hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,579 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.2
Commit Graph

3053 Commits

Author SHA1 Message Date
Owen Mansel-Chan
bc784268fd Make Logrus log injection tests more comprehensive 2024-11-19 11:18:28 +00:00
Owen Mansel-Chan
791313fbdf Add tests for logrus.FieldLogger 2024-11-19 11:18:26 +00:00
Owen Mansel-Chan
cc62db796c Add tests for Xorm first argument of varargs slice 2024-11-19 11:18:24 +00:00
Owen Mansel-Chan
5a0cd2e7d6 Add tests for squirrel.Eq 2024-11-19 11:18:22 +00:00
Owen Mansel-Chan
8cbab0c66e Model logrus.FieldLogger using models-as-data 2024-11-19 11:18:20 +00:00
Owen Mansel-Chan
d37c816bd9 Model some Xorm methods in QL 2024-11-19 11:18:17 +00:00
Owen Mansel-Chan
25cd4d4585 Model some squirrel methods in QL 
We need to put a restriction on the type of the argument.
 2024-11-19 11:18:15 +00:00
Owen Mansel-Chan
a0729fc760 Fix typo in package path 
Co-authored-by: Edward Minnix III <egregius313@github.com>
 2024-11-19 11:18:13 +00:00
Owen Mansel-Chan
35cbc162b0 Convert logging sinks to use MaD 2024-11-19 11:18:11 +00:00
Owen Mansel-Chan
85c7e8c221 Convert gocb nosql-injection sinks to MaD 2024-11-19 11:18:09 +00:00
Owen Mansel-Chan
fbaad09179 Convert mongodb nosql-injection sinks to MaD 2024-11-19 11:18:02 +00:00
Owen Mansel-Chan
b4c84be3be Convert database/sql/driver sql-injection sinks to MaD 2024-11-19 11:15:48 +00:00
Owen Mansel-Chan
e4eef6791a Convert database/sql sql-injection sinks to MaD 2024-11-19 11:15:42 +00:00
Owen Mansel-Chan
4cca6cff59 Convert Beego orm sql-injection sinks to MaD 2024-11-19 11:13:32 +00:00
Owen Mansel-Chan
2282a8184b Convert Bun sql-injection sinks to MaD 2024-11-19 11:13:30 +00:00
Owen Mansel-Chan
1c305aa8f3 Convert Xorm sql-injection sinks to MaD 2024-11-19 11:13:28 +00:00
Owen Mansel-Chan
1ab50fc62c Convert Gorm sql-injection sinks to MaD 2024-11-19 11:13:26 +00:00
Owen Mansel-Chan
fb050e8b43 Convert sqlx sql-injection sinks to MaD 2024-11-19 11:13:23 +00:00
Owen Mansel-Chan
d9d3e74e8c Convert gogf/gf sql-injection sinks to MaD 2024-11-19 11:13:17 +00:00
Owen Mansel-Chan
1315a1e9ae Upgrade and convert gorqlite sql-injection sinks to MaD 2024-11-19 11:13:13 +00:00
Owen Mansel-Chan
924467bebe Convert squirrel sql-injection sinks to MaD (non-existent methods removed) 
Various non-existent methods were modeled, and I couldn't find any
evidence that they used to exist. They aren't in the stubs or tests. I
have removed them.
 2024-11-19 11:13:10 +00:00
Owen Mansel-Chan
c5bec1cc7f Merge pull request #17966 from owen-mc/go/mad/subtypes-true 
Go: set `subtypes` column to true for models where it has a meaning
 2024-11-19 00:43:55 +00:00
Owen Mansel-Chan
06b72e5782 Update models in test expectation files 2024-11-16 19:44:32 +00:00
Owen Mansel-Chan
5745969462 Set subtypes=false when it has no meaning 2024-11-16 19:34:23 +00:00
Ian Lynagh
50b9702afd Go: Remove a redundant override 2024-11-14 21:19:29 +00:00
Kevin Stubbings
a94ba25ebe Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-11-13 14:45:45 -08:00
Kevin Stubbings
460ed30d05 Fixed tests 2024-11-12 16:08:14 -08:00
Kevin Stubbings
eb3a76ddce Merge branch 'github:main' into path-sanitizers 2024-11-12 16:03:00 -08:00
Kevin Stubbings
8744f158bd New tests 2024-11-12 15:44:47 -08:00
Owen Mansel-Chan
44e865114a Add change note 2024-11-12 11:37:07 +00:00
Owen Mansel-Chan
d31700cf92 Accept changes in models in .expected files 2024-11-12 11:34:29 +00:00
Owen Mansel-Chan
dfd8e7d397 Set subtypes column to True in models 
This is almost always what we want.
 2024-11-12 11:21:52 +00:00
Owen Mansel-Chan
fd4a6d4bb8 Change note 2024-11-11 23:55:57 +00:00
Owen Mansel-Chan
13fb92ad3e Rename getIntermediateEmbeddedType 2024-11-11 23:53:14 +00:00
Owen Mansel-Chan
d3a6452860 Add missing QLDoc 2024-11-11 23:50:09 +00:00
Owen Mansel-Chan
6af5b55d51 Refactor elementAppliesToQualifier 
This is needed for performance when there are lots of embeddings.
 2024-11-11 23:50:08 +00:00
Owen Mansel-Chan
3986dffc91 Keep methods and fields separate in SourceOrSinkElement 
This improves performance.
 2024-11-11 23:50:06 +00:00
Owen Mansel-Chan
b6a31b1def Restrict to Methods 2024-11-11 23:50:04 +00:00
Owen Mansel-Chan
57192e8154 Add even more tests 2024-11-11 23:49:58 +00:00
Owen Mansel-Chan
e813fa346b Fix case in some test-related file names 2024-11-11 23:48:34 +00:00
Owen Mansel-Chan
8abb0594c3 Combine two arms of newtype TSourceOrSinkElement 2024-11-11 23:48:32 +00:00
Owen Mansel-Chan
b2c2a94866 Accept review comment - doc clarification 2024-11-11 23:48:30 +00:00
Owen Mansel-Chan
39afb18ee4 Fix bad join order 2024-11-11 23:48:29 +00:00
Owen Mansel-Chan
80e8015e67 Inline late and remove manual magic 2024-11-11 23:48:27 +00:00
Owen Mansel-Chan
c2aee37210 getSyntacticQualifier -> getSyntacticQualifierBaseType 
This improves performance.
 2024-11-11 23:48:25 +00:00
Owen Mansel-Chan
ede3b9f033 Improve join order by making a separate predicate 2024-11-11 23:48:23 +00:00
Owen Mansel-Chan
e335737f38 Minor fixes to docs 2024-11-11 23:48:21 +00:00
Owen Mansel-Chan
adc946ec2b Revert simplification to make tests pass 2024-11-11 23:48:19 +00:00
Owen Mansel-Chan
4a1fce9168 Test non-promoted fields and methods 2024-11-11 23:46:10 +00:00
Chris Smowton
f61251cc24 Document elementAppliesToQualifier 2024-11-11 23:43:59 +00:00