github
diff --git a/‎cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
Lines changed: 56 additions & 0 deletions b/‎cpp/ql/test/library-tests/dataflow/taint-tests/test_mad-signatures.expected
Lines changed: 56 additions & 0 deletions
diff --git a/‎docs/codeql/reusables/supported-platforms.rst
Lines changed: 2 additions & 10 deletions b/‎docs/codeql/reusables/supported-platforms.rst
Lines changed: 2 additions & 10 deletions
diff --git a/‎go/ql/lib/ext/github.com.antchfx.htmlquery.model.yml
Lines changed: 9 additions & 0 deletions b/‎go/ql/lib/ext/github.com.antchfx.htmlquery.model.yml
Lines changed: 9 additions & 0 deletions
diff --git a/‎go/ql/lib/ext/github.com.antchfx.jsonquery.model.yml
Lines changed: 9 additions & 0 deletions b/‎go/ql/lib/ext/github.com.antchfx.jsonquery.model.yml
Lines changed: 9 additions & 0 deletions
diff --git a/‎go/ql/lib/ext/github.com.antchfx.xmlquery.model.yml
Lines changed: 13 additions & 0 deletions b/‎go/ql/lib/ext/github.com.antchfx.xmlquery.model.yml
Lines changed: 13 additions & 0 deletions
diff --git a/‎go/ql/lib/ext/github.com.antchfx.xpath.model.yml
Lines changed: 9 additions & 0 deletions b/‎go/ql/lib/ext/github.com.antchfx.xpath.model.yml
Lines changed: 9 additions & 0 deletions
diff --git a/‎go/ql/lib/ext/github.com.appleboy.gin-jwt.model.yml
Lines changed: 6 additions & 0 deletions b/‎go/ql/lib/ext/github.com.appleboy.gin-jwt.model.yml
Lines changed: 6 additions & 0 deletions
diff --git a/‎go/ql/lib/ext/github.com.christrenkamp.goxpath.model.yml
Lines changed: 8 additions & 0 deletions b/‎go/ql/lib/ext/github.com.christrenkamp.goxpath.model.yml
Lines changed: 8 additions & 0 deletions
diff --git a/‎go/ql/lib/ext/github.com.go-jose.go-jose.model.yml
Lines changed: 14 additions & 0 deletions b/‎go/ql/lib/ext/github.com.go-jose.go-jose.model.yml
Lines changed: 14 additions & 0 deletions
diff --git a/‎go/ql/lib/ext/github.com.go-xmlpath.xmlpath.model.yml
Lines changed: 7 additions & 0 deletions b/‎go/ql/lib/ext/github.com.go-xmlpath.xmlpath.model.yml
Lines changed: 7 additions & 0 deletions
@@ -496,6 +496,9 @@ getParameterTypeName
 | stl.h:333:42:333:47 | insert | 1 | func:0 |
 | stl.h:333:42:333:47 | insert | 2 | func:0 |
 | stl.h:333:42:333:47 | insert | 2 | func:0 |
+| stl.h:335:37:335:43 | emplace | 0 | const_iterator |
+| stl.h:335:37:335:43 | emplace | 1 | func:0 && |
+| stl.h:336:33:336:44 | emplace_back | 0 | func:0 && |
 | stl.h:338:8:338:11 | swap | 0 | vector & |
 | stl.h:351:12:351:21 | shared_ptr | 0 | class:0 * |
 | stl.h:352:3:352:12 | shared_ptr | 0 | const shared_ptr & |
@@ -529,9 +532,25 @@ getParameterTypeName
 | stl.h:435:6:435:15 | operator[] | 0 | key_type && |
 | stl.h:435:6:435:15 | operator[] | 0 | key_type && |
 | stl.h:436:6:436:7 | at | 0 | const key_type & |
+| stl.h:439:48:439:54 | emplace | 0 | func:0 && |
+| stl.h:439:48:439:54 | emplace | 0 | func:0 && |
+| stl.h:440:36:440:47 | emplace_hint | 0 | const_iterator |
+| stl.h:440:36:440:47 | emplace_hint | 0 | const_iterator |
+| stl.h:440:36:440:47 | emplace_hint | 1 | func:0 && |
+| stl.h:440:36:440:47 | emplace_hint | 1 | func:0 && |
 | stl.h:443:24:443:29 | insert | 0 | value_type && |
 | stl.h:445:12:445:17 | insert | 0 | const_iterator |
 | stl.h:445:12:445:17 | insert | 1 | value_type && |
+| stl.h:448:48:448:58 | try_emplace | 0 | key_type && |
+| stl.h:448:48:448:58 | try_emplace | 0 | key_type && |
+| stl.h:448:48:448:58 | try_emplace | 1 | func:0 && |
+| stl.h:448:48:448:58 | try_emplace | 1 | func:0 && |
+| stl.h:450:36:450:46 | try_emplace | 0 | const_iterator |
+| stl.h:450:36:450:46 | try_emplace | 0 | const_iterator |
+| stl.h:450:36:450:46 | try_emplace | 1 | key_type && |
