diff --git a/.codeqlversion b/.codeqlversion index eb43aa2c..29690d10 100644 --- a/.codeqlversion +++ b/.codeqlversion @@ -1 +1 @@ -2.23.9 +2.24.3 diff --git a/.release.yml b/.release.yml index 2843cada..8eef7625 100644 --- a/.release.yml +++ b/.release.yml @@ -1,6 +1,6 @@ name: "CodeQL Community Packs" repository: "githubsecuritylab/codeql-community-packs" -version: "0.4.0" +version: "0.5.0" prerelease: false ecosystem: CodeQL diff --git a/cpp/lib/codeql-pack.lock.yml b/cpp/lib/codeql-pack.lock.yml index bde92c18..51cf27b7 100644 --- a/cpp/lib/codeql-pack.lock.yml +++ b/cpp/lib/codeql-pack.lock.yml @@ -2,27 +2,27 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/cpp-all: - version: 6.1.4 + version: 8.0.0 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/cpp/lib/qlpack.yml b/cpp/lib/qlpack.yml index 9f60be8b..7cda41c4 100644 --- a/cpp/lib/qlpack.yml +++ b/cpp/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-cpp-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/cpp-all: '6.1.4' + codeql/cpp-all: '8.0.0' diff --git a/cpp/src/codeql-pack.lock.yml b/cpp/src/codeql-pack.lock.yml index 8aaff64e..04bd0c8a 100644 --- a/cpp/src/codeql-pack.lock.yml +++ b/cpp/src/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/cpp-all: - version: 6.1.4 + version: 8.0.0 codeql/cpp-queries: - version: 1.5.8 + version: 1.5.12 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/cpp/src/qlpack.yml b/cpp/src/qlpack.yml index bc23ff5a..bad8856c 100644 --- a/cpp/src/qlpack.yml +++ b/cpp/src/qlpack.yml @@ -1,9 +1,9 @@ library: false name: githubsecuritylab/codeql-cpp-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/cpp.qls dependencies: - codeql/cpp-all: '6.1.4' - codeql/cpp-queries: '1.5.8' + codeql/cpp-all: '8.0.0' + codeql/cpp-queries: '1.5.12' githubsecuritylab/codeql-cpp-libs: '*' diff --git a/cpp/test/codeql-pack.lock.yml b/cpp/test/codeql-pack.lock.yml index 8aaff64e..04bd0c8a 100644 --- a/cpp/test/codeql-pack.lock.yml +++ b/cpp/test/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/cpp-all: - version: 6.1.4 + version: 8.0.0 codeql/cpp-queries: - version: 1.5.8 + version: 1.5.12 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/cpp/test/qlpack.yml b/cpp/test/qlpack.yml index 8bf0f5f3..48d70103 100644 --- a/cpp/test/qlpack.yml +++ b/cpp/test/qlpack.yml @@ -1,8 +1,8 @@ name: githubsecurtylab/codeql-cpp-tests groups: [cpp, test] dependencies: - codeql/cpp-all: '6.1.4' - codeql/cpp-queries: '1.5.8' + codeql/cpp-all: '8.0.0' + codeql/cpp-queries: '1.5.12' githubsecuritylab/codeql-cpp-queries: '*' githubsecuritylab/codeql-cpp-libs: '*' extractor: cpp diff --git a/csharp/ext-library-sources/qlpack.yml b/csharp/ext-library-sources/qlpack.yml index 66cce996..12dd08f6 100644 --- a/csharp/ext-library-sources/qlpack.yml +++ b/csharp/ext-library-sources/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-csharp-library-sources -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/csharp-all: '5.4.4' + codeql/csharp-all: '5.4.8' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/csharp/ext/qlpack.yml b/csharp/ext/qlpack.yml index e5ad844d..625b5e48 100644 --- a/csharp/ext/qlpack.yml +++ b/csharp/ext/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-csharp-extensions -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/csharp-all: '5.4.4' + codeql/csharp-all: '5.4.8' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/csharp/lib/codeql-pack.lock.yml b/csharp/lib/codeql-pack.lock.yml index 0580cdfb..316713e2 100644 --- a/csharp/lib/codeql-pack.lock.yml +++ b/csharp/lib/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/csharp-all: - version: 5.4.4 + version: 5.4.8 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/csharp/lib/qlpack.yml