From 8571e37b578ea58ce0d7e7c79fa3e39a3fb214ef Mon Sep 17 00:00:00 2001 From: data-douser <70299490+data-douser@users.noreply.github.com> Date: Wed, 4 Mar 2026 01:15:24 +0000 Subject: [PATCH 1/2] Upgrade CodeQL CLI dependency to v2.24.2 --- javascript/frameworks/cap/ext/qlpack.yml | 2 +- .../frameworks/cap/lib/codeql-pack.lock.yml | 26 +++++++-------- javascript/frameworks/cap/lib/qlpack.yml | 2 +- .../frameworks/cap/src/codeql-pack.lock.yml | 26 +++++++-------- javascript/frameworks/cap/src/qlpack.yml | 4 +-- .../frameworks/cap/test/codeql-pack.lock.yml | 26 +++++++-------- javascript/frameworks/cap/test/qlpack.yml | 8 ++--- .../test/codeql-pack.lock.yml | 26 +++++++-------- .../ui5-webcomponents/test/qlpack.yml | 4 +-- javascript/frameworks/ui5/ext/qlpack.yml | 2 +- .../frameworks/ui5/lib/codeql-pack.lock.yml | 26 +++++++-------- javascript/frameworks/ui5/lib/qlpack.yml | 2 +- .../frameworks/ui5/src/codeql-pack.lock.yml | 26 +++++++-------- javascript/frameworks/ui5/src/qlpack.yml | 4 +-- .../frameworks/ui5/test/codeql-pack.lock.yml | 32 +++++++++---------- javascript/frameworks/ui5/test/qlpack.yml | 8 ++--- javascript/frameworks/xsjs/ext/qlpack.yml | 2 +- .../frameworks/xsjs/lib/codeql-pack.lock.yml | 26 +++++++-------- javascript/frameworks/xsjs/lib/qlpack.yml | 2 +- .../frameworks/xsjs/src/codeql-pack.lock.yml | 26 +++++++-------- javascript/frameworks/xsjs/src/qlpack.yml | 4 +-- .../frameworks/xsjs/test/codeql-pack.lock.yml | 26 +++++++-------- javascript/frameworks/xsjs/test/qlpack.yml | 8 ++--- javascript/heuristic-models/ext/qlpack.yml | 2 +- .../tests/codeql-pack.lock.yml | 26 +++++++-------- javascript/heuristic-models/tests/qlpack.yml | 2 +- qlt.conf.json | 6 ++-- 27 files changed, 177 insertions(+), 177 deletions(-) diff --git a/javascript/frameworks/cap/ext/qlpack.yml b/javascript/frameworks/cap/ext/qlpack.yml index 9aa930dfd..fc9dc5568 100644 --- a/javascript/frameworks/cap/ext/qlpack.yml +++ b/javascript/frameworks/cap/ext/qlpack.yml @@ -1,6 +1,6 @@ --- library: true name: advanced-security/javascript-sap-cap-models -version: 2.3.0 +version: 2.24.2 extensionTargets: codeql/javascript-all: "^2.4.0" diff --git a/javascript/frameworks/cap/lib/codeql-pack.lock.yml b/javascript/frameworks/cap/lib/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/cap/lib/codeql-pack.lock.yml +++ b/javascript/frameworks/cap/lib/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/cap/lib/qlpack.yml b/javascript/frameworks/cap/lib/qlpack.yml index 06b56a070..1d16859f2 100644 --- a/javascript/frameworks/cap/lib/qlpack.yml +++ b/javascript/frameworks/cap/lib/qlpack.yml @@ -1,7 +1,7 @@ --- library: true name: advanced-security/javascript-sap-cap-all -version: 2.3.0 +version: 2.24.2 suites: codeql-suites extractor: javascript dependencies: diff --git a/javascript/frameworks/cap/src/codeql-pack.lock.yml b/javascript/frameworks/cap/src/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/cap/src/codeql-pack.lock.yml +++ b/javascript/frameworks/cap/src/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/cap/src/qlpack.yml b/javascript/frameworks/cap/src/qlpack.yml index 9d4439e11..833f1b5d6 100644 --- a/javascript/frameworks/cap/src/qlpack.yml +++ b/javascript/frameworks/cap/src/qlpack.yml @@ -1,10 +1,10 @@ --- library: false name: advanced-security/javascript-sap-cap-queries -version: 2.3.0 +version: 2.24.2 suites: codeql-suites extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-cap-all: "^2.3.0" + advanced-security/javascript-sap-cap-all: "^2.24.2" default-suite-file: codeql-suites/javascript-code-scanning.qls diff --git a/javascript/frameworks/cap/test/codeql-pack.lock.yml b/javascript/frameworks/cap/test/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/cap/test/codeql-pack.lock.yml +++ b/javascript/frameworks/cap/test/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/cap/test/qlpack.yml b/javascript/frameworks/cap/test/qlpack.yml index 92d9a60fe..622f885ed 100644 --- a/javascript/frameworks/cap/test/qlpack.yml +++ b/javascript/frameworks/cap/test/qlpack.yml @@ -1,9 +1,9 @@ --- name: advanced-security/javascript-sap-cap-queries-tests -version: 2.3.0 +version: 2.24.2 extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-cap-queries: "^2.3.0" - advanced-security/javascript-sap-cap-models: "^2.3.0" - advanced-security/javascript-sap-cap-all: "^2.3.0" + advanced-security/javascript-sap-cap-queries: "^2.24.2" + advanced-security/javascript-sap-cap-models: "^2.24.2" + advanced-security/javascript-sap-cap-all: "^2.24.2" diff --git a/javascript/frameworks/ui5-webcomponents/test/codeql-pack.lock.yml b/javascript/frameworks/ui5-webcomponents/test/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/ui5-webcomponents/test/codeql-pack.lock.yml +++ b/javascript/frameworks/ui5-webcomponents/test/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/ui5-webcomponents/test/qlpack.yml b/javascript/frameworks/ui5-webcomponents/test/qlpack.yml index 0288ba949..d8652fba2 100644 --- a/javascript/frameworks/ui5-webcomponents/test/qlpack.yml +++ b/javascript/frameworks/ui5-webcomponents/test/qlpack.yml @@ -1,6 +1,6 @@ name: advanced-security/javascript-sap-ui5-webcomponents-for-react-test -version: 2.3.0 +version: 2.24.2 extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-ui5-all: "^2.3.0" + advanced-security/javascript-sap-ui5-all: "^2.24.2" diff --git a/javascript/frameworks/ui5/ext/qlpack.yml b/javascript/frameworks/ui5/ext/qlpack.yml index 9e58e6605..b1c491df7 100644 --- a/javascript/frameworks/ui5/ext/qlpack.yml +++ b/javascript/frameworks/ui5/ext/qlpack.yml @@ -1,7 +1,7 @@ --- library: true name: advanced-security/javascript-sap-ui5-models -version: 2.3.0 +version: 2.24.2 extensionTargets: codeql/javascript-all: "^2.4.0" dataExtensions: diff --git a/javascript/frameworks/ui5/lib/codeql-pack.lock.yml b/javascript/frameworks/ui5/lib/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/ui5/lib/codeql-pack.lock.yml +++ b/javascript/frameworks/ui5/lib/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/ui5/lib/qlpack.yml b/javascript/frameworks/ui5/lib/qlpack.yml index e596840d2..07ee632e2 100644 --- a/javascript/frameworks/ui5/lib/qlpack.yml +++ b/javascript/frameworks/ui5/lib/qlpack.yml @@ -1,7 +1,7 @@ --- library: true name: advanced-security/javascript-sap-ui5-all -version: 2.3.0 +version: 2.24.2 suites: codeql-suites extractor: javascript dependencies: diff --git a/javascript/frameworks/ui5/src/codeql-pack.lock.yml b/javascript/frameworks/ui5/src/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/ui5/src/codeql-pack.lock.yml +++ b/javascript/frameworks/ui5/src/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/ui5/src/qlpack.yml b/javascript/frameworks/ui5/src/qlpack.yml index 89f008024..73db6ca2f 100644 --- a/javascript/frameworks/ui5/src/qlpack.yml +++ b/javascript/frameworks/ui5/src/qlpack.yml @@ -1,10 +1,10 @@ --- library: false name: advanced-security/javascript-sap-ui5-queries -version: 2.3.0 +version: 2.24.2 suites: codeql-suites extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-ui5-all: "^2.3.0" + advanced-security/javascript-sap-ui5-all: "^2.24.2" default-suite-file: codeql-suites/javascript-code-scanning.qls diff --git a/javascript/frameworks/ui5/test/codeql-pack.lock.yml b/javascript/frameworks/ui5/test/codeql-pack.lock.yml index e539eecc2..9e87e4580 100644 --- a/javascript/frameworks/ui5/test/codeql-pack.lock.yml +++ b/javascript/frameworks/ui5/test/codeql-pack.lock.yml @@ -2,35 +2,35 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/javascript-queries: - version: 2.3.1 + version: 2.3.2 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/suite-helpers: - version: 1.0.41 + version: 1.0.42 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/typos: - version: 1.0.41 + version: 1.0.42 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/ui5/test/qlpack.yml b/javascript/frameworks/ui5/test/qlpack.yml index cdf7b5a4a..3a4ed44b6 100644 --- a/javascript/frameworks/ui5/test/qlpack.yml +++ b/javascript/frameworks/ui5/test/qlpack.yml @@ -1,5 +1,5 @@ name: advanced-security/javascript-sap-ui5-queries-tests -version: 2.3.0 +version: 2.24.2 extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" @@ -7,6 +7,6 @@ dependencies: # no overlap occurs with the SAP UI5 queries. We therefore allow any version # greater than or equal to 1.2.0, as major breaking changes are not a concern. codeql/javascript-queries: ">1.2.0" - advanced-security/javascript-sap-ui5-queries: "^2.3.0" - advanced-security/javascript-sap-ui5-models: "^2.3.0" - advanced-security/javascript-sap-ui5-all: "^2.3.0" + advanced-security/javascript-sap-ui5-queries: "^2.24.2" + advanced-security/javascript-sap-ui5-models: "^2.24.2" + advanced-security/javascript-sap-ui5-all: "^2.24.2" diff --git a/javascript/frameworks/xsjs/ext/qlpack.yml b/javascript/frameworks/xsjs/ext/qlpack.yml index dc1690560..13a02ccf1 100644 --- a/javascript/frameworks/xsjs/ext/qlpack.yml +++ b/javascript/frameworks/xsjs/ext/qlpack.yml @@ -1,7 +1,7 @@ --- library: true name: advanced-security/javascript-sap-xsjs-models -version: 2.3.0 +version: 2.24.2 extensionTargets: codeql/javascript-all: "^2.4.0" dataExtensions: diff --git a/javascript/frameworks/xsjs/lib/codeql-pack.lock.yml b/javascript/frameworks/xsjs/lib/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/xsjs/lib/codeql-pack.lock.yml +++ b/javascript/frameworks/xsjs/lib/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/xsjs/lib/qlpack.yml b/javascript/frameworks/xsjs/lib/qlpack.yml index 2e56a7f83..8f85af2bd 100644 --- a/javascript/frameworks/xsjs/lib/qlpack.yml +++ b/javascript/frameworks/xsjs/lib/qlpack.yml @@ -1,7 +1,7 @@ --- library: true name: advanced-security/javascript-sap-xsjs-all -version: 2.3.0 +version: 2.24.2 suites: codeql-suites extractor: javascript dependencies: