codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Chris Smowton	e9cccb46c0	Go: mistyped-exponentiation: notice constants with likely-bitmask values	2025-09-25 15:19:40 +01:00
Owen Mansel-Chan	d9e7c89af0	Add indirect method calls	2025-09-11 11:31:28 +01:00
Owen Mansel-Chan	84e70e166e	Add direct method calls	2025-09-11 11:27:56 +01:00
Owen Mansel-Chan	fa18fd2782	Add method defs	2025-09-11 11:24:53 +01:00
Owen Mansel-Chan	cbbf7c2578	Include pre-update node in output	2025-09-11 11:22:17 +01:00
Arthur Baars	5d3ec35e29	Remove non-breaking spaces from code	2025-09-05 09:41:15 +02:00
Owen Mansel-Chan	2a45b28e5f	Merge pull request #20064 from Kwstubbs/go-path-separator Update Go Path Injection Sanitizer and Sink	2025-09-03 16:45:15 +01:00
Kevin Stubbings	b4b848a25c	Fix tests and simplify sanitizer	2025-07-21 21:53:35 +00:00
Kevin Stubbings	f86152d3bd	Add sanitizer changes and fix test	2025-07-16 21:27:33 +00:00
Kevin Stubbings	504ae0f35a	Update go path sanitizers and sinks	2025-07-16 06:12:45 +00:00
Chris Smowton	c8eefb7c5c	Golang: Mark filepath.IsLocal as a tainted-path sanitizer guard	2025-07-15 14:47:17 +01:00
Owen Mansel-Chan	990043ce86	Add net/http.Head and net/http.Client.Head as client requests They were previously deliberately excluded.	2025-07-08 14:31:48 +01:00
Owen Mansel-Chan	d437a096f1	Test more client request URL sinks	2025-07-08 13:20:04 +01:00
Owen Mansel-Chan	0788a90d88	Convert RequestForgery test to inline expectations	2025-07-04 16:56:05 +01:00
Owen Mansel-Chan	d10b9e665c	Fix linter warnings in Request Forgery tests	2025-07-04 16:55:09 +01:00
Owen Mansel-Chan	0f07ab58cf	Merge pull request #19654 from owen-mc/go/fix-definedtype-getbasetype Go: fix `DefinedType.getBaseType`	2025-06-26 00:19:19 +01:00
Owen Mansel-Chan	d7b1d7bef4	Merge pull request #19677 from owen-mc/go/better-class-names-and-helpers Go: Improve two class names and add some helper predicates	2025-06-26 00:17:32 +01:00
Nora Dimitrijević	cf92b0e91b	Go: convert IncorrectIntegerConversion test to .qlref	2025-06-24 14:57:48 +02:00
Nora Dimitrijević	76a3306c63	Go: convert UncontrolledAllocationSize test to .qlref	2025-06-24 14:57:44 +02:00
Owen Mansel-Chan	ef5e605cc4	Merge pull request #19386 from owen-mc/go/promote/html-template-escaping-bypass-xss Go: promote `html-template-escaping-bypass-xss`	2025-06-06 12:36:27 +01:00
Owen Mansel-Chan	75d9b298b2	Test helper predicates for `TypeSpec`	2025-06-05 10:52:01 +01:00
Owen Mansel-Chan	8b9cc99158	Test helper predicates for `FieldDecl`	2025-06-05 10:35:34 +01:00
Owen Mansel-Chan	e7e4286233	Merge pull request #19561 from owen-mc/go/mad/bigquery-sql-injection-sink Go: Add BigQuery as a sink for SQLi queries #2	2025-06-04 11:36:18 +01:00
Owen Mansel-Chan	b2f310cda7	Add change note	2025-06-03 15:36:03 +01:00
Owen Mansel-Chan	4711feb344	Add test for `DefinedType.getBaseType`	2025-06-03 14:50:05 +01:00
Owen Mansel-Chan	681f9af710	Fix MethodTypes test	2025-06-03 14:50:00 +01:00
Owen Mansel-Chan	164cfaf3e7	Merge pull request #19532 from owen-mc/go/make-test-version-independent Go: Make type param test independent of standard library version	2025-05-28 11:30:13 +01:00
Owen Mansel-Chan	66bbaf2dc8	Add tests for cloud.google.com/go/bigquery.Client.Query	2025-05-22 15:16:12 +01:00
Owen Mansel-Chan	d39e7c2066	Added named import to definitions test This makes the test slightly more thorough.	2025-05-20 13:13:21 +01:00
Owen Mansel-Chan	f6f6a5ccc6	Only list type params in test files This will make the test results not depend on the version of the standard library being used, which means we don't have to update it with each new release.	2025-05-20 02:25:24 +01:00
Owen Mansel-Chan	7da1ade835	Add tests for extracting tuples in `f(g(...))`	2025-05-13 15:54:05 +01:00
Owen Mansel-Chan	b06491125e	Expand test for Extract Tuple Instruction	2025-05-13 15:48:29 +01:00
Owen Mansel-Chan	e6c19b0cbd	Modernize tests	2025-05-01 15:40:14 +01:00
Owen Mansel-Chan	cba0bec3c6	Rename files	2025-05-01 15:40:12 +01:00
Owen Mansel-Chan	cbdbb0310b	Tidy up test (remove duplicated `main`)	2025-05-01 15:40:06 +01:00
Owen Mansel-Chan	4e5a865337	Manually fix copilot's mistakes and get query working	2025-05-01 15:40:04 +01:00
Owen Mansel-Chan	c2ebdf5266	Change query id to `go/html-template-escaping-bypass-xss`	2025-05-01 15:39:20 +01:00
Owen Mansel-Chan	1926ffd450	Convert XSS tests to use inline expectations	2025-05-01 15:39:19 +01:00
Owen Mansel-Chan	1530ac123c	Update path in qlref and update test results	2025-05-01 15:39:17 +01:00
Owen Mansel-Chan	5bce70f78c	Move files out of experimental (no changes)	2025-05-01 15:39:15 +01:00
Owen Mansel-Chan	b6053e3f91	Merge pull request #19076 from owen-mc/go/update-depstubber-files Go: update files generated by depstubber	2025-04-09 11:44:20 +01:00
Owen Mansel-Chan	ecd09edf64	Add stubs for gogf/gf and uptrace/bun	2025-04-02 14:17:40 +01:00
Owen Mansel-Chan	1687042c3b	Add Bun models and tests	2025-04-02 14:17:39 +01:00
Owen Mansel-Chan	ddb7da4c13	Add gogf models and tests	2025-04-02 14:17:37 +01:00
Ed Minnix	9cf4117120	Add tests for gogf/gf/database/gdb	2025-04-02 14:17:35 +01:00
Owen Mansel-Chan	89e853b4be	Don't use non-existent dependency This makes some go tooling, like `go mod tidy`, not work.	2025-04-02 14:17:31 +01:00
Owen Mansel-Chan	dc242da4be	Merge pull request #19090 from owen-mc/review/egregius313/18902 Go: Add `database` source models for the `squirrel` package (#2)	2025-03-27 15:54:25 +00:00
Owen Mansel-Chan	c3bc6519fb	Merge pull request #19053 from owen-mc/go/fp/log-type Go: Fix false positives when logging using `%T`	2025-03-25 10:49:51 +00:00
Owen Mansel-Chan	bbed79cf58	Add squirrel to go.mod	2025-03-25 10:33:23 +00:00
Owen Mansel-Chan	09d69293b5	Fix package name in stub	2025-03-25 10:33:23 +00:00

1 2 3 4 5 ...

936 Commits