hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,481 Commits 1,671 Branches 157 Tags
aibaars/rust-extract-libs
Commit Graph

3087 Commits

Author SHA1 Message Date
Chuan-kai Lin
89ad2b4256 Merge branch 'main' into cklin/check-diff-informed 2025-05-28 10:47:47 -07:00
Owen Mansel-Chan
164cfaf3e7 Merge pull request #19532 from owen-mc/go/make-test-version-independent 
Go: Make type param test independent of standard library version
 2025-05-28 11:30:13 +01:00
Owen Mansel-Chan
6f71e3b30e Merge pull request #19491 from owen-mc/go/add-test-flags 
Go: Check more things while running tests
 2025-05-28 10:12:05 +01:00
Michael B. Gale
c236084043 Go: Explicitly check whether proxy env vars are empty 2025-05-27 14:58:18 +01:00
Owen Mansel-Chan
463a711552 Use reflection for interface nil check instead 2025-05-21 22:22:10 +01:00
Michael Nebel
2952c0d2b4 Merge pull request #19507 from michaelnebel/removehardcodedpassword 
Exclude some queries from query suites by lowering their precision.
 2025-05-21 11:13:14 +02:00
Owen Mansel-Chan
83cd349531 Change variable name and add comment 2025-05-20 13:13:26 +01:00
Owen Mansel-Chan
47dac64301 fix previous commit 2025-05-20 13:13:25 +01:00
Owen Mansel-Chan
d5044fd072 Deal better with Windows paths 2025-05-20 13:13:24 +01:00
Owen Mansel-Chan
401c60654e Fix nil checks to stop creating unused labels 
In go, an interface with value nil does not compare equal to nil. This
is known as "typed nils". So our existing nil checks weren't working,
which shows why we needed more nil checks inside the type switches. The
solution is to explicitly check for each type we care about.
 2025-05-20 13:13:22 +01:00
Owen Mansel-Chan
d39e7c2066 Added named import to definitions test 
This makes the test slightly more thorough.
 2025-05-20 13:13:21 +01:00
Owen Mansel-Chan
14af9218b2 Check more things while running tests 2025-05-20 13:13:20 +01:00
Owen Mansel-Chan
f6f6a5ccc6 Only list type params in test files 
This will make the test results not depend on the version of the
standard library being used, which means we don't have to update it with
each new release.
 2025-05-20 02:25:24 +01:00
Jon Janego
9d65b5f85c Merge pull request #19531 from github/changedocs-2.21.3 
Changenotes for 2.21.3
 2025-05-19 19:00:47 -05:00
Jon Janego
759ad8adc1 Fixing Go 1.24 release accuracy. It went supported in 2.20.5 and docs were a late commit so this fixes it upstream. 2025-05-19 16:53:05 -05:00
Michael Nebel
dabeddb62d Add change-notes. 2025-05-19 09:26:49 +02:00
Michael Nebel
530025b7ae Update integration tests expected output. 2025-05-19 09:26:47 +02:00
Michael Nebel
03ecd24469 Lower the precision of a range of harcoded password queries to remove them from query suites. 2025-05-19 09:26:45 +02:00
Owen Mansel-Chan
8f5a2a9e29 Merge pull request #19484 from owen-mc/go/minor-fix 
Go: Remove redundant code in `IR::ExtractTupleElementInstruction.getResultType()` and expand tests
 2025-05-14 13:49:38 +01:00
github-actions[bot]
5f9dd75d7d Post-release preparation for codeql-cli-2.21.3 2025-05-13 21:49:43 +00:00
github-actions[bot]
2de4a01c86 Release preparation for version 2.21.3 2025-05-13 21:14:27 +00:00
Owen Mansel-Chan
933e01b3d4 Remove redundant code 
The case of a CallExpr is actually covered by the next disjunct.

