Skip to content

Commit c93445c

Browse files
mschwagermschwager
authored
Update all pack dependencies (#34)
1 parent afc77c1 commit c93445c

8 files changed

Lines changed: 117 additions & 67 deletions

File tree

cpp/lib/codeql-pack.lock.yml

Lines changed: 21 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,28 @@
11
---
22
lockVersion: 1.0.0
33
dependencies:
4+
codeql/controlflow:
5+
version: 2.0.22
46
codeql/cpp-all:
5-
version: 0.6.1
7+
version: 6.1.3
8+
codeql/dataflow:
9+
version: 2.0.22
10+
codeql/mad:
11+
version: 1.0.38
12+
codeql/quantum:
13+
version: 0.0.16
14+
codeql/rangeanalysis:
15+
version: 1.0.38
616
codeql/ssa:
7-
version: 0.0.14
17+
version: 2.0.14
818
codeql/tutorial:
9-
version: 0.0.7
19+
version: 1.0.38
20+
codeql/typeflow:
21+
version: 1.0.38
22+
codeql/typetracking:
23+
version: 2.0.22
24+
codeql/util:
25+
version: 2.0.25
26+
codeql/xml:
27+
version: 1.0.38
1028
compiled: false

cpp/src/codeql-pack.lock.yml

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,28 @@
11
---
22
lockVersion: 1.0.0
33
dependencies:
4+
codeql/controlflow:
5+
version: 2.0.22
46
codeql/cpp-all:
5-
version: 3.0.0
7+
version: 6.1.3
68
codeql/dataflow:
7-
version: 1.1.7
9+
version: 2.0.22
810
codeql/mad:
9-
version: 1.0.13
11+
version: 1.0.38
12+
codeql/quantum:
13+
version: 0.0.16
1014
codeql/rangeanalysis:
11-
version: 1.0.13
15+
version: 1.0.38
1216
codeql/ssa:
13-
version: 1.0.13
17+
version: 2.0.14
1418
codeql/tutorial:
15-
version: 1.0.13
19+
version: 1.0.38
1620
codeql/typeflow:
17-
version: 1.0.13
21+
version: 1.0.38
1822
codeql/typetracking:
19-
version: 1.0.13
23+
version: 2.0.22
2024
codeql/util:
21-
version: 2.0.0
25+
version: 2.0.25
2226
codeql/xml:
23-
version: 1.0.13
27+
version: 1.0.38
2428
compiled: false

cpp/test/codeql-pack.lock.yml

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,28 @@
11
---
22
lockVersion: 1.0.0
33
dependencies:
4+
codeql/controlflow:
5+
version: 2.0.22
46
codeql/cpp-all:
5-
version: 3.0.0
7+
version: 6.1.3
68
codeql/dataflow:
7-
version: 1.1.7
9+
version: 2.0.22
810
codeql/mad:
9-
version: 1.0.13
11+
version: 1.0.38
12+
codeql/quantum:
13+
version: 0.0.16
1014
codeql/rangeanalysis:
11-
version: 1.0.13
15+
version: 1.0.38
1216
codeql/ssa:
13-
version: 1.0.13
17+
version: 2.0.14
1418
codeql/tutorial:
15-
version: 1.0.13
19+
version: 1.0.38
1620
codeql/typeflow:
17-
version: 1.0.13
21+
version: 1.0.38
1822
codeql/typetracking:
19-
version: 1.0.13
23+
version: 2.0.22
2024
codeql/util:
21-
version: 2.0.0
25+
version: 2.0.25
2226
codeql/xml:
23-
version: 1.0.13
27+
version: 1.0.38
2428
compiled: false

go/src/codeql-pack.lock.yml

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,24 @@
11
---
22
lockVersion: 1.0.0
33
dependencies:
4+
codeql/concepts:
5+
version: 0.0.12
6+
codeql/controlflow:
7+
version: 2.0.22
48
codeql/dataflow:
5-
version: 1.1.7
9+
version: 2.0.22
610
codeql/go-all:
7-
version: 3.0.0
11+
version: 5.0.5
812
codeql/mad:
9-
version: 1.0.13
13+
version: 1.0.38
1014
codeql/ssa:
11-
version: 1.0.13
15+
version: 2.0.14
1216
codeql/threat-models:
13-
version: 1.0.13
17+
version: 1.0.38
1418
codeql/tutorial:
15-
version: 1.0.13
19+
version: 1.0.38
1620
codeql/typetracking:
17-
version: 1.0.13
21+
version: 2.0.22
1822
codeql/util:
19-
version: 2.0.0
23+
version: 2.0.25
2024
compiled: false

go/src/security/MissingMinVersionTLS/MissingMinVersionTLS.ql

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,12 @@ module TlsConfigCreationConfig implements DataFlow::ConfigSig {
6262
/**
6363
* Holds if it is TLS.Config instance (a Variable).
6464
*/
65-
predicate isSink(DataFlow::Node sink) { exists(Variable v | sink.asExpr() = v.getAReference()) }
65+
predicate isSink(DataFlow::Node sink) {
66+
exists(Variable v |
67+
sink.asExpr() = v.getAReference() or
68+
sink.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr() = v.getAReference()
69+
)
70+
}
6671

