme
A cpp/ql/lib/upgrades/7f34caf73ca98314885030cc5a22b6e328fe687c/semmlecode.cpp.dbscheme
A cpp/ql/lib/upgrades/7f34caf73ca98314885030cc5a22b6e328fe687c/upgrade.properties
M cpp/ql/src/CHANGELOG.md
M cpp/ql/src/Critical/DoubleFree.ql
R cpp/ql/src/Critical/FlowAfterFree.qll
M cpp/ql/src/Critical/ScanfChecks.qll
M cpp/ql/src/Critical/UseAfterFree.ql
A cpp/ql/src/Diagnostics/ExtractedFiles.ql
R cpp/ql/src/Diagnostics/SuccessfullyExtractedFiles.ql
M cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql
M cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql
M cpp/ql/src/Microsoft/SAL.qll
M cpp/ql/src/Security/CWE/CWE-497/SystemData.qll
M cpp/ql/src/Security/CWE/CWE-704/WcharCharConversion.ql
R cpp/ql/src/change-notes/2024-01-09-add-exception-to-av-rule-32.md
A cpp/ql/src/change-notes/2024-02-16-modelled-functions-block-flow.md
A cpp/ql/src/change-notes/released/0.9.3.md
A cpp/ql/src/change-notes/released/0.9.4.md
A cpp/ql/src/change-notes/released/0.9.5.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-078/WordexpTainted.expected
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/AllocMultiplicationOverflow/AllocMultiplicationOverflow.expected
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/array-access/ArrayAccessProductFlow.expected
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected
M cpp/ql/test/experimental/query-tests/Security/CWE/CWE-359/semmle/tests/PrivateCleartextWrite.expected
M cpp/ql/test/include/iterator.h
A cpp/ql/test/library-tests/dataflow/asExpr/test-indirect.expected
A cpp/ql/test/library-tests/dataflow/asExpr/test-indirect.ql
A cpp/ql/test/library-tests/dataflow/asExpr/test.cpp
A cpp/ql/test/library-tests/dataflow/asExpr/test.expected
A cpp/ql/test/library-tests/dataflow/asExpr/test.ql
M cpp/ql/test/library-tests/dataflow/dataflow-tests/BarrierGuard.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/TestBase.qll
M cpp/ql/test/library-tests/dataflow/dataflow-tests/clang.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected
M cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected
M cpp/ql/test/library-tests/dataflow/dataflow-tests/dispatch.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/example.c
M cpp/ql/test/library-tests/dataflow/dataflow-tests/flowOut.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/lambdas.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/ref.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/self_parameter_flow.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/test-source-sink.expected
M cpp/ql/test/library-tests/dataflow/dataflow-tests/test.cpp
M cpp/ql/test/library-tests/dataflow/dataflow-tests/type-bugs.expected
M cpp/ql/test/library-tests/dataflow/dataflow-tests/type-bugs.ql
M cpp/ql/test/library-tests/dataflow/dataflow-tests/uninitialized.expected
M cpp/ql/test/library-tests/dataflow/fields/ir-path-flow.expected
M cpp/ql/test/library-tests/dataflow/fields/path-flow.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected
M cpp/ql/test/library-tests/dataflow/taint-tests/map.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/set.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/string.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/stringstream.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/taint.cpp
M cpp/ql/test/library-tests/dataflow/taint-tests/vector.cpp
A cpp/ql/test/library-tests/destructors/PrintAST.expected
A cpp/ql/test/library-tests/destructors/PrintAST.ql
A cpp/ql/test/library-tests/destructors/destructors.expected
A cpp/ql/test/library-tests/destructors/destructors.ql
A cpp/ql/test/library-tests/headers/preprocBlock/header.h
A cpp/ql/test/library-tests/headers/preprocBlock/preprocblock.cpp
A cpp/ql/test/library-tests/headers/preprocBlock/preprocblock.expected
A cpp/ql/test/library-tests/headers/preprocBlock/preprocblock.ql
A cpp/ql/test/library-tests/headers/preprocBlock/preprocinclude.expected
A cpp/ql/test/library-tests/headers/preprocBlock/preprocinclude.ql
M cpp/ql/test/library-tests/ir/ir/PrintAST.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/ir/ir/ir.c
M cpp/ql/test/library-tests/ir/ir/ir.cpp
M cpp/ql/test/library-tests/ir/ir/operand_locations.expected
M cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
M cpp/ql/test/library-tests/ir/ir/raw_ir.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
M cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
M cpp/ql/test/library-tests/string_concat/strconcat.expected
M cpp/ql/test/library-tests/syntax-zoo/aliased_ssa_consistency.expected
M cpp/ql/test/library-tests/syntax-zoo/raw_consistency.expected
M cpp/ql/test/library-tests/syntax-zoo/unaliased_ssa_consistency.expected
M cpp/ql/test/query-tests/Critical/MemoryFreed/DoubleFree.expected
M cpp/ql/test/query-tests/Critical/MemoryFreed/MemoryFreed.expected
M cpp/ql/test/query-tests/Critical/MemoryFreed/UseAfterFree.expected
M cpp/ql/test/query-tests/Critical/MissingCheckScanf/MissingCheckScanf.expected
M cpp/ql/test/query-tests/Critical/MissingCheckScanf/test.cpp
A cpp/ql/test/query-tests/Diagnostics/ExtractedFiles.expected
A cpp/ql/test/query-tests/Diagnostics/ExtractedFiles.qlref
A cpp/ql/test/query-tests/Diagnostics/ExtractionErrors.expected
A cpp/ql/test/query-tests/Diagnostics/ExtractionErrors.qlref
A cpp/ql/test/query-tests/Diagnostics/ExtractionWarnings.expected
A cpp/ql/test/query-tests/Diagnostics/ExtractionWarnings.qlref
A cpp/ql/test/query-tests/Diagnostics/FailedExtractorInvocations.expected
A cpp/ql/test/query-tests/Diagnostics/FailedExtractorInvocations.qlref
A cpp/ql/test/query-tests/Diagnostics/Info.expected
A cpp/ql/test/query-tests/Diagnostics/Info.ql
A cpp/ql/test/query-tests/Diagnostics/containserror.cpp
A cpp/ql/test/query-tests/Diagnostics/containswarning.cpp
A cpp/ql/test/query-tests/Diagnostics/doesnotcompile.cpp
A cpp/ql/test/query-tests/Diagnostics/header.h
A cpp/ql/test/query-tests/Diagnostics/successful.cpp
M cpp/ql/test/query-tests/Likely Bugs/Conversion/CastArrayPointerArithmetic/CastArrayPointerArithmetic.expected
M cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.c
M cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/NonConstantFormat.expected
M cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/nested.cpp
M cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-022/SAMATE/TaintedPath/TaintedPath.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-022/semmle/tests/TaintedPath.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-078/SAMATE/ExecTainted/ExecTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-078/semmle/ExecTainted/ExecTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-079/semmle/CgiXss/CgiXss.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-114/SAMATE/UncontrolledProcessOperation/UncontrolledProcessOperation.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-114/semmle/UncontrolledProcessOperation/UncontrolledProcessOperation.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/OverflowDestination.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-119/semmle/tests/UnboundedWrite.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-120/semmle/tests/UnboundedWrite.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-129/SAMATE/ImproperArrayIndexValidation/ImproperArrayIndexValidation.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-129/semmle/ImproperArrayIndexValidation/ImproperArrayIndexValidation.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/SAMATE/UncontrolledFormatString.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/argv/argvLocal.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/consts/NonConstantFormat.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/consts/consts.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/funcs/funcsLocal.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/globalVars/UncontrolledFormatString.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-134/semmle/ifs/ifs.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/SAMATE/ArithmeticTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/SAMATE/ArithmeticUncontrolled.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/ArithmeticUncontrolled/ArithmeticUncontrolled.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/TaintedAllocationSize/TaintedAllocationSize.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/ArithmeticTainted.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-193/InvalidPointerDeref.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/AuthenticationBypass.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/CleartextBufferWrite.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/CleartextFileWrite.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/CleartextTransmission.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-311/semmle/tests/test2.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-319/UseOfHttp/UseOfHttp.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-416/semmle/tests/UseAfterFree/UseAfterFree.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/test.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-497/SAMATE/PotentiallyExposedSystemData.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/ExposedSystemData.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-497/semmle/tests/PotentiallyExposedSystemData.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-611/XXE.expected
M cpp/ql/test/query-tests/Security/CWE/CWE-704/WcharCharConversion.cpp
M cpp/ql/test/query-tests/Security/CWE/CWE-807/semmle/TaintedCondition/TaintedCondition.expected
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/cfg.expected
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/cfg.ql
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/forstmt.h
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/forstmt01.cpp
A cpp/ql/test/successor-tests/forstmt/rangebasedforstmt/forstmt02.cpp
M cpp/ql/test/successor-tests/staticlocals/no_dynamic_init/exprs.expected
M csharp/actions/create-extractor-pack/action.yml
M csharp/autobuilder/Semmle.Autobuild.CSharp.Tests/BuildScripts.cs
M csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs
A csharp/autobuilder/Semmle.Autobuild.CSharp/Constants.cs
M csharp/autobuilder/Semmle.Autobuild.CSharp/DotNetRule.cs
M csharp/autobuilder/Semmle.Autobuild.CSharp/StandaloneBuildRule.cs
M csharp/autobuilder/Semmle.Autobuild.Shared/AutobuildOptions.cs
M csharp/autobuilder/Semmle.Autobuild.Shared/Autobuilder.cs
M csharp/autobuilder/Semmle.Autobuild.Shared/BuildActions.cs
M csharp/codeql-extractor.yml
M csharp/documentation/library-coverage/coverage.csv
M csharp/documentation/library-coverage/coverage.rst
A csharp/downgrades/c9ee11bd1ee96e925a35cedff000be924634447f/old.dbscheme
A csharp/downgrades/c9ee11bd1ee96e925a35cedff000be924634447f/semmlecode.csharp.dbscheme
A csharp/downgrades/c9ee11bd1ee96e925a35cedff000be924634447f/upgrade.properties
A csharp/downgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/old.dbscheme
A csharp/downgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/semmlecode.csharp.dbscheme
A csharp/downgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/upgrade.properties
A csharp/downgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/old.dbscheme
A csharp/downgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/semmlecode.csharp.dbscheme
A csharp/downgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/types.ql
A csharp/downgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/upgrade.properties
A csharp/downgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/expressions.ql
A csharp/downgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/old.dbscheme
A csharp/downgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/semmlecode.csharp.dbscheme
A csharp/downgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/upgrade.properties
M csharp/extractor/Semmle.Extraction.CIL.Driver/Program.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/AssemblyCache.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/AssemblyInfo.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/Assets.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DependencyManager.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DotNet.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/DotNetCliInvoker.cs
A csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/EnvironmentVariableNames.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FileContent.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FileInfoExtensions.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FilePathFilter.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/FrameworkPackageNames.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/IDotNet.cs
R csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/IProgressMonitor.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackages.cs
R csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/ProgressMonitor.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/Razor.cs
M csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/Runtime.cs
M csharp/extractor/Semmle.Extraction.CSharp.Standalone/Extractor.cs
M csharp/extractor/Semmle.Extraction.CSharp.Standalone/Options.cs
M csharp/extractor/Semmle.Extraction.CSharp.Standalone/Program.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Compilations/Compilation.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Constructor.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Collections/Collection.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Collections/Spread.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ElementAccess.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Factory.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Invocation.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Method.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/NonGeneratedSourceLocation.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/PreprocessorDirectives/LineOrSpanDirective.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/PreprocessorDirectives/PragmaChecksumDirective.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Statement`1.cs
A csharp/extractor/Semmle.Extraction.CSharp/Entities/Statements/SyntheticEmptyBlock.cs
M csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/Type.cs
M csharp/extractor/Semmle.Extraction.CSharp/Extractor/Analyser.cs
M csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs
M csharp/extractor/Semmle.Extraction.CSharp/Extractor/StandaloneAnalyser.cs
M csharp/extractor/Semmle.Extraction.CSharp/Extractor/TracingAnalyser.cs
M csharp/extractor/Semmle.Extraction.CSharp/Kinds/ExprKind.cs
M csharp/extractor/Semmle.Extraction.CSharp/Kinds/TypeKind.cs
M csharp/extractor/Semmle.Extraction.CSharp/SymbolExtensions.cs
M csharp/extractor/Semmle.Extraction.CSharp/Tuples.cs
M csharp/extractor/Semmle.Extraction.Tests/Assets.cs
M csharp/extractor/Semmle.Extraction.Tests/DotNet.cs
M csharp/extractor/Semmle.Extraction.Tests/FileContent.cs
M csharp/extractor/Semmle.Extraction.Tests/FilePathFilter.cs
M csharp/extractor/Semmle.Extraction.Tests/LoggerStub.cs
M csharp/extractor/Semmle.Extraction.Tests/Options.cs
M csharp/extractor/Semmle.Extraction.Tests/Runtime.cs
M csharp/extractor/Semmle.Extraction/CsProjFile.cs
M csharp/extractor/Semmle.Extraction/Extractor/Extractor.cs
M csharp/extractor/Semmle.Extraction/Extractor/StandaloneExtractor.cs
M csharp/extractor/Semmle.Extraction/Extractor/TracingExtractor.cs
M csharp/extractor/Semmle.Extraction/Options.cs
M csharp/extractor/Semmle.Util.Tests/CanonicalPathCache.cs
M csharp/extractor/Semmle.Util.Tests/FileUtils.cs
M csharp/extractor/Semmle.Util/CommandLineExtensions.cs
M csharp/extractor/Semmle.Util/FileUtils.cs
R csharp/extractor/Semmle.Util/Logger.cs
R csharp/extractor/Semmle.Util/LoggerUtils.cs
A csharp/extractor/Semmle.Util/Logging/CombinedLogger.cs
A csharp/extractor/Semmle.Util/Logging/ConsoleLogger.cs
A csharp/extractor/Semmle.Util/Logging/FileLogger.cs
A csharp/extractor/Semmle.Util/Logging/ILogger.cs
A csharp/extractor/Semmle.Util/Logging/PidStreamWriter.cs
A csharp/extractor/Semmle.Util/Logging/Severity.cs
A csharp/extractor/Semmle.Util/Logging/Verbosity.cs
A csharp/extractor/Semmle.Util/Logging/VerbosityExtensions.cs
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.7.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.8.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.9.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.7.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.8.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.9.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/consistency-queries/DataFlowConsistency.ql
M csharp/ql/integration-tests/all-platforms/autobuild/test.py
M csharp/ql/integration-tests/all-platforms/cshtml/global.json
M csharp/ql/integration-tests/all-platforms/cshtml/test.py
M csharp/ql/integration-tests/all-platforms/cshtml_standalone/global.json
M csharp/ql/integration-tests/all-platforms/cshtml_standalone/test.py
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/Files.expected
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/Files.ql
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/Program.cs
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/Views/Home/Index.cshtml
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/cshtml.csproj
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/global.json
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_disabled/test.py
M csharp/ql/integration-tests/all-platforms/cshtml_standalone_flowsteps/test.py
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/Files.expected
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/Files.ql
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/Program.cs
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/Views/Home/Index.cshtml
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/cshtml.csproj
