Merge branch 'main' into js-insecure-http-parser

Author: natejohnson05

.bazelversion

@@ -1 +1 @@
-5.0.0
+6.1.2

.github/workflows/go-tests-other-os.yml

@@ -15,7 +15,7 @@ jobs:
       - name: Set up Go 1.20
         uses: actions/setup-go@v4
         with:
-          go-version: 1.20.0
+          go-version: '1.20'
         id: go
 
       - name: Check out code
@@ -50,7 +50,7 @@ jobs:
       - name: Set up Go 1.20
         uses: actions/setup-go@v4
         with:
-          go-version: 1.20.0
+          go-version: '1.20'
         id: go
 
       - name: Check out code

.github/workflows/go-tests.yml

@@ -23,7 +23,7 @@ jobs:
       - name: Set up Go 1.20
         uses: actions/setup-go@v4
         with:
-          go-version: 1.20.0
+          go-version: '1.20'
         id: go
 
       - name: Check out code

.github/workflows/ruby-build.yml

@@ -58,10 +58,8 @@ jobs:
         id: cache-extractor
         with:
           path: |
-            ruby/extractor/target/release/autobuilder
-            ruby/extractor/target/release/autobuilder.exe
-            ruby/extractor/target/release/extractor
-            ruby/extractor/target/release/extractor.exe
+            ruby/extractor/target/release/codeql-extractor-ruby
+            ruby/extractor/target/release/codeql-extractor-ruby.exe
             ruby/extractor/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
           key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-extractor-${{ hashFiles('ruby/extractor/rust-toolchain.toml', 'ruby/extractor/Cargo.lock') }}--${{ hashFiles('ruby/extractor/**/*.rs') }}
       - uses: actions/cache@v3
@@ -88,15 +86,13 @@ jobs:
         run: |
           cd extractor
           cross build --release
-          mv target/x86_64-unknown-linux-gnu/release/extractor target/release/
-          mv target/x86_64-unknown-linux-gnu/release/autobuilder target/release/
-          mv target/x86_64-unknown-linux-gnu/release/generator target/release/
+          mv target/x86_64-unknown-linux-gnu/release/codeql-extractor-ruby target/release/
       - name: Release build (windows and macos)
         if: steps.cache-extractor.outputs.cache-hit != 'true' && runner.os != 'Linux'
         run: cd extractor && cargo build --release
       - name: Generate dbscheme
         if: ${{ matrix.os == 'ubuntu-latest' && steps.cache-extractor.outputs.cache-hit != 'true'}}
-        run: extractor/target/release/generator --dbscheme ql/lib/ruby.dbscheme --library ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
+        run: extractor/target/release/codeql-extractor-ruby generate --dbscheme ql/lib/ruby.dbscheme --library ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
       - uses: actions/upload-artifact@v3
         if: ${{ matrix.os == 'ubuntu-latest' }}
         with:
@@ -111,10 +107,8 @@ jobs:
         with:
           name: extractor-${{ matrix.os }}
           path: |
-            ruby/extractor/target/release/autobuilder
-            ruby/extractor/target/release/autobuilder.exe
-            ruby/extractor/target/release/extractor
-            ruby/extractor/target/release/extractor.exe
+            ruby/extractor/target/release/codeql-extractor-ruby
+            ruby/extractor/target/release/codeql-extractor-ruby.exe
           retention-days: 1
   compile-queries:
     runs-on: ubuntu-latest-xl
@@ -172,13 +166,10 @@ jobs:
           mkdir -p ruby
           cp -r codeql-extractor.yml tools ql/lib/ruby.dbscheme.stats ruby/
           mkdir -p ruby/tools/{linux64,osx64,win64}
-          cp linux64/autobuilder ruby/tools/linux64/autobuilder
-          cp osx64/autobuilder ruby/tools/osx64/autobuilder
-          cp win64/autobuilder.exe ruby/tools/win64/autobuilder.exe
-          cp linux64/extractor ruby/tools/linux64/extractor
-          cp osx64/extractor ruby/tools/osx64/extractor
-          cp win64/extractor.exe ruby/tools/win64/extractor.exe
-          chmod +x ruby/tools/{linux64,osx64}/{autobuilder,extractor}
+          cp linux64/codeql-extractor-ruby ruby/tools/linux64/extractor
+          cp osx64/codeql-extractor-ruby ruby/tools/osx64/extractor
+          cp win64/codeql-extractor-ruby.exe ruby/tools/win64/extractor.exe
+          chmod +x ruby/tools/{linux64,osx64}/extractor
           zip -rq codeql-ruby.zip ruby
       - uses: actions/upload-artifact@v3
         with:

