35 Pull requests merged by 16 people

• Swift: Query for bad HTML filtering regexps

  #13549 merged Jul 24, 2023

• Java: Exclude qualifier argument for existing models

  #13747 merged Jul 24, 2023

• C++: Add more IR tests for the ternary operator

  #13811 merged Jul 24, 2023

• C++: Swap argument order in `cpp/invalid-pointer-deref`

  #13792 merged Jul 24, 2023

• C++: Improve names of identifiers in `cpp/invalid-pointer-deref`

  #13789 merged Jul 24, 2023

• Update CSV framework coverage reports

  #13797 merged Jul 24, 2023

• C++: Add false positive to `cpp/invalid-pointer-deref`

  #13790 merged Jul 21, 2023

• C++: Add IR SSA test case for the ternary operator

  #13787 merged Jul 21, 2023

• Docs: Update data flow documentation to the new API.

  #13743 merged Jul 21, 2023

• Java: Avoid low-confidence dispatch to InputStream methods

  #13769 merged Jul 21, 2023

• Release preparation for version 2.14.1

  #13786 merged Jul 20, 2023

• Correct Golang change note format

  #13784 merged Jul 20, 2023

• Revert "Go: Fix missing flow through receiver for function variable"

  #13780 merged Jul 20, 2023

• Swift: Track regular expression parse modes set in code

  #13770 merged Jul 20, 2023

• Docs: Add armclang as supported C++ compiler.

  #13776 merged Jul 20, 2023

• Swift: Pragmatic fix for CustomUrlSchemes.qll.

  #13757 merged Jul 19, 2023

• Go : Improvements to DSN Injection query

  #13644 merged Jul 19, 2023

• Go: Fix missing flow through receiver for function variable

  #13767 merged Jul 19, 2023

• Dataflow: Add support for not skipping configuration-specific nodes in big-step

  #13717 merged Jul 19, 2023

• Go: Improve go-pg support

  #13599 merged Jul 19, 2023

• Java: Add metric queries for counting sinks coming from models

  #13636 merged Jul 19, 2023

• QL: Fix FP in `ql/missing-noinline`

  #13764 merged Jul 19, 2023

• C++: Split `cpp/invalid-pointer-deref` into more files

  #13760 merged Jul 19, 2023

• Remove mentions of LGTM from CodeQL training presentations

  #13768 merged Jul 19, 2023

• Swift: Refactor regex library

  #13759 merged Jul 19, 2023

• Use Origin() in Go extractor

  #13739 merged Jul 18, 2023

• C++: Handle `FunctionAccess`es with qualifiers

  #13762 merged Jul 18, 2023

• C++: Handle call-contexts mismatches in `cpp/invalid-pointer-deref`

  #13699 merged Jul 18, 2023

• Ruby: add rack `env['QUERY_STRING']` as a remote flow input

  #13585 merged Jul 18, 2023

• Python - Add Models as Data support for Reflected XSS Query

  #13745 merged Jul 18, 2023

• Swift: Query for regular expression injection

  #13660 merged Jul 18, 2023

• C++: Add more IR tests

  #13758 merged Jul 18, 2023

• Java: Exclude source-to-source flow in 5 queries.

  #13754 merged Jul 18, 2023

• Swift: Recognize regular expression parse mode flags

  #13715 merged Jul 18, 2023

• C++: Deprecate AST dataflow

  #13621 merged Jul 18, 2023

17 Pull requests opened by 13 people

• Ruby: add where as an ActiveRecord finder method

  #13761 opened Jul 18, 2023

• Swift: improve print-cfg query

  #13763 opened Jul 18, 2023

• JavaScript: Improve query help for `js/server-side-unvalidated-url-redirection`.