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/global.json
A csharp/ql/integration-tests/all-platforms/cshtml_standalone_net6/test.py
M csharp/ql/integration-tests/all-platforms/diag_dotnet_incompatible/global.json
M csharp/ql/integration-tests/all-platforms/diag_missing_project_files/global.json
M csharp/ql/integration-tests/all-platforms/diag_missing_xamarin_sdk/global.json
M csharp/ql/integration-tests/all-platforms/diag_recursive_generics/global.json
M csharp/ql/integration-tests/all-platforms/diag_recursive_generics/test.py
M csharp/ql/integration-tests/all-platforms/dotnet_build/global.json
M csharp/ql/integration-tests/all-platforms/dotnet_no_args_inject/global.json
M csharp/ql/integration-tests/all-platforms/dotnet_pack/global.json
M csharp/ql/integration-tests/all-platforms/dotnet_publish/global.json
M csharp/ql/integration-tests/all-platforms/dotnet_run/global.json
M csharp/ql/integration-tests/all-platforms/standalone/global.json
M csharp/ql/integration-tests/all-platforms/standalone/test.py
M csharp/ql/integration-tests/all-platforms/standalone_dependencies_net48/Assemblies.expected
M csharp/ql/integration-tests/all-platforms/standalone_dependencies_net48/Assemblies.ql
M csharp/ql/integration-tests/all-platforms/standalone_dependencies_net48/global.json
M csharp/ql/integration-tests/all-platforms/standalone_dependencies_net48/test.py
A csharp/ql/integration-tests/linux-only/compiler_args/CompilerArgs.expected
A csharp/ql/integration-tests/linux-only/compiler_args/CompilerArgs.ql
A csharp/ql/integration-tests/linux-only/compiler_args/Program.cs
A csharp/ql/integration-tests/linux-only/compiler_args/global.json
A csharp/ql/integration-tests/linux-only/compiler_args/test.csproj
A csharp/ql/integration-tests/linux-only/compiler_args/test.py
M csharp/ql/integration-tests/linux-only/standalone_dependencies_non_utf8_filename/global.json
M csharp/ql/integration-tests/linux-only/standalone_dependencies_non_utf8_filename/test.py
M csharp/ql/integration-tests/posix-only/dotnet_test/global.json
M csharp/ql/integration-tests/posix-only/dotnet_test_mstest/global.json
M csharp/ql/integration-tests/posix-only/inherit-env-vars/global.json
M csharp/ql/integration-tests/posix-only/standalone_dependencies/Assemblies.expected
M csharp/ql/integration-tests/posix-only/standalone_dependencies/Assemblies.ql
M csharp/ql/integration-tests/posix-only/standalone_dependencies/global.json
M csharp/ql/integration-tests/posix-only/standalone_dependencies/test.py
M csharp/ql/integration-tests/posix-only/standalone_dependencies_multi_target/Assemblies.expected
M csharp/ql/integration-tests/posix-only/standalone_dependencies_multi_target/Assemblies.ql
M csharp/ql/integration-tests/posix-only/standalone_dependencies_multi_target/global.json
M csharp/ql/integration-tests/posix-only/standalone_dependencies_multi_target/test.py
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/Assemblies.expected
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/Assemblies.ql
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/Program.cs
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/global.json
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/packages.config
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/skip-on-platform-osx-arm
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/test.py
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/test_old.csproj
A csharp/ql/integration-tests/posix-only/standalone_dependencies_no_framework/test_sdk.csproj
M csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget/Assemblies.expected
M csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget/Assemblies.ql
M csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget/global.json
M csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget/test.py
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/Assemblies.expected
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/Assemblies.ql
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/proj/Program.cs
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/proj/nuget.config
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/proj/proj.csproj
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/standalone.sln
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_config_error/test.py
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/Assemblies.expected
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/Assemblies.ql
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/nuget.config
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/proj/Program.cs
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/proj/global.json
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/proj/packages.config
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/proj/test.csproj
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/skip-on-platform-osx-arm
A csharp/ql/integration-tests/posix-only/standalone_dependencies_nuget_no_sources/test.py
M csharp/ql/integration-tests/posix-only/warn_as_error/global.json
M csharp/ql/integration-tests/posix-only/warn_as_error/test.py
M csharp/ql/integration-tests/windows-only/standalone_dependencies/Assemblies.expected
M csharp/ql/integration-tests/windows-only/standalone_dependencies/Assemblies.ql
M csharp/ql/integration-tests/windows-only/standalone_dependencies/global.json
M csharp/ql/integration-tests/windows-only/standalone_dependencies/test.py
M csharp/ql/lib/CHANGELOG.md
M csharp/ql/lib/IDEContextual.qll
R csharp/ql/lib/change-notes/2024-01-10-lambda-param-defaults.md
R csharp/ql/lib/change-notes/2024-01-11-manual-neutral-model-blocks-generated-models.md
A csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md
A csharp/ql/lib/change-notes/released/0.8.7.md
A csharp/ql/lib/change-notes/released/0.8.8.md
A csharp/ql/lib/change-notes/released/0.8.9.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll
M csharp/ql/lib/ext/System.Collections.Immutable.model.yml
M csharp/ql/lib/ext/System.Linq.model.yml
M csharp/ql/lib/ext/System.model.yml
A csharp/ql/lib/genkindenum.pl
M csharp/ql/lib/qlpack.yml
M csharp/ql/lib/semmle/code/asp/WebConfig.qll
M csharp/ql/lib/semmle/code/cil/DataFlow.qll
M csharp/ql/lib/semmle/code/cil/Instructions.qll
M csharp/ql/lib/semmle/code/cil/Ssa.qll
M csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Property.qll
M csharp/ql/lib/semmle/code/csharp/Type.qll
M csharp/ql/lib/semmle/code/csharp/XML.qll
M csharp/ql/lib/semmle/code/csharp/commons/Compilation.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/ContentDataFlow.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Access.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Expr.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/NHibernate.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/Razor.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/Owin.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll
M csharp/ql/lib/semmle/code/csharp/security/Sanitizers.qll
M csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UrlRedirectQuery.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSQuery.qll
A csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/FlowSources.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Local.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Stored.qll
M csharp/ql/lib/semmle/code/dotnet/Element.qll
M csharp/ql/lib/semmlecode.csharp.dbscheme
M csharp/ql/lib/semmlecode.csharp.dbscheme.stats
A csharp/ql/lib/upgrades/1f291d4f424b498e7500c0359ca1fe030628a448/old.dbscheme
A csharp/ql/lib/upgrades/1f291d4f424b498e7500c0359ca1fe030628a448/semmlecode.csharp.dbscheme
A csharp/ql/lib/upgrades/1f291d4f424b498e7500c0359ca1fe030628a448/upgrade.properties
A csharp/ql/lib/upgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/old.dbscheme
A csharp/ql/lib/upgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/semmlecode.csharp.dbscheme
A csharp/ql/lib/upgrades/f145a9a7275c8f457b392b2ebc9f8e07960a0ed2/upgrade.properties
A csharp/ql/lib/upgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/old.dbscheme
A csharp/ql/lib/upgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/semmlecode.csharp.dbscheme
A csharp/ql/lib/upgrades/f595d31422d7d462d2bee8c69b44341df8bdadb6/upgrade.properties
A csharp/ql/lib/upgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/old.dbscheme
A csharp/ql/lib/upgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/semmlecode.csharp.dbscheme
A csharp/ql/lib/upgrades/fc9c7ab844ab055b97222a97e895b4bf2e1f8f4e/upgrade.properties
M csharp/ql/src/CHANGELOG.md
R csharp/ql/src/Diagnostics/DiagnosticNoExtractionErrors.ql
A csharp/ql/src/Diagnostics/ExtractedFiles.ql
R csharp/ql/src/Security Features/CWE-022/TaintedPath.cs
M csharp/ql/src/Security Features/CWE-022/TaintedPath.qhelp
M csharp/ql/src/Security Features/CWE-022/ZipSlip.qhelp
R csharp/ql/src/Security Features/CWE-022/ZipSlipBad.cs
R csharp/ql/src/Security Features/CWE-022/ZipSlipGood.cs
A csharp/ql/src/Security Features/CWE-022/examples/TaintedPath.cs
A csharp/ql/src/Security Features/CWE-022/examples/TaintedPathGoodFolder.cs
A csharp/ql/src/Security Features/CWE-022/examples/TaintedPathGoodNormalize.cs
A csharp/ql/src/Security Features/CWE-022/examples/ZipSlipBad.cs
A csharp/ql/src/Security Features/CWE-022/examples/ZipSlipGood.cs
R csharp/ql/src/Security Features/CWE-601/UrlRedirect.cs
M csharp/ql/src/Security Features/CWE-601/UrlRedirect.qhelp
A csharp/ql/src/Security Features/CWE-601/examples/UrlRedirect.cs
A csharp/ql/src/Security Features/CWE-601/examples/UrlRedirectGood.cs
A csharp/ql/src/Security Features/CWE-601/examples/UrlRedirectGoodDomain.cs
M csharp/ql/src/Telemetry/ExtractorInformation.ql
A csharp/ql/src/change-notes/released/0.8.7.md
A csharp/ql/src/change-notes/released/0.8.8.md
A csharp/ql/src/change-notes/released/0.8.9.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql
M csharp/ql/src/experimental/ir/implementation/internal/AliasedSSAStub.qll
M csharp/ql/src/experimental/ir/implementation/internal/TInstructionInternal.qll
M csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll
M csharp/ql/src/experimental/ir/implementation/raw/internal/IRConstruction.qll
M csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll
M csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll
M csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstructionInternal.qll
R csharp/ql/src/genkindenum.pl
M csharp/ql/src/qlpack.yml
M csharp/ql/test/experimental/CWE-918/RequestForgery.expected
M csharp/ql/test/experimental/Security Features/CWE-759/HashWithoutSalt.expected
M csharp/ql/test/experimental/Security Features/backdoor/PotentialTimeBomb.expected
M csharp/ql/test/library-tests/cil/attributes/attribute.expected
M csharp/ql/test/library-tests/cil/dataflow/DataFlow.expected
M csharp/ql/test/library-tests/cil/dataflow/DataFlow.ql
A csharp/ql/test/library-tests/collections/CollectionExpressions.cs
A csharp/ql/test/library-tests/collections/collectionExpressions.expected
A csharp/ql/test/library-tests/collections/collectionExpressions.ql
A csharp/ql/test/library-tests/collections/options
A csharp/ql/test/library-tests/constructors/PrimaryConstructor.expected
A csharp/ql/test/library-tests/constructors/PrimaryConstructor.ql
M csharp/ql/test/library-tests/constructors/PrintAst.expected
M csharp/ql/test/library-tests/constructors/constructors.cs
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/EntryElement.expected
M csharp/ql/test/library-tests/controlflow/graph/ExitElement.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/controlflow/guards/Collections.ql
M csharp/ql/test/library-tests/controlflow/splits/SplittingStressTest.expected
M csharp/ql/test/library-tests/csharp7/GlobalFlow.expected
M csharp/ql/test/library-tests/csharp7/GlobalTaintTracking.expected
M csharp/ql/test/library-tests/csharp7/LocalTaintFlow.expected
M csharp/ql/test/library-tests/csharp7/TaintReaches.expected
M csharp/ql/test/library-tests/csharp8/NullableRefTypes.expected
M csharp/ql/test/library-tests/csharp9/PrintAst.expected
M csharp/ql/test/library-tests/csharp9/nativeInt.expected
M csharp/ql/test/library-tests/dataflow/async/Async.expected
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
M csharp/ql/test/library-tests/dataflow/collections/CollectionFlow.cs
M csharp/ql/test/library-tests/dataflow/collections/CollectionFlow.expected
A csharp/ql/test/library-tests/dataflow/constructors/ConstructorFlow.expected
A csharp/ql/test/library-tests/dataflow/constructors/ConstructorFlow.ql
A csharp/ql/test/library-tests/dataflow/constructors/Constructors.cs
M csharp/ql/test/library-tests/dataflow/delegates/DelegateFlow.cs
M csharp/ql/test/library-tests/dataflow/delegates/DelegateFlow.expected
M csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs
M csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected
M csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ext.yml
R csharp/ql/test/library-tests/dataflow/fields/C_ctor.cs
M csharp/ql/test/library-tests/dataflow/fields/E.cs
M csharp/ql/test/library-tests/dataflow/fields/FieldFlow.expected
M csharp/ql/test/library-tests/dataflow/global/DataFlowPath.expected
M csharp/ql/test/library-tests/dataflow/global/GetAnOutNode.expected
M csharp/ql/test/library-tests/dataflow/global/TaintTrackingPath.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
M csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
M csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
M csharp/ql/test/library-tests/dataflow/operators/operatorFlow.expected
M csharp/ql/test/library-tests/dataflow/ssa/Capture.cs
M csharp/ql/test/library-tests/dataflow/ssa/SSAPhi.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaCapturedVariableDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaExplicitDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaImplicitCall.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
A csharp/ql/test/library-tests/dataflow/threat-models/Test.cs
A csharp/ql/test/library-tests/dataflow/threat-models/Test.qll
A csharp/ql/test/library-tests/dataflow/threat-models/TestSources.cs
A csharp/ql/test/library-tests/dataflow/threat-models/options
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.ql
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.ext.yml
A csharp/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.ql
M csharp/ql/test/library-tests/dataflow/tuples/DataFlowStep.expected
M csharp/ql/test/library-tests/dataflow/tuples/PrintAst.expected
M csharp/ql/test/library-tests/dataflow/tuples/Tuples.expected
M csharp/ql/test/library-tests/dataflow/typeflow-dispatch/TypeFlowDispatch.expected
M csharp/ql/test/library-tests/dataflow/types/Types.expected
A csharp/ql/test/library-tests/delegates/Delegates4.expected
A csharp/ql/test/library-tests/delegates/Delegates4.ql
M csharp/ql/test/library-tests/delegates/PrintAst.expected
M csharp/ql/test/library-tests/delegates/delegates.cs
R csharp/ql/test/library-tests/diagnostics/DiagnosticNoExtractorErrors.expected
R csharp/ql/test/library-tests/diagnostics/DiagnosticNoExtractorErrors.qlref
A csharp/ql/test/library-tests/diagnostics/ExtractedFiles.expected
A csharp/ql/test/library-tests/diagnostics/ExtractedFiles.qlref
M csharp/ql/test/library-tests/expressions/AddEventExpr1.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod1.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod2.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod3.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod4.expected
M csharp/ql/test/library-tests/expressions/AnonymousMethod5.expected
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation1.expected
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation2.expected
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation3.expected
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation4.expected
A csharp/ql/test/library-tests/expressions/ArrayAccess2.expected
A csharp/ql/test/library-tests/expressions/ArrayAccess2.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation1.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation10.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation11.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation2.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation3.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation4.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation5.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation6.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation7.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation8.expected
M csharp/ql/test/library-tests/expressions/ArrayCreation9.expected
M csharp/ql/test/library-tests/expressions/As1.expected
M csharp/ql/test/library-tests/expressions/BaseAccess1.expected
M csharp/ql/test/library-tests/expressions/Call5.expected
M csharp/ql/test/library-tests/expressions/Call6.expected
M csharp/ql/test/library-tests/expressions/Call7.expected
M csharp/ql/test/library-tests/expressions/Cast1.expected
M csharp/ql/test/library-tests/expressions/ConstructorInitializer2.expected
M csharp/ql/test/library-tests/expressions/ConstructorInitializers.expected
M csharp/ql/test/library-tests/expressions/Default1.expected
M csharp/ql/test/library-tests/expressions/Default2.expected
M csharp/ql/test/library-tests/expressions/DelegateCall1.expected
M csharp/ql/test/library-tests/expressions/DelegateCall2.expected
M csharp/ql/test/library-tests/expressions/DelegateCall3.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation1.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation2.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation3.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation4.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation5.expected
M csharp/ql/test/library-tests/expressions/DelegateCreation6.expected
M csharp/ql/test/library-tests/expressions/EventAccess1.expected
M csharp/ql/test/library-tests/expressions/EventAccess2.expected
