Insights: github/codeql

63 Pull requests merged by 23 people

• Java: Add MaD declarations after triage

  #12463 merged Mar 17, 2023

• Swift: add a query showing successfully extracted files

  #12567 merged Mar 17, 2023

• Swift: remove parameter labels from function types

  #12565 merged Mar 17, 2023

• JS: Include weak block modes as sink in weak crypto algorithm

  #12555 merged Mar 17, 2023

• Merge `rc/3.9` back to `main`

  #12568 merged Mar 17, 2023

• JS: Add support for TypeScript 5.0

  #12011 merged Mar 17, 2023

• Go: exclude `net/http.Header.Set` and `.Del` from `go/untrusted-data-to-external-api`

  #12558 merged Mar 17, 2023

• Java: PrintAst: Improve the ranking of callables

  #12521 merged Mar 17, 2023

• JS: Update for renamed `com.semmle.util.diagnostics` package

  #12561 merged Mar 17, 2023

• Release preparation for version 2.12.5

  #12551 merged Mar 17, 2023

• DataFlow: Workaround empty predicate usage in IPA branch.

  #12538 merged Mar 17, 2023

• Ruby: Remove some redundant `super` type qualifiers

  #12564 merged Mar 17, 2023

• Ruby: `Ssa::WriteDefinition::getWriteAccess` should return a CFG node

  #12549 merged Mar 17, 2023

• Ruby: Rely on built-in hash-flow in clear text storage query

  #12554 merged Mar 17, 2023

• Ruby: Model Sinatra

  #11954 merged Mar 16, 2023

• C++: Add `range` call to test

  #12559 merged Mar 16, 2023

• Swift: Add taint test for custom string interpolation.

  #12560 merged Mar 16, 2023

• C#: Support for virtual dispatch for operators.

  #12200 merged Mar 16, 2023

• C++: Replace AST with IR use-use dataflow

  #10817 merged Mar 16, 2023

• Bump actions/setup-go from 3 to 4

  #12548 merged Mar 16, 2023

• Bump serde from 1.0.155 to 1.0.156 in /ql

  #12525 merged Mar 16, 2023

• Bump chrono from 0.4.23 to 0.4.24 in /ql

  #12496 merged Mar 16, 2023

• Data flow: Add consistency check for `DataFlowCall::getEnclosingCallable`

  #12536 merged Mar 16, 2023

• Python/Ruby: Use new parameter position for synthetic hash-splat instead

  #12467 merged Mar 16, 2023

• Polish diagnostic messages

  #12523 merged Mar 15, 2023

• C++: Use local flow instead of GVN in `getAdditionalFlowIntoCallNodeTerm`

  #12532 merged Mar 15, 2023

• Java: Refactor more dataflow queries to the new API (take 3)

  #12530 merged Mar 15, 2023

• Swift: Fix `SummaryCall::getEnclosingCallable`

  #12534 merged Mar 15, 2023

• Java: Delete `DataFlowForSerializability` and `DataFlowForOnActivityResult`

  #12527 merged Mar 15, 2023

• Java: Refactor more dataflow queries to the new API

  #12476 merged Mar 15, 2023

• Ruby: Merge extractor crates

  #12510 merged Mar 14, 2023

• Ruby: Add some missing Rails sinks

  #12493 merged Mar 14, 2023

• Swift: Fix result type of NominalType.getABaseType.

  #12520 merged Mar 14, 2023

• Java: Remove low-confidence dispatch to known neutrals.

  #12515 merged Mar 14, 2023

• Data flow: Exclude `expectsContent` nodes from lambda flow

  #12513 merged Mar 14, 2023

• JS: Support import assertions

  #12382 merged Mar 14, 2023

• Java: Fix printAST to handle javadoc belonging to multiple elements

  #12501 merged Mar 14, 2023

• JS: Handle forwardRef in React

  #12445 merged Mar 14, 2023

• JS: Track trusted types policy callbacks

  #12423 merged Mar 14, 2023

• Swift: make `AnyGenericType::getDecl`'s type more specific

  #12516 merged Mar 14, 2023

• Swift: add an initial draft for a deduplication test

  #12508 merged Mar 14, 2023

• Java: Arbitrary APK installation

  #11915 merged Mar 14, 2023

• Update CSV framework coverage reports

  #12511 merged Mar 14, 2023

• Ruby: Add missing flow through `self.new` constructor calls

  #12499 merged Mar 14, 2023

• Py: add unsafe-shell-command-construction

  #12047 merged Mar 14, 2023

• Java: Add a qltest demonstrating side-effect on a callback instance.

