hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,734 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.0
Commit Graph

3018 Commits

Author SHA1 Message Date
Chris Smowton
dcbb66d366 Go: extract and expose struct tags, interface method IDs 
This enables us to distinguish all database types in QL. Previously structs with the same field names and types but differing tags, and interface types with matching method names and at least one non-exported method but declared in differing packages, were impossible or only sometimes possible to distinguish in QL. With this change these types can be distinguished, as well as permitting queries to examine struct field tags, e.g. to read JSON field name associations.
 2024-10-08 19:23:06 +01:00
dependabot[bot]
26f8e64a35 Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.25.0 to 0.26.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-07 09:26:56 +00:00
Tom Hvitved
16feaf15e2 Go: Update expected test output 2024-10-07 09:23:39 +02:00
Chris Smowton
05d2e16de3 autoformat 2024-10-02 15:25:36 +01:00
Ed Minnix
f8335e6163 Fix formatting 2024-10-01 15:58:07 -04:00
Edward Minnix III
91b7a6cbd8 Wording of change note 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-10-01 15:56:43 -04:00
Edward Minnix III
1f932d407f Remove unnecessary asExpr() 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-10-01 15:56:42 -04:00
Ed Minnix
26b49dd0df Fix test expectation 2024-10-01 15:56:40 -04:00
Ed Minnix
d80a1487be Add change note 2024-10-01 15:56:37 -04:00
Ed Minnix
e18389718c Implement stdin models 
Unfortunately due to how variable and varargs work, these are better
done in QL
 2024-10-01 15:56:31 -04:00
Chris Smowton
6ef2aed3aa Add blackbox, out-of-package test 2024-10-01 15:52:30 +01:00
Chris Smowton
9a82ea48f2 Add test for cross-package references with test extraction 2024-10-01 15:50:43 +01:00
Chris Smowton
01c9509741 Merge pull request #17628 from smowton/smowton/admin/go-vendor-dir-extraction-option 
Go: add extractor option for vendor-directory extraction
 2024-10-01 14:47:42 +01:00
Chris Smowton
cb0b388345 Merge pull request #17630 from smowton/smowton/admin/deduplicate-tests 
Go: deduplicate integration tests
 2024-10-01 11:08:00 +01:00
Chris Smowton
d689db23d8 Warn on use of old option 2024-10-01 10:43:28 +01:00
github-actions[bot]
e97878ed63 Post-release preparation for codeql-cli-2.19.1 2024-09-30 19:49:00 +00:00
Chris Smowton
be389b4c19 Go: deduplicate integration tests 2024-09-30 19:54:14 +01:00
github-actions[bot]
455c8c5953 Release preparation for version 2.19.1 2024-09-30 17:59:48 +00:00
Chris Smowton
c9d6c80913 Log when vendor dir extraction is active 2024-09-30 18:44:20 +01:00
Chris Smowton
684aedf6aa Golang vendor dir extraction: add extractor option 2024-09-30 18:24:49 +01:00
Chris Smowton
ca68aaa0de Remove test code 2024-09-27 19:07:00 +01:00
Owen Mansel-Chan
796db77104 Add comments noting methods from embedded interfaces are already included 2024-09-27 15:03:09 +01:00
Owen Mansel-Chan
fdff209938 Merge pull request #17505 from owen-mc/go/inheritance-tests 
Go: Add tests for model inheritance and fix bug in promoted methods
 2024-09-26 16:42:25 +01:00
Rasmus Wriedt Larsen
381ea93ec3 Merge pull request #17424 from RasmusWL/active-threat-model-source 
Go/Java/C#: Rename `ThreatModelFlowSource` to `ActiveThreatModelSource`
 2024-09-26 13:08:17 +02:00
Josh Soref
a9e07a88af Downgrade IncorrectIntegerConversionQuery precision to high 
`very-high` implies near 0 false positives and we have run into a number and an entire class

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2024-09-24 22:08:00 -04:00
Owen Mansel-Chan
ea4f9cad3c Mark some test results as SPURIOUS 2024-09-24 22:04:50 +01:00
Owen Mansel-Chan
bcb718ac77 Add change note 2024-09-24 21:39:49 +01:00
Chris Smowton
d673d24ca6 Revise notation to more closely resemble real Go 2024-09-24 17:22:26 +01:00
Chris Smowton
11755482e4 Update test expectation (now signature types pretty-print indicating if they are variadic) 2024-09-24 17:18:10 +01:00
Chris Smowton
40035a0b62 Improve pretty-printer 2024-09-24 17:18:09 +01:00
Chris Smowton
4d3a140dd7 Expose whether functions are variadic in their pp() output 2024-09-24 17:18:08 +01:00
Owen Mansel-Chan
73209638e3 Improve comments in test library 2024-09-24 16:41:10 +01:00
Owen Mansel-Chan
b0caabac86 Also update QL tests 2024-09-24 16:25:55 +01:00
Owen Mansel-Chan
6e428d5083 Fix bug where some methods were inappropriately promoted 2024-09-24 16:25:53 +01:00
Owen Mansel-Chan
0255edf524 Remove tests for sources and sinks 
This is redundant given that we test for paths, and for a path
we need the source, step and sink methods to be modeled.
 2024-09-24 16:25:49 +01:00
Owen Mansel-Chan
afa4b6dd4a Make paths test an inline expectations test 2024-09-24 16:23:33 +01:00
Owen Mansel-Chan
5490f3a957 Add tests for interface embedding interface 2024-09-24 16:23:31 +01:00
Owen Mansel-Chan
279800ea62 Use shorter naming scheme for types 2024-09-24 16:23:26 +01:00
Tom Hvitved
300fdc344d Go: Update expected test output 2024-09-24 14:21:42 +02:00
Owen Mansel-Chan
6a67bd52a9 Add tests for MaD inheritance 2024-09-24 13:21:05 +01:00
Chris Smowton
7e8da94d9a Merge pull request #17216 from smowton/smowton/feature/golang-test-extraction 
Go: support extracting test code
 2024-09-23 16:43:42 +01:00
Chuan-kai Lin
1cd8af54f2 Merge pull request #17190 from github/cklin/diff-informed-java-queries 
Java: add support for alert location restrictions
 2024-09-23 08:39:24 -07:00
Chris Smowton
209f9ec93d Amend comments per review 2024-09-23 15:20:18 +01:00
Rasmus Wriedt Larsen
63c3a71d95 Merge branch 'main' into active-threat-model-source 2024-09-23 11:18:14 +02:00
Chris Smowton
e528a08794 Autoformat 2024-09-21 22:12:24 +01:00
Chris Smowton
bb44a2fc8c Populate pkgInfoMapping for test packages if relevant 2024-09-21 13:38:41 +01:00
Anders Schack-Mulligen
3a1e50dcf9 Dataflow: Simplify diff-informed implementation and tweak flag name. 2024-09-20 07:07:10 -07:00
Chris Smowton
bcb84a84e1 Only skip test packages at the file-extraction phase 2024-09-20 12:48:08 +01:00
Chris Smowton
f5ff822681 Convert extract-tests option to an official extractor option 2024-09-20 10:03:54 +01:00
Chris Smowton
94cb99e51d Adjust test expectations 2024-09-20 10:03:53 +01:00