M csharp/ql/test/library-tests/expressions/EventAccess3.expected
M csharp/ql/test/library-tests/expressions/ExprsChecked1.expected
M csharp/ql/test/library-tests/expressions/ExprsUnchecked1.expected
M csharp/ql/test/library-tests/expressions/FieldAccess1.expected
M csharp/ql/test/library-tests/expressions/Is1.expected
M csharp/ql/test/library-tests/expressions/Lambda1.expected
M csharp/ql/test/library-tests/expressions/Lambda2.expected
M csharp/ql/test/library-tests/expressions/Lambda3.expected
M csharp/ql/test/library-tests/expressions/Lambda4.expected
M csharp/ql/test/library-tests/expressions/Lambda5.expected
M csharp/ql/test/library-tests/expressions/Lambda6.expected
M csharp/ql/test/library-tests/expressions/LocalConstAccess1.expected
M csharp/ql/test/library-tests/expressions/LocalFunctionAccess.expected
M csharp/ql/test/library-tests/expressions/LocalVarAccess1.expected
M csharp/ql/test/library-tests/expressions/MethodAccess.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation1.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation10.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation11.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation2.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation3.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation4.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation5.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation6.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation7.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation8.expected
M csharp/ql/test/library-tests/expressions/ObjectCreation9.expected
M csharp/ql/test/library-tests/expressions/OperatorCall1.expected
M csharp/ql/test/library-tests/expressions/OperatorCall2.expected
M csharp/ql/test/library-tests/expressions/OperatorCall3.expected
M csharp/ql/test/library-tests/expressions/OperatorCall4.expected
M csharp/ql/test/library-tests/expressions/OperatorCall5.expected
M csharp/ql/test/library-tests/expressions/OperatorCall6.expected
M csharp/ql/test/library-tests/expressions/OperatorCall7.expected
M csharp/ql/test/library-tests/expressions/ParameterAccess3.expected
M csharp/ql/test/library-tests/expressions/PrintAst.expected
M csharp/ql/test/library-tests/expressions/QualifiableExpr.expected
M csharp/ql/test/library-tests/expressions/RemoveEventExpr1.expected
M csharp/ql/test/library-tests/expressions/StripCasts.expected
M csharp/ql/test/library-tests/expressions/ThisAccess1.expected
M csharp/ql/test/library-tests/expressions/Tuples1.expected
M csharp/ql/test/library-tests/expressions/Typeof1.expected
M csharp/ql/test/library-tests/expressions/Typeof2.expected
M csharp/ql/test/library-tests/expressions/Typeof3.expected
M csharp/ql/test/library-tests/expressions/Typeof4.expected
M csharp/ql/test/library-tests/expressions/Typeof5.expected
M csharp/ql/test/library-tests/expressions/expressions.cs
M csharp/ql/test/library-tests/exprorstmtparent/Callable.expected
M csharp/ql/test/library-tests/frameworks/EntityFramework/Dataflow.expected
M csharp/ql/test/library-tests/goto/Goto1.expected
M csharp/ql/test/library-tests/nullable/NullableExpressions.expected
M csharp/ql/test/library-tests/standalone/controlflow/cfg.expected
M csharp/ql/test/library-tests/standalone/errorrecovery/DiagnosticsAndErrors.expected
M csharp/ql/test/library-tests/standalone/errorrecovery/ErrorCalls.expected
M csharp/ql/test/library-tests/structuralcomparison/structuralComparison.expected
A csharp/ql/test/library-tests/types/InlineArrays.expected
A csharp/ql/test/library-tests/types/InlineArrays.ql
M csharp/ql/test/library-tests/types/PrintAst.expected
M csharp/ql/test/library-tests/types/types.cs
M csharp/ql/test/query-tests/API Abuse/FormatInvalid/FormatInvalid.expected
M csharp/ql/test/query-tests/Likely Bugs/UnsafeYearConstruction/UnsafeYearConstruction.expected
M csharp/ql/test/query-tests/Security Features/CWE-020/UntrustedDataToExternalAPI.expected
M csharp/ql/test/query-tests/Security Features/CWE-022/TaintedPath/TaintedPath.expected
M csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/ZipSlip.expected
M csharp/ql/test/query-tests/Security Features/CWE-078/CommandInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-078/StoredCommandInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-079/StoredXSS/StoredXSS.expected
M csharp/ql/test/query-tests/Security Features/CWE-079/XSS/XSS.expected
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSAsp/XSS.expected
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Shared_Test18.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Areas_TestArea_Views_Test4_Test17.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/MyAreas_Test4_Test22.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Pages_Shared_Test21.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Template.g
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom2_Test16.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Custom_Test3_Test15.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test13.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test5.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test6.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test8.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Other_Test9.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test12.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test14.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test19.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test2.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test23.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Shared_Test3.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test1.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test10.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test11.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test12.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test14.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test2.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test2_Test3.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test4_Test20.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test1.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test3.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test4.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/Generated/Views_Test_Test7.cshtml.g.cs
M csharp/ql/test/query-tests/Security Features/CWE-079/XSSRazorPages/XSS.expected
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/TestModel.cs
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/TestPage.cshtml
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/TestPage.cshtml.g.cs
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/options
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/test.expected
A csharp/ql/test/query-tests/Security Features/CWE-079/XssPageModels/test.ql
M csharp/ql/test/query-tests/Security Features/CWE-089/SecondOrderSqlInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-090/LDAPInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-090/StoredLDAPInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-091/XMLInjection/XMLInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-094/CodeInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-099/ResourceInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-112/MissingXMLValidation.expected
M csharp/ql/test/query-tests/Security Features/CWE-114/AssemblyPathInjection/AssemblyPathInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.expected
M csharp/ql/test/query-tests/Security Features/CWE-117/LogForgingAsp.cs
M csharp/ql/test/query-tests/Security Features/CWE-134/UncontrolledFormatString.expected
M csharp/ql/test/query-tests/Security Features/CWE-201/ExposureInTransmittedData/ExposureInTransmittedData.expected
M csharp/ql/test/query-tests/Security Features/CWE-209/ExceptionInformationExposure.expected
M csharp/ql/test/query-tests/Security Features/CWE-321/HardcodedSymmetricEncryptionKey/HardcodedSymmetricEncryptionKey.expected
M csharp/ql/test/query-tests/Security Features/CWE-327/DontInstallRootCert/DontInstallRootCert.expected
M csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnection/InsecureSQLConnection.expected
M csharp/ql/test/query-tests/Security Features/CWE-338/InsecureRandomness.expected
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInput/UnsafeDeserializationUntrustedInput.expected
M csharp/ql/test/query-tests/Security Features/CWE-502/UnsafeDeserializationUntrustedInputNewtonsoftJson/UnsafeDeserializationUntrustedInput.expected
M csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.cs
M csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect.expected
A csharp/ql/test/query-tests/Security Features/CWE-601/UrlRedirect/UrlRedirect2.cs
M csharp/ql/test/query-tests/Security Features/CWE-611/UntrustedDataInsecureXml.expected
M csharp/ql/test/query-tests/Security Features/CWE-643/StoredXPathInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-643/XPathInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-730/ReDoS/ReDoS.expected
M csharp/ql/test/query-tests/Security Features/CWE-730/ReDoSGlobalTimeout/ReDoS.expected
M csharp/ql/test/query-tests/Security Features/CWE-730/RegexInjection/RegexInjection.expected
M csharp/ql/test/query-tests/Security Features/CWE-798/HardcodedCredentials.expected
M csharp/ql/test/query-tests/Security Features/CWE-807/ConditionalBypass.expected
M csharp/ql/test/query-tests/Security Features/CWE-838/InappropriateEncoding.expected
M csharp/scripts/create-extractor-pack.sh
M csharp/scripts/stubs/helpers.py
R docs/codeql/codeql-cli/about-codeql-packs.rst
R docs/codeql/codeql-cli/about-codeql-workspaces.rst
R docs/codeql/codeql-cli/about-ql-packs.rst
R docs/codeql/codeql-cli/about-the-codeql-cli.rst
R docs/codeql/codeql-cli/analyzing-databases-with-the-codeql-cli.rst
R docs/codeql/codeql-cli/codeql-cli-reference.rst
R docs/codeql/codeql-cli/creating-and-working-with-codeql-packs.rst
R docs/codeql/codeql-cli/creating-codeql-databases.rst
R docs/codeql/codeql-cli/creating-codeql-query-suites.rst
R docs/codeql/codeql-cli/exit-codes.rst
R docs/codeql/codeql-cli/extractor-options.rst
R docs/codeql/codeql-cli/getting-started-with-the-codeql-cli.rst
R docs/codeql/codeql-cli/index.rst
R docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst
R docs/codeql/codeql-cli/query-reference-files.rst
R docs/codeql/codeql-cli/sarif-output.rst
R docs/codeql/codeql-cli/specifying-command-options-in-a-codeql-configuration-file.rst
R docs/codeql/codeql-cli/testing-custom-queries.rst
R docs/codeql/codeql-cli/testing-query-help-files.rst
R docs/codeql/codeql-cli/using-custom-queries-with-the-codeql-cli.rst
R docs/codeql/codeql-cli/using-the-codeql-cli.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.10.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.11.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.11.6.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.12.4.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.12.7.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.13.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.13.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.14.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.14.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.14.6.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.15.4.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.15.5.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.16.0.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.16.1.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.16.2.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.4.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.4.6.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.1.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.2.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.4.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.5.9.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.6.3.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.7.6.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.8.5.rst
M docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.9.4.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M docs/codeql/contents.rst
M docs/codeql/index.html
M docs/codeql/reusables/supported-frameworks.rst
M docs/codeql/reusables/supported-versions-compilers.rst
M go/codeql-extractor.yml
M go/documentation/library-coverage/coverage.csv
M go/documentation/library-coverage/coverage.rst
M go/documentation/library-coverage/frameworks.csv
A go/extractor/autobuilder/build-environment.go
A go/extractor/autobuilder/build-environment_test.go
M go/extractor/cli/go-autobuilder/go-autobuilder.go
M go/extractor/cli/go-autobuilder/go-autobuilder_test.go
M go/extractor/diagnostics/diagnostics.go
M go/extractor/extractor.go
M go/extractor/go.mod
M go/extractor/go.sum
M go/extractor/gomodextractor.go
A go/extractor/project/project.go
A go/extractor/toolchain/toolchain.go
A go/extractor/toolchain/toolchain_test.go
M go/extractor/vendor/golang.org/x/tools/go/packages/doc.go
M go/extractor/vendor/golang.org/x/tools/go/packages/external.go
M go/extractor/vendor/golang.org/x/tools/go/packages/golist.go
M go/extractor/vendor/golang.org/x/tools/go/packages/packages.go
M go/extractor/vendor/golang.org/x/tools/internal/gcimporter/iimport.go
M go/extractor/vendor/modules.txt
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/0.0.6.md
A go/ql/consistency-queries/change-notes/released/0.0.7.md
A go/ql/consistency-queries/change-notes/released/0.0.8.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
R go/ql/lib/change-notes/2023-09-18-add-support-for-fasthttp-framework.md
R go/ql/lib/change-notes/2024-01-09-fmt-apprender-or-sprinter-deprecated.md
A go/ql/lib/change-notes/released/0.7.7.md
A go/ql/lib/change-notes/released/0.7.8.md
A go/ql/lib/change-notes/released/0.7.9.md
M go/ql/lib/codeql-pack.release.yml
A go/ql/lib/ext/github.com.cristalhq.jwt.model.yml
A go/ql/lib/ext/github.com.dgrijalva.jwt-go.model.yml
A go/ql/lib/ext/github.com.form3tech-oss.jwt-go.model.yml
A go/ql/lib/ext/github.com.go-chi.jwtauth.model.yml
A go/ql/lib/ext/github.com.go-jose.go-jose.model.yml
A go/ql/lib/ext/github.com.go-kit.kit.auth.jwt.model.yml
A go/ql/lib/ext/github.com.golang-jwt.jwt.model.yml
A go/ql/lib/ext/github.com.kataras.iris.middleware.jwt.model.yml
A go/ql/lib/ext/github.com.kataras.jwt.model.yml
A go/ql/lib/ext/github.com.lestrrat-go.jwx.jwk.model.yml
A go/ql/lib/ext/github.com.lestrrat-go.jwx.model.yml
A go/ql/lib/ext/github.com.lestrrat.go-jwx.jwk.model.yml
A go/ql/lib/ext/github.com.ory.fosite.token.jwt.model.yml
A go/ql/lib/ext/gopkg.in.square.go-jose.model.yml
A go/ql/lib/ext/math.big.model.yml
M go/ql/lib/go.qll
M go/ql/lib/ideContextual.qll
M go/ql/lib/qlpack.yml
M go/ql/lib/semmle/go/Files.qll
M go/ql/lib/semmle/go/Util.qll
M go/ql/lib/semmle/go/concepts/HTTP.qll
A go/ql/lib/semmle/go/frameworks/AwsLambda.qll
M go/ql/lib/semmle/go/frameworks/Gin.qll
A go/ql/lib/semmle/go/frameworks/GoJose.qll
A go/ql/lib/semmle/go/frameworks/Gogf.qll
M go/ql/lib/semmle/go/frameworks/Iris.qll
A go/ql/lib/semmle/go/frameworks/Jwt.qll
M go/ql/lib/semmle/go/frameworks/NoSQL.qll
M go/ql/lib/semmle/go/frameworks/Stdlib.qll
M go/ql/lib/semmle/go/security/ExternalAPIs.qll
A go/ql/lib/semmle/go/security/HardcodedCredentials.qll
A go/ql/lib/semmle/go/security/MissingJwtSignatureCheck.qll
A go/ql/lib/semmle/go/security/MissingJwtSignatureCheckCustomizations.qll
M go/ql/lib/semmle/go/security/Xss.qll
M go/ql/src/CHANGELOG.md
A go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.qhelp
A go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql
A go/ql/src/Security/CWE-347/MissingJwtSignatureCheckBad.go
A go/ql/src/Security/CWE-347/MissingJwtSignatureCheckGood.go
M go/ql/src/Security/CWE-798/HardcodedCredentials.ql
R go/ql/src/change-notes/2024-01-09-cleartext-logging-new-sources-and-sinks.md
R go/ql/src/change-notes/2024-01-10-insecure-randomness-index-flowstep.md
A go/ql/src/change-notes/released/0.7.7.md
A go/ql/src/change-notes/released/0.7.8.md
A go/ql/src/change-notes/released/0.7.9.md
M go/ql/src/codeql-pack.release.yml
R go/ql/src/experimental/CWE-321/HardcodedKeys.qhelp
R go/ql/src/experimental/CWE-321/HardcodedKeys.ql
R go/ql/src/experimental/CWE-321/HardcodedKeysBad.go
R go/ql/src/experimental/CWE-321/HardcodedKeysGood.go
R go/ql/src/experimental/CWE-321/HardcodedKeysLib.qll
R go/ql/src/experimental/CWE-347/Example.go
R go/ql/src/experimental/CWE-347/ParseJWTWithoutVerification.qhelp
R go/ql/src/experimental/CWE-347/ParseJWTWithoutVerification.ql
M go/ql/src/qlpack.yml
M go/ql/test/experimental/CWE-090/LDAPInjection.expected
M go/ql/test/experimental/CWE-1004/CookieWithoutHttpOnly.expected
M go/ql/test/experimental/CWE-203/Timing.expected
M go/ql/test/experimental/CWE-287/ImproperLdapAuth.expected
M go/ql/test/experimental/CWE-321-V2/HardCodedKeys.expected
R go/ql/test/experimental/CWE-321/HardcodedKeys.expected
R go/ql/test/experimental/CWE-321/HardcodedKeys.qlref
R go/ql/test/experimental/CWE-321/HardcodedKeysBad.go
R go/ql/test/experimental/CWE-321/HardcodedKeysGood.go
R go/ql/test/experimental/CWE-321/go.mod
R go/ql/test/experimental/CWE-321/main.go
R go/ql/test/experimental/CWE-321/sanitizer.go
R go/ql/test/experimental/CWE-321/vendor/github.com/appleboy/gin-jwt/v2/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/cristalhq/jwt/v3/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/gin-gonic/gin/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/go-kit/kit/auth/jwt/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/gogf/gf-jwt/v2/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/golang-jwt/jwt/v4/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/iris-contrib/middleware/jwt/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/kataras/iris/v12/middleware/jwt/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/kataras/jwt/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/lestrrat/go-jwx/jwk/stub.go