  #12503 merged Mar 13, 2023

• C++: Map some indirect nodes to expressions in `localExprFlowStep`

  #12507 merged Mar 13, 2023

• Kotlin: Test double interceptions

  #12431 merged Mar 13, 2023

• Java: Update MaD Declarations after Triage

  #12446 merged Mar 13, 2023

• C++: IR-based range analysis for unary minus

  #12436 merged Mar 13, 2023

• Data flow: Synthesize post-update nodes for callback arguments inside summarized callables

  #12474 merged Mar 13, 2023

• Bump serde from 1.0.154 to 1.0.155 in /ruby

  #12494 merged Mar 13, 2023

• delete old deprecations

  #12345 merged Mar 13, 2023

• Bump serde from 1.0.154 to 1.0.155 in /ql

  #12495 merged Mar 13, 2023

• Ruby: support long paths on Windows

  #12486 merged Mar 13, 2023

• Swift: Skeleton + tests for type alias support

  #12489 merged Mar 13, 2023

• JS: Add html sanitizers as a taint step in a few queries

  #12424 merged Mar 13, 2023

• Dataflow: Add MergePathGraph module.

  #12475 merged Mar 13, 2023

• C++: Update `.expected` after frontend changes

  #12498 merged Mar 13, 2023

• Bump rayon from 1.6.1 to 1.7.0 in /ql

  #12405 merged Mar 13, 2023

• Swift: Update swift/summary/summary-statistics to DataFlow::ConfigSig

  #12484 merged Mar 13, 2023

• Swift: Add generated QLDoc to the Raw.qll file.

  #12485 merged Mar 13, 2023

• Swift: add constructor flow

  #12415 merged Mar 10, 2023

31 Pull requests opened by 17 people

• Swift: rework fetching and dispatching

  #12500 opened Mar 13, 2023

• DO NOT MERGE: C++: Replace simple range analysis uses by semantic range analysis uses

  #12505 opened Mar 13, 2023

• Java: Update MaD Declarations after Triage

  #12506 opened Mar 13, 2023

• Swift: Extract type aliases

  #12509 opened Mar 13, 2023

• PY: revert group sequences of chars

  #12514 opened Mar 14, 2023

• python: Fix link to type inference

  #12517 opened Mar 14, 2023

• JS: recognize more express URL related sources

  #12518 opened Mar 14, 2023

• Data flow: Switch to forwards-flow in `viableCallableLambda`

  #12519 opened Mar 14, 2023

• Ruby: Bump rust toolchain to 1.68

  #12529 opened Mar 15, 2023

• Java: Autoformat.

  #12531 opened Mar 15, 2023

• Java/dataflow: Misc performance fixes

  #12533 opened Mar 15, 2023

• Compile error.

  #12535 opened Mar 15, 2023

• Python: Captured variables for type tracking and the API graph

  #12537 opened Mar 15, 2023

• Java/C#: Re-factor model generator taint tracking configurations to use the new API

  #12539 opened Mar 15, 2023

• Ruby: change evaluation order of destructured assignments

  #12540 opened Mar 15, 2023

• Java: Refactor more queries to the new DataFlow module API

  #12541 opened Mar 15, 2023

• Java: Refactor more queries to the new DataFlow module API (part 2)

  #12542 opened Mar 15, 2023

• ReDoS: restrict the edges considered in polynomial-redos for complex regular expressions

  #12543 opened Mar 15, 2023

• Introduce a shared extractor library

  #12546 opened Mar 16, 2023

• Java/Python: use Number.qll to parse hex numbers in regex parsing

  #12550 opened Mar 16, 2023

• Py: refactor regex tracking to type-trackers

  #12552 opened Mar 16, 2023

• Java: Argument[-1] -> Argument[this]

  #12556 opened Mar 16, 2023

• add security-severity score to code scanning query list

  #12557 opened Mar 16, 2023

• Go: mass-convert taint-flow models to models-as-data format

  #12562 opened Mar 16, 2023

• Java: Refactor Java query libraries to use dataflow modules

  #12563 opened Mar 17, 2023

• Ruby: Include all assignments in data flow paths

  #12566 opened Mar 17, 2023

• Implement use-after-free and double-free queries using the new IR use-use dataflow

  #12569 opened Mar 17, 2023

• Post-release preparation for codeql-cli-2.12.5

  #12570 opened Mar 17, 2023

• Java: Update MaD Declarations after Triage

  #12572 opened Mar 17, 2023

• Document upgrade query predicates

  #12574 opened Mar 17, 2023

• QL: add a check to enforce naming convention for new `DataFlow::ConfigSig` modules

  #12575 opened Mar 17, 2023

9 Issues closed by 6 people

• vscode extention javascript/JS "Could not resolve module ..."

