From e089d00e66d135295442ce016338dd9603f3fead Mon Sep 17 00:00:00 2001 From: felickz <1760475+felickz@users.noreply.github.com> Date: Sat, 11 Jul 2026 01:54:41 +0000 Subject: [PATCH 1/2] chore: bump pinned CodeQL CLI to v2.24.3 and release v0.5.0 --- .codeqlversion | 2 +- .release.yml | 2 +- cpp/lib/codeql-pack.lock.yml | 24 ++++++++++----------- cpp/lib/qlpack.yml | 4 ++-- cpp/src/codeql-pack.lock.yml | 28 ++++++++++++------------- cpp/src/qlpack.yml | 6 +++--- cpp/test/codeql-pack.lock.yml | 28 ++++++++++++------------- cpp/test/qlpack.yml | 4 ++-- csharp/ext-library-sources/qlpack.yml | 4 ++-- csharp/ext/qlpack.yml | 4 ++-- csharp/lib/codeql-pack.lock.yml | 20 +++++++++--------- csharp/lib/qlpack.yml | 4 ++-- csharp/src/codeql-pack.lock.yml | 24 ++++++++++----------- csharp/src/qlpack.yml | 6 +++--- csharp/test/codeql-pack.lock.yml | 24 ++++++++++----------- csharp/test/qlpack.yml | 4 ++-- go/ext/qlpack.yml | 4 ++-- go/lib/codeql-pack.lock.yml | 20 +++++++++--------- go/lib/qlpack.yml | 4 ++-- go/src/codeql-pack.lock.yml | 20 +++++++++--------- go/src/qlpack.yml | 4 ++-- go/test/codeql-pack.lock.yml | 20 +++++++++--------- go/test/qlpack.yml | 2 +- java/ext-library-sources/qlpack.yml | 4 ++-- java/ext/qlpack.yml | 4 ++-- java/lib/codeql-pack.lock.yml | 28 ++++++++++++------------- java/lib/qlpack.yml | 4 ++-- java/src/codeql-pack.lock.yml | 28 ++++++++++++------------- java/src/qlpack.yml | 4 ++-- java/test/codeql-pack.lock.yml | 28 ++++++++++++------------- java/test/qlpack.yml | 2 +- javascript/lib/codeql-pack.lock.yml | 26 +++++++++++------------ javascript/lib/qlpack.yml | 4 ++-- javascript/src/codeql-pack.lock.yml | 26 +++++++++++------------ javascript/src/qlpack.yml | 4 ++-- javascript/test/codeql-pack.lock.yml | 26 +++++++++++------------ javascript/test/qlpack.yml | 2 +- python/ext/qlpack.yml | 4 ++-- python/lib/codeql-pack.lock.yml | 26 +++++++++++------------ python/lib/qlpack.yml | 4 ++-- python/src/codeql-pack.lock.yml | 26 +++++++++++------------ python/src/qlpack.yml | 4 ++-- python/test/codeql-pack.lock.yml | 30 +++++++++++++-------------- python/test/qlpack.yml | 4 ++-- ruby/lib/codeql-pack.lock.yml | 20 +++++++++--------- ruby/lib/qlpack.yml | 4 ++-- ruby/src/codeql-pack.lock.yml | 20 +++++++++--------- ruby/src/qlpack.yml | 4 ++-- ruby/test/codeql-pack.lock.yml | 24 ++++++++++----------- ruby/test/qlpack.yml | 4 ++-- 50 files changed, 313 insertions(+), 313 deletions(-) diff --git a/.codeqlversion b/.codeqlversion index eb43aa2c..29690d10 100644 --- a/.codeqlversion +++ b/.codeqlversion @@ -1 +1 @@ -2.23.9 +2.24.3 diff --git a/.release.yml b/.release.yml index 2843cada..8eef7625 100644 --- a/.release.yml +++ b/.release.yml @@ -1,6 +1,6 @@ name: "CodeQL Community Packs" repository: "githubsecuritylab/codeql-community-packs" -version: "0.4.0" +version: "0.5.0" prerelease: false ecosystem: CodeQL diff --git a/cpp/lib/codeql-pack.lock.yml b/cpp/lib/codeql-pack.lock.yml index bde92c18..51cf27b7 100644 --- a/cpp/lib/codeql-pack.lock.yml +++ b/cpp/lib/codeql-pack.lock.yml @@ -2,27 +2,27 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/cpp-all: - version: 6.1.4 + version: 8.0.0 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/cpp/lib/qlpack.yml b/cpp/lib/qlpack.yml index 9f60be8b..7cda41c4 100644 --- a/cpp/lib/qlpack.yml +++ b/cpp/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-cpp-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/cpp-all: '6.1.4' + codeql/cpp-all: '8.0.0' diff --git a/cpp/src/codeql-pack.lock.yml b/cpp/src/codeql-pack.lock.yml index 8aaff64e..04bd0c8a 100644 --- a/cpp/src/codeql-pack.lock.yml +++ b/cpp/src/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/cpp-all: - version: 6.1.4 + version: 8.0.0 codeql/cpp-queries: - version: 1.5.8 + version: 1.5.12 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/cpp/src/qlpack.yml b/cpp/src/qlpack.yml index bc23ff5a..bad8856c 100644 --- a/cpp/src/qlpack.yml +++ b/cpp/src/qlpack.yml @@ -1,9 +1,9 @@ library: false name: githubsecuritylab/codeql-cpp-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/cpp.qls dependencies: - codeql/cpp-all: '6.1.4' - codeql/cpp-queries: '1.5.8' + codeql/cpp-all: '8.0.0' + codeql/cpp-queries: '1.5.12' githubsecuritylab/codeql-cpp-libs: '*' diff --git a/cpp/test/codeql-pack.lock.yml b/cpp/test/codeql-pack.lock.yml index 8aaff64e..04bd0c8a 100644 --- a/cpp/test/codeql-pack.lock.yml +++ b/cpp/test/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/cpp-all: - version: 6.1.4 + version: 8.0.0 codeql/cpp-queries: - version: 1.5.8 + version: 1.5.12 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/cpp/test/qlpack.yml b/cpp/test/qlpack.yml index 8bf0f5f3..48d70103 100644 --- a/cpp/test/qlpack.yml +++ b/cpp/test/qlpack.yml @@ -1,8 +1,8 @@ name: githubsecurtylab/codeql-cpp-tests groups: [cpp, test] dependencies: - codeql/cpp-all: '6.1.4' - codeql/cpp-queries: '1.5.8' + codeql/cpp-all: '8.0.0' + codeql/cpp-queries: '1.5.12' githubsecuritylab/codeql-cpp-queries: '*' githubsecuritylab/codeql-cpp-libs: '*' extractor: cpp diff --git a/csharp/ext-library-sources/qlpack.yml b/csharp/ext-library-sources/qlpack.yml index 66cce996..12dd08f6 100644 --- a/csharp/ext-library-sources/qlpack.yml +++ b/csharp/ext-library-sources/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-csharp-library-sources -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/csharp-all: '5.4.4' + codeql/csharp-all: '5.4.8' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/csharp/ext/qlpack.yml b/csharp/ext/qlpack.yml index e5ad844d..625b5e48 100644 --- a/csharp/ext/qlpack.yml +++ b/csharp/ext/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-csharp-extensions -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/csharp-all: '5.4.4' + codeql/csharp-all: '5.4.8' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/csharp/lib/codeql-pack.lock.yml b/csharp/lib/codeql-pack.lock.yml index 0580cdfb..316713e2 100644 --- a/csharp/lib/codeql-pack.lock.yml +++ b/csharp/lib/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/csharp-all: - version: 5.4.4 + version: 5.4.8 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/csharp/lib/qlpack.yml b/csharp/lib/qlpack.yml index 79d1fb97..c4d5e223 100644 --- a/csharp/lib/qlpack.yml +++ b/csharp/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-csharp-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/csharp-all: "5.4.4" + codeql/csharp-all: "5.4.8" diff --git a/csharp/src/codeql-pack.lock.yml b/csharp/src/codeql-pack.lock.yml index b31e6644..1955b2f0 100644 --- a/csharp/src/codeql-pack.lock.yml +++ b/csharp/src/codeql-pack.lock.yml @@ -2,27 +2,27 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/csharp-all: - version: 5.4.4 + version: 5.4.8 codeql/csharp-queries: - version: 1.5.4 + version: 1.6.3 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/csharp/src/qlpack.yml b/csharp/src/qlpack.yml index 6dd5353b..3d68ada7 100644 --- a/csharp/src/qlpack.yml +++ b/csharp/src/qlpack.yml @@ -1,9 +1,9 @@ library: false name: githubsecuritylab/codeql-csharp-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/csharp.qls dependencies: - codeql/csharp-all: "5.4.4" - codeql/csharp-queries: "1.5.4" # Required for Dependencies.ql + codeql/csharp-all: "5.4.8" + codeql/csharp-queries: "1.6.3" # Required for Dependencies.ql githubsecuritylab/codeql-csharp-libs: "*" diff --git a/csharp/test/codeql-pack.lock.yml b/csharp/test/codeql-pack.lock.yml index b31e6644..1955b2f0 100644 --- a/csharp/test/codeql-pack.lock.yml +++ b/csharp/test/codeql-pack.lock.yml @@ -2,27 +2,27 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/csharp-all: - version: 5.4.4 + version: 5.4.8 codeql/csharp-queries: - version: 1.5.4 + version: 1.6.3 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/csharp/test/qlpack.yml b/csharp/test/qlpack.yml index 04082172..ad8f44c2 100644 --- a/csharp/test/qlpack.yml +++ b/csharp/test/qlpack.yml @@ -1,8 +1,8 @@ name: githubsecurtylab/codeql-csharp-tests groups: [csharp, test] dependencies: - codeql/csharp-all: "5.4.4" - codeql/csharp-queries: "1.5.4" + codeql/csharp-all: "5.4.8" + codeql/csharp-queries: "1.6.3" githubsecuritylab/codeql-csharp-extensions: "*" githubsecuritylab/codeql-csharp-library-sources: "*" githubsecuritylab/codeql-csharp-libs: "*" diff --git a/go/ext/qlpack.yml b/go/ext/qlpack.yml index 5d983e4f..48c96a2a 100644 --- a/go/ext/qlpack.yml +++ b/go/ext/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-go-extensions -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/go-all: '5.0.6' + codeql/go-all: '7.0.1' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/go/lib/codeql-pack.lock.yml b/go/lib/codeql-pack.lock.yml index a662ba02..213af3bc 100644 --- a/go/lib/codeql-pack.lock.yml +++ b/go/lib/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/go-all: - version: 5.0.6 + version: 7.0.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/go/lib/qlpack.yml b/go/lib/qlpack.yml index 372cbb53..6132c96e 100644 --- a/go/lib/qlpack.yml +++ b/go/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-go-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/go-all: '5.0.6' + codeql/go-all: '7.0.1' diff --git a/go/src/codeql-pack.lock.yml b/go/src/codeql-pack.lock.yml index a662ba02..213af3bc 100644 --- a/go/src/codeql-pack.lock.yml +++ b/go/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/go-all: - version: 5.0.6 + version: 7.0.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/go/src/qlpack.yml b/go/src/qlpack.yml index 6a5818f5..a1bf23e1 100644 --- a/go/src/qlpack.yml +++ b/go/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-go-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/go.qls dependencies: - codeql/go-all: '5.0.6' + codeql/go-all: '7.0.1' githubsecuritylab/codeql-go-libs: '*' diff --git a/go/test/codeql-pack.lock.yml b/go/test/codeql-pack.lock.yml index a662ba02..213af3bc 100644 --- a/go/test/codeql-pack.lock.yml +++ b/go/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/go-all: - version: 5.0.6 + version: 7.0.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/go/test/qlpack.yml b/go/test/qlpack.yml index a3a94a6b..9c4f25f2 100644 --- a/go/test/qlpack.yml +++ b/go/test/qlpack.yml @@ -1,7 +1,7 @@ name: githubsecurtylab/codeql-go-tests groups: [go, test] dependencies: - codeql/go-all: '5.0.6' + codeql/go-all: '7.0.1' # codeql/go-queries: '*' githubsecuritylab/codeql-go-queries: '*' githubsecuritylab/codeql-go-libs: '*' diff --git a/java/ext-library-sources/qlpack.yml b/java/ext-library-sources/qlpack.yml index 30657b78..72d8db23 100644 --- a/java/ext-library-sources/qlpack.yml +++ b/java/ext-library-sources/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-java-library-sources -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/java/ext/qlpack.yml b/java/ext/qlpack.yml index 4f31f5bb..4599b495 100644 --- a/java/ext/qlpack.yml +++ b/java/ext/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-java-extensions -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/java/lib/codeql-pack.lock.yml b/java/lib/codeql-pack.lock.yml index 9fd01008..27a0468d 100644 --- a/java/lib/codeql-pack.lock.yml +++ b/java/lib/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/java-all: - version: 7.8.3 + version: 8.1.