+| stl.h:450:36:450:46 | try_emplace | 1 | key_type && |
+| stl.h:450:36:450:46 | try_emplace | 2 | func:0 && |
+| stl.h:450:36:450:46 | try_emplace | 2 | func:0 && |
 | stl.h:452:42:452:57 | insert_or_assign | 0 | key_type && |
 | stl.h:452:42:452:57 | insert_or_assign | 1 | func:0 && |
 | stl.h:454:30:454:45 | insert_or_assign | 0 | const_iterator |
@@ -550,9 +569,34 @@ getParameterTypeName
 | stl.h:503:16:503:25 | operator[] | 0 | key_type && |
 | stl.h:503:16:503:25 | operator[] | 0 | key_type && |
 | stl.h:504:16:504:17 | at | 0 | const key_type & |
+| stl.h:507:48:507:54 | emplace | 0 | func:0 && |
+| stl.h:507:48:507:54 | emplace | 0 | func:0 && |
+| stl.h:507:48:507:54 | emplace | 0 | func:0 && |
+| stl.h:507:48:507:54 | emplace | 0 | func:0 && |
+| stl.h:507:48:507:54 | emplace | 0 | func:0 && |
+| stl.h:508:36:508:47 | emplace_hint | 0 | const_iterator |
+| stl.h:508:36:508:47 | emplace_hint | 0 | const_iterator |
+| stl.h:508:36:508:47 | emplace_hint | 1 | func:0 && |
+| stl.h:508:36:508:47 | emplace_hint | 1 | func:0 && |
 | stl.h:511:24:511:29 | insert | 0 | value_type && |
 | stl.h:513:12:513:17 | insert | 0 | const_iterator |
 | stl.h:513:12:513:17 | insert | 1 | value_type && |
+| stl.h:516:48:516:58 | try_emplace | 0 | key_type && |
+| stl.h:516:48:516:58 | try_emplace | 0 | key_type && |
+| stl.h:516:48:516:58 | try_emplace | 0 | key_type && |
+| stl.h:516:48:516:58 | try_emplace | 0 | key_type && |
+| stl.h:516:48:516:58 | try_emplace | 0 | key_type && |
+| stl.h:516:48:516:58 | try_emplace | 1 | func:0 && |
+| stl.h:516:48:516:58 | try_emplace | 1 | func:0 && |
+| stl.h:516:48:516:58 | try_emplace | 1 | func:0 && |
+| stl.h:516:48:516:58 | try_emplace | 1 | func:0 && |
+| stl.h:516:48:516:58 | try_emplace | 1 | func:0 && |
+| stl.h:518:36:518:46 | try_emplace | 0 | const_iterator |
+| stl.h:518:36:518:46 | try_emplace | 0 | const_iterator |
+| stl.h:518:36:518:46 | try_emplace | 1 | key_type && |
+| stl.h:518:36:518:46 | try_emplace | 1 | key_type && |
+| stl.h:518:36:518:46 | try_emplace | 2 | func:0 && |
+| stl.h:518:36:518:46 | try_emplace | 2 | func:0 && |
 | stl.h:520:42:520:57 | insert_or_assign | 0 | key_type && |
 | stl.h:520:42:520:57 | insert_or_assign | 1 | func:0 && |
 | stl.h:522:30:522:45 | insert_or_assign | 0 | const_iterator |
@@ -567,6 +611,12 @@ getParameterTypeName
 | stl.h:557:33:557:35 | set | 0 | func:0 |
 | stl.h:557:33:557:35 | set | 1 | func:0 |
 | stl.h:560:8:560:16 | operator= | 0 | const set & |
+| stl.h:568:48:568:54 | emplace | 0 | func:0 && |
+| stl.h:568:48:568:54 | emplace | 0 | func:0 && |
+| stl.h:569:36:569:47 | emplace_hint | 0 | const_iterator |
+| stl.h:569:36:569:47 | emplace_hint | 0 | const_iterator |
+| stl.h:569:36:569:47 | emplace_hint | 1 | func:0 && |
+| stl.h:569:36:569:47 | emplace_hint | 1 | func:0 && |
 | stl.h:571:23:571:28 | insert | 0 | value_type && |
 | stl.h:573:12:573:17 | insert | 0 | const_iterator |
 | stl.h:573:12:573:17 | insert | 1 | value_type && |
@@ -584,6 +634,12 @@ getParameterTypeName
 | stl.h:611:33:611:45 | unordered_set | 1 | func:0 |
 | stl.h:611:33:611:45 | unordered_set | 2 | size_type |
 | stl.h:614:18:614:26 | operator= | 0 | const unordered_set & |
+| stl.h:622:48:622:54 | emplace | 0 | func:0 && |
+| stl.h:622:48:622:54 | emplace | 0 | func:0 && |
+| stl.h:623:36:623:47 | emplace_hint | 0 | const_iterator |
+| stl.h:623:36:623:47 | emplace_hint | 0 | const_iterator |
+| stl.h:623:36:623:47 | emplace_hint | 1 | func:0 && |
+| stl.h:623:36:623:47 | emplace_hint | 1 | func:0 && |
 | stl.h:625:24:625:29 | insert | 0 | value_type && |
 | stl.h:627:12:627:17 | insert | 0 | const_iterator |
 | stl.h:627:12:627:17 | insert | 1 | value_type && |
 