Note that the CallExpr case had a subtle bug: `c.getTarget()` is not
defined when we are calling a variable. Better to use
`c.getCalleeType()`. But in this case we can just delete the code.
 2025-05-13 15:55:20 +01:00
Owen Mansel-Chan
7da1ade835 Add tests for extracting tuples in f(g(...)) 2025-05-13 15:54:05 +01:00
Owen Mansel-Chan
b06491125e Expand test for Extract Tuple Instruction 2025-05-13 15:48:29 +01:00
Owen Mansel-Chan
a857069345 Merge pull request #19464 from owen-mc/go/fix/extract-recv-alias-type 
Go: fix database inconsistency when receiver has alias type
 2025-05-06 15:08:42 -04:00
Owen Mansel-Chan
c781f98bdc (unrelated tidy up) resolveTypeAlias not needed 
`types.Unalias` already does the same thing
 2025-05-06 05:45:06 -04:00
Owen Mansel-Chan
228c45aaf8 Look through aliases when identifying method receivers 2025-05-06 05:45:04 -04:00
dependabot[bot]
824271a84a Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.32.0 to 0.33.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.32.0...v0.33.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-06 03:58:02 +00:00
Tamás Vajk
cb1c3736fe Merge pull request #19413 from tamasvajk/quality/query-suite-selector 
Add code quality suite selector and use that in the code quality suites
 2025-05-02 08:18:48 +02:00
Owen Mansel-Chan
0863c87572 Add change notes 2025-05-01 10:33:24 +01:00
Chuan-kai Lin
5bc962c429 QL tests: run with --check-diff-informed 2025-04-30 10:55:58 -07:00
Owen Mansel-Chan
cf614a596d Fix cwe tags to include leading zero 2025-04-30 16:43:03 +01:00
Tamas Vajk
2515b06b2a Use code-quality-selectors in Go suite 2025-04-29 16:22:57 +02:00
github-actions[bot]
2e0699ab2b Post-release preparation for codeql-cli-2.21.2 2025-04-28 14:03:28 +00:00
github-actions[bot]
625354c46e Release preparation for version 2.21.2 2025-04-28 10:55:22 +00:00
Michael B. Gale
987af4ce1d Merge pull request #19248 from github/mbg/go/private-registries 
Go: Support private registries via `GOPROXY`
 2025-04-25 16:40:00 +01:00
Michael B. Gale
7592ce47e3 Go: Restore parseRegistryConfigsFail test for the empty string 2025-04-25 15:45:12 +01:00
Michael B. Gale
91a794433a Go: Change "Unable" to "Failed" for consistency 2025-04-25 15:42:29 +01:00
Michael B. Gale
5172a4d6ec Go: Remove check from getEnvVars 2025-04-25 15:41:57 +01:00
Michael B. Gale
9cfa451477 Go: Fix/improve comment about environment variable preservation 2025-04-25 15:41:35 +01:00
Tamas Vajk
a4a24470c8 Add query suite inclusion tests for actions, csharp, go, javascript, ruby, rust 2025-04-25 14:06:17 +02:00
Michael B. Gale
e805d1ee90 Merge remote-tracking branch 'origin/main' into mbg/go/private-registries 2025-04-25 12:55:36 +01:00
Michael B. Gale
cafe1efefa Go: Refactor ApplyProxyEnvVars 2025-04-25 12:30:48 +01:00
Paolo Tranquilli
69b87a63b8 Go: remove invalid toolchain version diagnostics 
This diagnostic was introduced by https://github.com/github/codeql/pull/15979.
However in the meantime the Go team [has backtracked](https://github.com/golang/go/issues/62278#issuecomment-2062002018)
on their decision, which leads to confusing alerts for user (e.g. https://github.com/github/codeql-action/issues/2868).
Even using Go toolchains from 1.21 to 1.22 we weren't immediately able
to reproduce the problem that this diagnostics was meant to guard
against. Therefore it was deemed simpler to just remove it.

_En passant_ the `Makefile` now accepts `rtjo` not being set.
 2025-04-24 14:41:05 +02:00
github-actions[bot]
d78736b1bf Post-release preparation for codeql-cli-2.21.1 2025-04-15 16:33:15 +00:00
github-actions[bot]
b961c5961d Release preparation for version 2.21.1 2025-04-14 09:53:06 +00:00
Owen Mansel-Chan
b6053e3f91 Merge pull request #19076 from owen-mc/go/update-depstubber-files 
Go: update files generated by depstubber
 2025-04-09 11:44:20 +01:00
Michael B. Gale
e210be7bb2 Go: Preserve environment variables in ApplyProxyEnvVars 2025-04-08 12:38:38 +01:00
Michael B. Gale
7798b716ff Go: Fix err instead of decErr in GetPkgsInfo 2025-04-08 12:04:48 +01:00
Michael B. Gale
0f78e11376 Go: Detect and apply proxy settings (WIP) 2025-04-08 12:02:15 +01:00