hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

2965 Commits

Author SHA1 Message Date
Owen Mansel-Chan
3b2b7d7d1c Convert Xorm sql-injection sinks to MaD 2024-08-16 11:18:57 +01:00
Owen Mansel-Chan
ba310417a8 Convert Gorm sql-injection sinks to MaD 2024-08-16 11:18:55 +01:00
Owen Mansel-Chan
7ad63fc3e6 Convert sqlx sql-injection sinks to MaD 2024-08-16 11:18:54 +01:00
Owen Mansel-Chan
db559f75b6 Convert gogf/gf sql-injection sinks to MaD 2024-08-16 11:18:52 +01:00
Owen Mansel-Chan
ce0cb12c29 Upgrade and convert gorqlite sql-injection sinks to MaD 2024-08-16 11:18:51 +01:00
Owen Mansel-Chan
06f86dd22f Convert squirrel sql-injection sinks to MaD (non-existent methods removed) 
Various non-existent methods were modeled, and I couldn't find any
evidence that they used to exist. They aren't in the stubs or tests. I
have removed them.
 2024-08-16 11:18:49 +01:00
Owen Mansel-Chan
0acb29d3dd Update frameworks.csv 2024-08-16 11:15:13 +01:00
github-actions[bot]
86ab941acd Add changed framework coverage reports 2024-08-14 00:18:29 +00:00
Tom Hvitved
aeabee3e34 Merge pull request #17179 from hvitved/shared/pretty-print-models 
Go/Java: Share more `PrettyPrintModels.ql` logic
 2024-08-13 14:15:40 +02:00
Tom Hvitved
f83df76928 Shared: Apply ShowProvenance in InlineFlowTest.qll 2024-08-13 13:34:43 +02:00
Tom Hvitved
d5a0df3f87 Go/Java: Share more PrettyPrintModels.ql logic 2024-08-13 12:48:22 +02:00
Owen Mansel-Chan
0dfdee775b Merge pull request #17177 from owen-mc/go/mad/convert-sink-3 
Go: convert regex-use, url-redirection sinks to use models-as-data
 2024-08-12 16:21:48 +01:00
Owen Mansel-Chan
6b6e773ce1 Merge pull request #17196 from owen-mc/go/tidy-up-test-go-mod-2 
Go: Remove unneeded dependency from test go.mod
 2024-08-12 15:48:05 +01:00
Owen Mansel-Chan
e6873cfb2e Merge pull request #17195 from owen-mc/go/tidy-up-test-go-mod 
Go: Remove unneeded dependencies from test go.mod
 2024-08-12 15:45:32 +01:00
Michael Nebel
4a5c9f0ec4 Merge pull request #17007 from michaelnebel/shared/neutralimplementation 
C#/Java/Go: Neutrals are split into separate classes.
 2024-08-12 13:58:12 +02:00
Owen Mansel-Chan
600c84505f Remove unneeded dependency from test go.mod 2024-08-12 10:15:36 +01:00
Owen Mansel-Chan
30dc2289a3 Remove unneeded dependencies from test go.mod 2024-08-12 10:14:09 +01:00
Owen Mansel-Chan
1df81dbfb6 Use regex-use[receiver] instead of regex-use[-1] 2024-08-11 00:37:25 +01:00
Owen Mansel-Chan
49f3959405 Convert url-redirection sinks to MaD 2024-08-11 00:29:53 +01:00
Owen Mansel-Chan
3a285f500e Convert regex-use sinks to use MaD 2024-08-11 00:21:31 +01:00
Owen Mansel-Chan
a5a999f7d6 Merge pull request #17162 from owen-mc/go/mad/convert-sink-2 
Go: Convert log-injection, path-injection and command-injection sinks to use models-as-data
 2024-08-11 00:20:42 +01:00
github-actions[bot]
8b51f9865d Add changed framework coverage reports 2024-08-10 00:18:17 +00:00
Owen Mansel-Chan
6f5a045437 Fix typo in package path 
Co-authored-by: Edward Minnix III <egregius313@github.com>
 2024-08-09 14:27:58 +01:00
Cornelius Riemenschneider
cdf067703b Merge remote-tracking branch 'origin/main' into criemen/pytest-go 2024-08-09 09:59:29 +02:00
Cornelius Riemenschneider
ae96111848 Revert "Simplify test." 
