GitHubSecurityLab
diff --git a/‎cpp/lib/codeql-pack.lock.yml
Lines changed: 10 additions & 10 deletions b/‎cpp/lib/codeql-pack.lock.yml
Lines changed: 10 additions & 10 deletions
diff --git a/‎cpp/src/codeql-pack.lock.yml
Lines changed: 12 additions & 12 deletions b/‎cpp/src/codeql-pack.lock.yml
Lines changed: 12 additions & 12 deletions
diff --git a/‎cpp/test/codeql-pack.lock.yml
Lines changed: 12 additions & 12 deletions b/‎cpp/test/codeql-pack.lock.yml
Lines changed: 12 additions & 12 deletions
diff --git a/‎csharp/lib/codeql-pack.lock.yml
Lines changed: 10 additions & 10 deletions b/‎csharp/lib/codeql-pack.lock.yml
Lines changed: 10 additions & 10 deletions
diff --git a/‎csharp/src/audit/explore/Dependencies.ql
Lines changed: 1 addition & 1 deletion b/‎csharp/src/audit/explore/Dependencies.ql
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/src/codeql-pack.lock.yml
Lines changed: 12 additions & 12 deletions b/‎csharp/src/codeql-pack.lock.yml
Lines changed: 12 additions & 12 deletions
diff --git a/‎csharp/src/library_sources/ExternalAPIsQuery.qll
Lines changed: 0 additions & 13 deletions b/‎csharp/src/library_sources/ExternalAPIsQuery.qll
Lines changed: 0 additions & 13 deletions
diff --git a/‎csharp/src/security/dataflow/flowsources/AuthCookie.qll
Lines changed: 0 additions & 55 deletions b/‎csharp/src/security/dataflow/flowsources/AuthCookie.qll
Lines changed: 0 additions & 55 deletions
diff --git a/‎csharp/test/codeql-pack.lock.yml
Lines changed: 12 additions & 12 deletions b/‎csharp/test/codeql-pack.lock.yml
Lines changed: 12 additions & 12 deletions
diff --git a/‎go/lib/codeql-pack.lock.yml
Lines changed: 8 additions & 8 deletions b/‎go/lib/codeql-pack.lock.yml
Lines changed: 8 additions & 8 deletions
@@ -2,23 +2,23 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/cpp-all:
-    version: 2.1.0
+    version: 3.1.0
   codeql/dataflow:
-    version: 1.1.5
+    version: 1.1.8
   codeql/mad:
-    version: 1.0.11
+    version: 1.0.14
   codeql/rangeanalysis:
-    version: 1.0.11
+    version: 1.0.14
   codeql/ssa:
-    version: 1.0.11
+    version: 1.0.14
   codeql/tutorial:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typeflow:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typetracking:
-    version: 1.0.11
+    version: 1.0.14
   codeql/util:
-    version: 1.0.11
+    version: 2.0.1
   codeql/xml:
-    version: 1.0.11
+    version: 1.0.14
 compiled: false
@@ -2,27 +2,27 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/cpp-all:
-    version: 2.1.0
+    version: 3.1.0
   codeql/cpp-queries:
-    version: 1.2.6
+    version: 1.3.1
   codeql/dataflow:
-    version: 1.1.5
+    version: 1.1.8
   codeql/mad:
-    version: 1.0.11
+    version: 1.0.14
   codeql/rangeanalysis:
-    version: 1.0.11
+    version: 1.0.14
   codeql/ssa:
-    version: 1.0.11
+    version: 1.0.14
   codeql/suite-helpers:
-    version: 1.0.11
+    version: 1.0.14
   codeql/tutorial:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typeflow:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typetracking:
-    version: 1.0.11
+    version: 1.0.14
   codeql/util:
-    version: 1.0.11
+    version: 2.0.1
   codeql/xml:
-    version: 1.0.11
+    version: 1.0.14
 compiled: false
@@ -2,27 +2,27 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/cpp-all:
-    version: 2.1.0
+    version: 3.1.0
   codeql/cpp-queries:
-    version: 1.2.6
+    version: 1.3.1
   codeql/dataflow:
-    version: 1.1.5
+    version: 1.1.8
   codeql/mad:
-    version: 1.0.11
+    version: 1.0.14
   codeql/rangeanalysis:
-    version: 1.0.11
+    version: 1.0.14
   codeql/ssa:
-    version: 1.0.11
+    version: 1.0.14
   codeql/suite-helpers:
-    version: 1.0.11
+    version: 1.0.14
   codeql/tutorial:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typeflow:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typetracking:
-    version: 1.0.11
+    version: 1.0.14
   codeql/util:
-    version: 1.0.11
+    version: 2.0.1
   codeql/xml:
-    version: 1.0.11
+    version: 1.0.14
 compiled: false
@@ -2,23 +2,23 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/controlflow:
-    version: 1.0.11
+    version: 1.0.14
   codeql/csharp-all:
-    version: 3.1.0
+    version: 4.0.1
   codeql/dataflow:
-    version: 1.1.5
+    version: 1.1.8
   codeql/mad:
-    version: 1.0.11
+    version: 1.0.14
   codeql/ssa:
-    version: 1.0.11
+    version: 1.0.14
   codeql/threat-models:
-    version: 1.0.11
+    version: 1.0.14
   codeql/tutorial:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typetracking:
-    version: 1.0.11
+    version: 1.0.14
   codeql/util:
-    version: 1.0.11
+    version: 2.0.1
   codeql/xml:
-    version: 1.0.11
+    version: 1.0.14
 compiled: false
@@ -9,7 +9,7 @@
 
 private import csharp
 private import semmle.code.csharp.dispatch.Dispatch
-private import Telemetry.ExternalApi
+private import semmle.code.csharp.telemetry.ExternalApi
 