cpp/ql/test/library-tests/attributes/type_attributes/type_attributes.expected

@@ -1,7 +1,7 @@
 | file://:0:0:0:0 | short __attribute((__may_alias__)) | type_attributes.c:25:30:25:42 | may_alias |
 | type_attributes.c:5:36:5:51 | my_packed_struct | type_attributes.c:5:23:5:32 | packed |
-| type_attributes.c:10:54:10:54 | union <unnamed> | type_attributes.c:10:30:10:50 | transparent_union |
-| type_attributes.c:16:54:16:54 | union <unnamed> | type_attributes.c:16:30:16:50 | transparent_union |
+| type_attributes.c:10:54:10:54 | (unnamed class/struct/union) | type_attributes.c:10:30:10:50 | transparent_union |
+| type_attributes.c:16:54:16:54 | (unnamed class/struct/union) | type_attributes.c:16:30:16:50 | transparent_union |
 | type_attributes.c:21:37:21:45 | unusedInt | type_attributes.c:21:24:21:29 | unused |
 | type_attributes.c:23:13:23:18 | depInt | type_attributes.c:23:36:23:45 | deprecated |
 | type_attributes_ms.cpp:1:29:1:29 | X | type_attributes_ms.cpp:1:19:1:26 | novtable |

cpp/ql/test/library-tests/constants/constants/aggregates.expected

@@ -1,4 +1,4 @@
+| (unnamed class/struct/union) |
 | float[3] |
 | float[3][3] |
 | foo[1] |
-| struct <unnamed> |

cpp/ql/test/library-tests/structs/compatible_c/compatible.expected

@@ -1,6 +1,6 @@
-| a1.c:6:16:6:16 | struct <unnamed> | 0 members | 2 locations | -1 | <none> |
-| a1.c:10:16:10:16 | struct <unnamed> | 1 members | 2 locations | 0 | x |
-| a1.c:17:16:17:16 | struct <unnamed> | 1 members | 2 locations | 0 | x |
+| a1.c:6:16:6:16 | (unnamed class/struct/union) | 0 members | 2 locations | -1 | <none> |
+| a1.c:10:16:10:16 | (unnamed class/struct/union) | 1 members | 2 locations | 0 | x |
+| a1.c:17:16:17:16 | (unnamed class/struct/union) | 1 members | 2 locations | 0 | x |
 | a1.c:24:8:24:10 | Foo | 3 members | 2 locations | 0 | empty |
 | a1.c:24:8:24:10 | Foo | 3 members | 2 locations | 1 | nonempty |
 | a1.c:24:8:24:10 | Foo | 3 members | 2 locations | 2 | i |
@@ -9,9 +9,9 @@
 | a1.c:36:8:36:10 | Bar | 3 members | 2 locations | 0 | empty |
 | a1.c:36:8:36:10 | Bar | 3 members | 2 locations | 1 | nonempty |
 | a1.c:36:8:36:10 | Bar | 3 members | 2 locations | 2 | i |
-| a2.c:6:16:6:16 | struct <unnamed> | 0 members | 2 locations | -1 | <none> |
-| a2.c:10:16:10:16 | struct <unnamed> | 1 members | 2 locations | 0 | x |
-| a2.c:17:16:17:16 | struct <unnamed> | 1 members | 2 locations | 0 | x |
+| a2.c:6:16:6:16 | (unnamed class/struct/union) | 0 members | 2 locations | -1 | <none> |
+| a2.c:10:16:10:16 | (unnamed class/struct/union) | 1 members | 2 locations | 0 | x |
+| a2.c:17:16:17:16 | (unnamed class/struct/union) | 1 members | 2 locations | 0 | x |
 | a2.c:24:8:24:10 | Foo | 3 members | 2 locations | 0 | empty |
 | a2.c:24:8:24:10 | Foo | 3 members | 2 locations | 1 | nonempty |
 | a2.c:24:8:24:10 | Foo | 3 members | 2 locations | 2 | i |

