codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00

Author	SHA1	Message	Date
Owen Mansel-Chan	d9d3e74e8c	Convert gogf/gf sql-injection sinks to MaD	2024-11-19 11:13:17 +00:00
Owen Mansel-Chan	1315a1e9ae	Upgrade and convert gorqlite sql-injection sinks to MaD	2024-11-19 11:13:13 +00:00
Owen Mansel-Chan	924467bebe	Convert squirrel sql-injection sinks to MaD (non-existent methods removed) Various non-existent methods were modeled, and I couldn't find any evidence that they used to exist. They aren't in the stubs or tests. I have removed them.	2024-11-19 11:13:10 +00:00
Owen Mansel-Chan	06b72e5782	Update models in test expectation files	2024-11-16 19:44:32 +00:00
Owen Mansel-Chan	5745969462	Set subtypes=false when it has no meaning	2024-11-16 19:34:23 +00:00
Kevin Stubbings	a94ba25ebe	Apply suggestions from code review Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>	2024-11-13 14:45:45 -08:00
Kevin Stubbings	460ed30d05	Fixed tests	2024-11-12 16:08:14 -08:00
Kevin Stubbings	eb3a76ddce	Merge branch 'github:main' into path-sanitizers	2024-11-12 16:03:00 -08:00
Kevin Stubbings	8744f158bd	New tests	2024-11-12 15:44:47 -08:00
Owen Mansel-Chan	d31700cf92	Accept changes in models in .expected files	2024-11-12 11:34:29 +00:00
Owen Mansel-Chan	dfd8e7d397	Set subtypes column to True in models This is almost always what we want.	2024-11-12 11:21:52 +00:00
Owen Mansel-Chan	57192e8154	Add even more tests	2024-11-11 23:49:58 +00:00
Owen Mansel-Chan	e813fa346b	Fix case in some test-related file names	2024-11-11 23:48:34 +00:00
Owen Mansel-Chan	4a1fce9168	Test non-promoted fields and methods	2024-11-11 23:46:10 +00:00
Owen Mansel-Chan	e46ec5a171	Fix MaD inheritance	2024-11-11 23:41:11 +00:00
Owen Mansel-Chan	0b24235de4	Update test results	2024-11-09 07:56:44 +00:00
Owen Mansel-Chan	9afdee4697	Accept changed test results and improve test	2024-11-09 07:55:02 +00:00
Owen Mansel-Chan	38ee2d418a	Fix bug by extracting more pointer types	2024-11-08 13:57:36 +00:00
Owen Mansel-Chan	5094cb851b	Add test showing bug (SEmbedP.PMethod not showing)	2024-11-08 13:57:34 +00:00
Tom Hvitved	95e9d013cc	Update expected test output	2024-11-04 12:07:06 +01:00
Tom Hvitved	2b37c6cd32	Merge pull request #17548 from hvitved/shared/inline-test-post-process Shared: Post-processing query for inline test expectations	2024-10-31 11:40:11 +01:00
Tom Hvitved	540b433f5a	Go: Post-processing query for inline test expectations	2024-10-29 13:35:35 +01:00
Tom Hvitved	b111194fbc	Shared: Simplify `PrettyPrintModels.ql`	2024-10-29 13:35:28 +01:00
Tom Hvitved	7a2105b1d5	Go: Update expected test output	2024-10-23 10:41:13 +02:00
Owen Mansel-Chan	7ed82068ef	Add type param decls to AST viewer hierarchy	2024-10-17 15:39:16 +01:00
Owen Mansel-Chan	b8ea8400d1	Add type param decls to PrintAST tests	2024-10-17 15:37:31 +01:00
Kevin Stubbings	1287f1befc	Address feedback	2024-10-15 14:01:14 -07:00
Kevin Stubbings	d195273bf4	Add mux.Vars() and url.Path sanitizers	2024-10-14 19:49:29 -07:00
Edward Minnix III	ade5686e52	Merge pull request #17335 from egregius313/egregius313/go/dataflow/models/stdin Go: Implement `stdin` models	2024-10-14 10:38:27 -04:00
Edward Minnix III	0abc0d1a67	Fix: ActiveThreatModelSource	2024-10-09 11:35:07 -04:00
Chris Smowton	58fd1a2241	Merge pull request #17357 from smowton/smowton/feature/go-indistinguishable-types Go: extract and expose struct tags, interface method IDs	2024-10-09 11:06:02 +01:00
Chris Smowton	ab99509a11	Rework interface for querying private interface method ids	2024-10-08 19:23:22 +01:00
Chris Smowton	e1963a5fcd	autoformat	2024-10-08 19:23:12 +01:00
Chris Smowton	7a7ff4a91e	Apply review comments	2024-10-08 19:23:11 +01:00
Chris Smowton	5d14070cd4	Fix test file	2024-10-08 19:23:10 +01:00
Chris Smowton	22ed2f9ae3	Autoformat CodeQL	2024-10-08 19:23:09 +01:00
Chris Smowton	dcbb66d366	Go: extract and expose struct tags, interface method IDs This enables us to distinguish all database types in QL. Previously structs with the same field names and types but differing tags, and interface types with matching method names and at least one non-exported method but declared in differing packages, were impossible or only sometimes possible to distinguish in QL. With this change these types can be distinguished, as well as permitting queries to examine struct field tags, e.g. to read JSON field name associations.	2024-10-08 19:23:06 +01:00
Tom Hvitved	16feaf15e2	Go: Update expected test output	2024-10-07 09:23:39 +02:00
Ed Minnix	26b49dd0df	Fix test expectation	2024-10-01 15:56:40 -04:00
Ed Minnix	e18389718c	Implement stdin models Unfortunately due to how variable and varargs work, these are better done in QL	2024-10-01 15:56:31 -04:00
Owen Mansel-Chan	fdff209938	Merge pull request #17505 from owen-mc/go/inheritance-tests Go: Add tests for model inheritance and fix bug in promoted methods	2024-09-26 16:42:25 +01:00
Rasmus Wriedt Larsen	381ea93ec3	Merge pull request #17424 from RasmusWL/active-threat-model-source Go/Java/C#: Rename `ThreatModelFlowSource` to `ActiveThreatModelSource`	2024-09-26 13:08:17 +02:00
Owen Mansel-Chan	ea4f9cad3c	Mark some test results as SPURIOUS	2024-09-24 22:04:50 +01:00
Chris Smowton	d673d24ca6	Revise notation to more closely resemble real Go	2024-09-24 17:22:26 +01:00
Chris Smowton	11755482e4	Update test expectation (now signature types pretty-print indicating if they are variadic)	2024-09-24 17:18:10 +01:00
Owen Mansel-Chan	73209638e3	Improve comments in test library	2024-09-24 16:41:10 +01:00
Owen Mansel-Chan	b0caabac86	Also update QL tests	2024-09-24 16:25:55 +01:00
Owen Mansel-Chan	6e428d5083	Fix bug where some methods were inappropriately promoted	2024-09-24 16:25:53 +01:00
Owen Mansel-Chan	0255edf524	Remove tests for sources and sinks This is redundant given that we test for paths, and for a path we need the source, step and sink methods to be modeled.	2024-09-24 16:25:49 +01:00
Owen Mansel-Chan	afa4b6dd4a	Make `paths` test an inline expectations test	2024-09-24 16:23:33 +01:00

... 2 3 4 5 6 ...

896 Commits