diff --git a/javascript/frameworks/xsjs/src/codeql-pack.lock.yml b/javascript/frameworks/xsjs/src/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/xsjs/src/codeql-pack.lock.yml +++ b/javascript/frameworks/xsjs/src/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/xsjs/src/qlpack.yml b/javascript/frameworks/xsjs/src/qlpack.yml index 81316e2a7..2a22a4971 100644 --- a/javascript/frameworks/xsjs/src/qlpack.yml +++ b/javascript/frameworks/xsjs/src/qlpack.yml @@ -1,10 +1,10 @@ --- library: false name: advanced-security/javascript-sap-xsjs-queries -version: 2.3.0 +version: 2.24.2 suites: codeql-suites extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-xsjs-all: "^2.3.0" + advanced-security/javascript-sap-xsjs-all: "^2.24.2" default-suite-file: codeql-suites/javascript-code-scanning.qls diff --git a/javascript/frameworks/xsjs/test/codeql-pack.lock.yml b/javascript/frameworks/xsjs/test/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/frameworks/xsjs/test/codeql-pack.lock.yml +++ b/javascript/frameworks/xsjs/test/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/frameworks/xsjs/test/qlpack.yml b/javascript/frameworks/xsjs/test/qlpack.yml index 2b7017e6f..6b5ea113b 100644 --- a/javascript/frameworks/xsjs/test/qlpack.yml +++ b/javascript/frameworks/xsjs/test/qlpack.yml @@ -1,9 +1,9 @@ --- name: advanced-security/javascript-sap-xsjs-tests -version: 2.3.0 +version: 2.24.2 extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-xsjs-queries: "^2.3.0" - advanced-security/javascript-sap-xsjs-all: "^2.3.0" - advanced-security/javascript-sap-xsjs-models: "^2.3.0" + advanced-security/javascript-sap-xsjs-queries: "^2.24.2" + advanced-security/javascript-sap-xsjs-all: "^2.24.2" + advanced-security/javascript-sap-xsjs-models: "^2.24.2" diff --git a/javascript/heuristic-models/ext/qlpack.yml b/javascript/heuristic-models/ext/qlpack.yml index 97dc74859..5088db5cd 100644 --- a/javascript/heuristic-models/ext/qlpack.yml +++ b/javascript/heuristic-models/ext/qlpack.yml @@ -2,7 +2,7 @@ library: true warnOnImplicitThis: false name: advanced-security/javascript-heuristic-models -version: 2.3.0 +version: 2.24.2 extensionTargets: codeql/javascript-all: "*" dataExtensions: diff --git a/javascript/heuristic-models/tests/codeql-pack.lock.yml b/javascript/heuristic-models/tests/codeql-pack.lock.yml index 6869bc0cd..f3bb41d1c 100644 --- a/javascript/heuristic-models/tests/codeql-pack.lock.yml +++ b/javascript/heuristic-models/tests/codeql-pack.lock.yml @@ -2,29 +2,29 @@ lockVersion: 1.0.0 dependencies: codeql/concepts: - version: 0.0.15 + version: 0.0.16 codeql/controlflow: - version: 2.0.25 + version: 2.0.26 codeql/dataflow: - version: 2.0.25 + version: 2.0.26 codeql/javascript-all: - version: 2.6.21 + version: 2.6.22 codeql/mad: - version: 1.0.41 + version: 1.0.42 codeql/regex: - version: 1.0.41 + version: 1.0.42 codeql/ssa: - version: 2.0.17 + version: 2.0.18 codeql/threat-models: - version: 1.0.41 + version: 1.0.42 codeql/tutorial: - version: 1.0.41 + version: 1.0.42 codeql/typetracking: - version: 2.0.25 + version: 2.0.26 codeql/util: - version: 2.0.28 + version: 2.0.29 codeql/xml: - version: 1.0.41 + version: 1.0.42 codeql/yaml: - version: 1.0.41 + version: 1.0.42 compiled: false diff --git