b/csharp/lib/qlpack.yml index 79d1fb97..c4d5e223 100644 --- a/csharp/lib/qlpack.yml +++ b/csharp/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-csharp-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/csharp-all: "5.4.4" + codeql/csharp-all: "5.4.8" diff --git a/csharp/src/codeql-pack.lock.yml b/csharp/src/codeql-pack.lock.yml index b31e6644..1955b2f0 100644 --- a/csharp/src/codeql-pack.lock.yml +++ b/csharp/src/codeql-pack.lock.yml @@ -2,27 +2,27 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/csharp-all: - version: 5.4.4 + version: 5.4.8 codeql/csharp-queries: - version: 1.5.4 + version: 1.6.3 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/csharp/src/qlpack.yml b/csharp/src/qlpack.yml index 6dd5353b..3d68ada7 100644 --- a/csharp/src/qlpack.yml +++ b/csharp/src/qlpack.yml @@ -1,9 +1,9 @@ library: false name: githubsecuritylab/codeql-csharp-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/csharp.qls dependencies: - codeql/csharp-all: "5.4.4" - codeql/csharp-queries: "1.5.4" # Required for Dependencies.ql + codeql/csharp-all: "5.4.8" + codeql/csharp-queries: "1.6.3" # Required for Dependencies.ql githubsecuritylab/codeql-csharp-libs: "*" diff --git a/csharp/test/codeql-pack.lock.yml b/csharp/test/codeql-pack.lock.yml index b31e6644..1955b2f0 100644 --- a/csharp/test/codeql-pack.lock.yml +++ b/csharp/test/codeql-pack.lock.yml @@ -2,27 +2,27 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/csharp-all: - version: 5.4.4 + version: 5.4.8 codeql/csharp-queries: - version: 1.5.4 + version: 1.6.3 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/csharp/test/qlpack.yml b/csharp/test/qlpack.yml index 04082172..ad8f44c2 100644 --- a/csharp/test/qlpack.yml +++ b/csharp/test/qlpack.yml @@ -1,8 +1,8 @@ name: githubsecurtylab/codeql-csharp-tests groups: [csharp, test] dependencies: - codeql/csharp-all: "5.4.4" - codeql/csharp-queries: "1.5.4" + codeql/csharp-all: "5.4.8" + codeql/csharp-queries: "1.6.3" githubsecuritylab/codeql-csharp-extensions: "*" githubsecuritylab/codeql-csharp-library-sources: "*" githubsecuritylab/codeql-csharp-libs: "*" diff --git a/go/ext/qlpack.yml b/go/ext/qlpack.yml index 5d983e4f..48c96a2a 100644 --- a/go/ext/qlpack.yml +++ b/go/ext/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-go-extensions -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/go-all: '5.0.6' + codeql/go-all: '7.0.1' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/go/lib/codeql-pack.lock.yml b/go/lib/codeql-pack.lock.yml index a662ba02..213af3bc 100644 --- a/go/lib/codeql-pack.lock.yml +++ b/go/lib/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/go-all: - version: 5.0.6 + version: 7.0.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/go/lib/qlpack.yml b/go/lib/qlpack.yml index 372cbb53..6132c96e 100644 --- a/go/lib/qlpack.yml +++ b/go/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-go-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/go-all: '5.0.6' + codeql/go-all: '7.0.1' diff --git a/go/src/codeql-pack.lock.yml b/go/src/codeql-pack.lock.yml index a662ba02..213af3bc 100644 --- a/go/src/codeql-pack.lock.yml +++ b/go/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/go-all: - version: 5.0.6 + version: 7.0.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/go/src/qlpack.yml b/go/src/qlpack.yml index 6a5818f5..a1bf23e1 100644 --- a/go/src/qlpack.yml +++ b/go/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-go-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/go.qls dependencies: - codeql/go-all: '5.0.6' + codeql/go-all: '7.0.1' githubsecuritylab/codeql-go-libs: '*' diff --git a/go/test/codeql-pack.lock.yml b/go/test/codeql-pack.lock.yml index a662ba02..213af3bc 100644 --- a/go/test/codeql-pack.lock.yml +++ b/go/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/go-all: - version: 5.0.6 + version: 7.0.