Sync upstream `v2.23.8` #308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

ropwareJB merged 667 commits into main from jb1/sync-upstream-2-23-8

Dec 15, 2025

Merged

Sync upstream `v2.23.8` #308

Manual merge javascript/ql/lib/semmle/javascript/dataflow/internal/Da…

GitHub Advanced Security / CodeQL failed Dec 15, 2025 in 2s

5 configurations not found

Warning: Code scanning may not have found all the alerts introduced by this pull request, because 5 configurations present on refs/heads/main were not found:

Actions workflow (`rust-analysis.yml`)

❓ .github/workflows/rust-analysis.yml:analyze/language:rust

Actions workflow (`csv-coverage-metrics.yml`)

❓ .github/workflows/csv-coverage-metrics.yml:publish-csharp
❓ .github/workflows/csv-coverage-metrics.yml:publish-java

API upload

❓ <default>

Actions workflow (`cpp-swift-analysis.yml`)

❓ .github/workflows/cpp-swift-analysis.yml:CodeQL-Build

New alerts in code changed by this pull request

Security Alerts:

4 high

Other Alerts:

1 warning
55 notes

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 4 in csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/SystemWeb/RequireSSLFalse/Web.config

Code scanning / CodeQL

'requireSSL' attribute is not set to true High test

The 'requireSSL' attribute is not set to 'true'.

Check failure on line 4 in csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/SystemWeb/HttpOnlyCookiesTrue/Web.config

Code scanning / CodeQL

'requireSSL' attribute is not set to true High test

The 'requireSSL' attribute is not set to 'true'.

Check failure on line 4 in csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/SystemWeb/HttpOnlyCookiesFalse/Web.config

Code scanning / CodeQL

'requireSSL' attribute is not set to true High test

The 'requireSSL' attribute is not set to 'true'.

Check failure on line 4 in csharp/ql/src/Security Features/CWE-1004/Web.config

Code scanning / CodeQL

'requireSSL' attribute is not set to true High

The 'requireSSL' attribute is not set to 'true'.

Check warning on line 619 in csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackageRestorer.cs

Code scanning / CodeQL

Useless assignment to local variable Warning

This assignment to

is useless, since its value is never read.

Check notice on line 220 in csharp/extractor/Semmle.Extraction.CSharp/Extractor/Analyser.cs

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check notice on line 179 in csharp/extractor/Semmle.Extraction.CSharp/Extractor/Analyser.cs

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check notice on line 172 in csharp/extractor/Semmle.Extraction.CSharp/Extractor/Analyser.cs

Code scanning / CodeQL

Nested 'if' statements can be combined Note

These 'if' statements can be combined.

Check notice on line 117 in csharp/extractor/Semmle.Extraction.CSharp/Extractor/Analyser.cs

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check notice on line 589 in csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/Type.cs

Code scanning / CodeQL

Missed opportunity to use Where Note

This foreach loop

- consider filtering the sequence explicitly using '.Where(...)'.

Check notice on line 52 in csharp/extractor/Semmle.Extraction.CSharp/Entities/Types/TupleType.cs

Code scanning / CodeQL

Missed opportunity to use Where Note

This foreach loop

- consider filtering the sequence explicitly using '.Where(...)'.

Check notice on line 121 in csharp/extractor/Semmle.Extraction.CSharp/Entities/TypeMention.cs

Code scanning / CodeQL