[krishnprakash/codeql] 9ff4ed: Java: recognize Path.toRealPath() as path normaliz...

0 views

Skip to first unread message

Phileco

unread,

Apr 23, 2026, 7:53:32 AM (5 days ago) Apr 23

to philecodi...@googlegroups.com

Branch: refs/heads/main
Home: https://github.com/krishnprakash/codeql
Commit: 9ff4ed286f7a060fa77475c6e846546336e0e279
https://github.com/krishnprakash/codeql/commit/9ff4ed286f7a060fa77475c6e846546336e0e279
Author: MarkLee131 <kaixu...@ntu.edu.sg>
Date: 2026-04-04 (Sat, 04 Apr 2026)

Changed paths:
A java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md
M java/ql/lib/semmle/code/java/security/PathSanitizer.qll
M java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.java

Log Message:
-----------
Java: recognize Path.toRealPath() as path normalization sanitizer

PathNormalizeSanitizer recognized Path.normalize() and
File.getCanonicalPath()/getCanonicalFile(), but not Path.toRealPath().

toRealPath() is strictly stronger than normalize() (resolves symlinks
and verifies file existence in addition to normalizing ".." components),
and is functionally equivalent to File.getCanonicalPath() for the NIO.2
API. CERT FIO16-J and OWASP both recommend it for path traversal defense.

This adds toRealPath to PathNormalizeSanitizer alongside normalize,
reducing false positives for code using idiomatic NIO.2 path handling.

Commit: 9f19791d8ceb52b0ba441be3db70a096da24c1b8
https://github.com/krishnprakash/codeql/commit/9f19791d8ceb52b0ba441be3db70a096da24c1b8
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)