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/go/test/qlpack.yml b/go/test/qlpack.yml index a3a94a6b..9c4f25f2 100644 --- a/go/test/qlpack.yml +++ b/go/test/qlpack.yml @@ -1,7 +1,7 @@ name: githubsecurtylab/codeql-go-tests groups: [go, test] dependencies: - codeql/go-all: '5.0.6' + codeql/go-all: '7.0.1' # codeql/go-queries: '*' githubsecuritylab/codeql-go-queries: '*' githubsecuritylab/codeql-go-libs: '*' diff --git a/java/ext-library-sources/qlpack.yml b/java/ext-library-sources/qlpack.yml index 30657b78..72d8db23 100644 --- a/java/ext-library-sources/qlpack.yml +++ b/java/ext-library-sources/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-java-library-sources -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/java/ext/qlpack.yml b/java/ext/qlpack.yml index 4f31f5bb..4599b495 100644 --- a/java/ext/qlpack.yml +++ b/java/ext/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-java-extensions -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/java/lib/codeql-pack.lock.yml b/java/lib/codeql-pack.lock.yml index 9fd01008..27a0468d 100644 --- a/java/lib/codeql-pack.lock.yml +++ b/java/lib/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/java-all: - version: 7.8.3 + version: 8.1.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/java/lib/qlpack.yml b/java/lib/qlpack.yml index 722baed3..c5de4a12 100644 --- a/java/lib/qlpack.yml +++ b/java/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-java-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' diff --git a/java/src/codeql-pack.lock.yml b/java/src/codeql-pack.lock.yml index 9fd01008..27a0468d 100644 --- a/java/src/codeql-pack.lock.yml +++ b/java/src/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/java-all: - version: 7.8.3 + version: 8.1.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/java/src/library_sources/ExternalAPIs.qll b/java/src/library_sources/ExternalAPIs.qll index c9e58654..63fbfbd1 100644 --- a/java/src/library_sources/ExternalAPIs.qll +++ b/java/src/library_sources/ExternalAPIs.qll @@ -193,7 +193,7 @@ private J::Callable liftedImpl(J::Callable m) { } private predicate hasManualModel(Callable api) { - api = any(FlowSummaryImpl::Public::SummarizedCallable sc | sc.applyManualModel()).asCallable() or + api = any(FlowSummaryImpl::Public::SummarizedCallable sc | sc.hasManualModel()).asCallable() or api = any(FlowSummaryImpl::Public::NeutralSummaryCallable sc | sc.hasManualModel()).asCallable() } diff --git a/java/src/qlpack.yml b/java/src/qlpack.yml index fa87b7c1..9c78bb2d 100644 --- a/java/src/qlpack.yml +++ b/java/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-java-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/java.qls dependencies: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' githubsecuritylab/codeql-java-libs: '*' diff --git a/java/test/codeql-pack.lock.yml b/java/test/codeql-pack.lock.yml index 9fd01008..27a0468d 100644 --- a/java/test/codeql-pack.lock.yml +++ b/java/test/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/java-all: - version: 7.8.3 + version: 8.1.