hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,333 Commits 1,672 Branches 157 Tags
ginsbach/NewOverlayLocalJava
Commit Graph

1460 Commits

Author SHA1 Message Date
Michael B. Gale
a8ae2e2525 Go: Add changenote for autobuilder refactor 2024-03-04 12:02:51 +00:00
Chris Smowton
9f84653283 Merge pull request #15613 from smowton/smowton/fix/golang-map-range-read-dataflow 
Golang: fix flow from a map value via a range statement
 2024-02-27 15:42:43 +00:00
Chris Smowton
d57160db5c Direct map stores via a post-update node 2024-02-23 16:37:26 +00:00
Tom Hvitved
62b16c0fa3 Share getFileBySourceArchiveName implementation 2024-02-23 11:25:49 +01:00
github-actions[bot]
37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot]
6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
Tony Torralba
f9638760ff Fix MaD rows 2024-02-14 17:25:08 +01:00
Tony Torralba
5a82d2188a Fix double quotes in MaD row 2024-02-14 17:25:08 +01:00
Tony Torralba
ad7d40f0af Add missing QLDoc 2024-02-14 17:25:08 +01:00
Tony Torralba
2a30898af6 Go: Promote go/missing-jwt-signature-check from experimental 2024-02-14 17:25:03 +01:00
Chris Smowton
7ed73bc4ed change note 2024-02-14 15:45:03 +00:00
Chris Smowton
9016997b51 Golang: fix flow from a map value via a range statement 2024-02-14 14:56:24 +00:00
Tony Torralba
458bbb3581 Rename fwk module 2024-02-14 12:23:27 +01:00
Tony Torralba
16284fdd20 Discard sources that are obvious dummy values 2024-02-14 12:21:52 +01:00
Tony Torralba
a76de495e0 Simplify sanitizers 
Use DataFlow::returnedWithError instead
 2024-02-14 12:21:51 +01:00
Tony Torralba
6b74cb7e75 Remove unneeded $ANYVERSION 2024-02-14 12:21:51 +01:00
Tony Torralba
3fb422ca25 Split Jwt.qll into framework libraries, which makes more sense 2024-02-14 12:21:38 +01:00
Tony Torralba
8afaa231ee Update go/ql/lib/semmle/go/security/Jwt.qll 2024-02-14 12:15:20 +01:00
Tony Torralba
84d1d72497 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-02-14 12:15:19 +01:00
Tony Torralba
ba1faea630 Go: Promote go/hardcoded-key from experimental 2024-02-14 12:15:14 +01:00
Michael B. Gale
205847df64 Go: Add DummyFile class 2024-02-13 17:49:31 +00:00
Michael B. Gale
c6f4495ada Go: Exclude dummy files from File 2024-02-13 17:46:41 +00:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Henry Mercer
10343dd822 Merge pull request #15416 from github/post-release-prep/codeql-cli-2.16.1 
Post-release preparation for codeql-cli-2.16.1
 2024-01-25 14:15:25 +00:00
Tony Torralba
3b7d6a4806 Go: Add AwsLambda to the global context 2024-01-24 11:33:26 +01:00
github-actions[bot]
d0b74c00fe Post-release preparation for codeql-cli-2.16.1 2024-01-23 23:02:29 +00:00
github-actions[bot]
7ef611e6dc Release preparation for version 2.16.1 2024-01-23 19:45:16 +00:00
erik-krogh
865df920f9 add change-notes 2024-01-22 19:30:57 +01:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Tony Torralba
8d6aa281b9 Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 10:48:34 +01:00
Tony Torralba
9a0fb39382 Model StartWithContext 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 09:25:35 +01:00
Tony Torralba
d3a9a5ec3f Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 09:22:46 +01:00
Tony Torralba
1d7dbec719 Go: Add flow sources for AWS Lambda function handlers 2024-01-18 15:17:21 +01:00
Alexander Eyers-Taylor
934474681d Merge pull request #15254 from github/post-release-prep/codeql-cli-2.16.0 
Post-release preparation for codeql-cli-2.16.0
 2024-01-16 14:50:40 +00:00
github-actions[bot]
57df8b92df Post-release preparation for codeql-cli-2.16.0 2024-01-15 15:00:50 +00:00
Owen Mansel-Chan
057ee85cd0 Merge pull request #14123 from am0o0/amammad-go-fastHttp 
Go: fasthttp
 2024-01-14 20:12:31 +00:00
Tony Torralba
12c5b46a0a Reduce FPs 
* Restrict allowed types in the flow step

* Discard more non-crypto-related TLS APIs
 2024-01-11 16:20:46 +01:00
Tony Torralba
05b487e3a6 Go: Recognize unsafe candidate selection in go/insecure-randomness 2024-01-11 11:58:12 +01:00
Tony Torralba
5e8c63c3aa Use arg position instead of arg as class field to reduce number of instances 2024-01-10 14:12:29 +01:00
Tony Torralba
78c0cdfa2c Apply suggestions from code review 
co-authored-by: Owen Mansel-Chan <owen-mc@github.com>
 2024-01-10 13:33:41 +01:00
Tony Torralba
80526e509e Go: Adds sources and sinks to go/clear-text-logging 2024-01-10 13:33:41 +01:00
Tony Torralba
ca0a1dc7ae Merge pull request #15267 from atorralba/atorralba/go/fmt-appenderorsprinter-mad 
Go: Migrate AppenderOrSprinter model to models-as-data
 2024-01-10 13:31:19 +01:00
Tony Torralba
dc911c3f28 Apply suggestions from code review 
co-authored-by: Owen Mansel-Chan <owen-mc@github.com>
 2024-01-10 11:53:53 +01:00
Tony Torralba
da4049e25c Go: Migrate AppenderOrSprinter model to models-as-data 2024-01-09 16:35:47 +01:00
Tom Hvitved
f90201eb56 Data flow: Remove column from mayBenefitFromCallContext 2024-01-09 11:34:43 +01:00
github-actions[bot]
a6c8cc9551 Release preparation for version 2.16.0 2024-01-08 13:11:26 +00:00
Owen Mansel-Chan
6f9242b1cb Merge pull request #15162 from owen-mc/go/stratify-cfg-succ 
Go: Stratify `CFG::succ` to avoid recursion
 2024-01-04 14:11:25 +00:00
Owen Mansel-Chan
e2e91ebe1c Fix capitalization in predicate name 
This was introduced by a copy-paste error
 2024-01-04 07:08:37 +00:00
Owen Mansel-Chan
dfd25f705d Add pragma[nomagic] to top-level succ0 and remove cached 2024-01-04 07:06:55 +00:00