Changed paths:
M MODULE.bazel
M actions/ql/lib/CHANGELOG.md
A actions/ql/lib/change-notes/released/0.4.33.md
A actions/ql/lib/change-notes/released/0.4.34.md
M actions/ql/lib/codeql-pack.release.yml
R actions/ql/lib/ext/manual/docker_build-push-action.model.yml
R actions/ql/lib/ext/manual/step-security_harden-runner.model.yml
M actions/ql/lib/qlpack.yml
M actions/ql/src/CHANGELOG.md
M actions/ql/src/Security/CWE-275/MissingActionsPermissions.ql
M actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql
M actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.ql
A actions/ql/src/change-notes/released/0.6.25.md
A actions/ql/src/change-notes/released/0.6.26.md
M actions/ql/src/codeql-pack.release.yml
M actions/ql/src/qlpack.yml
A actions/ql/test/query-tests/Security/CWE-275/.github/workflows/perms11.yml
A actions/ql/test/query-tests/Security/CWE-275/.github/workflows/perms12.yml
M actions/ql/test/query-tests/Security/CWE-829/ArtifactPoisoningCritical.expected
M cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected
M cpp/ql/lib/CHANGELOG.md
R cpp/ql/lib/change-notes/2026-03-20-add-indirect-uninitialized-node.md
A cpp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md
R cpp/ql/lib/change-notes/2026-03-23-indirect-parameter-nodes-and-indirect-instructions.md
R cpp/ql/lib/change-notes/2026-03-24-field-init.md
R cpp/ql/lib/change-notes/2026-03-26-convert-csv-models-to-yml.md
R cpp/ql/lib/change-notes/2026-03-30-nsdmi-dataflow.md
R cpp/ql/lib/change-notes/2026-03-31-http-flow-sources.md
R cpp/ql/lib/change-notes/2026-03-31-meson.md
A cpp/ql/lib/change-notes/released/10.0.0.md
A cpp/ql/lib/change-notes/released/9.0.0.md
M cpp/ql/lib/codeql-pack.release.yml
M cpp/ql/lib/ext/allocation/Std.allocation.model.yml
M cpp/ql/lib/qlpack.yml
M cpp/ql/lib/semmle/code/cpp/ConfigurationTestFile.qll
M cpp/ql/lib/semmle/code/cpp/commons/Printf.qll
M cpp/ql/lib/semmle/code/cpp/commons/Scanf.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/ExternalFlowExtensions.qll
M cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowSummaryImpl.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/NonThrowing.qll
M cpp/ql/lib/semmle/code/cpp/models/interfaces/Throwing.qll
M cpp/ql/src/CHANGELOG.md
M cpp/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql
M cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.ql
M cpp/ql/src/Likely Bugs/Underspecified Functions/ImplicitFunctionDeclaration.qhelp
M cpp/ql/src/Likely Bugs/Underspecified Functions/ImplicitFunctionDeclaration.ql
M cpp/ql/src/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.qll
M cpp/ql/src/Likely Bugs/Underspecified Functions/TooFewArguments.qll
M cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.qll
M cpp/ql/src/Security/CWE/CWE-190/ComparisonWithWiderType.ql
M cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
R cpp/ql/src/change-notes/2026-03-11-integer-multiplication-cast-to-long.md
R cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
R cpp/ql/src/change-notes/2026-03-16-wrong-type-format-argument.md
R cpp/ql/src/change-notes/2026-03-19-suspicious-add-sizeof.md
R cpp/ql/src/change-notes/2026-03-19-tainted-format-string.md
R cpp/ql/src/change-notes/2026-03-30-warning-diagnostics.md
A cpp/ql/src/change-notes/released/1.6.0.md
A cpp/ql/src/change-notes/released/1.6.1.md
M cpp/ql/src/codeql-pack.release.yml
M cpp/ql/src/qlpack.yml
A cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/autoconf/ExprHasNoEffect.expected
A cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/autoconf/ExprHasNoEffect.qlref
A cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/autoconf/conftest.c
A cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/autoconf/conftest.c.c
A cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/autoconf/conftest.cpp
A cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/autoconf/conftest.h
A cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/autoconf/conftest123.c
A cpp/ql/test/query-tests/Likely Bugs/Likely Typos/ExprHasNoEffect/autoconf/conftest_abc.c
M csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.64.md
A csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.7.65.md
M csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/lib/qlpack.yml
M csharp/ql/campaigns/Solorigate/src/CHANGELOG.md
M csharp/ql/campaigns/Solorigate/src/ModifiedFnvFunctionDetection.ql
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.64.md
A csharp/ql/campaigns/Solorigate/src/change-notes/released/1.7.65.md
M csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml
M csharp/ql/campaigns/Solorigate/src/qlpack.yml
M csharp/ql/consistency-queries/CfgConsistency.ql
M csharp/ql/consistency-queries/DataFlowConsistency.ql
M csharp/ql/consistency-queries/VariableCaptureConsistency.ql
M csharp/ql/examples/snippets/integer_literal.ql
M csharp/ql/lib/CHANGELOG.md
M csharp/ql/lib/Linq/Helpers.qll
R csharp/ql/lib/change-notes/2026-03-19-fix-log-forging-extension-methods.md
A csharp/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md
R csharp/ql/lib/change-notes/2026-03-26-expanded-assignments.md
A csharp/ql/lib/change-notes/2026-04-01-asp-remote-sources.md
A csharp/ql/lib/change-notes/2026-04-13-cfg.md
A csharp/ql/lib/change-notes/released/5.4.12.md
A csharp/ql/lib/change-notes/released/5.5.0.md
M csharp/ql/lib/codeql-pack.release.yml
M csharp/ql/lib/definitions.qll
M csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll
M csharp/ql/lib/printCfg.ql
M csharp/ql/lib/qlpack.yml
M csharp/ql/lib/semmle/code/csharp/Assignable.qll
M csharp/ql/lib/semmle/code/csharp/Caching.qll
M csharp/ql/lib/semmle/code/csharp/Callable.qll
M csharp/ql/lib/semmle/code/csharp/Conversion.qll
M csharp/ql/lib/semmle/code/csharp/ExprOrStmtParent.qll
M csharp/ql/lib/semmle/code/csharp/PrintAst.qll
M csharp/ql/lib/semmle/code/csharp/Property.qll
M csharp/ql/lib/semmle/code/csharp/commons/Collections.qll
M csharp/ql/lib/semmle/code/csharp/commons/ComparisonTest.qll
M csharp/ql/lib/semmle/code/csharp/commons/Constants.qll
M csharp/ql/lib/semmle/code/csharp/commons/Strings.qll
R csharp/ql/lib/semmle/code/csharp/controlflow/BasicBlocks.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowElement.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowGraph.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/ControlFlowReachability.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/Guards.qll
R csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
R csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImpl.qll
M csharp/ql/lib/semmle/code/csharp/controlflow/internal/NonReturning.qll
R csharp/ql/lib/semmle/code/csharp/controlflow/internal/Splitting.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/Nullness.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/SignAnalysis.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/BaseSSA.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplSpecific.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/ExternalFlow.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/ExternalFlowExtensions.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/TaintTrackingPublic.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/BoundSpecific.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ConstantUtils.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionSpecific.qll
M csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaUtils.qll
M csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Access.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Call.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Creation.qll
M csharp/ql/lib/semmle/code/csharp/exprs/Expr.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/Format.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/Moq.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll
M csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll
M csharp/ql/lib/semmle/code/csharp/security/auth/SecureCookies.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
M csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
M csharp/ql/lib/semmle/code/csharp/security/xml/InsecureXMLQuery.qll
M csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
M csharp/ql/src/CHANGELOG.md
M csharp/ql/src/Concurrency/UnsynchronizedStaticAccess.ql
M csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
M csharp/ql/src/Dead Code/NonAssignedFields.ql
M csharp/ql/src/Language Abuse/ForeachCapture.ql
M csharp/ql/src/Language Abuse/MissedTernaryOpportunity.ql
M csharp/ql/src/Likely Bugs/BadCheckOdd.ql
M csharp/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql
M csharp/ql/src/Likely Bugs/MishandlingJapaneseEra.ql
M csharp/ql/src/Likely Bugs/NestedLoopsSameVariable.ql
M csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql
M csharp/ql/src/Likely Bugs/SelfAssignment.ql
M csharp/ql/src/Likely Bugs/Statements/UseBraces.ql
M csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql
M csharp/ql/src/Linq/BadMultipleIteration.ql
M csharp/ql/src/Performance/StringBuilderInLoop.ql
M csharp/ql/src/Performance/StringConcatenationInLoop.ql
M csharp/ql/src/Security Features/CWE-1004/CookieWithoutHttpOnly.ql
M csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.ql
M csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
M csharp/ql/src/Security Features/CWE-614/CookieWithoutSecure.ql
M csharp/ql/src/Security Features/CookieWithOverlyBroadDomain.ql
M csharp/ql/src/Security Features/CookieWithOverlyBroadPath.ql
M csharp/ql/src/Security Features/HeaderCheckingDisabled.ql
M csharp/ql/src/Security Features/InsecureRandomness.ql
M csharp/ql/src/Security Features/InsufficientKeySize.ql
M csharp/ql/src/Security Features/PersistentCookie.ql
M csharp/ql/src/Telemetry/DatabaseQuality.qll
M csharp/ql/src/Useless code/DefaultToStringQuery.qll
M csharp/ql/src/Useless code/RedundantToStringCall.ql
R csharp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
R csharp/ql/src/change-notes/2026-03-31-constantcondition-simplify.md
A csharp/ql/src/change-notes/released/1.7.0.md
A csharp/ql/src/change-notes/released/1.7.1.md
M csharp/ql/src/codeql-pack.release.yml
M csharp/ql/src/experimental/Security Features/CWE-759/HashWithoutSalt.ql
M csharp/ql/src/qlpack.yml
M csharp/ql/test/library-tests/assignables/AssignableDefinitionNode.ql
M csharp/ql/test/library-tests/assignments/AssignOperation.ql
M csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected
R csharp/ql/test/library-tests/controlflow/graph/CONSISTENCY/CfgConsistency.expected
M csharp/ql/test/library-tests/controlflow/graph/Common.qll
M csharp/ql/test/library-tests/controlflow/graph/Condition.expected
M csharp/ql/test/library-tests/controlflow/graph/Condition.ql
M csharp/ql/test/library-tests/controlflow/graph/Dominance.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.expected
M csharp/ql/test/library-tests/controlflow/graph/EnclosingCallable.ql
M csharp/ql/test/library-tests/controlflow/graph/EntryElement.expected
M csharp/ql/test/library-tests/controlflow/graph/EntryElement.ql
R csharp/ql/test/library-tests/controlflow/graph/ExitElement.expected
R csharp/ql/test/library-tests/controlflow/graph/ExitElement.ql
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.expected
M csharp/ql/test/library-tests/controlflow/graph/NodeGraph.ql
M csharp/ql/test/library-tests/controlflow/graph/Nodes.expected
M csharp/ql/test/library-tests/controlflow/graph/Nodes.ql
M csharp/ql/test/library-tests/controlflow/guards-large/GuardedExpr.expected
M csharp/ql/test/library-tests/controlflow/guards/BooleanGuardedExpr.expected
M csharp/ql/test/library-tests/controlflow/guards/GuardedControlFlowNode.expected
M csharp/ql/test/library-tests/controlflow/guards/GuardedExpr.expected
M csharp/ql/test/library-tests/controlflow/guards/Guards.cs
M csharp/ql/test/library-tests/conversion/pointer/Pointer.ql
M csharp/ql/test/library-tests/csharp10/lambda.ql
M csharp/ql/test/library-tests/csharp11/operators.ql
M csharp/ql/test/library-tests/csharp11/signAnalysis.ql
M csharp/ql/test/library-tests/csharp6/MemberInitializer.ql
M csharp/ql/test/library-tests/csharp7/IsFlow.expected
M csharp/ql/test/library-tests/csharp7/IsFlow.ql
M csharp/ql/test/library-tests/csharp7/LocalTaintFlow.expected
M csharp/ql/test/library-tests/csharp8/NullCoalescingControlFlow.expected
M csharp/ql/test/library-tests/csharp8/NullCoalescingControlFlow.ql
M csharp/ql/test/library-tests/csharp8/NullableRefTypes.expected
M csharp/ql/test/library-tests/csharp8/NullableRefTypes.ql
M csharp/ql/test/library-tests/csharp8/UsingControlFlow.expected
M csharp/ql/test/library-tests/csharp8/UsingControlFlow.ql
M csharp/ql/test/library-tests/csharp8/ispatternflow.expected
M csharp/ql/test/library-tests/csharp8/ispatternflow.ql
M csharp/ql/test/library-tests/csharp8/switchexprcontrolflow.expected
