hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

3244 Commits

Author SHA1 Message Date
Tony Torralba
a09eb9f4c5 Update go/ql/src/Security/CWE-770/UncontrolledAllocationSize.ql 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-03-11 08:58:59 +01:00
Owen Mansel-Chan
820c14577a Merge pull request #13553 from am0o0/amammad-go-bombs 
Go: Decompression Bombs
 2024-03-10 13:48:04 +00:00
am0o0
43df6a2c07 add comments for already implemented io.Read and io.WriteTo Sinks. 
remove some sinks about `"decompressor"` which was added wrongly.
change `GeneralReadIoSink` type from module to class.
separate `KlauspostGzipAndPgzip` `KlauspostPgzip` and `KlauspostGzip`.
 2024-03-08 20:05:46 +04:00
am0o0
66130d208e convert abstract predicate isAdditionalFlowStep to non-abstract 2024-03-08 19:30:41 +04:00
Tony Torralba
138ce42cf6 Fix qhelp 2024-03-07 15:22:46 +01:00
Tony Torralba
7d74125508 Go: Promote go/uncontrolled-allocation-size 2024-03-07 15:17:49 +01:00
github-actions[bot]
dc9092c9ec Post-release preparation for codeql-cli-2.16.4 2024-03-06 22:19:33 +00:00
github-actions[bot]
2f058ffb4d Release preparation for version 2.16.4 2024-03-06 20:56:51 +00:00
Angela P Wen
ce31f8641a Revert "Release preparation for version 2.16.4" 2024-03-06 12:07:33 -08:00
Owen Mansel-Chan
4e5a6d770a Merge branch 'main' into workflow/coverage/update 2024-03-06 13:43:05 +00:00
Owen Mansel-Chan
f1115af146 Merge pull request #15130 from Malayke/main 
Go: new query for detect DOS vulnerability
 2024-03-06 11:32:57 +00:00
Tony Torralba
f4c2e65614 Merge pull request #15812 from atorralba/atorralba/go/squirrel-sinks 
Go: Add SQLi sinks for Squirrel
 2024-03-06 12:09:19 +01:00
Malayke
02bab4c15a Update go/ql/src/experimental/CWE-770/DenialOfService.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-03-06 17:57:20 +08:00
github-actions[bot]
b71074f9c4 Add changed framework coverage reports 2024-03-06 00:16:26 +00:00
github-actions[bot]
661e68dab5 Release preparation for version 2.16.4 2024-03-05 18:13:58 +00:00
Angela P Wen
967963a653 Revert "Release preparation for version 2.16.4" 2024-03-05 08:53:33 -08:00
Tony Torralba
e78e71c875 List Squirrel builders explicitly 2024-03-05 16:05:22 +01:00
Michael B. Gale
40ff75db07 Go: Update list of expected files for single-go-mod-and-go-files-not-under-it test 2024-03-05 14:56:51 +00:00
Tony Torralba
a264ea23c6 Go: Add SQLi sinks for Squirrel 2024-03-05 15:35:34 +01:00
Michael B. Gale
a8d240dd72 Go: Add integration test for mixed layout project 2024-03-05 14:08:16 +00:00
Michael B. Gale
ac394dc80c Go: Better check for path prefixes 2024-03-05 13:46:33 +00:00
Owen Mansel-Chan
8e43c5c683 Merge pull request #15811 from owen-mc/go/limit-password-heuristics 
Go: Only check strings of length <= 100 for dummy password with <= 2 unique characters
 2024-03-05 13:42:26 +00:00
Michael B. Gale
b1e0bc03ab Go: Fix check for whether it is safe to initialise a go.mod file in a given directory 2024-03-05 12:48:21 +00:00
Michael B. Gale
367ecf75d5 Go: Use import path for auto-generated Go module names 2024-03-05 12:48:21 +00:00
Michael B. Gale
2aa093c95c Go: Move getImportPath to shared util package 2024-03-05 12:48:19 +00:00
Owen Mansel-Chan
4dde1fb117 Only check strings of length <= 100 for dummy password with <= 2 unique characters 2024-03-05 11:45:17 +00:00
Tony Torralba
a78e04eb34 Merge pull request #15795 from atorralba/atorralba/go/macaron-sources 
Go: Add Macaron sources
 2024-03-05 09:08:58 +01:00
github-actions[bot]
a67218a027 Release preparation for version 2.16.4 2024-03-04 17:42:08 +00:00
Tony Torralba
7286f56718 Change tests to inline expectations 2024-03-04 17:29:12 +01:00
Owen Mansel-Chan
dcc2b2c50d Merge pull request #15057 from aydinnyunus/main 
Web Cache Deception Vulnerability on Go Frameworks
 2024-03-04 14:36:39 +00:00
Owen Mansel-Chan
c0974934bc Fix test expectations again 2024-03-04 14:05:04 +00:00
Owen Mansel-Chan
39a802fb98 Add new columns to test expectations 2024-03-04 13:45:54 +00:00
Owen Mansel-Chan
6a1bb9bfb0 Merge branch 'main' into main 2024-03-04 13:42:53 +00:00
Owen Mansel-Chan
0bf0c069c6 Fix formatting 2024-03-04 13:39:44 +00:00
Tony Torralba
fc12537699 Go: Add Macaron sources 2024-03-04 14:29:56 +01:00
Owen Mansel-Chan
910725939f Update QLDoc 2024-03-04 13:06:23 +00:00
Michael B. Gale
9b5bf519a1 Update go/extractor/project/project.go 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-03-04 12:25:40 +00:00
Michael B. Gale
acf2f761a6 Go: Improve log message for InitGoModForLegacyProject 2024-03-04 12:14:24 +00:00
Michael B. Gale
1a13a0e4c9 Go: Log discovered Go modules in case workspace files can't be read/parsed 2024-03-04 12:14:24 +00:00
Michael B. Gale
52b273ae23 Go: Include workspace count in success message 2024-03-04 12:14:24 +00:00
Michael B. Gale
8055c5d9e3 Go: Avoid extra loop to track unsuccessfulProjects 2024-03-04 12:14:23 +00:00
Michael B. Gale
020eb4aed7 Go: Use slices.Concat for bazelPaths 2024-03-04 12:14:23 +00:00
Michael B. Gale
040a288bb3 Go: Update comment to replace Go.mod with go.mod 2024-03-04 12:14:23 +00:00
Michael B. Gale
37212737fb Go: Delete unused AnyGoFilesOutsideDirs 2024-03-04 12:14:22 +00:00
Michael B. Gale
ac484e5a04 Merge pull request #15793 from github/mbg/go/autobuilder-refactor-changelog 
Go: Add changenote for autobuilder refactor
 2024-03-04 12:10:24 +00:00
Michael B. Gale
a8ae2e2525 Go: Add changenote for autobuilder refactor 2024-03-04 12:02:51 +00:00
Michael B. Gale
4dd23d4767 Merge pull request #15791 from github/mbg/go/use-1.22-for-extractor 
Go: Use Go 1.22 for the extractor
 2024-03-04 11:53:37 +00:00
Michael B. Gale
0e9a7c84d1 Go: Update go.work.sum 2024-03-04 10:59:23 +00:00
Michael B. Gale
ff82eb95f5 Go: Use 1.22 in go.mod 2024-03-04 10:58:51 +00:00
Michael B. Gale
6563414370 Go: Allow 1.22 as a supported version 2024-03-04 10:56:03 +00:00