@@ -14,19 +14,11 @@
    Windows,"Windows 10 / Windows Server 2019
 
    Windows 11 / Windows Server 2022","x86-64"
-   macOS,"macOS 10.15 Catalina
-
-   macOS 11 Big Sur
-
-   macOS 12 Monterey
+   macOS,"macOS 12 Monterey
 
    macOS 13 Ventura
 
-   macOS 14 Sonoma","x86-64
-
-   x86-64, arm64 (Apple Silicon)
-
-   x86-64, arm64 (Apple Silicon)
+   macOS 14 Sonoma","x86-64, arm64 (Apple Silicon)
 
    x86-64, arm64 (Apple Silicon)
 
 
@@ -0,0 +1,9 @@
+extensions:
+  - addsTo:
+      pack: codeql/go-all
+      extensible: sinkModel
+    data:
+      - ["github.com/antchfx/htmlquery", "", True, "Find", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/htmlquery", "", True, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/htmlquery", "", True, "Query", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/htmlquery", "", True, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"]
@@ -0,0 +1,9 @@
+extensions:
+  - addsTo:
+      pack: codeql/go-all
+      extensible: sinkModel
+    data:
+      - ["github.com/antchfx/jsonquery", "", True, "Find", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/jsonquery", "", True, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/jsonquery", "", True, "Query", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/jsonquery", "", True, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"]
@@ -0,0 +1,13 @@
+extensions:
+  - addsTo:
+      pack: codeql/go-all
+      extensible: sinkModel
+    data:
+      - ["github.com/antchfx/xmlquery", "", True, "Find", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xmlquery", "", True, "FindOne", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xmlquery", "", True, "FindEach", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xmlquery", "", True, "FindEachWithBreak", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xmlquery", "", True, "Query", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xmlquery", "", True, "QueryAll", "", "", "Argument[1]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xmlquery", "Node", True, "SelectElement", "", "", "Argument[0]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xmlquery", "Node", True, "SelectElements", "", "", "Argument[0]", "xpath-injection", "manual"]
@@ -0,0 +1,9 @@
+extensions:
+  - addsTo:
+      pack: codeql/go-all
+      extensible: sinkModel
+    data:
+      - ["github.com/antchfx/xpath", "", True, "Compile", "", "", "Argument[0]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xpath", "", True, "CompileWithNS", "", "", "Argument[0]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xpath", "", True, "MustCompile", "", "", "Argument[0]", "xpath-injection", "manual"]
+      - ["github.com/antchfx/xpath", "", True, "Select", "", "", "Argument[1]", "xpath-injection", "manual"]
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/go-all
+      extensible: sinkModel
+    data:
+      - ["github.com/appleboy/gin-jwt", "GinJWTMiddleware", True, "Key", "", "", "", "credentials-key", "manual"]
@@ -0,0 +1,8 @@
+extensions:
+  - addsTo:
+      pack: codeql/go-all
+      extensible: sinkModel
+    data:
+      - ["github.com/ChrisTrenkamp/goxpath", "", True, "MustParse", "", "", "Argument[0]", "xpath-injection", "manual"]
+      - ["github.com/ChrisTrenkamp/goxpath", "", True, "Parse", "", "", "Argument[0]", "xpath-injection", "manual"]
+      - ["github.com/ChrisTrenkamp/goxpath", "", True, "ParseExec", "", "", "Argument[0]", "xpath-injection", "manual"]
@@ -0,0 +1,14 @@
+extensions:
+  - addsTo:
+      pack: codeql/go-all
+      extensible: packageGrouping
+    data:
+      - ["go-jose", "github.com/go-jose/go-jose"]
+      - ["go-jose", "gopkg.in/square/go-jose"]
+      - ["go-jose", "github.com/square/go-jose"]
+  - addsTo:
+      pack: codeql/go-all
+      extensible: sinkModel
+    data:
+      - ["group:go-jose", "Recipient", True, "Key", "", "", "", "credentials-key", "manual"]
+      - ["group:go-jose", "SigningKey", True, "Key", "", "", "", "credentials-key", "manual"]
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: codeql/go-all
+      extensible: sinkModel
+    data:
+      - ["github.com/go-xmlpath/xmlpath", "", True, "Compile", "", "", "Argument[0]", "xpath-injection", "manual"]
+      - ["github.com/go-xmlpath/xmlpath", "", True, "MustCompile", "", "", "Argument[0]", "xpath-injection", "manual"]