M csharp/ql/test/library-tests/csharp8/switchexprcontrolflow.ql
M csharp/ql/test/library-tests/csharp8/switchstmtctrlflow.expected
M csharp/ql/test/library-tests/csharp8/switchstmtctrlflow.ql
M csharp/ql/test/library-tests/dataflow/call-sensitivity/CallSensitivityFlow.expected
M csharp/ql/test/library-tests/dataflow/defuse/defUseEquivalence.ql
M csharp/ql/test/library-tests/dataflow/defuse/parameterUseEquivalence.ql
M csharp/ql/test/library-tests/dataflow/defuse/useUseEquivalence.ql
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/AspRemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/aspremote/aspRemoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/RemoteFlowSource.cs
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.expected
M csharp/ql/test/library-tests/dataflow/flowsources/remote/remoteFlowSource.ql
M csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
M csharp/ql/test/library-tests/dataflow/modulusanalysis/ModulusAnalysis.expected
M csharp/ql/test/library-tests/dataflow/modulusanalysis/ModulusAnalysis.ql
M csharp/ql/test/library-tests/dataflow/signanalysis/MissingSign.ql
M csharp/ql/test/library-tests/dataflow/signanalysis/SignAnalysis.expected
M csharp/ql/test/library-tests/dataflow/signanalysis/SignAnalysis.ql
M csharp/ql/test/library-tests/dataflow/ssa-large/countssa.expected
M csharp/ql/test/library-tests/dataflow/ssa-large/countssa.ql
M csharp/ql/test/library-tests/dataflow/ssa/SSAPhi.expected
M csharp/ql/test/library-tests/dataflow/ssa/SSAPhiRead.expected
M csharp/ql/test/library-tests/dataflow/ssa/SSAPhiRead.ql
M csharp/ql/test/library-tests/dataflow/ssa/SsaDef.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaDefElement.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaRead.expected
M csharp/ql/test/library-tests/dataflow/ssa/SsaUltimateDef.expected
M csharp/ql/test/library-tests/enums/Enums11.ql
M csharp/ql/test/library-tests/expressions/AddEventExpr1.ql
M csharp/ql/test/library-tests/expressions/AnonymousMethod1.ql
M csharp/ql/test/library-tests/expressions/AnonymousMethod2.ql
M csharp/ql/test/library-tests/expressions/AnonymousMethod3.ql
M csharp/ql/test/library-tests/expressions/AnonymousMethod4.ql
M csharp/ql/test/library-tests/expressions/AnonymousMethod5.ql
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation1.ql
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation2.ql
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation3.ql
M csharp/ql/test/library-tests/expressions/AnonymousObjectCreation4.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation1.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation10.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation2.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation3.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation4.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation5.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation6.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation7.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation8.ql
M csharp/ql/test/library-tests/expressions/ArrayCreation9.ql
M csharp/ql/test/library-tests/expressions/Lambda1.ql
M csharp/ql/test/library-tests/expressions/Lambda2.ql
M csharp/ql/test/library-tests/expressions/Lambda3.ql
M csharp/ql/test/library-tests/expressions/Lambda4.ql
M csharp/ql/test/library-tests/expressions/Lambda5.ql
M csharp/ql/test/library-tests/expressions/Lambda6.ql
M csharp/ql/test/library-tests/expressions/ObjectCreation10.ql
M csharp/ql/test/library-tests/expressions/ObjectCreation11.ql
M csharp/ql/test/library-tests/expressions/ObjectCreation4.ql
M csharp/ql/test/library-tests/expressions/ObjectCreation5.ql
M csharp/ql/test/library-tests/expressions/ObjectCreation6.ql
M csharp/ql/test/library-tests/expressions/ObjectCreation7.ql
M csharp/ql/test/library-tests/expressions/RemoveEventExpr1.ql
M csharp/ql/test/library-tests/goto/Goto1.expected
M csharp/ql/test/library-tests/goto/Goto1.ql
M csharp/ql/test/library-tests/obinit/ObInit.expected
M csharp/ql/test/library-tests/obinit/ObInit.ql
M csharp/ql/test/library-tests/security/dataflow/flowsources/StoredFlowSources.expected
M csharp/ql/test/library-tests/standalone/controlflow/cfg.expected
M csharp/ql/test/library-tests/standalone/controlflow/cfg.ql
A csharp/ql/test/query-tests/Linq/MissedSelectOpportunity/MissedSelectOpportunity.cs
A csharp/ql/test/query-tests/Linq/MissedSelectOpportunity/MissedSelectOpportunity.expected
A csharp/ql/test/query-tests/Linq/MissedSelectOpportunity/MissedSelectOpportunity.qlref
A csharp/ql/test/query-tests/Linq/MissedSelectOpportunity/options
M csharp/ql/test/query-tests/Useless Code/RedundantToStringCall/RedundantToStringCall.cs
M csharp/ql/test/query-tests/Useless Code/RedundantToStringCall/RedundantToStringCall.expected
M csharp/ql/test/query-tests/Useless Code/RedundantToStringCall/RedundantToStringCall.qlref
M csharp/ql/test/query-tests/Useless Code/RedundantToStringCall/RedundantToStringCallBad.cs
M csharp/ql/test/resources/stubs/System.Web.cs
M csharp/ql/test/utils/modelgenerator/dataflow/Summaries.cs
M docs/codeql/codeql-language-guides/customizing-library-models-for-actions.rst
M docs/codeql/codeql-language-guides/customizing-library-models-for-cpp.rst
M docs/codeql/codeql-language-guides/customizing-library-models-for-csharp.rst
M docs/codeql/codeql-language-guides/customizing-library-models-for-go.rst
M docs/codeql/codeql-language-guides/customizing-library-models-for-java-and-kotlin.rst
M docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst
M docs/codeql/codeql-language-guides/customizing-library-models-for-python.rst
M docs/codeql/codeql-language-guides/customizing-library-models-for-ruby.rst
A docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.25.2.rst
M docs/codeql/codeql-overview/codeql-changelog/index.rst
M docs/codeql/reusables/supported-versions-compilers.rst
M docs/ql-libraries/dataflow/dataflow.md
M go/extractor/go.mod
M go/extractor/go.sum
M go/ql/consistency-queries/CHANGELOG.md
A go/ql/consistency-queries/change-notes/released/1.0.47.md
A go/ql/consistency-queries/change-notes/released/1.0.48.md
M go/ql/consistency-queries/codeql-pack.release.yml
M go/ql/consistency-queries/qlpack.yml
M go/ql/lib/CHANGELOG.md
A go/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md
A go/ql/lib/change-notes/released/7.0.5.md
A go/ql/lib/change-notes/released/7.0.6.md
