hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

1526 Commits

Author SHA1 Message Date
Kevin Stubbings
020b4becfd Finish up 2023-10-31 11:00:00 -07:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Kevin Stubbings
e0782683eb Added gin cors framework 2023-10-27 17:50:43 -07:00
Owen Mansel-Chan
c1ecd5a0da Merge pull request #14608 from Kwstubbs/golang-cookie-reflectedxss-sanitizer 
Go: GoAdd Cookie Sanitizer to Reflected XSS
 2023-10-27 21:47:39 +01:00
Kevin Stubbings
ce0104799a Fix minor issues 2023-10-27 11:42:22 -07:00
Owen Mansel-Chan
d534c93ff1 Merge pull request #14606 from owen-mc/go/incorrect-integer-conversion-fixes 
Go: Two fixes to upper bound checks in "incorrect integer conversion" query
 2023-10-27 14:50:11 +01:00
Owen Mansel-Chan
581305b234 Improve QLDoc for UpperBoundCheckGuard 2023-10-27 10:59:20 +01:00
Owen Mansel-Chan
8beacb8d4a Change predicate name from getX to getOrder 2023-10-27 10:44:42 +01:00
Kevin Stubbings
52a0fdabcf formatting 2023-10-27 00:03:30 -07:00
Kevin Stubbings
e6e87a44a3 Add change note 2023-10-26 12:36:35 -07:00
Owen Mansel-Chan
b451adabfc Two small QLDoc improvements 2023-10-26 17:10:12 +01:00
Owen Mansel-Chan
896a3c65be Avoid doing float arithmetic with large integers 
There is the possibility of overflow.
 2023-10-26 17:09:53 +01:00
Owen Mansel-Chan
570ca3b6fe Fix upper bound check to make test pass 2023-10-26 17:08:19 +01:00
Owen Mansel-Chan
0ed01453b9 Fix getMaxIntValue to accept bitSize 64 2023-10-26 12:27:43 +01:00
Kevin Stubbings
21e4a5b2d5 Add Cookie Sanitizer 2023-10-25 22:07:08 -07:00
Kevin Stubbings
dafcd5ec98 Added support for Gin CORS 2023-10-25 17:23:10 -07:00
Owen Mansel-Chan
27646ce971 Merge pull request #14547 from owen-mc/go/enable-data-flow-consistency-checks 
Go: make data flow consistency checks available (and fix some)
 2023-10-25 11:15:44 +01:00
Owen Mansel-Chan
0ba0063e6d Update go/ql/lib/change-notes/2023-10-20-enclosing-callable-for-external-files.md 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2023-10-20 13:37:44 +01:00
Owen Mansel-Chan
da68153a96 Fix change note name and location 2023-10-20 11:24:25 +01:00
Owen Mansel-Chan
e19ebf9ca8 Add external file scope 2023-10-19 16:48:38 +01:00
Owen Mansel-Chan
563805ff0c Fix nodeGetEnclosingCallable 
It wasn't updated when MkImplicitVarargsSlice was added as a branch of
TNode. This meant that it gave no result for `ImplicitVarargsSlice`s
in function calls used to initialise variables declared at file level.
 2023-10-19 16:48:37 +01:00
Owen Mansel-Chan
67601b5312 Add DataFlowImplConsistency.qll for Go library 2023-10-19 11:43:00 +01:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Owen Mansel-Chan
53561008a1 Merge pull request #14445 from owen-mc/go/automated-mad-coverage-report 
Go: automated mad coverage report
 2023-10-15 21:49:47 +01:00
BD
0ef83b3c74 Merge branch 'main' into enable-gokit-by-default 2023-10-15 10:22:27 +05:30
Owen Mansel-Chan
5fcdb9e112 Merge pull request #14442 from owen-mc/go/test-qldoc-coverage 
Fix module name
 2023-10-11 23:45:53 +01:00
Owen Mansel-Chan
286271340e Merge branch 'main' into go/automated-mad-coverage-report 2023-10-11 21:31:25 +01:00
Owen Mansel-Chan
e300440a8b Delete redundant import 2023-10-11 21:28:31 +01:00
Henry Mercer
1a370bfbbe Merge pull request #14443 from github/post-release-prep/codeql-cli-2.15.0 
Post-release preparation for codeql-cli-2.15.0
 2023-10-11 17:39:04 +01:00
github-actions[bot]
ae6af17c74 Post-release preparation for codeql-cli-2.15.0 2023-10-11 14:19:20 +00:00
Owen Mansel-Chan
b6bf4d04ff Fix module name 2023-10-11 14:47:46 +01:00
Owen Mansel-Chan
477d8f8b9a Merge pull request #14064 from amammad/amammad-go-NewFileSystemAccess 
Go: New File System Access Sinks
 2023-10-11 12:58:38 +01:00
amammad
8d6f985aea fix afero additional step and tests 2023-10-10 23:24:04 +02:00
Owen Mansel-Chan
fd9c1d30f9 Remove argument that is always one value 2023-10-10 10:35:04 +01:00
Owen Mansel-Chan
cf0411e7e2 Change MaxValueState API to get architecture bit size 
This fixes a performance regression, though it is not clear why.
 2023-10-10 10:35:02 +01:00
erik-krogh
a7ab9fd93b add change-notes 2023-10-09 09:43:06 +02:00
erik-krogh
4bc4e0845d delete the deprecated isBarrierGuard predicate from the shared dataflow library, and its uses 2023-10-07 21:48:49 +02:00
Owen Mansel-Chan
602bb4083c Merge pull request #13949 from owen-mc/go/change-flowstate-for-incorrect-integer-conversion 
Go: Improve incorrect integer conversion
 2023-10-05 09:59:36 +01:00
Owen Mansel-Chan
ab07a38c25 Use ternary type for architecture bit size 2023-10-04 15:43:51 +01:00
Owen Mansel-Chan
015519e9e0 Combine isBoundFor and isBoundFor2 2023-10-04 15:31:00 +01:00
Owen Mansel-Chan
cd40663ca4 Address lots of review comments 2023-10-04 15:24:56 +01:00
github-actions[bot]
9fe993bec3 Release preparation for version 2.15.0 2023-10-04 14:15:27 +00:00
Owen Mansel-Chan
4122fd881f Move UpperBoundCheckGuard 2023-10-04 14:17:00 +01:00
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Bharadwaj Machiraju
6c8ae55a68 Enable GoKit module into the default list 2023-10-03 15:39:52 +05:30
amammad
95363455af fix tests, and review suggestions. 2023-09-30 22:50:08 +10:00
Owen Mansel-Chan
832e78c518 Unify approach to architecture bit size in isSink2 2023-09-28 11:24:48 +01:00