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/java/lib/qlpack.yml b/java/lib/qlpack.yml index 722baed3..c5de4a12 100644 --- a/java/lib/qlpack.yml +++ b/java/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-java-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' diff --git a/java/src/codeql-pack.lock.yml b/java/src/codeql-pack.lock.yml index 9fd01008..27a0468d 100644 --- a/java/src/codeql-pack.lock.yml +++ b/java/src/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/java-all: - version: 7.8.3 + version: 8.1.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/java/src/qlpack.yml b/java/src/qlpack.yml index fa87b7c1..9c78bb2d 100644 --- a/java/src/qlpack.yml +++ b/java/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-java-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/java.qls dependencies: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' githubsecuritylab/codeql-java-libs: '*' diff --git a/java/test/codeql-pack.lock.yml b/java/test/codeql-pack.lock.yml index 9fd01008..27a0468d 100644 --- a/java/test/codeql-pack.lock.yml +++ b/java/test/codeql-pack.lock.yml @@ -2,31 +2,31 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/java-all: - version: 7.8.3 + version: 8.1.1 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/quantum: - version: 0.0.17 + version: 0.0.21 codeql/rangeanalysis: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typeflow: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/java/test/qlpack.yml b/java/test/qlpack.yml index c8f4d2f7..6f110187 100644 --- a/java/test/qlpack.yml +++ b/java/test/qlpack.yml @@ -1,7 +1,7 @@ name: githubsecurtylab/codeql-java-tests groups: [java, test] dependencies: - codeql/java-all: '7.8.3' + codeql/java-all: '8.1.1' githubsecuritylab/codeql-java-queries: '*' githubsecuritylab/codeql-java-libs: '*' githubsecuritylab/codeql-java-library-sources: '*' diff --git a/javascript/lib/codeql-pack.lock.yml b/javascript/lib/codeql-pack.lock.yml index 2fc85485..8aba5a52 100644 --- a/javascript/lib/codeql-pack.lock.yml +++ b/javascript/lib/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/javascript-all: - version: 2.6.19 + version: 2.6.23 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/javascript/lib/qlpack.yml b/javascript/lib/qlpack.yml index 8c14ddf0..7f1a57c1 100644 --- a/javascript/lib/qlpack.yml +++ b/javascript/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-javascript-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/javascript-all: '2.6.19' + codeql/javascript-all: '2.6.23' diff --git a/javascript/src/codeql-pack.lock.yml b/javascript/src/codeql-pack.lock.yml index 2fc85485..8aba5a52 100644 --- a/javascript/src/codeql-pack.lock.yml +++ b/javascript/src/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/javascript-all: - version: 2.6.19 + version: 2.6.23 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/javascript/src/qlpack.yml b/javascript/src/qlpack.yml index 0bf1408e..6e6b76c7 100644 --- a/javascript/src/qlpack.yml +++ b/javascript/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-javascript-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/javascript.qls dependencies: - codeql/javascript-all: '2.6.19' + codeql/javascript-all: '2.6.23' githubsecuritylab/codeql-javascript-libs: '*' diff --git a/javascript/test/codeql-pack.lock.yml b/javascript/test/codeql-pack.lock.yml index 2fc85485..8aba5a52 100644 --- a/javascript/test/codeql-pack.lock.yml +++ b/javascript/test/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/javascript-all: - version: 2.6.19 + version: 2.6.23 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/javascript/test/qlpack.yml b/javascript/test/qlpack.yml index 8f2badf0..57cdb7dc 100644 --- a/javascript/test/qlpack.yml +++ b/javascript/test/qlpack.yml @@ -1,7 +1,7 @@ name: githubsecuritylab/codeql-javascript-tests groups: [javascript, test] dependencies: - codeql/javascript-all: "2.6.19" + codeql/javascript-all: "2.6.23" githubsecuritylab/codeql-javascript-queries: "*" extractor: javascript diff --git a/python/ext/qlpack.yml b/python/ext/qlpack.yml index 8d8701e8..862a8524 100644 --- a/python/ext/qlpack.yml +++ b/python/ext/qlpack.yml @@ -1,8 +1,8 @@ library: true name: githubsecuritylab/codeql-python-extensions -version: 0.4.0 +version: 0.5.0 extensionTargets: - codeql/python-all: '5.0.4' + codeql/python-all: '7.0.0' dataExtensions: - 'manual/*.yml' - 'manual/**/*.yml' diff --git a/python/lib/codeql-pack.lock.yml b/python/lib/codeql-pack.lock.yml index f47fb087..95fc12fc 100644 --- a/python/lib/codeql-pack.lock.yml +++ b/python/lib/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/python-all: - version: 5.0.4 + version: 7.0.0 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/python/lib/qlpack.yml b/python/lib/qlpack.yml index 9d942cdc..5d7bae49 100644 --- a/python/lib/qlpack.yml +++ b/python/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-python-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/python-all: '5.0.4' + codeql/python-all: '7.0.0' diff --git a/python/src/codeql-pack.lock.yml b/python/src/codeql-pack.lock.yml index f47fb087..95fc12fc 100644 --- a/python/src/codeql-pack.lock.yml +++ b/python/src/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/python-all: - version: 5.0.4 + version: 7.0.0 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/python/src/qlpack.yml b/python/src/qlpack.yml index 2c1289f4..1e5af5aa 100644 --- a/python/src/qlpack.yml +++ b/python/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-python-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/python.qls dependencies: - codeql/python-all: '5.0.4' + codeql/python-all: '7.0.0' githubsecuritylab/codeql-python-libs: '*' diff --git a/python/test/codeql-pack.lock.yml b/python/test/codeql-pack.lock.yml index eca1aeaf..160978db 100644 --- a/python/test/codeql-pack.lock.yml +++ b/python/test/codeql-pack.lock.yml @@ -2,33 +2,33 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/python-all: - version: 5.0.4 + version: 7.0.0 codeql/python-queries: - version: 1.7.4 + version: 1.7.8 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/threat-models: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 codeql/xml: - version: 1.0.39 + version: 1.0.43 codeql/yaml: - version: 1.0.39 + version: 1.0.43 compiled: false diff --git a/python/test/qlpack.yml b/python/test/qlpack.yml index 663f8754..20705b7e 100644 --- a/python/test/qlpack.yml +++ b/python/test/qlpack.yml @@ -1,8 +1,8 @@ name: githubsecurtylab/codeql-python-tests groups: [python, test] dependencies: - codeql/python-all: '5.0.4' - codeql/python-queries: '1.7.4' + codeql/python-all: '7.0.0' + codeql/python-queries: '1.7.8' githubsecuritylab/codeql-python-queries: '*' githubsecuritylab/codeql-python-libs: '*' extractor: python diff --git a/ruby/lib/codeql-pack.lock.yml b/ruby/lib/codeql-pack.lock.yml index f5619ce6..d30e1240 100644 --- a/ruby/lib/codeql-pack.lock.yml +++ b/ruby/lib/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ruby-all: - version: 5.1.7 + version: 5.1.11 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/ruby/lib/qlpack.yml b/ruby/lib/qlpack.yml index f51a22fa..d7b3c192 100644 --- a/ruby/lib/qlpack.yml +++ b/ruby/lib/qlpack.yml @@ -1,5 +1,5 @@ library: true name: githubsecuritylab/codeql-ruby-libs -version: 0.4.0 +version: 0.5.0 dependencies: - codeql/ruby-all: '5.1.7' + codeql/ruby-all: '5.1.11' diff --git a/ruby/src/codeql-pack.lock.yml b/ruby/src/codeql-pack.lock.yml index f5619ce6..d30e1240 100644 --- a/ruby/src/codeql-pack.lock.yml +++ b/ruby/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ruby-all: - version: 5.1.7 + version: 