M go/ql/lib/codeql-pack.release.yml
M go/ql/lib/qlpack.yml
M go/ql/lib/semmle/go/Concepts.qll
M go/ql/lib/semmle/go/dataflow/ExternalFlow.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowImplConsistency.qll
M go/ql/lib/semmle/go/dataflow/internal/DataFlowPrivate.qll
M go/ql/lib/semmle/go/dataflow/internal/ExternalFlowExtensions.qll
M go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll
M go/ql/lib/semmle/go/frameworks/CryptoLibraries.qll
M go/ql/lib/semmle/go/frameworks/stdlib/IoFs.qll
M go/ql/src/CHANGELOG.md
R go/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
A go/ql/src/change-notes/released/1.6.0.md
A go/ql/src/change-notes/released/1.6.1.md
M go/ql/src/codeql-pack.release.yml
M go/ql/src/qlpack.yml
M go/ql/test/library-tests/semmle/go/dataflow/FlowSteps/LocalFlowStep.expected
M go/ql/test/library-tests/semmle/go/dataflow/PromotedFields/LocalFlowStep.expected
M java/ql/lib/CHANGELOG.md
A java/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md
R java/ql/lib/change-notes/2026-03-26-kotlin-2.3.20.md
R java/ql/lib/change-notes/2026-03-27-add-ec-to-secure-algorithms.md
R java/ql/lib/change-notes/2026-03-28-tainted-arithmetic-bounds-check.md
A java/ql/lib/change-notes/2026-04-04-sensitive-log-fp-reduction.md
A java/ql/lib/change-notes/2026-04-18-partial-path-traversal-fix.md
A java/ql/lib/change-notes/released/9.0.3.md
A java/ql/lib/change-notes/released/9.0.4.md
M java/ql/lib/codeql-pack.release.yml
M java/ql/lib/qlpack.yml
M java/ql/lib/semmle/code/java/ControlFlowGraph.qll
M java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
M java/ql/lib/semmle/code/java/dataflow/internal/ExternalFlowExtensions.qll
M java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll
M java/ql/lib/semmle/code/java/security/PartialPathTraversal.qll
M java/ql/lib/semmle/code/java/security/SensitiveActions.qll
M java/ql/lib/semmle/code/java/security/XmlParsers.qll
M java/ql/src/CHANGELOG.md
R java/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
A java/ql/src/change-notes/released/1.11.0.md
A java/ql/src/change-notes/released/1.11.1.md
M java/ql/src/codeql-pack.release.yml
M java/ql/src/qlpack.yml
M java/ql/test-kotlin1/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin2/library-tests/java-kotlin-collection-type-generic-methods/test.expected
M java/ql/test-kotlin2/library-tests/reflection/reflection.expected
M java/ql/test/library-tests/compact-source-files/CompactSourceAnalysis.expected
M java/ql/test/library-tests/compact-source-files/ImplicitClassDetection.expected
M java/ql/test/library-tests/compact-source-files/MethodInCompactSource.expected
M java/ql/test/library-tests/compact-source-files/options
M java/ql/test/library-tests/dataflow/kdf/options
M java/ql/test/library-tests/dataflow/scoped-values/options
M java/ql/test/library-tests/errorexpr/Test.java
M java/ql/test/library-tests/flexible-constructors/options
M java/ql/test/library-tests/module-import-declarations/options
M java/ql/test/query-tests/security/CWE-023/semmle/tests/PartialPathTraversal.qlref
M java/ql/test/query-tests/security/CWE-023/semmle/tests/PartialPathTraversalFromRemoteTest.expected
M java/ql/test/query-tests/security/CWE-023/semmle/tests/PartialPathTraversalTest.java
M java/ql/test/query-tests/security/CWE-532/SensitiveLogInfo.expected
M java/ql/test/query-tests/security/CWE-532/Test.java
A java/ql/test/query-tests/security/CWE-611/WstxInputFactoryTests.java
M java/ql/test/query-tests/security/CWE-611/XXE.expected
M java/ql/test/query-tests/security/CWE-611/options
A java/ql/test/query-tests/security/CWE-676/semmle/tests/options
A java/ql/test/stubs/woodstox-core-6.4.0/com/ctc/wstx/stax/WstxInputFactory.java
A java/ql/test/stubs/woodstox-core-6.4.0/org/codehaus/stax2/XMLInputFactory2.java
M javascript/ql/lib/CHANGELOG.md
A javascript/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md
A javascript/ql/lib/change-notes/released/2.6.27.md
A javascript/ql/lib/change-notes/released/2.6.28.md
M javascript/ql/lib/codeql-pack.release.yml
M javascript/ql/lib/qlpack.yml
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModels.qll
M javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsExtensions.qll
M javascript/ql/lib/semmle/javascript/security/dataflow/MissingRateLimiting.qll
M javascript/ql/src/CHANGELOG.md
A javascript/ql/src/change-notes/released/2.3.7.md
A javascript/ql/src/change-notes/released/2.3.8.md
M javascript/ql/src/codeql-pack.release.yml
M javascript/ql/src/qlpack.yml
M javascript/ql/test/query-tests/Security/CWE-770/MissingRateLimit/MissingRateLimiting.expected
M javascript/ql/test/query-tests/Security/CWE-770/MissingRateLimit/tst.js
M misc/suite-helpers/CHANGELOG.md
A misc/suite-helpers/change-notes/released/1.0.47.md
A misc/suite-helpers/change-notes/released/1.0.48.md
M misc/suite-helpers/codeql-pack.release.yml
M misc/suite-helpers/qlpack.yml
A python/downgrades/eb5fc917c79bb23ce2de4a022f3e566d57a91be9/old.dbscheme
A python/downgrades/eb5fc917c79bb23ce2de4a022f3e566d57a91be9/py_bools.ql
A python/downgrades/eb5fc917c79bb23ce2de4a022f3e566d57a91be9/semmlecode.python.dbscheme
A python/downgrades/eb5fc917c79bb23ce2de4a022f3e566d57a91be9/upgrade.properties
M python/extractor/semmle/python/ast.py
M python/extractor/semmle/python/master.py
M python/extractor/semmle/python/parser/ast.py
M python/extractor/semmle/python/parser/dump_ast.py
M python/extractor/semmle/python/parser/tsg_parser.py
M python/extractor/semmle/query_gen.py
A python/extractor/tests/parser/lazy_imports_new.expected
A python/extractor/tests/parser/lazy_imports_new.py
A python/extractor/tests/parser/unpacking_in_comprehensions_new.expected
A python/extractor/tests/parser/unpacking_in_comprehensions_new.py
M python/extractor/tsg-python/python.tsg
M python/extractor/tsg-python/tsp/grammar.js
M python/extractor/tsg-python/tsp/src/grammar.json
M python/extractor/tsg-python/tsp/src/node-types.json
M python/extractor/tsg-python/tsp/src/parser.c
M python/extractor/tsg-python/tsp/src/tree_sitter/array.h
M python/ql/lib/CHANGELOG.md
R python/ql/lib/change-notes/2026-03-11-fix-unresolved-relative-imports.md
A python/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md
A python/ql/lib/change-notes/2026-04-10-support-comprehension-unpacking.md
A python/ql/lib/change-notes/released/7.0.4.md
A python/ql/lib/change-notes/released/7.0.5.md
M python/ql/lib/codeql-pack.release.yml