 private predicate getRelevantUsages(string namespace, int usages) {
   usages =
 
@@ -2,27 +2,27 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/controlflow:
-    version: 1.0.11
+    version: 1.0.14
   codeql/csharp-all:
-    version: 3.1.0
+    version: 4.0.1
   codeql/csharp-queries:
-    version: 1.0.11
+    version: 1.0.14
   codeql/dataflow:
-    version: 1.1.5
+    version: 1.1.8
   codeql/mad:
-    version: 1.0.11
+    version: 1.0.14
   codeql/ssa:
-    version: 1.0.11
+    version: 1.0.14
   codeql/suite-helpers:
-    version: 1.0.11
+    version: 1.0.14
   codeql/threat-models:
-    version: 1.0.11
+    version: 1.0.14
   codeql/tutorial:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typetracking:
-    version: 1.0.11
+    version: 1.0.14
   codeql/util:
-    version: 1.0.11
+    version: 2.0.1
   codeql/xml:
-    version: 1.0.11
+    version: 1.0.14
 compiled: false
@@ -98,19 +98,6 @@ class ExternalApiDataNode extends DataFlow::Node {
   }
 }
 
-/**
- * DEPRECATED: Use `RemoteSourceToExternalApi` instead.
- *
- * A configuration for tracking flow from `RemoteFlowSource`s to `ExternalApiDataNode`s.
- */
-deprecated class UntrustedDataToExternalApiConfig extends TaintTracking::Configuration {
-  UntrustedDataToExternalApiConfig() { this = "UntrustedDataToExternalAPIConfig" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
-}
-
 /** A configuration for tracking flow from `ThreatModelFlowSource`s to `ExternalApiDataNode`s. */
 private module RemoteSourceToExternalApiConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }
 
@@ -114,61 +114,6 @@ Expr getAValueForProp(ObjectCreation create, Assignment a, string prop) {
  */
 predicate isPropertySet(ObjectCreation oc, string prop) { exists(getAValueForProp(oc, _, prop)) }
 
-/**
- * Tracks if a callback used in `OnAppendCookie` sets a cookie property to `true`.
- */
-abstract deprecated private class OnAppendCookieTrackingConfig extends DataFlow::Configuration {
-  bindingset[this]
-  OnAppendCookieTrackingConfig() { any() }
-
-  /**
-   * Specifies the cookie property name to track.
-   */
-  abstract string propertyName();
-
-  override predicate isSource(DataFlow::Node source) {
-    exists(PropertyWrite pw, Assignment delegateAssign, Callable c |
-      pw.getProperty().getName() = "OnAppendCookie" and
-      pw.getProperty().getDeclaringType() instanceof MicrosoftAspNetCoreBuilderCookiePolicyOptions and
-      delegateAssign.getLValue() = pw and
-      (
-        exists(LambdaExpr lambda |
-          delegateAssign.getRValue() = lambda and
-          lambda = c
-        )
-        or
-        exists(DelegateCreation delegate |
-          delegateAssign.getRValue() = delegate and
-          delegate.getArgument().(CallableAccess).getTarget() = c
-        )
-      ) and
-      c.getParameter(0) = source.asParameter()
-    )
-  }
-
-  override predicate isSink(DataFlow::Node sink) {
-    exists(PropertyWrite pw, Assignment a |
-      pw.getProperty().getDeclaringType() instanceof MicrosoftAspNetCoreHttpCookieOptions and
-      pw.getProperty().getName() = this.propertyName() and
-      a.getLValue() = pw and
-      exists(Expr val |
-        DataFlow::localExprFlow(val, a.getRValue()) and
-        val.getValue() = "true"
-      ) and
-      sink.asExpr() = pw.getQualifier()
-    )
-  }
-
-  override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
-    node2.asExpr() =
-      any(PropertyRead pr |
-        pr.getQualifier() = node1.asExpr() and
-        pr.getProperty().getDeclaringType() instanceof
-          MicrosoftAspNetCoreCookiePolicyAppendCookieContext
-      )
-  }
-}
-
 private signature string propertyName();
 
 /**
 
@@ -2,27 +2,27 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/controlflow:
-    version: 1.0.11
+    version: 1.0.14
   codeql/csharp-all:
-    version: 3.1.0
+    version: 4.0.1
   codeql/csharp-queries:
-    version: 1.0.11
+    version: 1.0.14
   codeql/dataflow:
-    version: 1.1.5
+    version: 1.1.8
   codeql/mad:
-    version: 1.0.11
+    version: 1.0.14
   codeql/ssa:
-    version: 1.0.11
+    version: 1.0.14
   codeql/suite-helpers:
-    version: 1.0.11
+    version: 1.0.14
   codeql/threat-models:
-    version: 1.0.11
+    version: 1.0.14
   codeql/tutorial:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typetracking:
-    version: 1.0.11
+    version: 1.0.14
   codeql/util:
-    version: 1.0.11
+    version: 2.0.1
   codeql/xml:
-    version: 1.0.11
+    version: 1.0.14
 compiled: false
@@ -2,19 +2,19 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/dataflow:
-    version: 1.1.5
+    version: 1.1.8
   codeql/go-all:
-    version: 2.1.2
+    version: 3.0.1
   codeql/mad:
-    version: 1.0.11
+    version: 1.0.14
   codeql/ssa:
-    version: 1.0.11
+    version: 1.0.14
   codeql/threat-models:
-    version: 1.0.11
+    version: 1.0.14
   codeql/tutorial:
-    version: 1.0.11
+    version: 1.0.14
   codeql/typetracking:
-    version: 1.0.11
+    version: 1.0.14
   codeql/util:
-    version: 1.0.11
+    version: 2.0.1
 compiled: false