Open
Conversation
This reverts commit c734974. It was making the build fail
Revert "Bump rules_android from 0.6.4 to 0.7.1"
Rust: Small refactor in `TypeMention.qll`
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…card C/C++ overlay: update discard mechanism
Correct comment about AES crypto algorithm strength
Update the shebang regexp (renamed NODE_INVOCATION -> JS_INVOCATION) to also match 'bun' and 'tsx' so that scripts using these runtimes are correctly identified as JavaScript files. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add test files with #!/usr/bin/env bun, #!/usr/bin/env tsx, and #!/usr/bin/env node shebangs. The query lists extracted .ts files, verifying that all three shebangs are recognized and the files are not skipped by the extractor. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
We should be using all subtypes of `FieldBase`. This allows us to find more type expressions, and is also simpler to evaluate.
Go: Add and use `exprRefersToNil` predicate
Go: improve detection of type expressions when database is missing some type information
Swift: Limit successfully extracted lines
Swift: Disable stack protector pass
Bumps the extractor-dependencies group with 2 updates in the /go/extractor directory: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools). Updates `golang.org/x/mod` from 0.33.0 to 0.34.0 - [Commits](golang/mod@v0.33.0...v0.34.0) Updates `golang.org/x/tools` from 0.42.0 to 0.43.0 - [Release notes](https://github.com/golang/tools/releases) - [Commits](golang/tools@v0.42.0...v0.43.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-version: 0.34.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: extractor-dependencies - dependency-name: golang.org/x/tools dependency-version: 0.43.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: extractor-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
The Go libraries follow their own naming convention for "query libraries". These need to be exempted from automatic `overlay[local?]` annotations since otherwise it appears that too many predicates are evaluated, possibly because of inadequate use of sentinels.
This commit is auto-generated with:
python3 config/add-overlay-annotations.py go
…tions Go: Add overlay annotations from script
JS: Add 'browser' source kinds
…plit C#: Remove splitting-awareness from data flow.
Swift: Ignore some DB-CHECK results on Linux
…-no-split C#: Remove splitting-awareness from Range Analysis.
Release preparation for version 2.25.0
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
12 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR syncs the latest changes from
codeql-cli/latestintomain.