hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,531 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.7
Commit Graph

3398 Commits

Author SHA1 Message Date
Nora Dimitrijević
76a3306c63 Go: convert UncontrolledAllocationSize test to .qlref 2025-06-24 14:57:44 +02:00
github-actions[bot]
6972c7a872 Post-release preparation for codeql-cli-2.22.1 2025-06-24 12:55:14 +00:00
github-actions[bot]
3e074b2425 Release preparation for version 2.22.1 2025-06-24 08:55:31 +00:00
Nora Dimitrijević
b62a6db314 Merge pull request #19760 from d10c/d10c/go/diff-informed-2 
Go: mass-enable diff-informed queries phase 2 - `getASelected{Source,Sink}Location() { none() }`
 2025-06-19 14:44:56 +02:00
Owen Mansel-Chan
ebd917600d Update quality suite integration test 2025-06-19 10:37:49 +01:00
Owen Mansel-Chan
a26610a05c Add change note 2025-06-19 10:34:01 +01:00
Owen Mansel-Chan
a2ff045a7a Update tags for high precision quality queries 2025-06-19 10:33:58 +01:00
Tamas Vajk
e6a9ff08a3 Adjust query-suite integration test expected files 2025-06-18 13:10:34 +02:00
Tamas Vajk
40274dcd69 Add code-quality-extended query suites 2025-06-18 13:10:34 +02:00
Nora Dimitrijević
51826c72d0 Go: mass-add none() location overrides 2025-06-17 17:02:08 +02:00
Nora Dimitrijević
a8dc3008ef Merge pull request #19660 from d10c/d10c/go/diff-informed 
Go: mass enable diff-informed data flow
 2025-06-17 14:52:46 +02:00
Paolo Tranquilli
0d803698ac Go: remove language tests from workflows 
Now that they are run internally using QLucie.
 2025-06-16 14:01:40 +02:00
Jon Janego
6ec48117b5 Merge pull request #19739 from github/changedocs-2.22.0 
fixing some improperly escaped URLs
 2025-06-11 16:24:29 -05:00
Jon Janego
6336e3d44b fixing another bracket 2025-06-11 16:02:28 -05:00
Jon Janego
8f55dcdd67 removing brackets around a url 2025-06-11 15:36:30 -05:00
Nora Dimitrijević
e233501144 Go: mass enable diff-informed data flow 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on https://github.com/github/codeql/pull/18345 and https://github.com/github/codeql-patch/pull/88
 2025-06-11 18:44:24 +02:00
github-actions[bot]
21463a9653 Post-release preparation for codeql-cli-2.22.0 2025-06-09 18:50:20 +00:00
github-actions[bot]
88ba02edf8 Release preparation for version 2.22.0 2025-06-09 18:14:51 +00:00
Chuan-kai Lin
631502e129 Merge branch 'main' into cklin/rc-3.18-mergeback 2025-06-09 07:19:40 -07:00
Owen Mansel-Chan
ef5e605cc4 Merge pull request #19386 from owen-mc/go/promote/html-template-escaping-bypass-xss 
Go: promote `html-template-escaping-bypass-xss`
 2025-06-06 12:36:27 +01:00
dependabot[bot]
bbabf2c410 Bump the extractor-dependencies group in /go/extractor with 2 updates 
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/mod` from 0.24.0 to 0.25.0
- [Commits](https://github.com/golang/mod/compare/v0.24.0...v0.25.0)