  #13771 opened Jul 19, 2023

• Java: Add taint steps for InputStream wrappers

  #13772 opened Jul 19, 2023

• Java: Add XXE sinks for MDHT

  #13773 opened Jul 19, 2023

• C++: Add more documentation to the `cpp/invalid-pointer-deref` query

  #13774 opened Jul 19, 2023

• C++: Support printing of global and namespace variables in `PrintAST`

  #13775 opened Jul 19, 2023

• Java: Understand multiple parse mode flags specified in a regular expression string

  #13778 opened Jul 20, 2023

• Python: Understand multiple parse mode flags specified in a regular expression string

  #13779 opened Jul 20, 2023

• Python: Add unsafe deserialization sinks (CWE-502)

  #13781 opened Jul 20, 2023

• Python: Add `shlex.quote` as `py/shell-command-constructed-from-input` sanitizer

  #13782 opened Jul 20, 2023

• C++: Constant type-bounds in the new range analysis

  #13783 opened Jul 20, 2023

• Go: Avoid using getTarget() as it may not exist

  #13785 opened Jul 20, 2023

• Java: Tests for Automodel Extraction Queries

  #13788 opened Jul 21, 2023

• Post-release preparation for codeql-cli-2.14.1

  #13793 opened Jul 21, 2023

• C#: Limit detection of sub-command names in tracer configuration

  #13794 opened Jul 21, 2023

• Swift: Support EnumContent in models-as-data

  #13795 opened Jul 21, 2023

4 Issues closed by 4 people

• questioin about variablecall

  #13766 closed Jul 23, 2023

• General issue

  #13796 closed Jul 21, 2023

• No code found during the build

  #13571 closed Jul 21, 2023

• Flow with non-trivial access path through receiver of method assigned to a variable is missed

  #9296 closed Jul 19, 2023

2 Issues opened by 2 people

• question about "and not" keyword

  #13809 opened Jul 23, 2023

• Question about connecting taint flows

  #13765 opened Jul 18, 2023

21 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Swift: add DataFlow::Content for arrays

  #13741 commented on Jul 22, 2023 • 21 new comments

• Java: Experimental version of Java Command Injection query

  #13484 commented on Jul 24, 2023 • 18 new comments

• Python: Flask & Django Constant Secret Key initialization

  #13561 commented on Jul 24, 2023 • 14 new comments

• Python/JavaScript: Shared module for serverless functions

  #13729 commented on Jul 24, 2023 • 8 new comments

• Swift: CustomUrlSchemes test enhancements and minor model improvement

  #13756 commented on Jul 24, 2023 • 6 new comments

• Swift: Model Sequence.withContiguousStorageIfAvailable

  #12416 commented on Jul 24, 2023 • 4 new comments

• Python: Aiohttp improvements

  #13731 commented on Jul 18, 2023 • 4 new comments

• Dynamic: add Fuzzy token

  #13737 commented on Jul 20, 2023 • 4 new comments

• C++: Fix global flow without an SSA definition

  #12740 commented on Jul 21, 2023 • 3 new comments

• Ruby: add seperate additional steps between `YAML.parse*` methods and `to_ruby`

  #13431 commented on Jul 24, 2023 • 2 new comments

• Go : Improvements to Timing Attacks query

  #13645 commented on Jul 19, 2023 • 2 new comments

• CodeQL is missing an inline mechanism to suppress warnings

  #11427 commented on Jul 20, 2023 • 1 new comment

• Swift: properly identify types and declarations in trap files via mangling

  #12433 commented on Jul 21, 2023 • 1 new comment

• Ruby: Add LDAP Injection query

  #13309 commented on Jul 24, 2023 • 1 new comment

• C#: Decompression Bombs

  #13558 commented on Jul 24, 2023 • 1 new comment

• DO NOT MERGE: C++: Replace simple range analysis uses by semantic range analysis uses

  #12505 commented on Jul 20, 2023 • 0 new comments

• Ruby: printCfg: only show graph for selected CfgScope

  #13334 commented on Jul 24, 2023 • 0 new comments

• Java: Add Weak Randomness Query (CWE-330/338)

  #13608 commented on Jul 19, 2023 • 0 new comments

• C++: Updates for changes in frontend

  #13716 commented on Jul 21, 2023 • 0 new comments

• Ruby: query to automatically extract type definitions from library code

  #13750 commented on Jul 21, 2023 • 0 new comments

• Java: Improve the diagnostics consistency query

  #13751 commented on Jul 18, 2023 • 0 new comments