R go/ql/test/experimental/CWE-321/vendor/github.com/square/go-jose/v3/stub.go
R go/ql/test/experimental/CWE-321/vendor/gopkg.in/square/go-jose.v2/stub.go
R go/ql/test/experimental/CWE-321/vendor/modules.txt
R go/ql/test/experimental/CWE-347/ParseJWTWithoutVerification.expected
R go/ql/test/experimental/CWE-347/ParseJWTWithoutVerification.qlref
R go/ql/test/experimental/CWE-347/go-jose.v3.go
R go/ql/test/experimental/CWE-347/go.mod
R go/ql/test/experimental/CWE-347/golang-jwt-v5.go
R go/ql/test/experimental/CWE-347/vendor/github.com/go-jose/go-jose/v3/jwt/stub.go
R go/ql/test/experimental/CWE-347/vendor/github.com/golang-jwt/jwt/v5/stub.go
R go/ql/test/experimental/CWE-347/vendor/modules.txt
M go/ql/test/experimental/CWE-369/DivideByZero.expected
M go/ql/test/experimental/CWE-74/DsnInjection.expected
M go/ql/test/experimental/CWE-74/DsnInjectionLocal.expected
M go/ql/test/experimental/CWE-79/HTMLTemplateEscapingPassthrough.expected
M go/ql/test/experimental/CWE-918/SSRF.expected
M go/ql/test/experimental/Unsafe/WrongUsageOfUnsafe.expected
M go/ql/test/library-tests/semmle/go/Function/TypeParamType.expected
M go/ql/test/library-tests/semmle/go/dataflow/ChannelField/test.expected
M go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.expected
M go/ql/test/library-tests/semmle/go/dataflow/HiddenNodes/test.expected
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/go.mod
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.expected
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.go
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/vendor/github.com/aws/aws-lambda-go/lambda/stub.go
A go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/vendor/modules.txt
M go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.expected
M go/ql/test/library-tests/semmle/go/frameworks/BeegoOrm/SqlInjection.expected
M go/ql/test/library-tests/semmle/go/frameworks/BeegoOrm/StoredXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Chi/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Echo/OpenRedirect.expected
M go/ql/test/library-tests/semmle/go/frameworks/Echo/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Echo/TaintedPath.expected
M go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.expected
M go/ql/test/library-tests/semmle/go/frameworks/Gin/TaintedPath.expected
M go/ql/test/library-tests/semmle/go/frameworks/GoMicro/LogInjection.expected
M go/ql/test/library-tests/semmle/go/frameworks/Gorestful/gorestful.expected
M go/ql/test/library-tests/semmle/go/frameworks/Revel/OpenRedirect.expected
M go/ql/test/library-tests/semmle/go/frameworks/Revel/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/Revel/TaintedPath.expected
M go/ql/test/library-tests/semmle/go/frameworks/Twirp/RequestForgery.expected
M go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/ReflectedXss.expected
M go/ql/test/library-tests/semmle/go/frameworks/XNetHtml/SqlInjection.expected
M go/ql/test/query-tests/InconsistentCode/UnhandledCloseWritableHandle/UnhandledCloseWritableHandle.expected
M go/ql/test/query-tests/Security/CWE-020/IncompleteHostnameRegexp/IncompleteHostnameRegexp.expected
M go/ql/test/query-tests/Security/CWE-022/TaintedPath.expected
M go/ql/test/query-tests/Security/CWE-022/UnsafeUnzipSymlink.expected
M go/ql/test/query-tests/Security/CWE-022/ZipSlip.expected
M go/ql/test/query-tests/Security/CWE-078/CommandInjection.expected
M go/ql/test/query-tests/Security/CWE-078/StoredCommand.expected
M go/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected
M go/ql/test/query-tests/Security/CWE-079/StoredXss.expected
M go/ql/test/query-tests/Security/CWE-089/SqlInjection.expected
M go/ql/test/query-tests/Security/CWE-089/StringBreak.expected
M go/ql/test/query-tests/Security/CWE-190/AllocationSizeOverflow.expected
M go/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
M go/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
M go/ql/test/query-tests/Security/CWE-322/InsecureHostKeyCallback.expected
M go/ql/test/query-tests/Security/CWE-326/InsufficientKeySize.expected
M go/ql/test/query-tests/Security/CWE-327/UnsafeTLS.expected
M go/ql/test/query-tests/Security/CWE-327/WeakCryptoAlgorithm.expected
M go/ql/test/query-tests/Security/CWE-338/InsecureRandomness/InsecureRandomness.expected
A go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.expected
A go/ql/test/query-tests/Security/CWE-347/MissingJwtSignatureCheck.qlref
A go/ql/test/query-tests/Security/CWE-347/go-jose.v3.go
A go/ql/test/query-tests/Security/CWE-347/go.mod
A go/ql/test/query-tests/Security/CWE-347/golang-jwt-v5.go
A go/ql/test/query-tests/Security/CWE-347/vendor/github.com/go-jose/go-jose/v3/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-347/vendor/github.com/golang-jwt/jwt/v5/stub.go
A go/ql/test/query-tests/Security/CWE-347/vendor/modules.txt
M go/ql/test/query-tests/Security/CWE-352/ConstantOauth2State.expected
M go/ql/test/query-tests/Security/CWE-601/BadRedirectCheck/BadRedirectCheck.expected
M go/ql/test/query-tests/Security/CWE-601/OpenUrlRedirect/OpenUrlRedirect.expected
M go/ql/test/query-tests/Security/CWE-640/EmailInjection.expected
M go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected
M go/ql/test/query-tests/Security/CWE-798/HardcodedCredentials.expected
A go/ql/test/query-tests/Security/CWE-798/HardcodedKeysBad.go
A go/ql/test/query-tests/Security/CWE-798/HardcodedKeysGood.go
A go/ql/test/query-tests/Security/CWE-798/go.mod
A go/ql/test/query-tests/Security/CWE-798/jwt.go
A go/ql/test/query-tests/Security/CWE-798/sanitizer.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/appleboy/gin-jwt/v2/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/cristalhq/jwt/v3/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/gin-gonic/gin/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/go-kit/kit/auth/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/gogf/gf-jwt/v2/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/golang-jwt/jwt/v4/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/iris-contrib/middleware/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/kataras/iris/v12/middleware/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/kataras/jwt/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/lestrrat/go-jwx/jwk/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/github.com/square/go-jose/v3/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/gopkg.in/square/go-jose.v2/stub.go
A go/ql/test/query-tests/Security/CWE-798/vendor/modules.txt
M go/ql/test/query-tests/Security/CWE-918/RequestForgery.expected
M java/documentation/library-coverage/coverage.csv
M java/documentation/library-coverage/coverage.rst
M java/kotlin-extractor/kotlin_plugin_versions.py
M java/kotlin-extractor/src/main/kotlin/KotlinExtractorExtension.kt
M java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt
M java/kotlin-extractor/src/main/kotlin/comments/CommentExtractor.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_5_0/JvmDefaultModeEnabled.kt
M java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_9_0-Beta/CommentExtractorLighterAST.kt
R java/kotlin-extractor/src/main/kotlin/utils/versions/v_2.0.0-Beta1/IrSymbolInternals.kt
R java/kotlin-extractor/src/main/kotlin/utils/versions/v_2.0.0-Beta1/JavaBinarySourceElement.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/IrSymbolInternals.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/JavaBinarySourceElement.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/JvmDefaultModeEnabled.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/Psi2Ir.kt
A java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_0-Beta4/parents.kt
R java/kotlin-extractor/src/main/kotlin/utils/versions/v_2_0_255-SNAPSHOT/parents.kt
M java/ql/automodel/src/AutomodelApplicationModeCharacteristics.qll
M java/ql/automodel/src/AutomodelApplicationModeExtractCandidates.ql
M java/ql/automodel/src/AutomodelApplicationModeExtractNegativeExamples.ql
M java/ql/automodel/src/AutomodelApplicationModeExtractPositiveExamples.ql
M java/ql/automodel/src/AutomodelFrameworkModeCharacteristics.qll
M java/ql/automodel/src/AutomodelFrameworkModeExtractCandidates.ql
M java/ql/automodel/src/AutomodelFrameworkModeExtractNegativeExamples.ql
M java/ql/automodel/src/AutomodelFrameworkModeExtractPositiveExamples.ql
M java/ql/automodel/src/AutomodelJavaUtil.qll
M java/ql/automodel/src/AutomodelSharedCharacteristics.qll
M java/ql/automodel/src/CHANGELOG.md
A java/ql/automodel/src/change-notes/released/0.0.13.md
A java/ql/automodel/src/change-notes/released/0.0.14.md
A java/ql/automodel/src/change-notes/released/0.0.15.md
A java/ql/automodel/src/change-notes/released/0.0.16.md
M java/ql/automodel/src/codeql-pack.release.yml
M java/ql/automodel/src/qlpack.yml
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractCandidates.expected
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractCandidates.qlref
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractNegativeExamples.expected
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractNegativeExamples.qlref
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractPositiveExamples.expected
R java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractPositiveExamples.qlref
A java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractionTests.expected
A java/ql/automodel/test/AutomodelApplicationModeExtraction/AutomodelApplicationModeExtractionTests.ql
M java/ql/automodel/test/AutomodelApplicationModeExtraction/PluginImpl.java
M java/ql/automodel/test/AutomodelApplicationModeExtraction/Test.java
A java/ql/automodel/test/AutomodelExtractionTests.qll
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractCandidates.expected
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractCandidates.qlref
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractNegativeExamples.expected
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractNegativeExamples.qlref
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractPositiveExamples.expected
R java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractPositiveExamples.qlref
A java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractionTests.expected
A java/ql/automodel/test/AutomodelFrameworkModeExtraction/AutomodelFrameworkModeExtractionTests.ql
A java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/MyWriter.java
M java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicClass.java
M java/ql/automodel/test/AutomodelFrameworkModeExtraction/com/github/codeql/test/PublicInterface.java
M java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/io/File.java
M java/ql/automodel/test/AutomodelFrameworkModeExtraction/java/nio/file/Files.java
M java/ql/automodel/test/qlpack.yml
M java/ql/integration-tests/all-platforms/java/buildless-gradle/diagnostics.expected
M java/ql/integration-tests/all-platforms/java/buildless-maven-multimodule/diagnostics.expected
R java/ql/integration-tests/all-platforms/java/buildless-maven/buildless-fetches.actual
M java/ql/integration-tests/all-platforms/java/buildless-maven/diagnostics.expected
R java/ql/integration-tests/all-platforms/java/buildless-maven/test.actual
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/buildless-fetches.expected
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/diagnostics.expected
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/force_sequential_test_execution
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/.gitattributes
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/.gitignore
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/build.gradle
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradle/verification-metadata.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradle/wrapper/gradle-wrapper.jar
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradle/wrapper/gradle-wrapper.properties
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradlew
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/gradlew.bat
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/settings.gradle
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/src/main/java/com/example/App.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample/src/test/java/com/example/AppTest.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/.gitattributes
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/.gitignore
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/build.gradle
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradle/verification-metadata.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradle/wrapper/gradle-wrapper.jar
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradle/wrapper/gradle-wrapper.properties
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradlew
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/gradlew.bat
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/settings.gradle
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/src/main/java/com/example/App2.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/gradle-sample2/src/test/java/com/example/AppTest2.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/pom.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/main/java/com/example/App3.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/main/resources/my-app.properties
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/main/resources/page.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/main/resources/struts.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-1/src/test/java/com/example/AppTest3.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/pom.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/main/java/com/example/App4.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/main/resources/my-app.properties
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/main/resources/page.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/main/resources/struts.xml
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/maven-project-2/src/test/java/com/example/AppTest4.java
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/test.expected
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/test.py
A java/ql/integration-tests/all-platforms/java/buildless-sibling-projects/test.ql
M java/ql/integration-tests/all-platforms/kotlin/kotlin_java_static_fields/test.expected
A java/ql/integration-tests/all-platforms/kotlin/path_transformer/classes.expected
A java/ql/integration-tests/all-platforms/kotlin/path_transformer/classes.ql
A java/ql/integration-tests/all-platforms/kotlin/path_transformer/kotlin_source.kt
A java/ql/integration-tests/all-platforms/kotlin/path_transformer/test.py
M java/ql/lib/CHANGELOG.md
M java/ql/lib/IDEContextual.qll
R java/ql/lib/change-notes/2024-01-02-gson-model-updates.md
R java/ql/lib/change-notes/2024-01-06-regex-flag-parsing.md
R java/ql/lib/change-notes/2024-01-10-new-jdk-models.md
A java/ql/lib/change-notes/released/0.8.7.md
A java/ql/lib/change-notes/released/0.8.8.md
A java/ql/lib/change-notes/released/0.8.9.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/ext/android.app.model.yml
M java/ql/lib/ext/androidx.core.app.model.yml
M java/ql/lib/ext/com.fasterxml.jackson.databind.model.yml
M java/ql/lib/ext/java.awt.model.yml
M java/ql/lib/ext/java.io.model.yml
M java/ql/lib/ext/java.lang.model.yml
M java/ql/lib/ext/java.net.http.model.yml
M java/ql/lib/ext/java.net.model.yml
M java/ql/lib/ext/java.nio.file.model.yml
M java/ql/lib/ext/java.util.zip.model.yml
M java/ql/lib/ext/javax.servlet.http.model.yml
M java/ql/lib/ext/javax.servlet.model.yml
M java/ql/lib/ext/org.apache.commons.io.model.yml
M java/ql/lib/ext/org.apache.hadoop.fs.model.yml
A java/ql/lib/ext/org.apache.hadoop.fs.s3a.model.yml
M java/ql/lib/ext/org.eclipse.jetty.client.model.yml
M java/ql/lib/ext/org.gradle.api.file.model.yml
M java/ql/lib/qlpack.yml
M java/ql/lib/semmle/code/java/Expr.qll
M java/ql/lib/semmle/code/java/J2EE.qll
M java/ql/lib/semmle/code/java/JMX.qll
M java/ql/lib/semmle/code/java/NumberFormatException.qll
M java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
M java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
M java/ql/lib/semmle/code/java/deadcode/DeadField.qll
M java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll
M java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll
M java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll
M java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll
M java/ql/lib/semmle/code/java/frameworks/Camel.qll
M java/ql/lib/semmle/code/java/frameworks/JAXB.qll
M java/ql/lib/semmle/code/java/frameworks/Servlets.qll
M java/ql/lib/semmle/code/java/frameworks/UnboundId.qll
M java/ql/lib/semmle/code/java/frameworks/android/Intent.qll
A java/ql/lib/semmle/code/java/frameworks/android/Layout.qll
M java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll
M java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll
M java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll
M java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll
A java/ql/lib/semmle/code/java/security/AndroidLocalAuthQuery.qll
M java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll
M java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
M java/ql/lib/semmle/code/java/security/Encryption.qll
M java/ql/lib/semmle/code/java/security/ExecTaintedLocalQuery.qll
M java/ql/lib/semmle/code/java/security/HttpsUrlsQuery.qll
M java/ql/lib/semmle/code/java/security/JndiInjectionQuery.qll
M java/ql/lib/semmle/code/java/security/LdapInjection.qll
M java/ql/lib/semmle/code/java/security/LogInjection.qll
M java/ql/lib/semmle/code/java/security/OgnlInjectionQuery.qll
R java/ql/lib/semmle/code/java/security/OverlyLargeRangeQuery.qll