  #12571 closed Mar 17, 2023

• Javascript: Support detection of block cipher modes

  #12545 closed Mar 17, 2023

• go/untrusted-data-to-external-api: false positive

  #12547 closed Mar 17, 2023

• False Positive: DOM XSS via `setAttribute`

  #12544 closed Mar 16, 2023

• cpp/uninitialized-local: False positive

  #12488 closed Mar 13, 2023

• cpp/uninitialized-local: False positive

  #12487 closed Mar 13, 2023

• js/ false positive command execution when the argument is a template literal

  #12502 closed Mar 13, 2023

• DataFlow can't pass taint flow for functions not found defined in Node.js?

  #7405 closed Mar 13, 2023

• java: false positive with insecure cookie

  #4103 closed Mar 13, 2023

7 Issues opened by 7 people

• [java][Customizations]Question : How to include customizations in codeql bundle

  #12573 opened Mar 17, 2023

• False positive: Creating an ASP.NET debug binary may reveal sensitive information

  #12553 opened Mar 16, 2023

• Python: polynomial-redos hangs in sonic-net/sonic-mgmt repo

  #12528 opened Mar 15, 2023

• Javascript: How to define an own type and mark its attributes and types

  #12524 opened Mar 15, 2023

• Functions in Python documentation mentions "type-inference library" later in the tutorial but I can't find it

  #12512 opened Mar 14, 2023

• cpp/inconsistent-null-check: Possible False positive

  #12492 opened Mar 12, 2023

• C++: Missing variable access target when target is a coroutine parameter

  #12490 opened Mar 11, 2023

27 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Java: Docs MaD using extensions.

  #12410 commented on Mar 15, 2023 • 35 new comments

• Java: model remaining top-500 JDK APIs

  #11968 commented on Mar 17, 2023 • 29 new comments

• Java: Update MaD Declarations after Triage

  #12366 commented on Mar 17, 2023 • 23 new comments

• Java: Promote LDAP Authentication Query

  #12458 commented on Mar 17, 2023 • 10 new comments

• C++: Split new range analysis into constant and relative stages

  #11928 commented on Mar 17, 2023 • 9 new comments

• Swift: Better sinks for swift/cleartext-storage-database

  #12471 commented on Mar 16, 2023 • 7 new comments

• Ruby: Reimplement flow through captured variables using field flow

  #11725 commented on Mar 16, 2023 • 4 new comments

• CodeQL for unity

  #11791 commented on Mar 17, 2023 • 3 new comments

• Add GitHub action to automatically add EOL @ EOF

  #4485 commented on Mar 16, 2023 • 3 new comments

• CPP: Add query for CVE-2022-37454: Integer addition may overflow inside if statement

  #12036 commented on Mar 16, 2023 • 3 new comments

• Rb: more taint-steps for shell-command-construction

  #11478 commented on Mar 17, 2023 • 2 new comments

• Swift: Model Sequence.withContiguousStorageIfAvailable

  #12416 commented on Mar 14, 2023 • 2 new comments

• There is a script injection here, but codeql can't detect it

  #12472 commented on Mar 12, 2023 • 1 new comment

• YAML support for languages other than Javascript (like Python)

  #7345 commented on Mar 13, 2023 • 1 new comment

• Ruby scanning job hangs forever and doesn't complete on Ubuntu-latest

  #12349 commented on Mar 13, 2023 • 1 new comment

• Find a double free

  #12455 commented on Mar 14, 2023 • 1 new comment

• A security issue that codeql cannot detect

  #12473 commented on Mar 14, 2023 • 1 new comment

• python: port `py/comparison-using-is`

  #11515 commented on Mar 13, 2023 • 1 new comment

• JS: docs for customizing library models with data extensions

  #11615 commented on Mar 13, 2023 • 1 new comment

• Java: Model the Netty framework

  #12049 commented on Mar 14, 2023 • 1 new comment

• Ruby: Add Server Side Template Injection query

  #12311 commented on Mar 17, 2023 • 1 new comment

• Go: Add more JWT sinks

  #12396 commented on Mar 15, 2023 • 1 new comment

• Python: Use _one_ parameter position for normal parameters

  #12468 commented on Mar 16, 2023 • 1 new comment

• Ruby: Add a barrier guard for test-and-overwrite

  #12254 commented on Mar 13, 2023 • 0 new comments

• Dataflow: Remove revFlowAlias predicates

  #12420 commented on Mar 13, 2023 • 0 new comments

• Swift: mangle tuple type WIP

  #12433 commented on Mar 17, 2023 • 0 new comments

• python: add test for captured variables in lists

  #12464 commented on Mar 14, 2023 • 0 new comments