hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,514 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.3
Commit Graph

3181 Commits

Author SHA1 Message Date
dependabot[bot]
824271a84a Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.32.0 to 0.33.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.32.0...v0.33.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-06 03:58:02 +00:00
Tamás Vajk
cb1c3736fe Merge pull request #19413 from tamasvajk/quality/query-suite-selector 
Add code quality suite selector and use that in the code quality suites
 2025-05-02 08:18:48 +02:00
Owen Mansel-Chan
9ba47eb655 Update query suite inclusion integration tests 2025-05-01 21:51:12 +01:00
Owen Mansel-Chan
bef38a4dce Add change note 2025-05-01 16:06:32 +01:00
Owen Mansel-Chan
8283d30d94 Avoid deprecated function in qhelp examples in same folder 2025-05-01 16:06:31 +01:00
Owen Mansel-Chan
00cc430ac3 Make examples in qhelp shorter and more realistic 2025-05-01 16:06:29 +01:00
Owen Mansel-Chan
6e3b959f61 Reword qhelp slightly 2025-05-01 16:06:28 +01:00
Owen Mansel-Chan
f8791861c7 Add missing metadata 2025-05-01 16:06:19 +01:00
Owen Mansel-Chan
38dcc1cb84 Fix QLDoc 2025-05-01 15:40:17 +01:00
Owen Mansel-Chan
3b934b8898 Add comment on importance of Function.getACall() 2025-05-01 15:40:15 +01:00
Owen Mansel-Chan
e6c19b0cbd Modernize tests 2025-05-01 15:40:14 +01:00
Owen Mansel-Chan
cba0bec3c6 Rename files 2025-05-01 15:40:12 +01:00
Owen Mansel-Chan
3cce4ba437 Improve QLDocs 2025-05-01 15:40:10 +01:00
Owen Mansel-Chan
7f007e10c4 Minor refactor - removed unused argument 2025-05-01 15:40:09 +01:00
Owen Mansel-Chan
b90aba291e Refactor class for unescaped types 2025-05-01 15:40:07 +01:00
Owen Mansel-Chan
cbdbb0310b Tidy up test (remove duplicated main) 2025-05-01 15:40:06 +01:00
Owen Mansel-Chan
4e5a865337 Manually fix copilot's mistakes and get query working 2025-05-01 15:40:04 +01:00
Owen Mansel-Chan
ce4be6d04c Refactor to use flow state instead of 3 flow configs (copilot) 2025-05-01 15:40:03 +01:00
Owen Mansel-Chan
ca85f0bf7f Update query metadata 2025-05-01 15:39:57 +01:00
Owen Mansel-Chan
c2ebdf5266 Change query id to go/html-template-escaping-bypass-xss 2025-05-01 15:39:20 +01:00
Owen Mansel-Chan
1926ffd450 Convert XSS tests to use inline expectations 2025-05-01 15:39:19 +01:00
Owen Mansel-Chan
1530ac123c Update path in qlref and update test results 2025-05-01 15:39:17 +01:00
Owen Mansel-Chan
5bce70f78c Move files out of experimental (no changes) 2025-05-01 15:39:15 +01:00
Owen Mansel-Chan
0863c87572 Add change notes 2025-05-01 10:33:24 +01:00
Chuan-kai Lin
5bc962c429 QL tests: run with --check-diff-informed 2025-04-30 10:55:58 -07:00
Owen Mansel-Chan
cf614a596d Fix cwe tags to include leading zero 2025-04-30 16:43:03 +01:00
Tamas Vajk
2515b06b2a Use code-quality-selectors in Go suite 2025-04-29 16:22:57 +02:00
github-actions[bot]
2e0699ab2b Post-release preparation for codeql-cli-2.21.2 2025-04-28 14:03:28 +00:00
github-actions[bot]
625354c46e Release preparation for version 2.21.2 2025-04-28 10:55:22 +00:00
Michael B. Gale
987af4ce1d Merge pull request #19248 from github/mbg/go/private-registries 
Go: Support private registries via `GOPROXY`
 2025-04-25 16:40:00 +01:00
Michael B. Gale
7592ce47e3 Go: Restore parseRegistryConfigsFail test for the empty string 2025-04-25 15:45:12 +01:00
Michael B. Gale
91a794433a Go: Change "Unable" to "Failed" for consistency 2025-04-25 15:42:29 +01:00
Michael B. Gale
5172a4d6ec Go: Remove check from getEnvVars 2025-04-25 15:41:57 +01:00
Michael B. Gale
9cfa451477 Go: Fix/improve comment about environment variable preservation 2025-04-25 15:41:35 +01:00
Tamas Vajk
a4a24470c8 Add query suite inclusion tests for actions, csharp, go, javascript, ruby, rust 2025-04-25 14:06:17 +02:00
Michael B. Gale
e805d1ee90 Merge remote-tracking branch 'origin/main' into mbg/go/private-registries 2025-04-25 12:55:36 +01:00
Michael B. Gale
cafe1efefa Go: Refactor ApplyProxyEnvVars 2025-04-25 12:30:48 +01:00
Paolo Tranquilli
69b87a63b8 Go: remove invalid toolchain version diagnostics 
This diagnostic was introduced by https://github.com/github/codeql/pull/15979.
However in the meantime the Go team [has backtracked](https://github.com/golang/go/issues/62278#issuecomment-2062002018)
on their decision, which leads to confusing alerts for user (e.g. https://github.com/github/codeql-action/issues/2868).
Even using Go toolchains from 1.21 to 1.22 we weren't immediately able
to reproduce the problem that this diagnostics was meant to guard
against. Therefore it was deemed simpler to just remove it.

_En passant_ the `Makefile` now accepts `rtjo` not being set.
 2025-04-24 14:41:05 +02:00
github-actions[bot]
d78736b1bf Post-release preparation for codeql-cli-2.21.1 2025-04-15 16:33:15 +00:00
github-actions[bot]
b961c5961d Release preparation for version 2.21.1 2025-04-14 09:53:06 +00:00
Owen Mansel-Chan
b6053e3f91 Merge pull request #19076 from owen-mc/go/update-depstubber-files 
Go: update files generated by depstubber
 2025-04-09 11:44:20 +01:00
Michael B. Gale
e210be7bb2 Go: Preserve environment variables in ApplyProxyEnvVars 2025-04-08 12:38:38 +01:00
Michael B. Gale
7798b716ff Go: Fix err instead of decErr in GetPkgsInfo 2025-04-08 12:04:48 +01:00
Michael B. Gale
0f78e11376 Go: Detect and apply proxy settings (WIP) 2025-04-08 12:02:15 +01:00
Michael B. Gale
ded27bcee4 Go: Replace exec.Command("go" with toolchain.GoCommand( 2025-04-08 11:19:42 +01:00
Owen Mansel-Chan
8c878cd8f5 Merge pull request #19243 from github/dependabot/go_modules/go/extractor/extractor-dependencies-891a2402ea 
Bump golang.org/x/tools from 0.31.0 to 0.32.0 in /go/extractor in the extractor-dependencies group
 2025-04-08 10:30:29 +01:00
dependabot[bot]
2f9be926fb Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.31.0 to 0.32.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-08 03:42:17 +00:00
github-actions[bot]
5adf135134 Add changed framework coverage reports 2025-04-08 00:22:09 +00:00
Owen Mansel-Chan
1ed8fbd811 Delete commented out code 2025-04-03 11:19:14 +01:00
Owen Mansel-Chan
ecd09edf64 Add stubs for gogf/gf and uptrace/bun 2025-04-02 14:17:40 +01:00