M java/ql/lib/semmle/code/java/security/PathCreation.qll
M java/ql/lib/semmle/code/java/security/PathSanitizer.qll
M java/ql/lib/semmle/code/java/security/RequestForgery.qll
M java/ql/lib/semmle/code/java/security/ResponseSplittingQuery.qll
A java/ql/lib/semmle/code/java/security/Sanitizers.qll
M java/ql/lib/semmle/code/java/security/SensitiveKeyboardCacheQuery.qll
M java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
A java/ql/lib/semmle/code/java/security/SensitiveUiQuery.qll
M java/ql/lib/semmle/code/java/security/SqlConcatenatedQuery.qll
M java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll
M java/ql/lib/semmle/code/java/security/SqlTaintedLocalQuery.qll
M java/ql/lib/semmle/code/java/security/StaticInitializationVectorQuery.qll
M java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll
M java/ql/lib/semmle/code/java/security/TemplateInjection.qll
M java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
M java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll
M java/ql/lib/semmle/code/java/security/UrlRedirect.qll
M java/ql/lib/semmle/code/java/security/UrlRedirectQuery.qll
M java/ql/lib/semmle/code/java/security/XmlParsers.qll
M java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll
M java/ql/lib/semmle/code/java/security/ZipSlipQuery.qll
R java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll
R java/ql/lib/semmle/code/java/security/regexp/NfaUtils.qll
M java/ql/lib/semmle/code/java/security/regexp/PolynomialReDoSQuery.qll
R java/ql/lib/semmle/code/java/security/regexp/SuperlinearBackTracking.qll
M java/ql/lib/semmle/code/xml/XML.qll
M java/ql/src/CHANGELOG.md
R java/ql/src/Security/CWE/CWE-022/TaintedPath.java
M java/ql/src/Security/CWE/CWE-022/TaintedPath.qhelp
M java/ql/src/Security/CWE/CWE-022/TaintedPath.ql
R java/ql/src/Security/CWE/CWE-022/TaintedPathGood.java
M java/ql/src/Security/CWE/CWE-022/TaintedPathLocal.ql
M java/ql/src/Security/CWE/CWE-022/ZipSlip.qhelp
R java/ql/src/Security/CWE/CWE-022/ZipSlipBad.java
R java/ql/src/Security/CWE/CWE-022/ZipSlipGood.java
A java/ql/src/Security/CWE/CWE-022/examples/TaintedPath.java
A java/ql/src/Security/CWE/CWE-022/examples/TaintedPathGoodFolder.java
A java/ql/src/Security/CWE/CWE-022/examples/TaintedPathGoodNormalize.java
A java/ql/src/Security/CWE/CWE-022/examples/ZipSlipBad.java
A java/ql/src/Security/CWE/CWE-022/examples/ZipSlipGood.java
M java/ql/src/Security/CWE/CWE-074/JndiInjection.qhelp
M java/ql/src/Security/CWE/CWE-078/ExecRelative.ql
M java/ql/src/Security/CWE/CWE-113/NettyRequestSplitting.java
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveNotifications.java
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveNotifications.qhelp
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveNotifications.ql
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextBad.java
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextField.qhelp
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextField.ql
A java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextGood.java
M java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureKeys.qhelp
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureKeys.ql
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureKeysBad.java
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureKeysGood.java
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthentication.qhelp
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthentication.ql
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthenticationBad.java
A java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthenticationGood.java
R java/ql/src/change-notes/2024-01-09-environment-variable-injection-query.md
R java/ql/src/change-notes/2024-01-11-manual-neutral-model-blocks-generated-models.md
A java/ql/src/change-notes/2024-02-12-android-insecure-keys.md
M java/ql/src/change-notes/released/0.8.6.md
A java/ql/src/change-notes/released/0.8.7.md
A java/ql/src/change-notes/released/0.8.8.md
A java/ql/src/change-notes/released/0.8.9.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-078/CommandInjectionRuntimeExec.qll
M java/ql/src/experimental/Security/CWE/CWE-089/MyBatisAnnotationSqlInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql
M java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql
M java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll
M java/ql/src/qlpack.yml
M java/ql/test-kotlin2/library-tests/arrays/arrayAccesses.expected
M java/ql/test-kotlin2/library-tests/arrays/assignExprs.expected
M java/ql/test-kotlin2/library-tests/comments/comments.expected
M java/ql/test-kotlin2/library-tests/comments/comments.kt
M java/ql/test-kotlin2/library-tests/controlflow/basic/bbStmts.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/bbStrictDominance.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/bbSuccessor.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/getASuccessor.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/strictDominance.expected
M java/ql/test-kotlin2/library-tests/controlflow/basic/strictPostDominance.expected
M java/ql/test-kotlin2/library-tests/controlflow/dominance/dominator.expected
M java/ql/test-kotlin2/library-tests/data-classes/PrintAst.expected
M java/ql/test-kotlin2/library-tests/data-classes/callees.expected
M java/ql/test-kotlin2/library-tests/dataflow/func/kotlinx_coroutines_stubs.kt
M java/ql/test-kotlin2/library-tests/exprs/binop.expected
M java/ql/test-kotlin2/library-tests/exprs/exprs.expected
M java/ql/test-kotlin2/library-tests/exprs/funcExprs.expected
M java/ql/test-kotlin2/library-tests/exprs/unaryOp.expected
M java/ql/test-kotlin2/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin2/library-tests/methods/exprs.expected
M java/ql/test-kotlin2/library-tests/methods/methods.expected
M java/ql/test-kotlin2/library-tests/methods/parameters.expected
R java/ql/test-kotlin2/library-tests/ministdlib/MiniStdLib.kt
R java/ql/test-kotlin2/library-tests/ministdlib/MyClass.kt
R java/ql/test-kotlin2/library-tests/ministdlib/classes.expected
R java/ql/test-kotlin2/library-tests/ministdlib/classes.ql
R java/ql/test-kotlin2/library-tests/ministdlib/options
M java/ql/test-kotlin2/library-tests/multiple_files/method_accesses.expected
M java/ql/test-kotlin2/library-tests/operator-overloads/PrintAst.expected
M java/ql/test-kotlin2/library-tests/parameter-defaults/defaults.expected
M java/ql/test-kotlin2/library-tests/stmts/PrintAst.expected
M java/ql/test-kotlin2/library-tests/stmts/exprs.expected
M java/ql/test-kotlin2/library-tests/stmts/stmts.expected
M java/ql/test/experimental/query-tests/security/CWE-020/Log4jInjectionTest.expected
M java/ql/test/experimental/query-tests/security/CWE-073/FilePathInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-078/CommandInjectionRuntimeExecLocal.expected
M java/ql/test/experimental/query-tests/security/CWE-078/ExecTainted.expected
M java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisMapperXmlSqlInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/BeanShellInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/JShellInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/JakartaExpressionInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/JythonInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-094/ScriptInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-1004/SensitiveCookieNotHttpOnly.expected
M java/ql/test/experimental/query-tests/security/CWE-200/InsecureWebResourceResponse.expected
M java/ql/test/experimental/query-tests/security/CWE-200/SensitiveAndroidFileLeak.expected
M java/ql/test/experimental/query-tests/security/CWE-208/NotConstantTimeCheckOnSignature/Test.expected
M java/ql/test/experimental/query-tests/security/CWE-208/TimingAttackAgainstSignagure/Test.expected
M java/ql/test/experimental/query-tests/security/CWE-299/DisabledRevocationChecking.expected
M java/ql/test/experimental/query-tests/security/CWE-327/UnsafeTlsVersion.expected
M java/ql/test/experimental/query-tests/security/CWE-346/UnvalidatedCors.expected
M java/ql/test/experimental/query-tests/security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.expected
M java/ql/test/experimental/query-tests/security/CWE-352/JsonpInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-400/LocalThreadResourceAbuse.expected
M java/ql/test/experimental/query-tests/security/CWE-400/ThreadResourceAbuse.expected
M java/ql/test/experimental/query-tests/security/CWE-470/LoadClassNoSignatureCheck.expected
M java/ql/test/experimental/query-tests/security/CWE-470/UnsafeReflection.expected
M java/ql/test/experimental/query-tests/security/CWE-502/UnsafeDeserializationRmi.expected
M java/ql/test/experimental/query-tests/security/CWE-552/UnsafeUrlForward.expected
M java/ql/test/experimental/query-tests/security/CWE-598/SensitiveGetQuery.expected
M java/ql/test/experimental/query-tests/security/CWE-600/UncaughtServletException.expected
M java/ql/test/experimental/query-tests/security/CWE-601/SpringUrlRedirect.expected
M java/ql/test/experimental/query-tests/security/CWE-625/PermissiveDotRegex.expected
M java/ql/test/experimental/query-tests/security/CWE-652/XQueryInjection.expected
M java/ql/test/experimental/query-tests/security/CWE-755/NFEAndroidDoS.expected
M java/ql/test/experimental/query-tests/security/CWE-759/HashWithoutSalt.expected
M java/ql/test/library-tests/dataflow/call-sensitivity/flow.expected
A java/ql/test/library-tests/dataflow/flowfeature/A.java
A java/ql/test/library-tests/dataflow/flowfeature/flow.expected
A java/ql/test/library-tests/dataflow/flowfeature/flow.ql
M java/ql/test/library-tests/dataflow/inoutbarriers/A.java
M java/ql/test/library-tests/dataflow/inoutbarriers/test.expected
M java/ql/test/library-tests/dataflow/inoutbarriers/test.ql
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest1.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest2.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest3.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest4.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest5.expected
M java/ql/test/library-tests/dataflow/threat-models/threat-models-flowtest6.expected
M java/ql/test/library-tests/frameworks/JaxWs/UrlRedirect.expected
M java/ql/test/library-tests/frameworks/android/notification/Test.java
M java/ql/test/library-tests/neutrals/neutralsinks/Test.java
M java/ql/test/library-tests/pathcreation/PathCreation.expected
M java/ql/test/library-tests/pathsanitizer/Test.java
M java/ql/test/library-tests/pathsanitizer/TestKt.kt
M java/ql/test/library-tests/properties/Properties.expected
A java/ql/test/library-tests/properties/largeKey.properties
M java/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.expected
M java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected
M java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.java
A java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.ql
R java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.qlref
M java/ql/test/query-tests/security/CWE-022/semmle/tests/Test.java
M java/ql/test/query-tests/security/CWE-022/semmle/tests/ZipSlip.expected
R java/ql/test/query-tests/security/CWE-022/semmle/tests/mad/Test.java
M java/ql/test/query-tests/security/CWE-078/ExecTaintedLocal.expected
M java/ql/test/query-tests/security/CWE-089/semmle/examples/SqlTaintedLocal.expected
M java/ql/test/query-tests/security/CWE-090/LdapInjection.expected
M java/ql/test/query-tests/security/CWE-094/InsecureBeanValidation.expected
M java/ql/test/query-tests/security/CWE-113/semmle/tests/ResponseSplitting.expected
M java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionCodeSpecified.expected
M java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionLocal.expected
M java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexCodeSpecified.expected
M java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexLocal.expected
M java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatString.expected
M java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatStringLocal.expected
M java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected
M java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticUncontrolled.expected
M java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticWithExtremeValues.expected
R java/ql/test/query-tests/security/CWE-200/semmle/tests/Files.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveNotification/Test.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveNotification/options
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveNotification/test.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveNotification/test.ql
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/AndroidManifest.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/R.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/Test.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/options
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/res/layout/Test.xml
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/test.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/SensitiveTextView/test.ql
R java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure.expected
R java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/Files.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/TempDirLocalInformationDisclosure.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/TempDirLocalInformationDisclosure.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/Test.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/TestSafe.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure/options
R java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java
R java/ql/test/query-tests/security/CWE-200/semmle/tests/TestSafe.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewContentAccess.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewContentAccess.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewContentAccess.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewFileAccess.expected
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewFileAccess.java
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/WebViewFileAccess.qlref
A java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewAccess/options
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewFileAccess.expected
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewFileAccess.java
R java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewFileAccess.qlref
R java/ql/test/query-tests/security/CWE-200/semmle/tests/options
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/InsecureKeys.expected
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/InsecureKeys.ql
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/Test.java
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/options
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test2/InsecureKeys.expected
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test2/InsecureKeys.ql
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test2/Test.java
A java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test2/options
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/InsecureLocalAuth.expected
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/InsecureLocalAuth.ql
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/Test.java
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/Test2.java
A java/ql/test/query-tests/security/CWE-287/InsecureLocalAuth/options
M java/ql/test/query-tests/security/CWE-297/UnsafeHostnameVerification.expected
M java/ql/test/query-tests/security/CWE-311/CWE-319/HttpsUrls.expected
M java/ql/test/query-tests/security/CWE-327/semmle/tests/BrokenCryptoAlgorithm.expected
M java/ql/test/query-tests/security/CWE-601/semmle/tests/UrlRedirect.expected
M java/ql/test/query-tests/security/CWE-601/semmle/tests/UrlRedirect.java
M java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected
M java/ql/test/query-tests/security/CWE-807/semmle/tests/TaintedPermissionsCheck.expected
M java/ql/test/stubs/google-android-9.0.0/android/app/Notification.java
A java/ql/test/stubs/google-android-9.0.0/android/content/pm/ShortcutInfo.java
A java/ql/test/stubs/google-android-9.0.0/android/hardware/biometrics/BiometricPrompt.java
A java/ql/test/stubs/google-android-9.0.0/android/hardware/fingerprint/FingerprintManager.java
M java/ql/test/stubs/google-android-9.0.0/android/os/Bundle.java
M java/ql/test/stubs/google-android-9.0.0/android/os/Parcel.java
A java/ql/test/stubs/google-android-9.0.0/android/security/identity/IdentityCredential.java
A java/ql/test/stubs/google-android-9.0.0/android/security/identity/PersonalizationData.java
A java/ql/test/stubs/google-android-9.0.0/android/security/identity/PresentationSession.java
A java/ql/test/stubs/google-android-9.0.0/android/security/identity/ResultData.java
A java/ql/test/stubs/google-android-9.0.0/android/security/keystore/KeyGenParameterSpec.java
A java/ql/test/stubs/google-android-9.0.0/android/security/keystore/KeyProperties.java
M java/ql/test/stubs/google-android-9.0.0/android/util/ArrayMap.java
A java/ql/test/stubs/google-android-9.0.0/android/widget/LinearLayout.java
A java/ql/test/stubs/google-android-9.0.0/androidx/biometric/BiometricPrompt.java
M java/ql/test/stubs/google-android-9.0.0/androidx/core/app/NotificationCompat.java
A java/ql/test/stubs/google-android-9.0.0/androidx/core/app/Person.java
A java/ql/test/stubs/google-android-9.0.0/androidx/core/content/LocusIdCompat.java
A java/ql/test/stubs/google-android-9.0.0/androidx/core/content/pm/ShortcutInfoCompat.java
M java/ql/test/utils/modeleditor/ApplicationModeEndpoints.expected
M javascript/BUILD.bazel
M javascript/downgrades/BUILD.bazel
M javascript/externs/BUILD.bazel
M javascript/extractor/BUILD.bazel
M javascript/extractor/lib/typescript/BUILD.bazel
M javascript/extractor/test/com/semmle/js/extractor/test/AllTests.java
M javascript/extractor/test/com/semmle/js/extractor/test/BUILD.bazel
