43 Pull requests merged by 21 people

• Swift: Consistent additional taint steps between the cleartext-* queries

  #14189 merged Sep 13, 2023

• Document assume_small_delta deprecation

  #14182 merged Sep 13, 2023

• CPP: Add a location to TranslatedElement to help with debugging IR creation

  #14202 merged Sep 13, 2023

• C#: Quoting hotfix.

  #14185 merged Sep 13, 2023

• Ruby: Use the new dataflow API for checked in queries

  #14124 merged Sep 13, 2023

• Ruby: Fix semantic merge conflict

  #14203 merged Sep 13, 2023

• JavaScript: Improve query help for `js/server-side-unvalidated-url-redirection`.

  #13771 merged Sep 13, 2023

• Python: import all frameworks in SQL-injection query

  #14178 merged Sep 13, 2023

• C++: Copy the Coding Standards' use-after-lifetime-ended query to Experimental

  #14134 merged Sep 13, 2023

• C++: Use fully converted expressions for `cpp/use-after-free` and `cpp/double-free`

  #14193 merged Sep 13, 2023

• Kotlin: Support 1.9.20

  #14188 merged Sep 13, 2023

• Py: add sanitizer guard for `url_has_allowed_host_and_scheme`

  #14112 merged Sep 13, 2023

• Data flow: Add `ArgumentNode` consistency checks

  #14108 merged Sep 13, 2023

• Ruby: Reimplement flow through captured variables using field flow

  #11725 merged Sep 13, 2023

• Swift: Add tests and develop command injection query

  #13906 merged Sep 13, 2023

• Java: Automodel, new candidates fix

  #14184 merged Sep 13, 2023

• Swift: flow through writeable keypaths

  #14165 merged Sep 12, 2023

• Swift: Add path injection sinks for sqlite3 and SQLite.swift

  #13276 merged Sep 12, 2023

• C++ tests: fix output of bug-stricken test

  #14191 merged Sep 12, 2023

• Post-release preparation for codeql-cli-2.14.4

  #14174 merged Sep 12, 2023

• C++: Deduplicate dataflow query results

  #14151 merged Sep 12, 2023

• C#: Exclude CIL arguments from `ArgumentNode` when they are compiled from source

  #14170 merged Sep 12, 2023

• Kotlin: Give some more informative errors messages

  #14144 merged Sep 12, 2023

• Fix space handling in Golang configure-baseline scripts

  #14179 merged Sep 11, 2023

• Swift: Additional dataflow test

  #14036 merged Sep 11, 2023

• C#: Explicitly quote arguments in the LUA tracer on windows.

  #14150 merged Sep 11, 2023

• C#: Poor mans quoting.

  #14172 merged Sep 11, 2023

• CPP: Remove sucessors of non-returning IR calls transitively.

  #14102 merged Sep 9, 2023

• JS: tolerate out of order requests in TypeScript extractor

  #14167 merged Sep 8, 2023

• C++: Fix dataflow out of post update nodes

  #14171 merged Sep 8, 2023

• Go: Add diagnostic for 1.21 `toolchain` error

  #14161 merged Sep 8, 2023

• Java: Automodel App Mode Extraction: Source Candidates

  #14162 merged Sep 8, 2023

• Revert "C#: Bump all dependencies"

  #14169 merged Sep 8, 2023

• C#: Remove test explorer recommendations (superseded by C# dev kit)

  #14168 merged Sep 8, 2023

• C#: Clear TRAP stack when calling `PopulateGenerics`

  #14149 merged Sep 8, 2023

• Bump chrono from 0.4.29 to 0.4.30 in /ql

  #14166 merged Sep 8, 2023

• Swift: collection/tuple content for dictionary flow

  #13947 merged Sep 7, 2023

• C++: Fix off-by-one in `asDefiningArgument`

  #14154 merged Sep 7, 2023

• Py: add new qhelp for clear-text-logging

  #14160 merged Sep 7, 2023

• CPP: Make functions that reach the end return.

  #14155 merged Sep 7, 2023

• C# Standalone: Install .NET SDK specified in `global.json`

  #13999 merged Sep 7, 2023

• Python: Support for command injection sinks found in the `asyncio` module

  #14145 merged Sep 7, 2023

• Python: Fix typo in SSRF example

  #14158 merged Sep 7, 2023

23 Pull requests opened by 19 people

• Bump actions/checkout from 3 to 4

  #14157 opened Sep 7, 2023

• C++: Fix more FPs in `cpp/invalid-pointer-deref`

  #14164 opened Sep 7, 2023

• Ruby: Port `UrlConcatenation.qll` from JS

  #14180 opened Sep 11, 2023

• Kotlin: Regenerate expected test output

  #14186 opened Sep 12, 2023

• Swift: fix CFG for identity expressions (await, dot_self, parent)

  #14190 opened Sep 12, 2023

• C++: Fix `phi` -> `phi` flow

  #14192 opened Sep 12, 2023

• Go: Better determine Go versions in Go 1.21+

  #14194 opened Sep 12, 2023

• Add Integer/Boolean Sanitizer to SQL injection Query

  #14195 opened Sep 13, 2023

• wip

  #14196 opened Sep 13, 2023

• Java: Framework mode source candidates

  #14197 opened Sep 13, 2023

• JS: New Command Execution Sinks

  #14198 opened Sep 13, 2023

• Java: Add VS Code model editor queries

  #14199 opened Sep 13, 2023

• C#: Add VS Code model editor queries

  #14200 opened Sep 13, 2023

• C++: Add AST consistency query

  #14201 opened Sep 13, 2023

• Ruby: Simplify `viableSourceCallableNonInit`

  #14204 opened Sep 13, 2023

• Swift: Unify `ArrayContent` and `CollectionContent`

  #14205 opened Sep 13, 2023

• Java: add tests for programs that don't compile

  #14206 opened Sep 13, 2023

• [DRAFT] Updates to the Java and VS Code docs

  #14207 opened Sep 13, 2023

• Swift: make `base_types` in `TypeDecl` unordered

  #14208 opened Sep 13, 2023

• Swift: Port regex mode flag fix from Python to Swift

  #14209 opened Sep 13, 2023

• CPP: No longer constant fold (most) IR.

