KEMBAR78
add CodeQL suppressions for UpdatableHelp and NativeCommandProcessor methods by anamnavi · Pull Request #26132 · PowerShell/PowerShell · GitHub
Skip to content

add CodeQL suppressions for UpdatableHelp and NativeCommandProcessor methods #26132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 1, 2025
Merged

add CodeQL suppressions for UpdatableHelp and NativeCommandProcessor methods #26132

merged 2 commits into from
Oct 1, 2025

Conversation

@anamnavi
Copy link
Member

@anamnavi anamnavi commented Oct 1, 2025
edited
Loading

This pull request includes several comments added to the code to address CodeQL warnings in the PowerShell codebase. The comments explain why the flagged issues are expected behavior and not security concerns. The comments specifically address CodeQL warnings for command-line injection and server-side request forgery (SSRF)

PR Summary

PR Context

PR Checklist

@anamnavi anamnavi requested a review from TravisEz13 October 1, 2025 21:43
@TravisEz13 TravisEz13 self-assigned this Oct 1, 2025
@TravisEz13 TravisEz13 added the CL-General Indicates that a PR should be marked as a general cmdlet change in the Change Log label Oct 1, 2025
@daxian-dbw
Copy link
Member

/azp run PowerShell-CI-linux-packaging, PowerShell-Windows-Packaging-CI

@azure-pipelines
Copy link

Azure Pipelines could not run because the pipeline triggers exclude this branch/path.

@daxian-dbw daxian-dbw merged commit d5267d2 into PowerShell:master Oct 1, 2025
36 of 37 checks passed
@microsoft-github-policy-service
Copy link
Contributor

microsoft-github-policy-service bot commented Oct 1, 2025
edited by unfurl-links bot
Loading

📣 Hey @@anamnavi, how did we do? We would love to hear your feedback with the link below! 🗣️

🔗 https://aka.ms/PSRepoFeedback

@daxian-dbw daxian-dbw mentioned this pull request Oct 1, 2025
Closed
12 tasks
@daxian-dbw daxian-dbw added CL-Tools Indicates that a PR should be marked as a tools change in the Change Log and removed CL-General Indicates that a PR should be marked as a general cmdlet change in the Change Log labels Oct 1, 2025
pwshBot pushed a commit to pwshBot/PowerShell that referenced this pull request Oct 9, 2025
@anamnavi @pwshBot
Add CodeQL suppressions for UpdatableHelp and `NativeCommandProce…
962274a 
…ssor` methods (PowerShell#26132)
@pwshBot pwshBot mentioned this pull request Oct 9, 2025
Merged
9 tasks
pwshBot pushed a commit to pwshBot/PowerShell that referenced this pull request Oct 9, 2025
@anamnavi @pwshBot
Add CodeQL suppressions for UpdatableHelp and `NativeCommandProce…
bb0263d 
…ssor` methods (PowerShell#26132)
@pwshBot pwshBot mentioned this pull request Oct 9, 2025
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@daxian-dbw daxian-dbw daxian-dbw approved these changes

@TravisEz13 TravisEz13 TravisEz13 approved these changes

@adityapatwardhan adityapatwardhan adityapatwardhan approved these changes

Assignees

@TravisEz13 TravisEz13

Labels

Backport-7.4.x-Migrated Backport-7.5.x-Migrated CL-Tools Indicates that a PR should be marked as a tools change in the Change Log

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@anamnavi @daxian-dbw @TravisEz13 @adityapatwardhan