R javascript/extractor/test/com/semmle/js/extractor/test/run_tests.sh
M javascript/extractor/tests/project-layout
M javascript/ql/lib/CHANGELOG.md
M javascript/ql/lib/IDEContextual.qll
R javascript/ql/lib/change-notes/2024-01-17-successfully-extracted-diagnostic.md
A javascript/ql/lib/change-notes/released/0.8.7.md
A javascript/ql/lib/change-notes/released/0.8.8.md
A javascript/ql/lib/change-notes/released/0.8.9.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/lib/semmle/javascript/ApiGraphs.qll
M javascript/ql/lib/semmle/javascript/Classes.qll
M javascript/ql/lib/semmle/javascript/ES2015Modules.qll
M javascript/ql/lib/semmle/javascript/JsonStringifiers.qll
M javascript/ql/lib/semmle/javascript/NPM.qll
M javascript/ql/lib/semmle/javascript/Regexp.qll
M javascript/ql/lib/semmle/javascript/SSA.qll
M javascript/ql/lib/semmle/javascript/Stmt.qll
M javascript/ql/lib/semmle/javascript/XML.qll
M javascript/ql/lib/semmle/javascript/YAML.qll
M javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll
M javascript/ql/lib/semmle/javascript/dataflow/internal/BasicExprTypeInference.qll
A javascript/ql/lib/semmle/javascript/endpoints/EndpointNaming.qll
M javascript/ql/lib/semmle/javascript/frameworks/Electron.qll
M javascript/ql/lib/semmle/javascript/frameworks/Emscripten.qll
M javascript/ql/lib/semmle/javascript/frameworks/GWT.qll
M javascript/ql/lib/semmle/javascript/frameworks/HTTP.qll
M javascript/ql/lib/semmle/javascript/frameworks/Testing.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll
R javascript/ql/lib/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedData.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXssCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
M javascript/ql/lib/semmle/javascript/security/internal/SensitiveDataHeuristics.qll
R javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll
R javascript/ql/lib/semmle/javascript/security/regexp/NfaUtils.qll
R javascript/ql/lib/semmle/javascript/security/regexp/SuperlinearBackTracking.qll
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/Diagnostics/ExtractedFiles.ql
R javascript/ql/src/Diagnostics/SuccessfullyExtractedFiles.ql
R javascript/ql/src/Expressions/TypoDatabase.qll
M javascript/ql/src/LanguageFeatures/SpuriousArguments.ql
R javascript/ql/src/change-notes/2023-12-18-dot-templates.md
A javascript/ql/src/change-notes/released/0.8.7.md
A javascript/ql/src/change-notes/released/0.8.8.md
A javascript/ql/src/change-notes/released/0.8.9.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M javascript/ql/test/library-tests/DataFlow/tests.expected
A javascript/ql/test/library-tests/EndpointNaming/EndpointNaming.expected
A javascript/ql/test/library-tests/EndpointNaming/EndpointNaming.ql
A javascript/ql/test/library-tests/EndpointNaming/pack1/main.js
A javascript/ql/test/library-tests/EndpointNaming/pack1/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack10/foo.js
A javascript/ql/test/library-tests/EndpointNaming/pack10/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack10/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack11/index.ts
A javascript/ql/test/library-tests/EndpointNaming/pack11/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack12/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack12/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack2/lib.js
A javascript/ql/test/library-tests/EndpointNaming/pack2/main.js
A javascript/ql/test/library-tests/EndpointNaming/pack2/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack3/lib.js
A javascript/ql/test/library-tests/EndpointNaming/pack3/main.js
A javascript/ql/test/library-tests/EndpointNaming/pack3/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack4/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack4/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack5/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack5/src/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack6/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack6/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack7/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack7/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack8/foo.js
A javascript/ql/test/library-tests/EndpointNaming/pack8/index.js
A javascript/ql/test/library-tests/EndpointNaming/pack8/package.json
A javascript/ql/test/library-tests/EndpointNaming/pack9/foo.js
A javascript/ql/test/library-tests/EndpointNaming/pack9/index.ts
A javascript/ql/test/library-tests/EndpointNaming/pack9/package.json
M javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
M javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected
A javascript/ql/test/library-tests/TaintTracking/logical-and.js
M javascript/ql/test/qlpack.yml
A javascript/ql/test/query-tests/Diagnostics/ExtractedFiles.expected
A javascript/ql/test/query-tests/Diagnostics/ExtractedFiles.qlref
R javascript/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.expected
R javascript/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.qlref
M javascript/ql/test/query-tests/LanguageFeatures/SpuriousArguments/tst.js
M javascript/ql/test/query-tests/Security/CWE-020/SuspiciousRegexpRange/tst.js
M javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialBackTracking.expected
M javascript/ql/test/query-tests/Statements/UselessConditional/UselessConditional.expected
A javascript/ql/test/testUtilities/InlineExpectationsTest.qll
A javascript/ql/test/testUtilities/internal/InlineExpectationsTestImpl.qll
M misc/bazel/cmake/cmake.bzl
M misc/bazel/cmake/setup.cmake
A misc/bazel/semmle_code_stub/MODULE.bazel
A misc/bazel/semmle_code_stub/WORKSPACE.bazel
M misc/bazel/workspace.bzl
M misc/bazel/workspace_deps.bzl
R misc/codegen/requirements.txt
A misc/codegen/requirements_in.txt
A misc/codegen/requirements_lock.txt
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/0.7.7.md
A misc/suite-helpers/change-notes/released/0.7.8.md
A misc/suite-helpers/change-notes/released/0.7.9.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
M python/BUILD.bazel
A python/downgrades/BUILD.bazel
M python/ql/lib/CHANGELOG.md
M python/ql/lib/analysis/IDEContextual.qll
R python/ql/lib/change-notes/2024-01-17-successfully-extracted-diagnostic.md
A python/ql/lib/change-notes/released/0.11.7.md
A python/ql/lib/change-notes/released/0.11.8.md
A python/ql/lib/change-notes/released/0.11.9.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/python.qll
M python/ql/lib/qlpack.yml
M python/ql/lib/semmle/python/Concepts.qll
M python/ql/lib/semmle/python/Frameworks.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTracker.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/frameworks/Django.qll
A python/ql/lib/semmle/python/frameworks/Psycopg.qll
M python/ql/lib/semmle/python/frameworks/Starlette.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/Stdlib/Urllib.qll
M python/ql/lib/semmle/python/frameworks/Yarl.qll
M python/ql/lib/semmle/python/objects/TObject.qll
M python/ql/lib/semmle/python/pointsto/Base.qll
M python/ql/lib/semmle/python/pointsto/Filters.qll
M python/ql/lib/semmle/python/pointsto/PointsToContext.qll
R python/ql/lib/semmle/python/protocols.qll
M python/ql/lib/semmle/python/regexp/internal/ParseRegExp.qll
R python/ql/lib/semmle/python/security/BadTagFilterQuery.qll
R python/ql/lib/semmle/python/security/OverlyLargeRangeQuery.qll
M python/ql/lib/semmle/python/security/dataflow/UrlRedirectCustomizations.qll
M python/ql/lib/semmle/python/security/dataflow/UrlRedirectQuery.qll
M python/ql/lib/semmle/python/security/internal/SensitiveDataHeuristics.qll
R python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll
R python/ql/lib/semmle/python/security/regexp/NfaUtils.qll
R python/ql/lib/semmle/python/security/regexp/RegexpMatching.qll
R python/ql/lib/semmle/python/security/regexp/SuperlinearBackTracking.qll
M python/ql/lib/semmle/python/xml/XML.qll
M python/ql/src/CHANGELOG.md
A python/ql/src/Diagnostics/ExtractedFiles.ql
R python/ql/src/Diagnostics/SuccessfullyExtractedFiles.ql
M python/ql/src/Security/CWE-601/UrlRedirect.qhelp
M python/ql/src/Security/CWE-601/examples/redirect_good2.py
A python/ql/src/Security/CWE-601/examples/redirect_good3.py
A python/ql/src/change-notes/released/0.9.7.md
A python/ql/src/change-notes/released/0.9.8.md
A python/ql/src/change-notes/released/0.9.9.md
M python/ql/src/codeql-pack.release.yml
A python/ql/src/experimental/Security/CWE-409/DecompressionBombs.qhelp
A python/ql/src/experimental/Security/CWE-409/DecompressionBombs.ql
A python/ql/src/experimental/Security/CWE-409/example_bad.py
A python/ql/src/experimental/Security/CWE-409/example_good.py
M python/ql/src/experimental/semmle/python/frameworks/Django.qll
M python/ql/src/experimental/semmle/python/frameworks/LDAP.qll
A python/ql/src/experimental/semmle/python/security/DecompressionBomb.qll
A python/ql/src/experimental/semmle/python/security/FileAndFormRemoteFlowSource.qll
M python/ql/src/qlpack.yml
M python/ql/src/semmle/python/functions/ModificationOfParameterWithDefault.qll
M python/ql/src/semmle/python/functions/ModificationOfParameterWithDefaultCustomizations.qll
M python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll
M python/ql/test/experimental/dataflow/summaries/summaries.expected
M python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/TarSlip.expected
M python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/ZipSlip.expected
M python/ql/test/experimental/query-tests/Security/CWE-022-UnsafeUnpacking/UnsafeUnpack.expected
M python/ql/test/experimental/query-tests/Security/CWE-074-TemplateInjection/TemplateInjection.expected
M python/ql/test/experimental/query-tests/Security/CWE-074-paramiko/paramiko.expected
M python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.expected
M python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltInjection.expected
M python/ql/test/experimental/query-tests/Security/CWE-113/HeaderInjection.expected
M python/ql/test/experimental/query-tests/Security/CWE-1236/CsvInjection.expected
M python/ql/test/experimental/query-tests/Security/CWE-176/UnicodeBypassValidation.expected
M python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.expected
M python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstSensitiveInfo/PossibleTimingAttackAgainstSensitiveInfo.expected
M python/ql/test/experimental/query-tests/Security/CWE-287-ConstantSecretKey/ConstantSecretKey.expected
M python/ql/test/experimental/query-tests/Security/CWE-327-UnsafeUsageOfClientSideEncryptionVersion/UnsafeUsageOfClientSideEncryptionVersion.expected
M python/ql/test/experimental/query-tests/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.expected
A python/ql/test/experimental/query-tests/Security/CWE-409/DataflowQueryTest.expected
A python/ql/test/experimental/query-tests/Security/CWE-409/DataflowQueryTest.ql
A python/ql/test/experimental/query-tests/Security/CWE-409/DecompressionBombs.expected
A python/ql/test/experimental/query-tests/Security/CWE-409/DecompressionBombs.qlref
A python/ql/test/experimental/query-tests/Security/CWE-409/test.py
M python/ql/test/experimental/query-tests/Security/CWE-522/LdapInsecureAuth.expected
M python/ql/test/experimental/query-tests/Security/CWE-614/CookieInjection.expected
M python/ql/test/library-tests/frameworks/django-orm/ReflectedXss.expected
M python/ql/test/library-tests/frameworks/modeling-example/NaiveModel.expected
M python/ql/test/library-tests/frameworks/modeling-example/ProperModel.expected
A python/ql/test/library-tests/frameworks/psycopg/ConceptsTest.expected
A python/ql/test/library-tests/frameworks/psycopg/ConceptsTest.ql
A python/ql/test/library-tests/frameworks/psycopg/pep249.py
A python/ql/test/library-tests/frameworks/stdlib/test_html.py
M python/ql/test/library-tests/regex/Characters.expected
M python/ql/test/library-tests/regex/FirstLast.expected
M python/ql/test/library-tests/regex/GroupContents.expected
M python/ql/test/library-tests/regex/Mode.expected
M python/ql/test/library-tests/regex/Qualified.expected
M python/ql/test/library-tests/regex/Regex.expected
M python/ql/test/library-tests/regex/test.py
A python/ql/test/query-tests/Diagnostics/ExtractedFiles.expected
A python/ql/test/query-tests/Diagnostics/ExtractedFiles.qlref
R python/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.expected
R python/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.qlref
M python/ql/test/query-tests/Functions/ModificationOfParameterWithDefault/ModificationOfParameterWithDefault.expected
A python/ql/test/query-tests/Functions/ModificationOfParameterWithDefault/options
M python/ql/test/query-tests/Functions/ModificationOfParameterWithDefault/test.py
M python/ql/test/query-tests/Functions/general/DeprecatedSliceMethod.expected
R python/ql/test/query-tests/Functions/general/ModificationOfParameterWithDefault.expected
R python/ql/test/query-tests/Functions/general/ModificationOfParameterWithDefault.qlref
M python/ql/test/query-tests/Functions/general/functions_test.py
M python/ql/test/query-tests/Functions/general/options
M python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected
M python/ql/test/query-tests/Security/CWE-022-PathInjection/PathInjection.expected
M python/ql/test/query-tests/Security/CWE-022-TarSlip/TarSlip.expected
M python/ql/test/query-tests/Security/CWE-078-CommandInjection-py2/CommandInjection.expected
M python/ql/test/query-tests/Security/CWE-078-CommandInjection/CommandInjection.expected
M python/ql/test/query-tests/Security/CWE-078-UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M python/ql/test/query-tests/Security/CWE-079-ReflectedXss/ReflectedXss.expected
M python/ql/test/query-tests/Security/CWE-089-SqlInjection/SqlInjection.expected
M python/ql/test/query-tests/Security/CWE-090-LdapInjection/LdapInjection.expected
M python/ql/test/query-tests/Security/CWE-094-CodeInjection/CodeInjection.expected
M python/ql/test/query-tests/Security/CWE-117-LogInjection/LogInjection.expected
M python/ql/test/query-tests/Security/CWE-209-StackTraceExposure/StackTraceExposure.expected
M python/ql/test/query-tests/Security/CWE-285-PamAuthorization/PamAuthorization.expected
M python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
M python/ql/test/query-tests/Security/CWE-312-CleartextStorage-py3/CleartextStorage.expected
M python/ql/test/query-tests/Security/CWE-312-CleartextStorage/CleartextStorage.expected
M python/ql/test/query-tests/Security/CWE-327-WeakSensitiveDataHashing/WeakSensitiveDataHashing.expected
M python/ql/test/query-tests/Security/CWE-502-UnsafeDeserialization/UnsafeDeserialization.expected
M python/ql/test/query-tests/Security/CWE-601-UrlRedirect/UrlRedirect.expected
M python/ql/test/query-tests/Security/CWE-601-UrlRedirect/test.py
M python/ql/test/query-tests/Security/CWE-611-Xxe/Xxe.expected
M python/ql/test/query-tests/Security/CWE-643-XPathInjection/XpathInjection.expected
M python/ql/test/query-tests/Security/CWE-730-PolynomialReDoS/PolynomialReDoS.expected
M python/ql/test/query-tests/Security/CWE-730-RegexInjection/RegexInjection.expected
M python/ql/test/query-tests/Security/CWE-776-XmlBomb/XmlBomb.expected
M python/ql/test/query-tests/Security/CWE-798-HardcodedCredentials/HardcodedCredentials.expected
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.expected
M python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/PartialServerSideRequestForgery.expected
M python/ql/test/query-tests/Security/CWE-943-NoSqlInjection/NoSqlInjection.expected
M python/tools/recorded-call-graph-metrics/ql/lib/RecordedCalls.qll
M ql/Cargo.lock
M ql/buramu/Cargo.toml
M ql/codeql-extractor.yml
M ql/extractor/Cargo.toml
M ql/ql/src/codeql/IDEContextual.qll
R ql/ql/src/codeql_ql/style/TypoDatabase.qll
M ruby/codeql-extractor.yml
M ruby/ql/lib/CHANGELOG.md
R ruby/ql/lib/change-notes/2024-01-17-successfully-extracted-diagnostic.md
A ruby/ql/lib/change-notes/2024-02-15-activerecord_connection_sql_sinks.md
A ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md
A ruby/ql/lib/change-notes/released/0.8.7.md
A ruby/ql/lib/change-notes/released/0.8.8.md
A ruby/ql/lib/change-notes/released/0.8.9.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/codeql/IDEContextual.qll
M ruby/ql/lib/codeql/ruby/ApiGraphs.qll
M ruby/ql/lib/codeql/ruby/Concepts.qll
M ruby/ql/lib/codeql/ruby/Frameworks.qll
M ruby/ql/lib/codeql/ruby/ast/Call.qll
M ruby/ql/lib/codeql/ruby/ast/Erb.qll
M ruby/ql/lib/codeql/ruby/dataflow/FlowSummary.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowDispatch.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplSpecific.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll
M ruby/ql/lib/codeql/ruby/dataflow/internal/SsaImpl.qll
M ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll
M ruby/ql/lib/codeql/ruby/frameworks/ActionView.qll
M ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll
M ruby/ql/lib/codeql/ruby/frameworks/Rails.qll
A ruby/ql/lib/codeql/ruby/frameworks/ViewComponent.qll
M ruby/ql/lib/codeql/ruby/frameworks/actiondispatch/internal/Request.qll
R ruby/ql/lib/codeql/ruby/security/BadTagFilterQuery.qll
M ruby/ql/lib/codeql/ruby/security/CodeInjectionQuery.qll
A ruby/ql/lib/codeql/ruby/security/InsecureRandomnessCustomizations.qll
A ruby/ql/lib/codeql/ruby/security/InsecureRandomnessQuery.qll
M ruby/ql/lib/codeql/ruby/security/OpenSSL.qll
R ruby/ql/lib/codeql/ruby/security/OverlyLargeRangeQuery.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
M ruby/ql/lib/codeql/ruby/security/XSS.qll
M ruby/ql/lib/codeql/ruby/security/internal/SensitiveDataHeuristics.qll
R ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll
R ruby/ql/lib/codeql/ruby/security/regexp/NfaUtils.qll
R ruby/ql/lib/codeql/ruby/security/regexp/RegexpMatching.qll
R ruby/ql/lib/codeql/ruby/security/regexp/SuperlinearBackTracking.qll
M ruby/ql/lib/codeql/ruby/typetracking/TypeTracker.qll
M ruby/ql/lib/codeql/ruby/typetracking/internal/TypeTrackingImpl.qll
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