M python/ql/lib/qlpack.yml
M python/ql/lib/semmle/python/AstGenerated.qll
A python/ql/lib/semmle/python/frameworks/Eventlet.model.yml
A python/ql/lib/semmle/python/frameworks/Gevent.model.yml
M python/ql/lib/semmle/python/frameworks/Stdlib.model.yml
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModels.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsExtensions.qll
M python/ql/lib/semmlecode.python.dbscheme
A python/ql/lib/upgrades/279cbb08d387ecd57ac177e87c94cfd5ca62f792/old.dbscheme
A python/ql/lib/upgrades/279cbb08d387ecd57ac177e87c94cfd5ca62f792/semmlecode.python.dbscheme
A python/ql/lib/upgrades/279cbb08d387ecd57ac177e87c94cfd5ca62f792/upgrade.properties
M python/ql/src/CHANGELOG.md
M python/ql/src/Security/CVE-2018-1281/BindToAllInterfaces.ql
M python/ql/src/Statements/ModificationOfLocals.ql
M python/ql/src/Statements/ShouldUseWithStatement.ql
M python/ql/src/Statements/UnreachableCode.ql
M python/ql/src/Statements/UnusedExceptionObject.ql
M python/ql/src/Statements/UseOfExit.ql
R python/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
R python/ql/src/change-notes/2026-03-13-port-simple-points-to-queries.md
A python/ql/src/change-notes/released/1.8.0.md
A python/ql/src/change-notes/released/1.8.1.md
M python/ql/src/codeql-pack.release.yml
M python/ql/src/qlpack.yml
A python/ql/test/3/extractor-tests/lazy-imports/test.expected
A python/ql/test/3/extractor-tests/lazy-imports/test.py
A python/ql/test/3/extractor-tests/lazy-imports/test.ql
A python/ql/test/3/extractor-tests/unpacking-comprehensions/test.expected
A python/ql/test/3/extractor-tests/unpacking-comprehensions/test.py
A python/ql/test/3/extractor-tests/unpacking-comprehensions/test.ql
M python/ql/test/library-tests/comprehensions/Flow.expected
A python/ql/test/library-tests/dataflow/coverage-pep798/NormalDataflowTest.expected
A python/ql/test/library-tests/dataflow/coverage-pep798/NormalDataflowTest.ql
A python/ql/test/library-tests/dataflow/coverage-pep798/test.py
M python/ql/test/query-tests/Security/CVE-2018-1281/BindToAllInterfaces.expected
M python/ql/test/query-tests/Security/CVE-2018-1281/BindToAllInterfaces.qlref
M python/ql/test/query-tests/Security/CVE-2018-1281/BindToAllInterfaces_test.py
M python/ql/test/query-tests/Statements/general/ShouldUseWithStatement.expected
M python/ql/test/query-tests/Statements/general/test.py
A python/scripts/create-extractor-pack.sh
M ruby/ql/docs/flow_summaries.md
M ruby/ql/lib/CHANGELOG.md
A ruby/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md
A ruby/ql/lib/change-notes/released/5.1.15.md
A ruby/ql/lib/change-notes/released/5.1.16.md
M ruby/ql/lib/codeql-pack.release.yml
M ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModels.qll
M ruby/ql/lib/codeql/ruby/frameworks/data/internal/ApiGraphModelsExtensions.qll
M ruby/ql/lib/qlpack.yml
M ruby/ql/src/CHANGELOG.md
R ruby/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
A ruby/ql/src/change-notes/released/1.6.0.md
A ruby/ql/src/change-notes/released/1.6.1.md
M ruby/ql/src/codeql-pack.release.yml
M ruby/ql/src/qlpack.yml
M rust/ql/lib/CHANGELOG.md
A rust/ql/lib/change-notes/2026-03-20-data-extensions-barriers.md
A rust/ql/lib/change-notes/released/0.2.11.md
A rust/ql/lib/change-notes/released/0.2.12.md
M rust/ql/lib/codeql-pack.release.yml
M rust/ql/lib/codeql/files/FileSystem.qll
M rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
M rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll
M rust/ql/lib/codeql/rust/frameworks/stdlib/Builtins.qll
M rust/ql/lib/codeql/rust/internal/PathResolution.qll
M rust/ql/lib/codeql/rust/internal/typeinference/BlanketImplementation.qll
M rust/ql/lib/codeql/rust/internal/typeinference/FunctionOverloading.qll
M rust/ql/lib/codeql/rust/internal/typeinference/TypeInference.qll
M rust/ql/lib/codeql/rust/internal/typeinference/TypeMention.qll
M rust/ql/lib/qlpack.yml
M rust/ql/src/CHANGELOG.md
R rust/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
A rust/ql/src/change-notes/released/0.1.32.md
A rust/ql/src/change-notes/released/0.1.33.md
M rust/ql/src/codeql-pack.release.yml
M rust/ql/src/qlpack.yml
M rust/ql/test/library-tests/dataflow/lambdas/inline-flow.expected
M rust/ql/test/library-tests/dataflow/lambdas/main.rs
M rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected
M rust/ql/test/library-tests/type-inference/CONSISTENCY/PathResolutionConsistency.expected
M rust/ql/test/library-tests/type-inference/closure.rs
M rust/ql/test/library-tests/type-inference/main.rs
M rust/ql/test/library-tests/type-inference/regressions.rs
M rust/ql/test/library-tests/type-inference/type-inference.expected
M rust/ql/test/utils-tests/modelgenerator/option.rs
A rust/tools/builtins/impls.rs
M shared/concepts/CHANGELOG.md
A shared/concepts/change-notes/released/0.0.21.md
A shared/concepts/change-notes/released/0.0.22.md
M shared/concepts/codeql-pack.release.yml
M shared/concepts/qlpack.yml
M shared/controlflow/CHANGELOG.md
A shared/controlflow/change-notes/released/2.0.31.md
A shared/controlflow/change-notes/released/2.0.32.md
M shared/controlflow/codeql-pack.release.yml
M shared/controlflow/codeql/controlflow/ControlFlowGraph.qll
M shared/controlflow/qlpack.yml
M shared/dataflow/CHANGELOG.md
A shared/dataflow/change-notes/released/2.1.3.md
A shared/dataflow/change-notes/released/2.1.4.md
M shared/dataflow/codeql-pack.release.yml
M shared/dataflow/codeql/dataflow/DataFlow.qll
M shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll
M shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
M shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll
M shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll
M shared/dataflow/qlpack.yml
M shared/mad/CHANGELOG.md
A shared/mad/change-notes/released/1.0.47.md
A shared/mad/change-notes/released/1.0.48.md
M shared/mad/codeql-pack.release.yml
M shared/mad/codeql/mad/ModelValidation.qll
M shared/mad/codeql/mad/static/ModelsAsData.qll
M shared/mad/qlpack.yml
M shared/quantum/CHANGELOG.md
A shared/quantum/change-notes/released/0.0.25.md
A shared/quantum/change-notes/released/0.0.26.md
M shared/quantum/codeql-pack.release.yml
M shared/quantum/qlpack.yml
M shared/rangeanalysis/CHANGELOG.md
A shared/rangeanalysis/change-notes/released/1.0.47.md
A shared/rangeanalysis/change-notes/released/1.0.48.md
M shared/rangeanalysis/codeql-pack.release.yml
M shared/rangeanalysis/qlpack.yml
M shared/regex/CHANGELOG.md