This reverts commit 2310bd94a4.
 2024-08-09 09:48:38 +02:00
Michael B. Gale
267ee3dce9 Merge pull request #17168 from github/dependabot/go_modules/go/extractor/extractor-dependencies-d889f6e8ba 2024-08-08 17:16:23 +01:00
Owen Mansel-Chan
32958e9625 Pretty print models in stored command test 2024-08-08 17:06:06 +01:00
Owen Mansel-Chan
d066faf212 Update test expectatations 2024-08-08 17:06:01 +01:00
Owen Mansel-Chan
5ef37c4501 Converting command-injection sinks to use MaD 2024-08-08 17:03:57 +01:00
Owen Mansel-Chan
8536e7eb02 Convert path-injection sinks to use MaD 2024-08-08 17:03:53 +01:00
Owen Mansel-Chan
fa472f5e18 Convert logging sinks to use MaD 2024-08-08 17:01:49 +01:00
Owen Mansel-Chan
d240951da0 Merge pull request #17157 from owen-mc/go/mad/change-provenance-for-package-grouping 
Go: Change provenance for MaD models that use package grouping
 2024-08-08 16:57:31 +01:00
Alexander Eyers-Taylor
ffd811a55d Merge pull request #17182 from github/post-release-prep/codeql-cli-2.18.2 
Post-release preparation for codeql-cli-2.18.2
 2024-08-08 16:28:03 +01:00
Michael B. Gale
2109bba928 Go: Bump Go version in ExternalValueFlow test 2024-08-08 15:34:47 +01:00
github-actions[bot]
cc6d87c276 Post-release preparation for codeql-cli-2.18.2 2024-08-08 12:56:21 +00:00
Cornelius Riemenschneider
2310bd94a4 Simplify test. 2024-08-08 13:51:38 +02:00
Owen Mansel-Chan
55de3511b0 Fix frameworks.csv 2024-08-08 10:31:00 +01:00
dependabot[bot]
c1e242ecda Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.23.0 to 0.24.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.23.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-08 03:50:32 +00:00
github-actions[bot]
019da8c287 Release preparation for version 2.18.2 2024-08-07 14:02:38 +00:00
Alexander Eyers-Taylor
46577b585e Revert "Release preparation for version 2.18.2" 2024-08-07 14:24:37 +01:00
Cornelius Riemenschneider
46cf779062 Address review. 2024-08-06 18:08:25 +02:00
Cornelius Riemenschneider
ffde68aaec Merge remote-tracking branch 'origin/main' into criemen/pytest-go 2024-08-06 17:03:16 +02:00
Owen Mansel-Chan
f0d1740ff8 Update text expectations 2024-08-06 13:48:45 +01:00
github-actions[bot]
c14ba0e4bd Release preparation for version 2.18.2 2024-08-06 12:46:15 +00:00
Owen Mansel-Chan
572c773345 Change provenance for MaD models that use package grouping 2024-08-06 13:13:39 +01:00
Paolo Tranquilli
79740ed72b Merge pull request #17145 from github/redsun82/go 
Go/Bazel: fix gazelle invocation to use bundled bazel go
 2024-08-06 10:36:40 +02:00
Dave Bartolomeo
7e82986e7c Update Go test expectations 2024-08-05 13:20:12 -04:00
Paolo Tranquilli
841f317cbd Merge branch 'main' into redsun82/go 2024-08-05 14:30:28 +02:00
Cornelius Riemenschneider
133a0914b5 Delete old go integration test library. 2024-08-05 13:31:33 +02:00
Cornelius Riemenschneider
6cb6aeffbb Rename build-environment.expected to build_environment.expected. 
This follows the convention of our other expected files.
 2024-08-05 13:30:23 +02:00