5.1.11 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/ruby/src/qlpack.yml b/ruby/src/qlpack.yml index eae02d0c..02c91e5d 100644 --- a/ruby/src/qlpack.yml +++ b/ruby/src/qlpack.yml @@ -1,8 +1,8 @@ library: false name: githubsecuritylab/codeql-ruby-queries -version: 0.4.0 +version: 0.5.0 suites: suites defaultSuiteFile: suites/ruby.qls dependencies: - codeql/ruby-all: '5.1.7' + codeql/ruby-all: '5.1.11' githubsecuritylab/codeql-ruby-libs: '*' diff --git a/ruby/test/codeql-pack.lock.yml b/ruby/test/codeql-pack.lock.yml index 5922bcf9..0dfcc28d 100644 --- a/ruby/test/codeql-pack.lock.yml +++ b/ruby/test/codeql-pack.lock.yml @@ -2,27 +2,27 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.13 + version: 0.0.17 codeql/controlflow: - version: 2.0.23 + version: 2.0.27 codeql/dataflow: - version: 2.0.23 + version: 2.0.27 codeql/mad: - version: 1.0.39 + version: 1.0.43 codeql/regex: - version: 1.0.39 + version: 1.0.43 codeql/ruby-all: - version: 5.1.7 + version: 5.1.11 codeql/ruby-queries: - version: 1.5.4 + version: 1.5.8 codeql/ssa: - version: 2.0.15 + version: 2.0.19 codeql/suite-helpers: - version: 1.0.39 + version: 1.0.43 codeql/tutorial: - version: 1.0.39 + version: 1.0.43 codeql/typetracking: - version: 2.0.23 + version: 2.0.27 codeql/util: - version: 2.0.26 + version: 2.0.30 compiled: false diff --git a/ruby/test/qlpack.yml b/ruby/test/qlpack.yml index 17f227e9..9ed047b8 100644 --- a/ruby/test/qlpack.yml +++ b/ruby/test/qlpack.yml @@ -1,8 +1,8 @@ name: githubsecurtylab/codeql-ruby-tests groups: [ruby, test] dependencies: - codeql/ruby-all: '5.1.7' - codeql/ruby-queries: '1.5.4' + codeql/ruby-all: '5.1.11' + codeql/ruby-queries: '1.5.8' githubsecuritylab/codeql-ruby-queries: '*' githubsecuritylab/codeql-ruby-libs: '*' extractor: ruby From fd4ff0a12a6d24fb62154e91676735e86d2304cb Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 11 Jul 2026 02:09:22 +0000 Subject: [PATCH 2/2] fix: update Java and Python queries for CodeQL 2.24.3 API changes - java/src/library_sources/ExternalAPIs.qll: rename applyManualModel() to hasManualModel() on SummarizedCallable (method was removed in java-all 8.1.1) - python/lib/ghsl/MassAssignment.qll: replace deprecated Value type and CallNode with DataFlow::MethodCallNode (Value is no longer re-exported from python.qll in python-all 7.0.0) Co-authored-by: felickz <1760475+felickz@users.noreply.github.com> --- java/src/library_sources/ExternalAPIs.qll | 2 +- python/lib/ghsl/MassAssignment.qll | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/java/src/library_sources/ExternalAPIs.qll b/java/src/library_sources/ExternalAPIs.qll index c9e58654..63fbfbd1 100644 --- a/java/src/library_sources/ExternalAPIs.qll +++ b/java/src/library_sources/ExternalAPIs.qll @@ -193,7 +193,7 @@ private J::Callable liftedImpl(J::Callable m) { } private predicate hasManualModel(Callable api) { - api = any(FlowSummaryImpl::Public::SummarizedCallable sc | sc.applyManualModel()).asCallable() or + api = any(FlowSummaryImpl::Public::SummarizedCallable sc | sc.hasManualModel()).asCallable() or api = any(FlowSummaryImpl::Public::NeutralSummaryCallable sc | sc.hasManualModel()).asCallable() } diff --git a/python/lib/ghsl/MassAssignment.qll b/python/lib/ghsl/MassAssignment.qll index 5d8f1836..befd90bb 100644 --- a/python/lib/ghsl/MassAssignment.qll +++ b/python/lib/ghsl/MassAssignment.qll @@ -22,10 +22,9 @@ module MassAssignment { this = API::builtin("setattr").getACall().getArg(1) or // > __setattr__(SINK, value) - exists(Value value, CallNode call | - value.getName() = "__setattr__" and - call = value.getACall() and - this.asCfgNode() = call.getArg(0) + exists(DataFlow::MethodCallNode call | + call.getMethodName() = "__setattr__" and + this = call.getArg(0) ) ) and this.getScope().inSource()