A shared/regex/change-notes/released/1.0.47.md
A shared/regex/change-notes/released/1.0.48.md
M shared/regex/codeql-pack.release.yml
M shared/regex/qlpack.yml
M shared/ssa/CHANGELOG.md
A shared/ssa/change-notes/released/2.0.23.md
A shared/ssa/change-notes/released/2.0.24.md
M shared/ssa/codeql-pack.release.yml
M shared/ssa/qlpack.yml
M shared/threat-models/CHANGELOG.md
A shared/threat-models/change-notes/released/1.0.47.md
A shared/threat-models/change-notes/released/1.0.48.md
M shared/threat-models/codeql-pack.release.yml
M shared/threat-models/qlpack.yml
M shared/tutorial/CHANGELOG.md
A shared/tutorial/change-notes/released/1.0.47.md
A shared/tutorial/change-notes/released/1.0.48.md
M shared/tutorial/codeql-pack.release.yml
M shared/tutorial/qlpack.yml
M shared/typeflow/CHANGELOG.md
A shared/typeflow/change-notes/released/1.0.47.md
A shared/typeflow/change-notes/released/1.0.48.md
M shared/typeflow/codeql-pack.release.yml
M shared/typeflow/qlpack.yml
M shared/typeinference/CHANGELOG.md
A shared/typeinference/change-notes/released/0.0.28.md
A shared/typeinference/change-notes/released/0.0.29.md
M shared/typeinference/codeql-pack.release.yml
M shared/typeinference/codeql/typeinference/internal/TypeInference.qll
M shared/typeinference/qlpack.yml
M shared/typetracking/CHANGELOG.md
A shared/typetracking/change-notes/released/2.0.31.md
A shared/typetracking/change-notes/released/2.0.32.md
M shared/typetracking/codeql-pack.release.yml
M shared/typetracking/qlpack.yml
M shared/typos/CHANGELOG.md
A shared/typos/change-notes/released/1.0.47.md
A shared/typos/change-notes/released/1.0.48.md
M shared/typos/codeql-pack.release.yml
M shared/typos/qlpack.yml
M shared/util/CHANGELOG.md
A shared/util/change-notes/released/2.0.34.md
A shared/util/change-notes/released/2.0.35.md
M shared/util/codeql-pack.release.yml
M shared/util/qlpack.yml
M shared/xml/CHANGELOG.md
A shared/xml/change-notes/released/1.0.47.md
A shared/xml/change-notes/released/1.0.48.md
M shared/xml/codeql-pack.release.yml
M shared/xml/qlpack.yml
M shared/yaml/CHANGELOG.md
A shared/yaml/change-notes/released/1.0.47.md
A shared/yaml/change-notes/released/1.0.48.md
M shared/yaml/codeql-pack.release.yml
M shared/yaml/qlpack.yml
A swift/downgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/builtin_fixed_array_types.ql
A swift/downgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/old.dbscheme
A swift/downgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/swift.dbscheme
A swift/downgrades/5738be6bb04742c424efdbf9f4de11f0b10fa37d/upgrade.properties
A swift/downgrades/ee3053b673c901a325b361b18c50b18342752bf8/old.dbscheme
A swift/downgrades/ee3053b673c901a325b361b18c50b18342752bf8/swift.dbscheme
A swift/downgrades/ee3053b673c901a325b361b18c50b18342752bf8/upgrade.properties
M swift/extractor/infra/SwiftTagTraits.h
M swift/extractor/mangler/SwiftMangler.cpp
M swift/extractor/mangler/SwiftMangler.h
M swift/extractor/translators/StmtTranslator.cpp
M swift/extractor/translators/TypeTranslator.cpp
M swift/extractor/translators/TypeTranslator.h
M swift/ql/.generated.list
M swift/ql/.gitattributes
M swift/ql/integration-tests/posix/deduplication/BuiltinTypes.expected
M swift/ql/lib/CHANGELOG.md
A swift/ql/lib/change-notes/2026-04-17-fixed-array.md
A swift/ql/lib/change-notes/2026-04-20-swift-6.3.1.md
A swift/ql/lib/change-notes/released/6.3.3.md
A swift/ql/lib/change-notes/released/6.4.0.md
M swift/ql/lib/codeql-pack.release.yml
M swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll
M swift/ql/lib/codeql/swift/elements.qll
M swift/ql/lib/codeql/swift/elements/type/BuiltinFixedArrayType.qll
A swift/ql/lib/codeql/swift/elements/type/BuiltinGenericType.qll
A swift/ql/lib/codeql/swift/elements/type/internal/BuiltinGenericTypeImpl.qll
M swift/ql/lib/codeql/swift/generated/ParentChild.qll
M swift/ql/lib/codeql/swift/generated/Raw.qll
M swift/ql/lib/codeql/swift/generated/Synth.qll
M swift/ql/lib/codeql/swift/generated/type/BuiltinFixedArrayType.qll
A swift/ql/lib/codeql/swift/generated/type/BuiltinGenericType.qll
M swift/ql/lib/qlpack.yml
M swift/ql/lib/swift.dbscheme
A swift/ql/lib/upgrades/33e5e5e03bd3f98322f4c67aefa81015be832b88/old.dbscheme
A swift/ql/lib/upgrades/33e5e5e03bd3f98322f4c67aefa81015be832b88/swift.dbscheme
A swift/ql/lib/upgrades/33e5e5e03bd3f98322f4c67aefa81015be832b88/upgrade.properties
A swift/ql/lib/upgrades/ee3053b673c901a325b361b18c50b18342752bf8/old.dbscheme
A swift/ql/lib/upgrades/ee3053b673c901a325b361b18c50b18342752bf8/swift.dbscheme
A swift/ql/lib/upgrades/ee3053b673c901a325b361b18c50b18342752bf8/upgrade.properties
A swift/ql/lib/upgrades/ee3053b673c901a325b361b18c50b18342752bf8/upgrade.ql
M swift/ql/src/CHANGELOG.md
R swift/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
A swift/ql/src/change-notes/released/1.3.0.md
A swift/ql/src/change-notes/released/1.3.1.md
M swift/ql/src/codeql-pack.release.yml
M swift/ql/src/qlpack.yml
M swift/ql/test/extractor-tests/declarations/all.expected
M swift/ql/test/extractor-tests/errors/Errors.expected
M swift/ql/test/extractor-tests/generated/decl/CapturedDecl/PrintAst.expected
M swift/ql/test/extractor-tests/generated/decl/ConcreteVarDecl/ConcreteVarDecl.expected
M swift/ql/test/extractor-tests/generated/decl/MacroDecl/MacroRole.expected
M swift/ql/test/extractor-tests/generated/decl/ParamDecl/ParamDecl.expected
M swift/ql/test/extractor-tests/generated/expr/ObjectLiteralExpr/ObjectLiteralExpr.expected
M swift/ql/test/extractor-tests/generated/stmt/ForEachStmt/ForEachStmt.expected
A swift/ql/test/extractor-tests/generated/type/BuiltinFixedArrayType/BuiltinFixedArrayType.expected
A swift/ql/test/extractor-tests/generated/type/BuiltinFixedArrayType/BuiltinFixedArrayType.ql
A swift/ql/test/extractor-tests/generated/type/BuiltinFixedArrayType/fixed_array.swift
M swift/ql/test/extractor-tests/generated/type/BuiltinType/BuiltinType.expected
R swift/ql/test/extractor-tests/generated/type/BuiltinType/fixed_array.swift
M swift/ql/test/extractor-tests/generated/type/IntegerType/IntegerType.expected
M swift/ql/test/library-tests/ast/PrintAst.expected
M swift/ql/test/library-tests/controlflow/graph/Cfg.expected
M swift/schema.py
M swift/third_party/resources/resource-dir-linux.zip
M swift/third_party/resources/resource-dir-macos.zip
M swift/third_party/resources/swift-prebuilt-linux.tar.zst
M swift/third_party/resources/swift-prebuilt-macos.tar.zst