cpp/ql/test/library-tests/structs/compatible_c/compatible_types.expected

@@ -1,14 +1,14 @@
-| a1.c:10:16:10:16 | struct <unnamed> | 0 | file://:0:0:0:0 | int | 1 types |
-| a1.c:17:16:17:16 | struct <unnamed> | 0 | file://:0:0:0:0 | int | 1 types |
+| a1.c:10:16:10:16 | (unnamed class/struct/union) | 0 | file://:0:0:0:0 | int | 1 types |
+| a1.c:17:16:17:16 | (unnamed class/struct/union) | 0 | file://:0:0:0:0 | int | 1 types |
 | a1.c:24:8:24:10 | Foo | 0 | file://:0:0:0:0 | anon_empty_t * | 1 types |
 | a1.c:24:8:24:10 | Foo | 1 | file://:0:0:0:0 | anon_nonempty_t * | 1 types |
 | a1.c:24:8:24:10 | Foo | 2 | file://:0:0:0:0 | int | 1 types |
 | a1.c:32:8:32:15 | NonEmpty | 0 | file://:0:0:0:0 | int | 1 types |
 | a1.c:36:8:36:10 | Bar | 0 | file://:0:0:0:0 | Empty * | 1 types |
 | a1.c:36:8:36:10 | Bar | 1 | file://:0:0:0:0 | NonEmpty * | 1 types |
 | a1.c:36:8:36:10 | Bar | 2 | file://:0:0:0:0 | int | 1 types |
-| a2.c:10:16:10:16 | struct <unnamed> | 0 | file://:0:0:0:0 | int | 1 types |
-| a2.c:17:16:17:16 | struct <unnamed> | 0 | file://:0:0:0:0 | int | 1 types |
+| a2.c:10:16:10:16 | (unnamed class/struct/union) | 0 | file://:0:0:0:0 | int | 1 types |
+| a2.c:17:16:17:16 | (unnamed class/struct/union) | 0 | file://:0:0:0:0 | int | 1 types |
 | a2.c:24:8:24:10 | Foo | 0 | file://:0:0:0:0 | anon_empty_t * | 1 types |
 | a2.c:24:8:24:10 | Foo | 1 | file://:0:0:0:0 | anon_nonempty_t * | 1 types |
 | a2.c:24:8:24:10 | Foo | 2 | file://:0:0:0:0 | int | 1 types |

csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll

@@ -52,23 +52,24 @@ class IDbCommandConstructionSqlExpr extends SqlExpr, ObjectCreation {
 class DapperCommandDefinitionMethodCallSqlExpr extends SqlExpr, ObjectCreation {
   DapperCommandDefinitionMethodCallSqlExpr() {
     this.getObjectType() instanceof Dapper::CommandDefinitionStruct and
-    exists(Conf c | c.hasFlow(DataFlow::exprNode(this), _))
+    DapperCommandDefinitionMethodCallSql::flow(DataFlow::exprNode(this), _)
   }
 
   override Expr getSql() { result = this.getArgumentForName("commandText") }
 }
 
-private class Conf extends DataFlow4::Configuration {
-  Conf() { this = "DapperCommandDefinitionFlowConfig" }
-
-  override predicate isSource(DataFlow::Node node) {
+private module DapperCommandDefitionMethodCallSqlConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) {
     node.asExpr().(ObjectCreation).getObjectType() instanceof Dapper::CommandDefinitionStruct
   }
 
-  override predicate isSink(DataFlow::Node node) {
+  predicate isSink(DataFlow::Node node) {
     exists(MethodCall mc |
       mc.getTarget() = any(Dapper::SqlMapperClass c).getAQueryMethod() and
       node.asExpr() = mc.getArgumentForName("command")
     )
   }
 }
+
+private module DapperCommandDefinitionMethodCallSql =
+  DataFlow::Global<DapperCommandDefitionMethodCallSqlConfig>;

csharp/ql/lib/semmle/code/csharp/frameworks/system/Xml.qll

@@ -162,18 +162,14 @@ class XmlReaderSettingsCreation extends ObjectCreation {
   }
 }
 
-private class SettingsDataFlowConfig extends DataFlow3::Configuration {
-  SettingsDataFlowConfig() { this = "SettingsDataFlowConfig" }
+private module SettingsDataFlowConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source.asExpr() instanceof XmlReaderSettingsCreation }
 
-  override predicate isSource(DataFlow::Node source) {
-    source.asExpr() instanceof XmlReaderSettingsCreation
-  }
-
-  override predicate isSink(DataFlow::Node sink) {
-    sink.asExpr() instanceof XmlReaderSettingsInstance
-  }
+  predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof XmlReaderSettingsInstance }
 }
 
+private module SettingsDataFlow = DataFlow::Global<SettingsDataFlowConfig>;
+
 /** A call to `XmlReader.Create`. */
 class XmlReaderCreateCall extends MethodCall {
   XmlReaderCreateCall() { this.getTarget() = any(SystemXmlXmlReaderClass r).getCreateMethod() }
@@ -190,8 +186,6 @@ class XmlReaderSettingsInstance extends Expr {
 
   /** Gets a possible creation point for this instance of `XmlReaderSettings`. */
   XmlReaderSettingsCreation getASettingsCreation() {
-    exists(SettingsDataFlowConfig settingsFlow |
-      settingsFlow.hasFlow(DataFlow::exprNode(result), DataFlow::exprNode(this))
-    )
+    SettingsDataFlow::flow(DataFlow::exprNode(result), DataFlow::exprNode(this))
   }
 }