Updates `golang.org/x/tools` from 0.33.0 to 0.34.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.33.0...v0.34.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
- dependency-name: golang.org/x/tools
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-06 03:29:36 +00:00
Owen Mansel-Chan
ecd0291b6a Add change note for deprecation 2025-06-05 11:00:00 +01:00
Owen Mansel-Chan
75d9b298b2 Test helper predicates for TypeSpec 2025-06-05 10:52:01 +01:00
Owen Mansel-Chan
c4a8ac4980 Add helper predicates for TypeSpec 2025-06-05 10:51:39 +01:00
Owen Mansel-Chan
8b9cc99158 Test helper predicates for FieldDecl 2025-06-05 10:35:34 +01:00
Owen Mansel-Chan
d9bc165c72 Add helper predicates for FieldDecl 2025-06-05 10:35:25 +01:00
Owen Mansel-Chan
82e8d3af8d Improve two class names 2025-06-05 10:34:53 +01:00
github-actions[bot]
401911e185 Add changed framework coverage reports 2025-06-05 00:24:03 +00:00
Owen Mansel-Chan
e7e4286233 Merge pull request #19561 from owen-mc/go/mad/bigquery-sql-injection-sink 
Go: Add BigQuery as a sink for SQLi queries #2
 2025-06-04 11:36:18 +01:00
Owen Mansel-Chan
b2f310cda7 Add change note 2025-06-03 15:36:03 +01:00
Owen Mansel-Chan
4711feb344 Add test for DefinedType.getBaseType 2025-06-03 14:50:05 +01:00
Owen Mansel-Chan
40000840c1 Fix definition of DefinedType.getBaseType 2025-06-03 14:50:03 +01:00
Owen Mansel-Chan
681f9af710 Fix MethodTypes test 2025-06-03 14:50:00 +01:00
Chuan-kai Lin
89ad2b4256 Merge branch 'main' into cklin/check-diff-informed 2025-05-28 10:47:47 -07:00
Owen Mansel-Chan
164cfaf3e7 Merge pull request #19532 from owen-mc/go/make-test-version-independent 
Go: Make type param test independent of standard library version
 2025-05-28 11:30:13 +01:00
Owen Mansel-Chan
6f71e3b30e Merge pull request #19491 from owen-mc/go/add-test-flags 
Go: Check more things while running tests
 2025-05-28 10:12:05 +01:00
github-actions[bot]
d2c6875eac Post-release preparation for codeql-cli-2.21.4 2025-05-27 18:16:21 +00:00
github-actions[bot]
bfb91e95e3 Release preparation for version 2.21.4 2025-05-27 17:22:05 +00:00
Michael B. Gale
c236084043 Go: Explicitly check whether proxy env vars are empty 2025-05-27 14:58:18 +01:00
Owen Mansel-Chan
fb92999f8a Add bigquery to frameworks.csv 
Also fix up github.com/kanikanema/gorqlite
 2025-05-22 22:02:20 +01:00
Owen Mansel-Chan
46a6b8ad07 Add change note 2025-05-22 15:21:51 +01:00
Owen Mansel-Chan
66bbaf2dc8 Add tests for cloud.google.com/go/bigquery.Client.Query 2025-05-22 15:16:12 +01:00
Owen Mansel-Chan
c0187aff73 Add model for cloud.google.com/go/bigquery.Client.Query 2025-05-22 15:15:54 +01:00
Owen Mansel-Chan
463a711552 Use reflection for interface nil check instead 2025-05-21 22:22:10 +01:00
Michael Nebel
2952c0d2b4 Merge pull request #19507 from michaelnebel/removehardcodedpassword 
Exclude some queries from query suites by lowering their precision.
 2025-05-21 11:13:14 +02:00
Owen Mansel-Chan
83cd349531 Change variable name and add comment 2025-05-20 13:13:26 +01:00
Owen Mansel-Chan
47dac64301 fix previous commit 2025-05-20 13:13:25 +01:00
Owen Mansel-Chan
d5044fd072 Deal better with Windows paths 2025-05-20 13:13:24 +01:00
Owen Mansel-Chan
401c60654e Fix nil checks to stop creating unused labels 
In go, an interface with value nil does not compare equal to nil. This
is known as "typed nils". So our existing nil checks weren't working,
which shows why we needed more nil checks inside the type switches. The
solution is to explicitly check for each type we care about.
 2025-05-20 13:13:22 +01:00
Owen Mansel-Chan
d39e7c2066 Added named import to definitions test 
This makes the test slightly more thorough.
 2025-05-20 13:13:21 +01:00