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/java/test/qlpack.yml b/java/test/qlpack.yml index c8f4d2f7..6f110187 100644 --- a/java/test/qlpack.yml +++ b/java/test/qlpack.yml @@ -1,7 +1,7 @@ name: githubsecurtylab/codeql-java-tests groups: [java, test] dependencies: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' githubsecuritylab/codeql-java-queries: '*' githubsecuritylab/codeql-java-libs: '*' githubsecuritylab/codeql-java-library-sources: '*' diff --git a/javascript/lib/codeql-pack.lock.yml b/javascript/lib/codeql-pack.lock.yml index 2fc85485..8aba5a52 100644 --- a/javascript/lib/codeql-pack.lock.yml +++ b/javascript/lib/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/javascript-all: - version: 2.6.19 + version: 2.6.23 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/javascript/lib/qlpack.yml b/javascript/lib/qlpack.yml index 8c14ddf0..7f1a57c1 100644 --- a/javascript/lib/qlpack.yml +++ b/javascript/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-javascript-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/javascript-all: '2.6.19' + codeql/javascript-all: '2.6.23' diff --git a/javascript/src/codeql-pack.lock.yml b/javascript/src/codeql-pack.lock.yml index 2fc85485..8aba5a52 100644 --- a/javascript/src/codeql-pack.lock.yml +++ b/javascript/src/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/javascript-all: - version: 2.6.19 + version: 2.6.23 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/javascript/src/qlpack.yml b/javascript/src/qlpack.yml index 0bf1408e..6e6b76c7 100644 --- a/javascript/src/qlpack.yml +++ b/javascript/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-javascript-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/javascript.qls dependencies: - codeql/javascript-all: '2.6.19' + codeql/javascript-all: '2.6.23' githubsecuritylab/codeql-javascript-libs: '*' diff --git a/javascript/test/codeql-pack.lock.yml b/javascript/test/codeql-pack.lock.yml index 2fc85485..8aba5a52 100644 --- a/javascript/test/codeql-pack.lock.yml +++ b/javascript/test/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/javascript-all: - version: 2.6.19 + version: 2.6.23 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/javascript/test/qlpack.yml b/javascript/test/qlpack.yml index 8f2badf0..57cdb7dc 100644 --- a/javascript/test/qlpack.yml +++ b/javascript/test/qlpack.yml @@ -1,7 +1,7 @@ name: githubsecuritylab/codeql-javascript-tests groups: [javascript, test] dependencies: - codeql/javascript-all: "2.6.19" + codeql/javascript-all: "2.6.23" githubsecuritylab/codeql-javascript-queries: "*" extractor: javascript diff --git a/python/ext/qlpack.yml b/python/ext/qlpack.yml index 8d8701e8..862a8524 100644 --- a/python/ext/qlpack.yml +++ b/python/ext/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-python-extensions -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/python-all: '5.0.4' + codeql/python-all: '7.0.0' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/python/lib/codeql-pack.lock.yml b/python/lib/codeql-pack.lock.yml index f47fb087..95fc12fc 100644 --- a/python/lib/codeql-pack.lock.yml +++ b/python/lib/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/python-all: - version: 5.0.4 + version: 7.0.0 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/python/lib/ghsl/MassAssignment.qll b/python/lib/ghsl/MassAssignment.qll index 5d8f1836..befd90bb 100644 --- a/python/lib/ghsl/MassAssignment.qll +++ b/python/lib/ghsl/MassAssignment.qll @@ -22,10 +22,9 @@ module MassAssignment { this = API::builtin("setattr").getACall().getArg(1) or // > __setattr__(SINK, value) - exists(Value value, CallNode call | - value.getName() = "__setattr__" and - call = value.getACall() and - this.asCfgNode() = call.getArg(0) + exists(DataFlow::MethodCallNode call | + call.getMethodName() = "__setattr__" and + this = call.getArg(0) ) ) and this.getScope().inSource() diff --git a/python/lib/qlpack.yml b/python/lib/qlpack.yml index 9d942cdc..5d7bae49 100644 --- a/python/lib/qlpack.yml +++ b/python/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-python-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/python-all: '5.0.4' + codeql/python-all: '7.0.0' diff --git a/python/src/codeql-pack.lock.yml b/python/src/codeql-pack.lock.yml index f47fb087..95fc12fc 100644 --- a/python/src/codeql-pack.lock.yml +++ b/python/src/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/python-all: - version: 5.0.4 + version: 7.0.0 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/python/src/qlpack.yml b/python/src/qlpack.yml index 2c1289f4..1e5af5aa 100644 --- a/python/src/qlpack.yml +++ b/python/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-python-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/python.qls dependencies: - codeql/python-all: '5.0.4' + codeql/python-all: '7.0.0' githubsecuritylab/codeql-python-libs: '*' diff --git a/python/test/codeql-pack.lock.yml b/python/test/codeql-pack.lock.yml index eca1aeaf..160978db 100644 --- a/python/test/codeql-pack.lock.yml +++ b/python/test/codeql-pack.lock.yml @@ -2,33 +2,33 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/python-all: - version: 5.0.4 + version: 7.0.0 codeql/python-queries: - version: 1.7.4 + version: 1.7.8 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/python/test/qlpack.yml b/python/test/qlpack.yml index 663f8754..20705b7e 100644 --- a/python/test/qlpack.yml +++ b/python/test/qlpack.yml @@ -1,8 +1,8 @@ name: githubsecurtylab/codeql-python-tests groups: [python, test] dependencies: - codeql/python-all: '5.0.4' - codeql/python-queries: '1.7.4' + codeql/python-all: '7.0.0' + codeql/python-queries: '1.7.8' githubsecuritylab/codeql-python-queries: '*' githubsecuritylab/codeql-python-libs: '*' extractor: python diff --git a/ruby/lib/codeql-pack.lock.yml b/ruby/lib/codeql-pack.lock.yml index f5619ce6..d30e1240 100644 --- a/ruby/lib/codeql-pack.lock.yml +++ b/ruby/lib/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ruby-all: - version: 5.1.7 + version: 5.1.11 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/ruby/lib/qlpack.yml b/ruby/lib/qlpack.yml index f51a22fa..d7b3c192 100644 --- a/ruby/lib/qlpack.yml +++ b/ruby/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-ruby-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/ruby-all: '5.1.7' + codeql/ruby-all: '5.1.11' diff --git a/ruby/src/codeql-pack.lock.yml b/ruby/src/codeql-pack.lock.yml index f5619ce6..d30e1240 100644 --- a/ruby/src/codeql-pack.lock.yml +++ b/ruby/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ruby-all: - version: 5.1.7 + version: 5.1.11 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/ruby/src/qlpack.yml b/ruby/src/qlpack.yml index eae02d0c..02c91e5d 100644 --- a/ruby/src/qlpack.yml +++ b/ruby/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-ruby-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/ruby.qls dependencies: - codeql/ruby-all: '5.1.7' + codeql/ruby-all: '5.1.11' githubsecuritylab/codeql-ruby-libs: '*' diff --git a/ruby/test/codeql-pack.lock.yml b/ruby/test/codeql-pack.lock.yml index 5922bcf9..0dfcc28d 100644 --- a/ruby/test/codeql-pack.lock.yml +++ b/ruby/test/codeql-pack.lock.yml @@ -2,27 +2,27 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ruby-all: - version: 5.1.7 + version: 5.1.11 codeql/ruby-queries: - version: 1.5.4 + version: 1.5.8 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/ruby/test/qlpack.yml b/ruby/test/qlpack.yml index 17f227e9..9ed047b8 100644 --- a/ruby/test/qlpack.yml +++ b/ruby/test/qlpack.yml @@ -1,8 +1,8 @@ name: githubsecurtylab/codeql-ruby-tests groups: [ruby, test] dependencies: - codeql/ruby-all: '5.1.7' - codeql/ruby-queries: '1.5.4' + codeql/ruby-all: '5.1.11' + codeql/ruby-queries: '1.5.8' githubsecuritylab/codeql-ruby-queries: '*' githubsecuritylab/codeql-ruby-libs: '*' extractor: ruby