hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-09 15:04:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,775 Branches 169 Tags
codeql-cli-2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Anders Schack-Mulligen
e594e7283d Dataflow: Check stateful in/out-barriers in each stage. 2024-08-21 10:44:45 +02:00
Anders Schack-Mulligen
c2b25c7f2b Dataflow: Check clearsContent on store targets in StagePathGraph. 2024-08-21 10:44:44 +02:00
Anders Schack-Mulligen
b8d0b691da Dataflow: Introduce sink projection and add successor as member predicate. 2024-08-21 10:44:44 +02:00
Anders Schack-Mulligen
bc1dd45d4f Dataflow: Make private 2024-08-21 10:44:43 +02:00
Anders Schack-Mulligen
9429e5ccba Dataflow: Update StagePathNode.toString. 2024-08-21 10:44:43 +02:00
Anders Schack-Mulligen
81a815c343 Dataflow: Add StagePathNode.getState. 2024-08-21 10:44:43 +02:00
Anders Schack-Mulligen
bdcc5e7b67 Dataflow: Refactor getLocation 2024-08-21 10:44:42 +02:00
Anders Schack-Mulligen
bc0ae4cd1e Dataflow: Replace StagePathNode.getNode with getNodeEx. 2024-08-21 10:44:42 +02:00
Anders Schack-Mulligen
9bd3f3dee0 Dataflow: Rename StagePathNode to StagePathNodeImpl. 2024-08-21 10:44:41 +02:00
Simon Friis Vindum
68dfca49f5 Merge pull request #17269 from paldepind/fix-error-in-test 
C++: Fix tests and add an actual true negative
 2024-08-21 10:21:56 +02:00
Simon Friis Vindum
e4ce003e87 C++: Fix tests and add an actual true negative 2024-08-21 09:44:45 +02:00
Ed Minnix
0eddaa0664 syscall environment variables 2024-08-21 00:36:48 -04:00
Ed Minnix
9f00a0060d gobuffalo/envy 2024-08-21 00:30:36 -04:00
Ed Minnix
cf3b3d75d0 Fix caarlos0 test 2024-08-21 00:29:17 -04:00
Ed Minnix
8a7e378b40 caarlos0/env 2024-08-21 00:06:10 -04:00
Ed Minnix
f0f535b0e4 Fix frontend errors 2024-08-21 00:06:06 -04:00
Ed Minnix
257436a49d Convert test to inline expectation test 2024-08-21 00:06:02 -04:00
Edward Minnix III
47974914a5 Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-21 00:05:53 -04:00
Ed Minnix
ed36aaa570 Fix some minor issues 2024-08-21 00:03:36 -04:00
Ed Minnix
69679dec1d Add defer statement 2024-08-21 00:03:32 -04:00
Ed Minnix
69f02293f5 Add change note 2024-08-21 00:03:29 -04:00
Ed Minnix
65a6fa7bc3 Go Environment variable (parsing) models and tests 2024-08-21 00:03:18 -04:00
Edward Minnix III
6103749188 Merge pull request #16710 from egregius313/egregius313/go/dataflow/file-sources 
Go: Add `file` sources
 2024-08-20 23:45:17 -04:00
Edward Minnix III
8b73d4af86 Fix typo 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 21:19:11 -04:00
Owen Mansel-Chan
f0fe3a3388 Merge pull request #17260 from owen-mc/go/mad/convert-sink-5 
Go: Allow MaD models for XSS sinks using "html-injection" or "js-injection"
 2024-08-20 22:40:44 +01:00
Ed Minnix
1079486032 Mention Go in codeql-for-go toctree 2024-08-20 17:31:20 -04:00
Edward Minnix III
cc6b09da48 Fix name of section 2024-08-20 17:16:29 -04:00
Edward Minnix III
a99dd69d87 Remove function signature 2024-08-20 17:12:07 -04:00
Edward Minnix III
de2f8a1577 Make field consistent with existing model 2024-08-20 17:09:47 -04:00
Edward Minnix III
e142818fe5 Remove Select example. 
Go does not currently have any equivalent with regards to lambda flow
 2024-08-20 17:08:50 -04:00
Edward Minnix III
e8aac2be9a Remove neutral example 
Go currently does not use `neutralModel`s and they are less relevant for Go than for Java/C#.
 2024-08-20 17:06:58 -04:00
Edward Minnix III
27ad882f54 Usage range pattern instead of comma separation 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 17:05:33 -04:00
Edward Minnix III
2bfca21a2f Replace ss with elems 2024-08-20 17:04:42 -04:00
Edward Minnix III
9b92ff7e78 Typos and minor wording 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 17:02:24 -04:00
Edward Minnix III
211cda390d Method signatures and receiver/qualifier language 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 17:01:45 -04:00
Edward Minnix III
cfa1ad65c8 Consistently replace usage of namespace with package 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 17:00:32 -04:00
Ed Minnix
b14c58445a Fix formatting 2024-08-20 16:47:19 -04:00
am0o0
b001c24dfc update tests to pass the github actions 2024-08-20 20:57:11 +02:00
Ed Minnix
06f73e76b8 Add additional test cases 2024-08-20 12:44:23 -04:00
Edward Minnix III
e066c52ac6 Update change note 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 12:33:38 -04:00
Chris Smowton
fc301206d1 Change note 2024-08-20 17:11:58 +01:00
Chris Smowton
3acab640b2 Add configure-baseline integration test 2024-08-20 17:07:09 +01:00
Chris Smowton
15b5bcc67c Output to stdout, not stderr 2024-08-20 17:01:54 +01:00
Chris Smowton
8b9617cd38 Update bazel build files 2024-08-20 15:56:28 +01:00
Chris Smowton
ea3e5c8a99 Clarify comment 2024-08-20 15:56:27 +01:00
Chris Smowton
f1f6f9b580 Share vendor-dir extraction logic between extractor and configure-baseline script 2024-08-20 15:56:26 +01:00
Chris Smowton
22802fd41f Improve struct naming 2024-08-20 15:56:25 +01:00
Chris Smowton
5d34dbf2c2 Remove unnecessary batch script flag 2024-08-20 15:56:24 +01:00
Chris Smowton
624d2b83c0 Tidy comments 2024-08-20 15:56:23 +01:00
Chris Smowton
21366dd502 Go / configure-baseline: account for multiple vendor directories and the CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS setting 
Our existing configure-baseline scripts would give the wrong result if a `vendor` directory wasn't at the root of the repository, or if the `CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS` variable was set to `true` indicating the user wants their vendored code scanned.

Here I replace the shell scripts that implemented the very simplest behaviour with a small Go program.
 2024-08-20 15:56:22 +01:00