A ruby/ql/src/change-notes/2024-02-13-rails-more-request-sources.md
A ruby/ql/src/change-notes/released/0.8.7.md
A ruby/ql/src/change-notes/released/0.8.8.md
A ruby/ql/src/change-notes/released/0.8.9.md
M ruby/ql/src/codeql-pack.release.yml
A ruby/ql/src/experimental/insecure-randomness/InsecureRandomness.qhelp
A ruby/ql/src/experimental/insecure-randomness/InsecureRandomness.ql
A ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessBad.rb
A ruby/ql/src/experimental/insecure-randomness/examples/InsecureRandomnessGood.rb
M ruby/ql/src/qlpack.yml
A ruby/ql/src/queries/diagnostics/ExtractedFiles.ql
R ruby/ql/src/queries/diagnostics/SuccessfullyExtractedFiles.ql
M ruby/ql/src/queries/modeling/internal/Types.qll
M ruby/ql/src/queries/modeling/internal/Util.qll
M ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.qhelp
M ruby/ql/src/queries/security/cwe-502/examples/UnsafeDeserializationBad.rb
A ruby/ql/src/utils/modeleditor/FrameworkModeAccessPaths.ql
M ruby/ql/src/utils/modeleditor/ModelEditor.qll
M ruby/ql/test/library-tests/dataflow/array-flow/array-flow.expected
M ruby/ql/test/library-tests/dataflow/call-sensitivity/call-sensitivity.expected
M ruby/ql/test/library-tests/dataflow/call-sensitivity/call_sensitivity.rb
A ruby/ql/test/library-tests/dataflow/erb/erb.expected
A ruby/ql/test/library-tests/dataflow/erb/erb.ql
A ruby/ql/test/library-tests/dataflow/erb/main.rb
A ruby/ql/test/library-tests/dataflow/erb/view1.html.erb
A ruby/ql/test/library-tests/dataflow/erb/view1.rb
A ruby/ql/test/library-tests/dataflow/erb/view2.html.erb
A ruby/ql/test/library-tests/dataflow/erb/view2.rb
A ruby/ql/test/library-tests/dataflow/erb/view3.html.erb
A ruby/ql/test/library-tests/dataflow/erb/view3.rb
A ruby/ql/test/library-tests/dataflow/erb/view4.rb
M ruby/ql/test/library-tests/dataflow/flow-summaries/semantics.expected
M ruby/ql/test/library-tests/dataflow/global/Flow.expected
M ruby/ql/test/library-tests/dataflow/global/captured_variables.rb
M ruby/ql/test/library-tests/dataflow/hash-flow/hash-flow.expected
M ruby/ql/test/library-tests/dataflow/local/DataflowStep.expected
M ruby/ql/test/library-tests/dataflow/local/InlineFlowTest.expected
M ruby/ql/test/library-tests/dataflow/local/TaintStep.expected
M ruby/ql/test/library-tests/dataflow/local/local_dataflow.rb
M ruby/ql/test/library-tests/dataflow/params/TypeTracker.expected
M ruby/ql/test/library-tests/dataflow/params/params-flow.expected
M ruby/ql/test/library-tests/dataflow/ssa-flow/ssa-flow.expected
M ruby/ql/test/library-tests/dataflow/string-flow/string-flow.expected
M ruby/ql/test/library-tests/dataflow/summaries/Summaries.expected
M ruby/ql/test/library-tests/dataflow/type-tracker/TypeTracker.expected
M ruby/ql/test/library-tests/frameworks/action_controller/ActionController.expected
M ruby/ql/test/library-tests/frameworks/action_controller/Filters.expected
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/application_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/comments_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/foo/bars_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/photos_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/posts_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/tags_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/controllers/users/notifications_controller.rb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/comments/create.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/comments/destroy.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/comments/index.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/comments/show.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/notifications/mark_as_read.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/photos/foo.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/photos/show.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/posts/index.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/posts/show.html.erb
A ruby/ql/test/library-tests/frameworks/action_controller/app/views/posts/upvote.html.erb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/application_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/comments_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/foo/bars_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/photos_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/posts_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/tags_controller.rb
R ruby/ql/test/library-tests/frameworks/action_controller/controllers/users/notifications_controller.rb
M ruby/ql/test/library-tests/frameworks/action_controller/input_access.rb
M ruby/ql/test/library-tests/frameworks/action_controller/params-flow.expected
M ruby/ql/test/library-tests/frameworks/action_mailer/params-flow.expected
M ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.expected
M ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.rb
M ruby/ql/test/library-tests/frameworks/active_support/ActiveSupportDataFlow.expected
M ruby/ql/test/library-tests/frameworks/arel/Arel.expected
M ruby/ql/test/library-tests/frameworks/json/JsonDataFlow.expected
M ruby/ql/test/library-tests/frameworks/sinatra/Flow.expected
M ruby/ql/test/library-tests/variables/ssa.expected
A ruby/ql/test/query-tests/diagnostics/ExtractedFiles.expected
A ruby/ql/test/query-tests/diagnostics/ExtractedFiles.qlref
R ruby/ql/test/query-tests/diagnostics/SuccessfullyExtractedFiles.expected
R ruby/ql/test/query-tests/diagnostics/SuccessfullyExtractedFiles.qlref
M ruby/ql/test/query-tests/experimental/ImproperLdapAuth/ImproperLdapAuth.expected
A ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.expected
A ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.qlref
A ruby/ql/test/query-tests/experimental/InsecureRandomness/InsecureRandomness.rb
M ruby/ql/test/query-tests/experimental/LdapInjection/Ldapinjection.expected
M ruby/ql/test/query-tests/experimental/TemplateInjection/TemplateInjection.expected
M ruby/ql/test/query-tests/experimental/XPathInjection/XPathInjection.expected
M ruby/ql/test/query-tests/experimental/cwe-022-ZipSlip/ZipSlip.expected
M ruby/ql/test/query-tests/experimental/cwe-176/UnicodeBypassValidation.expected
M ruby/ql/test/query-tests/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.expected
M ruby/ql/test/query-tests/experimental/weak-params/WeakParams.expected
M ruby/ql/test/query-tests/security/cwe-020/MissingFullAnchor/MissingFullAnchor.expected
M ruby/ql/test/query-tests/security/cwe-022/PathInjection.expected
M ruby/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected
M ruby/ql/test/query-tests/security/cwe-078/KernelOpen/KernelOpen.expected
M ruby/ql/test/query-tests/security/cwe-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
M ruby/ql/test/query-tests/security/cwe-079/ReflectedXSS.expected
M ruby/ql/test/query-tests/security/cwe-079/StoredXSS.expected
M ruby/ql/test/query-tests/security/cwe-079/UnsafeHtmlConstruction.expected
M ruby/ql/test/query-tests/security/cwe-079/app/views/foo/bars/show.html.erb
M ruby/ql/test/query-tests/security/cwe-089/ActiveRecordInjection.rb
M ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected
M ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected
M ruby/ql/test/query-tests/security/cwe-117/LogInjection.expected
M ruby/ql/test/query-tests/security/cwe-1333-polynomial-redos/PolynomialReDoS.expected
M ruby/ql/test/query-tests/security/cwe-1333-regexp-injection/RegExpInjection.expected
M ruby/ql/test/query-tests/security/cwe-134/TaintedFormatString.expected
M ruby/ql/test/query-tests/security/cwe-209/StackTraceExposure.expected
M ruby/ql/test/query-tests/security/cwe-312/CleartextLogging.expected
M ruby/ql/test/query-tests/security/cwe-312/CleartextStorage.expected
M ruby/ql/test/query-tests/security/cwe-502/oj-global-options/UnsafeDeserialization.expected
A ruby/ql/test/query-tests/security/cwe-502/ox-global-options/OxGlobalOptions.rb
A ruby/ql/test/query-tests/security/cwe-502/ox-global-options/Startup.rb
A ruby/ql/test/query-tests/security/cwe-502/ox-global-options/UnsafeDeserialization.expected
A ruby/ql/test/query-tests/security/cwe-502/ox-global-options/UnsafeDeserialization.qlref
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
M ruby/ql/test/query-tests/security/cwe-506/HardcodedDataInterpretedAsCode.expected
M ruby/ql/test/query-tests/security/cwe-601/UrlRedirect.expected
M ruby/ql/test/query-tests/security/cwe-611/libxml-backend/Xxe.expected
M ruby/ql/test/query-tests/security/cwe-611/xxe/Xxe.expected
M ruby/ql/test/query-tests/security/cwe-732/WeakFilePermissions.expected
M ruby/ql/test/query-tests/security/cwe-798/HardcodedCredentials.expected
M ruby/ql/test/query-tests/security/cwe-807-user-controlled-bypass/ConditionalBypass.expected
M ruby/ql/test/query-tests/security/cwe-829/InsecureDownload.expected
M ruby/ql/test/query-tests/security/cwe-912/HttpToFileAccess.expected
M ruby/ql/test/query-tests/security/cwe-918/ServerSideRequestForgery.expected
M ruby/ql/test/query-tests/security/decompression-api/DecompressionApi.expected
A ruby/ql/test/query-tests/utils/modeleditor/FrameworkModeAccessPaths.expected
A ruby/ql/test/query-tests/utils/modeleditor/FrameworkModeAccessPaths.qlref
M ruby/ql/test/query-tests/utils/modeleditor/FrameworkModeEndpoints.expected
M ruby/ql/test/query-tests/utils/modeleditor/GenerateModel.expected
M ruby/ql/test/query-tests/utils/modeleditor/lib/mylib.rb
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/0.1.7.md
A shared/controlflow/change-notes/released/0.1.8.md
A shared/controlflow/change-notes/released/0.1.9.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/0.1.7.md
A shared/dataflow/change-notes/released/0.1.8.md
A shared/dataflow/change-notes/released/0.2.0.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/codeql/dataflow/DataFlow.qll
M shared/dataflow/codeql/dataflow/VariableCapture.qll
M shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll
M shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/0.2.7.md
A shared/mad/change-notes/released/0.2.8.md
A shared/mad/change-notes/released/0.2.9.md
M shared/mad/codeql-pack.release.yml
M shared/mad/codeql/mad/ModelValidation.qll
M shared/mad/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/0.0.6.md
A shared/rangeanalysis/change-notes/released/0.0.7.md
A shared/rangeanalysis/change-notes/released/0.0.8.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/0.2.7.md
A shared/regex/change-notes/released/0.2.8.md
A shared/regex/change-notes/released/0.2.9.md
M shared/regex/codeql-pack.release.yml
M shared/regex/codeql/regex/OverlyLargeRangeQuery.qll
M shared/regex/codeql/regex/nfa/NfaUtils.qll
M shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/0.2.7.md
A shared/ssa/change-notes/released/0.2.8.md
A shared/ssa/change-notes/released/0.2.9.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/codeql/ssa/Ssa.qll
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/0.0.6.md
A shared/threat-models/change-notes/released/0.0.7.md
A shared/threat-models/change-notes/released/0.0.8.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tree-sitter-extractor/src/extractor/mod.rs
M shared/tree-sitter-extractor/src/trap.rs
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/0.2.7.md
A shared/tutorial/change-notes/released/0.2.8.md
A shared/tutorial/change-notes/released/0.2.9.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/0.2.7.md
A shared/typetracking/change-notes/released/0.2.8.md
A shared/typetracking/change-notes/released/0.2.9.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/0.2.7.md
A shared/typos/change-notes/released/0.2.8.md
A shared/typos/change-notes/released/0.2.9.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
A shared/util/change-notes/released/0.2.7.md
A shared/util/change-notes/released/0.2.8.md
A shared/util/change-notes/released/0.2.9.md
M shared/util/codeql-pack.release.yml
M shared/util/codeql/util/FileSystem.qll
M shared/util/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/0.2.7.md
A shared/yaml/change-notes/released/0.2.8.md
A shared/yaml/change-notes/released/0.2.9.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
M swift/BUILD.bazel
M swift/codeql-extractor.yml
M swift/extractor/config/BUILD.bazel
M swift/extractor/infra/SwiftDispatcher.h
M swift/extractor/infra/SwiftLocationExtractor.h
M swift/extractor/remapping/SwiftFileInterception.cpp
M swift/extractor/translators/PatternTranslator.cpp
M swift/extractor/trap/TrapLabel.h
A swift/integration-tests/.clang-format
M swift/logging/SwiftLogging.h
M swift/ql/lib/CHANGELOG.md
R swift/ql/lib/change-notes/2024-01-05-parameterized-cfg-library.md
R swift/ql/lib/change-notes/2024-01-09-swift-5.9.2.md
A swift/ql/lib/change-notes/released/0.3.7.md
A swift/ql/lib/change-notes/released/0.3.8.md
A swift/ql/lib/change-notes/released/0.3.9.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/codeql/swift/elements/File.qll
A swift/ql/lib/codeql/swift/security/UnsafeUnpackExtensions.qll
A swift/ql/lib/codeql/swift/security/UnsafeUnpackQuery.qll
M swift/ql/lib/codeql/swift/security/internal/SensitiveDataHeuristics.qll
M swift/ql/lib/qlpack.yml
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2023-12-15-weak-password-hashing.md
A swift/ql/src/change-notes/released/0.3.7.md
A swift/ql/src/change-notes/released/0.3.8.md
A swift/ql/src/change-notes/released/0.3.9.md
M swift/ql/src/codeql-pack.release.yml
A swift/ql/src/diagnostics/ExtractedFiles.ql
R swift/ql/src/diagnostics/SuccessfullyExtractedFiles.ql
A swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.qhelp
A swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.ql
A swift/ql/src/experimental/Security/CWE-022/ZipArchiveGood.swift
A swift/ql/src/experimental/Security/CWE-022/ZipBad.swift
A swift/ql/src/experimental/Security/CWE-022/ZipFoundationBad.swift
M swift/ql/src/qlpack.yml
M swift/ql/test/extractor-tests/run_under/Strings.expected
M swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
M swift/ql/test/library-tests/dataflow/taint/core/Taint.expected
A swift/ql/test/query-tests/Diagnostics/ExtractedFiles.expected
A swift/ql/test/query-tests/Diagnostics/ExtractedFiles.qlref
A swift/ql/test/query-tests/Diagnostics/Info.expected
A swift/ql/test/query-tests/Diagnostics/Info.ql
R swift/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.expected
R swift/ql/test/query-tests/Diagnostics/SuccessfullyExtractedFiles.qlref
A swift/ql/test/query-tests/Security/CWE-022/PathInjection/PathInjectionTest.expected
A swift/ql/test/query-tests/Security/CWE-022/PathInjection/PathInjectionTest.ql
A swift/ql/test/query-tests/Security/CWE-022/PathInjection/testPathInjection.swift
R swift/ql/test/query-tests/Security/CWE-022/PathInjectionTest.expected
R swift/ql/test/query-tests/Security/CWE-022/PathInjectionTest.ql
A swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.expected
A swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.qlref
A swift/ql/test/query-tests/Security/CWE-022/UnsafeUnpack/UnsafeUnpack.swift
R swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift
M swift/ql/test/query-tests/Security/CWE-078/CommandInjection.expected
M swift/ql/test/query-tests/Security/CWE-079/UnsafeWebViewFetch.expected
M swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected
M swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
M swift/ql/test/query-tests/Security/CWE-1204/StaticInitializationVector.expected
M swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected
M swift/ql/test/query-tests/Security/CWE-135/StringLengthConflation.expected
M swift/ql/test/query-tests/Security/CWE-259/ConstantPassword.expected
M swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected
M swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
M swift/ql/test/query-tests/Security/CWE-312/CleartextStoragePreferences.expected
M swift/ql/test/query-tests/Security/CWE-321/HardcodedEncryptionKey.expected
M swift/ql/test/query-tests/Security/CWE-327/ECBEncryption.expected
M swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.expected
M swift/ql/test/query-tests/Security/CWE-730/RegexInjection.expected
M swift/ql/test/query-tests/Security/CWE-757/InsecureTLS.expected
M swift/ql/test/query-tests/Security/CWE-760/ConstantSalt.expected
M swift/ql/test/query-tests/Security/CWE-916/InsufficientHashIterations.expected
M swift/third_party/BUILD.picosha2.bazel
M swift/third_party/BUILD.swift-llvm-support.bazel
M swift/third_party/load.bzl
M swift/third_party/swift-llvm-support/BUILD.bazel
M swift/tools/qltest.sh
M swift/tools/test/qltest/utils.py
Log Message:
-----------
Merge branch 'main' into lgtm_index_filter_handling
Commit: 03a125de383538e8b4da9aacf9bddd0c48089227
https://github.com/krishnprakash/codeql/commit/03a125de383538e8b4da9aacf9bddd0c48089227
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/CHANGELOG.md
M ruby/ql/lib/change-notes/released/0.8.7.md
Log Message:
-----------
Merge pull request #15562 from Marcono1234/patch-2
Ruby: Fix formatting in changelog
Commit: 788100d4756a2433c731c5f2615330b60f211dad
https://github.com/krishnprakash/codeql/commit/788100d4756a2433c731c5f2615330b60f211dad
Author: Jeroen Ketema <jke...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/test/library-tests/arguments/arguments.expected
Log Message:
-----------
C++: Update test after extractor changes
Commit: 403a1ac4830ca7db797b5ceac978c5c1dbbc95a5
https://github.com/krishnprakash/codeql/commit/403a1ac4830ca7db797b5ceac978c5c1dbbc95a5
Author: Joe Farebrother <joefare...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md
Log Message:
-----------
Fix change note formatting
Commit: dab8e237e66308df4bd816d688573081824045e2
https://github.com/krishnprakash/codeql/commit/dab8e237e66308df4bd816d688573081824045e2
Author: Anders Schack-Mulligen <ascha...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .github/workflows/compile-queries.yml
Log Message:
-----------
Workflows: Run format check on shared.