6772
/**
6873
* Holds if TLS.Config literal is saved in a structure's field
@@ -87,13 +92,13 @@ predicate configOrConfigPointer(Type t) {
8792
or
8893
exists(Type tp |
8994
tp.hasQualifiedName("crypto/tls", "Config") and
90-
t.(NamedType).getUnderlyingType().(StructType).hasField(_, tp)
95+
t.(DefinedType).getUnderlyingType().(StructType).hasField(_, tp)
9196
)
9297
or
9398
exists(Type tp, Type tp2 |
9499
tp.hasQualifiedName("crypto/tls", "Config") and
95100
tp2 = tp.getPointerType+() and
96-
t.(NamedType).getUnderlyingType().(StructType).hasField(_, tp2)
101+
t.(DefinedType).getUnderlyingType().(StructType).hasField(_, tp2)
97102
)
98103
}
99104

@@ -225,7 +230,10 @@ where
225230
// find tls.Config structures with MinVersion not set on the structure initialization
226231
(
227232
TlsConfigCreationFlow::flow(source, sink) and
228-
sink.asExpr() = v.getAReference() and
233+
(
234+
sink.asExpr() = v.getAReference() or
235+
sink.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr() = v.getAReference()
236+
) and
229237
source.asExpr() = configStruct
230238
) and
231239
// only explicitely defined, e.g., skip function arguments

go/test/codeql-pack.lock.yml

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,24 @@
11
---
22
lockVersion: 1.0.0
33
dependencies:
4+
codeql/concepts:
5+
version: 0.0.12
6+
codeql/controlflow:
7+
version: 2.0.22
48
codeql/dataflow:
5-
version: 1.1.7
9+
version: 2.0.22
610
codeql/go-all:
7-
version: 3.0.0
11+
version: 5.0.5
812
codeql/mad:
9-
version: 1.0.13
13+
version: 1.0.38
1014
codeql/ssa:
11-
version: 1.0.13
15+
version: 2.0.14
1216
codeql/threat-models:
13-
version: 1.0.13
17+
version: 1.0.38
1418
codeql/tutorial:
15-
version: 1.0.13
19+
version: 1.0.38
1620
codeql/typetracking:
17-
version: 1.0.13
21+
version: 2.0.22
1822
codeql/util:
19-
version: 2.0.0
23+
version: 2.0.25
2024
compiled: false

java/src/codeql-pack.lock.yml

Lines changed: 16 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,28 +1,32 @@
11
---
22
lockVersion: 1.0.0
33
dependencies:
4+
codeql/controlflow:
5+
version: 2.0.22
46
codeql/dataflow:
5-
version: 1.1.5
7+
version: 2.0.22
68
codeql/java-all:
7-
version: 4.2.0
9+
version: 7.8.2
810
codeql/mad:
9-
version: 1.0.11
11+
version: 1.0.38
12+
codeql/quantum:
13+
version: 0.0.16
1014
codeql/rangeanalysis:
11-
version: 1.0.11
15+
version: 1.0.38
1216
codeql/regex:
13-
version: 1.0.11
17+
version: 1.0.38
1418
codeql/ssa:
15-
version: 1.0.11
19+
version: 2.0.14
1620
codeql/threat-models:
17-
version: 1.0.11
21+
version: 1.0.38
1822
codeql/tutorial:
19-
version: 1.0.11
23+
version: 1.0.38
2024
codeql/typeflow:
21-
version: 1.0.11
25+
version: 1.0.38
2226
codeql/typetracking:
23-
version: 1.0.11
27+
version: 2.0.22
2428
codeql/util:
25-
version: 1.0.11
29+
version: 2.0.25
2630
codeql/xml:
27-
version: 1.0.11
31+
version: 1.0.38
2832
compiled: false

java/test/codeql-pack.lock.yml

Lines changed: 16 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,28 +1,32 @@
11
---
22
lockVersion: 1.0.0
33
dependencies:
4+
codeql/controlflow:
5+
version: 2.0.22
46
codeql/dataflow:
5-
version: 1.1.5
7+
version: 2.0.22
68
codeql/java-all:
7-
version: 4.2.0
9+
version: 7.8.2
810
codeql/mad:
9-
version: 1.0.11
11+
version: 1.0.38
12+
codeql/quantum:
13+
version: 0.0.16
1014
codeql/rangeanalysis:
11-
version: 1.0.11
15+
version: 1.0.38
1216
codeql/regex:
13-
version: 1.0.11
17+
version: 1.0.38
1418
codeql/ssa:
15-
version: 1.0.11
19+
version: 2.0.14
1620
codeql/threat-models:
17-
version: 1.0.11
21+
version: 1.0.38
1822
codeql/tutorial:
19-
version: 1.0.11
23+
version: 1.0.38
2024
codeql/typeflow:
21-
version: 1.0.11
25+
version: 1.0.38
2226
codeql/typetracking:
23-
version: 1.0.11
27+
version: 2.0.22
2428
codeql/util:
25-
version: 1.0.11
29+
version: 2.0.25
2630
codeql/xml:
27-
version: 1.0.11
31+
version: 1.0.38
2832
compiled: false

0 commit comments

Comments
 (0)