Log Message:
-----------
Merge branch 'main' into fix/path-injection-torealpath

Commit: bf960b8c761598bf11d94cb7823dd5c0718ecfd3
https://github.com/krishnprakash/codeql/commit/bf960b8c761598bf11d94cb7823dd5c0718ecfd3
Author: Owen Mansel-Chan <62447351...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)

Changed paths:
A java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md
M java/ql/lib/semmle/code/java/security/PathSanitizer.qll
M java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.java

Log Message:
-----------
Merge pull request #21652 from MarkLee131/fix/path-injection-torealpath

Java: recognize Path.toRealPath() as path normalization sanitizer

Commit: f3920ae757507ebe9317ab1a5d8485c5709cc823
https://github.com/krishnprakash/codeql/commit/f3920ae757507ebe9317ab1a5d8485c5709cc823
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-04-23 (Thu, 23 Apr 2026)

Changed paths:
A java/ql/lib/change-notes/2026-04-04-path-injection-torealpath.md
M java/ql/lib/semmle/code/java/security/PathSanitizer.qll
M java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.java

Log Message:
-----------
Merge branch 'github:main' into main

Compare: https://github.com/krishnprakash/codeql/compare/b372ce2994f6...f3920ae75750

To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications

Reply all

Reply to author

Forward

0 new messages