Commit: 5f5bcf686dd21554651437ed5b27e385bba4c3de
https://github.com/krishnprakash/codeql/commit/5f5bcf686dd21554651437ed5b27e385bba4c3de
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll
Log Message:
-----------
Update csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll
Co-authored-by: Michael Nebel <michae...@github.com>
Commit: 4ede553b2168a7fabfd75e6c86517592d4e358eb
https://github.com/krishnprakash/codeql/commit/4ede553b2168a7fabfd75e6c86517592d4e358eb
Author: Rasmus Wriedt Larsen <rasm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M shared/tree-sitter-extractor/src/autobuilder.rs
Log Message:
-----------
Merge pull request #15365 from RasmusWL/lgtm_index_filter_handling
Tree sitter extractor: Proper handling of `LGTM_INDEX_FILTERS`
Commit: acf3a99dffb711752623b8670dccb37198ebe339
https://github.com/krishnprakash/codeql/commit/acf3a99dffb711752623b8670dccb37198ebe339
Author: Jeroen Ketema <93738568...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/test/library-tests/arguments/arguments.expected
Log Message:
-----------
Merge pull request #15716 from jketema/command-line-options
C++: Update test after extractor changes
Commit: fb06e9f6b287d5bcd7c0d2f5721c0520369fd9df
https://github.com/krishnprakash/codeql/commit/fb06e9f6b287d5bcd7c0d2f5721c0520369fd9df
Author: Joe Farebrother <joefare...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/change-notes/2024-02-20-activerecord-sql-sink-arguments.md
Log Message:
-----------
Merge pull request #15719 from joefarebrother/ruby-changenote-formatting
Ruby: Fix change note formatting
Commit: c22cbf5b019f4f2f3da6c8c789a309ac5fa3481f
https://github.com/krishnprakash/codeql/commit/c22cbf5b019f4f2f3da6c8c789a309ac5fa3481f
Author: Anders Schack-Mulligen <ascha...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .github/workflows/compile-queries.yml
Log Message:
-----------
Merge pull request #15721 from aschackmull/workflows/format-check-shared
Workflows: Run format check on shared.
Commit: fd85c441291fb9fad515fce28b1fff56298c7eac
https://github.com/krishnprakash/codeql/commit/fd85c441291fb9fad515fce28b1fff56298c7eac
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .github/workflows/ruby-build.yml
A ruby/BUILD.bazel
A ruby/downgrades/BUILD.bazel
A ruby/extractor/BUILD.bazel
A ruby/extractor/Cargo.Bazel.lock
M ruby/extractor/Cargo.lock
M ruby/extractor/Cargo.toml
R ruby/extractor/Cross.toml
A ruby/ql/lib/BUILD.bazel
A ruby/tools/BUILD.bazel
Log Message:
-----------
Ruby: Start building the language pack using bazel.
This PR introduces a bazel and `rules_rust`-based build system
for the ruby extractor and language pack.
This replacese the existing, `cargo` and `cross`-based build system.
For local development, nothing changes, and the existing `cargo`-based
build still keeps working as-is.
We no longer need to use `cross` to compile our Linux binaries,
as we now can link against our hermetic C++ toolchain, which ships
with an old enough glibc, so that we don't run into symbol version issues
when deploying the binaries to older systems.
Besides the one change in dependency (explained in detail in `Cargo.toml`
and in https://github.com/github/codeql/pull/15595), nothing ought to
change in how we build the extractor.
Commit: b82ffd40e7cb02a3df07d1829917bbc826089bf2
https://github.com/krishnprakash/codeql/commit/b82ffd40e7cb02a3df07d1829917bbc826089bf2
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .github/workflows/ruby-build.yml
Log Message:
-----------
Fix windows CI build.
As we're now checking out the `codeql` repo in a sub-path,
we need to enable long paths on Windows.
Commit: 688b9955a01f13cc53b4d2e5be0149646b08493f
https://github.com/krishnprakash/codeql/commit/688b9955a01f13cc53b4d2e5be0149646b08493f
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .gitattributes
M ruby/BUILD.bazel
M ruby/extractor/BUILD.bazel
R ruby/extractor/Cargo.Bazel.lock
M ruby/extractor/Cargo.toml
A ruby/extractor/cargo-bazel-lock.json
M ruby/tools/BUILD.bazel
Log Message:
-----------
Address review, start accomodating bzlmod.
Commit: 1657b314c1ac5b0c9b0dc0f6d6d3b59dd91a76b6
https://github.com/krishnprakash/codeql/commit/1657b314c1ac5b0c9b0dc0f6d6d3b59dd91a76b6
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/extractor/cargo-bazel-lock.json
Log Message:
-----------
Re-pin ruby extractor deps.
Commit: 1410574f769c3474bb621554597723bfb144f3e7
https://github.com/krishnprakash/codeql/commit/1410574f769c3474bb621554597723bfb144f3e7
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.qlref
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/YAMLUnsafeDeserialization.rb
Log Message:
-----------
make seperate steps for YAML.parse* and use `getAsuccessor*()` to reach final to_ruby method call, All parts have Rewritten with API graphs exclusively
Commit: 474a4f8abdbad932b8a07ba4ba1fb57fa7706be4
https://github.com/krishnprakash/codeql/commit/474a4f8abdbad932b8a07ba4ba1fb57fa7706be4
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
thanks @asgerf for informing me that Successor wants to be deprecated and thank him that providing the solution
Commit: a75a0049428c5fe45cd2c429baf337877bd5fa3a
https://github.com/krishnprakash/codeql/commit/a75a0049428c5fe45cd2c429baf337877bd5fa3a
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
add more additional steps, change parse* sinks to reciever of them
Commit: 18fa91bde43bf26b75b6c27877a8b73955f2408a
https://github.com/krishnprakash/codeql/commit/18fa91bde43bf26b75b6c27877a8b73955f2408a
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
Log Message:
-----------
add transform method that is an alias for to_ruby
Commit: 464e2e429175ec0aa22b66c01b234a9cc99a5b25
https://github.com/krishnprakash/codeql/commit/464e2e429175ec0aa22b66c01b234a9cc99a5b25
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
R ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/PlistUnsafeDeserialization.rb
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
R ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/YAMLUnsafeDeserialization.rb
Log Message:
-----------
fix qldoc and test files
Commit: 9c5c8c8362b6f4eca6c957c458a855a8826bc3e3
https://github.com/krishnprakash/codeql/commit/9c5c8c8362b6f4eca6c957c458a855a8826bc3e3
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
Log Message:
-----------
fix test file
Commit: 1c1a6f13dfc7e092dde2f4d2038767e0d00953d7
https://github.com/krishnprakash/codeql/commit/1c1a6f13dfc7e092dde2f4d2038767e0d00953d7
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
Log Message:
-----------
fix QLDoc style
Commit: c582ea626d647979aee3ce24339d64337184731d
https://github.com/krishnprakash/codeql/commit/c582ea626d647979aee3ce24339d64337184731d
Author: amammad <amg20...@gmail.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
Log Message:
-----------
update expected test file
Commit: 32f5667bb61398352dd03a771a6cfc715479646d
https://github.com/krishnprakash/codeql/commit/32f5667bb61398352dd03a771a6cfc715479646d
Author: amammad <77095239...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/lib/codeql/ruby/frameworks/Yaml.qll
M ruby/ql/lib/codeql/ruby/security/UnsafeDeserializationCustomizations.qll
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qhelp
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.ql
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qll
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserializationCustomizations.qll
A ruby/ql/src/experimental/cwe-502/Yaml.qll
A ruby/ql/src/experimental/cwe-502/examples/UnsafeDeserializationBad.rb
A ruby/ql/src/experimental/cwe-502/examples/UnsafeDeserializationGood.rb
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.expected
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.qlref
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.rb
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.qlref
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
Log Message:
-----------
revert YAML.qll and yaml sinks to previous PR, make a separate experimental query only for yaml
Commit: 8a670fe9a2972bd4648c0e9914c60d61cb792ab9
https://github.com/krishnprakash/codeql/commit/8a670fe9a2972bd4648c0e9914c60d61cb792ab9
Author: Harry Maclean <hm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/src/experimental/cwe-502/Yaml.qll
Log Message:
-----------
Ruby: formatting
Commit: 606a8fed0c57d1c4cad02f2c48acc3fa331d92a2
https://github.com/krishnprakash/codeql/commit/606a8fed0c57d1c4cad02f2c48acc3fa331d92a2
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M csharp/ql/lib/semmle/code/csharp/AnnotatedType.qll
M csharp/ql/lib/semmle/code/csharp/Generics.qll
M csharp/ql/lib/semmle/code/csharp/Implements.qll
M csharp/ql/lib/semmle/code/csharp/commons/QualifiedName.qll
M csharp/ql/lib/semmle/code/csharp/commons/StructuralComparison.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/PreBasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/dispatch/OverridableCallable.qll
M csharp/ql/lib/semmlecode.csharp.dbscheme.stats
M csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql
Log Message:
-----------
Merge pull request #15406 from hvitved/csharp/no-stats-experiment
C#: Remove all DB stats
Commit: dd0c721e8cef09c3b0fa72d81f02465556bd035a
https://github.com/krishnprakash/codeql/commit/dd0c721e8cef09c3b0fa72d81f02465556bd035a
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md
A csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md
Log Message:
-----------
C#: Add change note
Commit: b86643fab2dcb382b932fc697aac15cef69514ff
https://github.com/krishnprakash/codeql/commit/b86643fab2dcb382b932fc697aac15cef69514ff
Author: Harry Maclean <hm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qll
Log Message:
-----------
Ruby: doc fixes
Commit: 8212f5de1bd7b3a4f0d0afc834e5d9560b8dce35
https://github.com/krishnprakash/codeql/commit/8212f5de1bd7b3a4f0d0afc834e5d9560b8dce35
Author: Harry Maclean <hm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.expected
Log Message:
-----------
Ruby: Update test
Commit: f92c10697250edf46be8b847aff70f2f8f4fe16f
https://github.com/krishnprakash/codeql/commit/f92c10697250edf46be8b847aff70f2f8f4fe16f
Author: Tom Hvitved <hvi...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M csharp/ql/lib/change-notes/2024-02-21-getonly-properties.md
A csharp/ql/lib/change-notes/2024-02-22-no-db-stats.md
Log Message:
-----------
Merge pull request #15724 from hvitved/csharp-change-note
C#: Add change note
Commit: 6ff0054e52890c85808eaf1e8d9ef222776ac69e
https://github.com/krishnprakash/codeql/commit/6ff0054e52890c85808eaf1e8d9ef222776ac69e
Author: Harry Maclean <hm...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qhelp
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.ql
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserialization.qll
A ruby/ql/src/experimental/cwe-502/UnsafeYamlDeserializationCustomizations.qll
A ruby/ql/src/experimental/cwe-502/Yaml.qll
A ruby/ql/src/experimental/cwe-502/examples/UnsafeDeserializationBad.rb
A ruby/ql/src/experimental/cwe-502/examples/UnsafeDeserializationGood.rb
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.expected
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.qlref
A ruby/ql/test/query-tests/experimental/cwe-502/UnsafeYamlDeserialization.rb
R ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/PlistUnsafeDeserialization.rb
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.expected
M ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/UnsafeDeserialization.rb
R ruby/ql/test/query-tests/security/cwe-502/unsafe-deserialization/YAMLUnsafeDeserialization.rb
Log Message:
-----------
Merge pull request #13431 from am0o0/amammad-ruby-YAMLunsafeLoad
Ruby: add seperate additional steps between `YAML.parse*` methods and `to_ruby`
Commit: e9b5394cd567e456412f7f310c428072126cbf97
https://github.com/krishnprakash/codeql/commit/e9b5394cd567e456412f7f310c428072126cbf97
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M javascript/extractor/BUILD.bazel
Log Message:
-----------
JS: Remove empty build target.
The `resources` folder never existed, this was probably introduced
as a copy-paste mistake. Remove the rule.
Commit: 5c4543f16727be78f9e2f40ceb66715c5a17674a
https://github.com/krishnprakash/codeql/commit/5c4543f16727be78f9e2f40ceb66715c5a17674a
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/AddressFlow.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowVar.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingUtil.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll
Log Message:
-----------
C++: Mark internal files in the old dataflow library as deprecated (the public imports already are).
Commit: 234623ec0d9eff188ba0063889cacb35536c9a39
https://github.com/krishnprakash/codeql/commit/234623ec0d9eff188ba0063889cacb35536c9a39
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M javascript/extractor/BUILD.bazel
Log Message:
-----------
Merge pull request #15726 from github/criemen/js
JS: Remove empty build target.
Commit: 4bb725cbf5c2e43256f1cbb8bcdd9247e9df0068
https://github.com/krishnprakash/codeql/commit/4bb725cbf5c2e43256f1cbb8bcdd9247e9df0068
Author: Cornelius Riemenschneider <corn...@github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M .gitattributes
M .github/workflows/ruby-build.yml
A ruby/BUILD.bazel
A ruby/downgrades/BUILD.bazel
A ruby/extractor/BUILD.bazel
M ruby/extractor/Cargo.lock
M ruby/extractor/Cargo.toml
R ruby/extractor/Cross.toml
A ruby/extractor/cargo-bazel-lock.json
A ruby/ql/lib/BUILD.bazel
A ruby/tools/BUILD.bazel
Log Message:
-----------
Merge pull request #15656 from github/criemen/ruby-bazel
Ruby: Start building the language pack using bazel.
Commit: 2e66392353fa909b9837c0f22f4114cc43bc810f
https://github.com/krishnprakash/codeql/commit/2e66392353fa909b9837c0f22f4114cc43bc810f
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/controlflow/SubBasicBlocks.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll
Log Message:
-----------
C++: Update deprecated note to respect identical files.
Commit: 408a5504670be29f6ce0a8c79c28b4b1109eeb01
https://github.com/krishnprakash/codeql/commit/408a5504670be29f6ce0a8c79c28b4b1109eeb01
Author: Geoffrey White <40627776...@users.noreply.github.com>
Date: 2024-02-26 (Mon, 26 Feb 2024)
Changed paths:
M cpp/ql/lib/semmle/code/cpp/controlflow/SubBasicBlocks.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/AddressFlow.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowVar.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingImplSpecific.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingUtil.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll
Log Message:
-----------
Merge pull request #15727 from geoffw0/qldoc4
C++: Mark internal files in the old dataflow library as deprecated
Compare: https://github.com/krishnprakash/codeql/compare/2683e40038fe...408a5504670b
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Reply all
Reply to author
Forward
0 new messages