  #14210 opened Sep 13, 2023

• JS: fix out of bounds string access in isUsingDecl

  #14211 opened Sep 13, 2023

• JS: fix out of bounds string access in isUsingDecl

  #14212 opened Sep 13, 2023

2 Issues closed by 2 people

• CodeQL analysis successful but upload not showing up in GitHub

  #14107 closed Sep 12, 2023

• The alarm statement caused by the failure of the qls file disappears.

  #14175 closed Sep 11, 2023

3 Issues opened by 3 people

• Use Specific Python Virtual Environment Dependency

  #14187 opened Sep 12, 2023

• Question about `isBarrier`

  #14183 opened Sep 11, 2023

• False positive - when json.Marshal output is used - cant result in "Potentially unsafe quoting"

  #14159 opened Sep 7, 2023

33 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• SIGSEGV (code 134) during "Finalizing database" step

  #14138 commented on Sep 13, 2023 • 12 new comments

• Ruby: JWT Security Queries (CWE-347)

  #14061 commented on Sep 12, 2023 • 9 new comments

• go 1.21 support

  #13992 commented on Sep 13, 2023 • 8 new comments

• C#: Add query for Insecure Direct Object Reference

  #13882 commented on Sep 13, 2023 • 6 new comments

• Java: Add Weak Randomness Query (CWE-330/338)

  #13608 commented on Sep 13, 2023 • 5 new comments

• C#: Avoid explicitly restoring projects in solution files.

  #14111 commented on Sep 13, 2023 • 5 new comments

• Java: Understand multiple parse mode flags specified in a regular expression string

  #13778 commented on Sep 13, 2023 • 4 new comments

• Swift: Improvements related to the swift/cleartext-logging query.

  #13980 commented on Sep 13, 2023 • 4 new comments

• Python: promote nosql query

  #14070 commented on Sep 13, 2023 • 4 new comments

• Java: CodeQL does not detect SSL certificate validation vulnerabilities in Apache HttpComponents

  #14156 commented on Sep 12, 2023 • 3 new comments

• Java: Convert `SensitiveApi.qll` to use Models-as-Data

  #13978 commented on Sep 13, 2023 • 3 new comments

• Swift: Flow through OpenExistentialExpr

  #14113 commented on Sep 11, 2023 • 3 new comments

• Go: Decompression Bombs

  #13553 commented on Sep 7, 2023 • 2 new comments

• Swift: dataflow for `for-in` loops

  #13909 commented on Sep 13, 2023 • 2 new comments

• Swift: use shared capture flow library

  #14078 commented on Sep 12, 2023 • 2 new comments

• Ruby: More splat flow (alternative)

  #14090 commented on Sep 13, 2023 • 2 new comments

• Java: Convert implementations of `LocalUserInput` to Models-as-Data

  #14127 commented on Sep 13, 2023 • 2 new comments

• codeql won't work with chromium special file

  #13849 commented on Sep 13, 2023 • 1 new comment

• Java: Expose the MaD documentation in the TOC for CodeQL Java

  #13864 commented on Sep 13, 2023 • 1 new comment

• Dataflow: Add type-based call-edge pruning.

  #13982 commented on Sep 13, 2023 • 1 new comment

• Go: Add JWT Algorithm Confusion and JWT decoding without Signature Verification

  #14081 commented on Sep 11, 2023 • 1 new comment

• Ruby: Allow for implicit array reads at all sinks during taint tracking

  #12672 commented on Sep 11, 2023 • 0 new comments

• Ruby: add seperate additional steps between `YAML.parse*` methods and `to_ruby`

  #13431 commented on Sep 11, 2023 • 0 new comments

• Ruby: Decompression Bombs

  #13556 commented on Sep 7, 2023 • 0 new comments

• Python: Decompression Bombs

  #13557 commented on Sep 7, 2023 • 0 new comments

• JS: Add 'vulnerableCallModel' extension point

  #13727 commented on Sep 13, 2023 • 0 new comments

• Python: Add unsafe deserialization sinks (CWE-502)

  #13781 commented on Sep 11, 2023 • 0 new comments

• Java: Add new Apache CXF models

  #14029 commented on Sep 12, 2023 • 0 new comments

• Update CSV framework coverage reports

  #14063 commented on Sep 13, 2023 • 0 new comments

• C#: Roslyn-based stub generation

  #14095 commented on Sep 8, 2023 • 0 new comments

• Python: Allow namespace packages

  #14114 commented on Sep 13, 2023 • 0 new comments

• Java: Fix alert message

  #14126 commented on Sep 12, 2023 • 0 new comments

• C#: Re-factor Dotnet.cs to enable unit testing.

  #14142 commented on Sep 13, 2023 • 0 new comments