a/javascript/heuristic-models/tests/qlpack.yml b/javascript/heuristic-models/tests/qlpack.yml index 768b923ae..4808d7848 100644 --- a/javascript/heuristic-models/tests/qlpack.yml +++ b/javascript/heuristic-models/tests/qlpack.yml @@ -1,7 +1,7 @@ library: false warnOnImplicitThis: false name: advanced-security/javascript-heuristic-models-tests -version: 2.3.0 +version: 2.24.2 extractor: javascript dependencies: "codeql/javascript-all": "*" diff --git a/qlt.conf.json b/qlt.conf.json index d595e2c4e..fb60b31cd 100644 --- a/qlt.conf.json +++ b/qlt.conf.json @@ -1,5 +1,5 @@ { - "CodeQLCLI": "2.24.1", - "CodeQLStandardLibrary": "codeql-cli/v2.24.1", - "CodeQLCLIBundle": "codeql-bundle-v2.24.1" + "CodeQLCLI": "2.24.2", + "CodeQLStandardLibrary": "codeql-cli/v2.24.2", + "CodeQLCLIBundle": "codeql-bundle-v2.24.2" } From f16e15286d4ac8d8d4b587d7b9c783982261166f Mon Sep 17 00:00:00 2001 From: Nathan Randall Date: Tue, 3 Mar 2026 22:05:57 -0700 Subject: [PATCH 2/2] Use workspace references for workspace-local qlpacks --- javascript/frameworks/cap/src/qlpack.yml | 2 +- javascript/frameworks/cap/test/qlpack.yml | 6 +++--- javascript/frameworks/ui5-webcomponents/test/qlpack.yml | 2 +- javascript/frameworks/ui5/src/qlpack.yml | 2 +- javascript/frameworks/ui5/test/qlpack.yml | 6 +++--- javascript/frameworks/xsjs/src/qlpack.yml | 2 +- javascript/frameworks/xsjs/test/qlpack.yml | 6 +++--- javascript/heuristic-models/ext/qlpack.yml | 2 +- javascript/heuristic-models/tests/qlpack.yml | 4 ++-- 9 files changed, 16 insertions(+), 16 deletions(-) diff --git a/javascript/frameworks/cap/src/qlpack.yml b/javascript/frameworks/cap/src/qlpack.yml index 833f1b5d6..b3225a106 100644 --- a/javascript/frameworks/cap/src/qlpack.yml +++ b/javascript/frameworks/cap/src/qlpack.yml @@ -6,5 +6,5 @@ suites: codeql-suites extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-cap-all: "^2.24.2" + advanced-security/javascript-sap-cap-all: "${workspace}" default-suite-file: codeql-suites/javascript-code-scanning.qls diff --git a/javascript/frameworks/cap/test/qlpack.yml b/javascript/frameworks/cap/test/qlpack.yml index 622f885ed..630c2dd93 100644 --- a/javascript/frameworks/cap/test/qlpack.yml +++ b/javascript/frameworks/cap/test/qlpack.yml @@ -4,6 +4,6 @@ version: 2.24.2 extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-cap-queries: "^2.24.2" - advanced-security/javascript-sap-cap-models: "^2.24.2" - advanced-security/javascript-sap-cap-all: "^2.24.2" + advanced-security/javascript-sap-cap-queries: "${workspace}" + advanced-security/javascript-sap-cap-models: "${workspace}" + advanced-security/javascript-sap-cap-all: "${workspace}" diff --git a/javascript/frameworks/ui5-webcomponents/test/qlpack.yml b/javascript/frameworks/ui5-webcomponents/test/qlpack.yml index d8652fba2..cdc4c1820 100644 --- a/javascript/frameworks/ui5-webcomponents/test/qlpack.yml +++ b/javascript/frameworks/ui5-webcomponents/test/qlpack.yml @@ -3,4 +3,4 @@ version: 2.24.2 extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-ui5-all: "^2.24.2" + advanced-security/javascript-sap-ui5-all: "${workspace}" diff --git a/javascript/frameworks/ui5/src/qlpack.yml b/javascript/frameworks/ui5/src/qlpack.yml index 73db6ca2f..4cc9a26a0 100644 --- a/javascript/frameworks/ui5/src/qlpack.yml +++ b/javascript/frameworks/ui5/src/qlpack.yml @@ -6,5 +6,5 @@ suites: codeql-suites extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-ui5-all: "^2.24.2" + advanced-security/javascript-sap-ui5-all: "${workspace}" default-suite-file: codeql-suites/javascript-code-scanning.qls diff --git a/javascript/frameworks/ui5/test/qlpack.yml b/javascript/frameworks/ui5/test/qlpack.yml index 3a4ed44b6..f012b3d76 100644 --- a/javascript/frameworks/ui5/test/qlpack.yml +++ b/javascript/frameworks/ui5/test/qlpack.yml @@ -7,6 +7,6 @@ dependencies: # no overlap occurs with the SAP UI5 queries. We therefore allow any version # greater than or equal to 1.2.0, as major breaking changes are not a concern. codeql/javascript-queries: ">1.2.0" - advanced-security/javascript-sap-ui5-queries: "^2.24.2" - advanced-security/javascript-sap-ui5-models: "^2.24.2" - advanced-security/javascript-sap-ui5-all: "^2.24.2" + advanced-security/javascript-sap-ui5-queries: "${workspace}" + advanced-security/javascript-sap-ui5-models: "${workspace}" + advanced-security/javascript-sap-ui5-all: "${workspace}" diff --git a/javascript/frameworks/xsjs/src/qlpack.yml b/javascript/frameworks/xsjs/src/qlpack.yml index 2a22a4971..76b8312f7 100644 --- a/javascript/frameworks/xsjs/src/qlpack.yml +++ b/javascript/frameworks/xsjs/src/qlpack.yml @@ -6,5 +6,5 @@ suites: codeql-suites extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-xsjs-all: "^2.24.2" + advanced-security/javascript-sap-xsjs-all: "${workspace}" default-suite-file: codeql-suites/javascript-code-scanning.qls diff --git a/javascript/frameworks/xsjs/test/qlpack.yml b/javascript/frameworks/xsjs/test/qlpack.yml index 6b5ea113b..d1813f994 100644 --- a/javascript/frameworks/xsjs/test/qlpack.yml +++ b/javascript/frameworks/xsjs/test/qlpack.yml @@ -4,6 +4,6 @@ version: 2.24.2 extractor: javascript dependencies: codeql/javascript-all: "^2.4.0" - advanced-security/javascript-sap-xsjs-queries: "^2.24.2" - advanced-security/javascript-sap-xsjs-all: "^2.24.2" - advanced-security/javascript-sap-xsjs-models: "^2.24.2" + advanced-security/javascript-sap-xsjs-queries: "${workspace}" + advanced-security/javascript-sap-xsjs-all: "${workspace}" + advanced-security/javascript-sap-xsjs-models: "${workspace}" diff --git a/javascript/heuristic-models/ext/qlpack.yml b/javascript/heuristic-models/ext/qlpack.yml index 5088db5cd..9707945bf 100644 --- a/javascript/heuristic-models/ext/qlpack.yml +++ b/javascript/heuristic-models/ext/qlpack.yml @@ -4,6 +4,6 @@ warnOnImplicitThis: false name: advanced-security/javascript-heuristic-models version: 2.24.2 extensionTargets: - codeql/javascript-all: "*" + codeql/javascript-all: "^2.4.0" dataExtensions: - "*.model.yml" diff --git a/javascript/heuristic-models/tests/qlpack.yml b/javascript/heuristic-models/tests/qlpack.yml index 4808d7848..4913e02a3 100644 --- a/javascript/heuristic-models/tests/qlpack.yml +++ b/javascript/heuristic-models/tests/qlpack.yml @@ -4,5 +4,5 @@ name: advanced-security/javascript-heuristic-models-tests version: 2.24.2 extractor: javascript dependencies: - "codeql/javascript-all": "*" - "advanced-security/javascript-heuristic-models": 2.3.0 + "codeql/javascript-all": "^2.4.0" + "advanced-security/javascript-heuristic-models": "${workspace}"