hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,003 Commits 1,671 Branches 157 Tags
ginsbach/NewOverlayLocalJavaRebase
Commit Graph

3063 Commits

Author SHA1 Message Date
Owen Mansel-Chan
b6f6bdc6f4 Make RemoteFlowAsSource private 
`UntrustedFlowAsSource` should have been private. Since we are deprecating them anyway
we may as well make the replacement private (and make it use `instanceof`). The deprecation
comments have been updated.
 2024-04-18 12:31:38 +01:00
Owen Mansel-Chan
a49b43fdf6 Add deprecated version of renamed public classes 2024-04-18 11:49:54 +01:00
Owen Mansel-Chan
317c335269 Rename test query files 2024-04-18 11:49:42 +01:00
Owen Mansel-Chan
db06c08141 Rename UntrustedSource to RemoteSource 
Including renaming some files (in the experimental folder).
 2024-04-18 11:49:30 +01:00
Owen Mansel-Chan
f39301f533 Fix "an remote" and similar 
Preserve case, allow for "a `Remote" etc.
 2024-04-18 11:49:18 +01:00
Owen Mansel-Chan
a6646021d0 Rename Untrusted Flow to Remote Flow 
Not matching case but preserving original case.
 2024-04-18 11:49:05 +01:00
Owen Mansel-Chan
d967b2baa3 Rename UntrustedFlowAsSource to RemoteFlowAsSource 2024-04-18 11:48:04 +01:00
Owen Mansel-Chan
a4df20da85 Rename UntrustedFlowSource to RemoteFlowSource 
Relaxed match case requirement. Again skipped one instance in an old
change note.
 2024-04-17 21:40:46 +01:00
Owen Mansel-Chan
81eaa6e327 Rename UntrustedFlowSource to RemoteFlowSource 
Relaxed whole word requirement. Again skipped one instance in an old
change note.
 2024-04-17 21:35:50 +01:00
Owen Mansel-Chan
5fba9895c6 Rename UntrustedFlowSource to RemoteFlowSource 
Only the whole word. Skipped one instance in an old change note.
 2024-04-17 21:27:32 +01:00
Owen Mansel-Chan
212a0f27ff Add change note 2024-04-17 16:32:53 +01:00
Owen Mansel-Chan
2f56ec7fe0 Fix QLDoc 2024-04-17 16:32:49 +01:00
Owen Mansel-Chan
80c3993ddc Remove redundant test 
It was introduced in https://github.com/github/codeql-go/pull/718 in
response to https://github.com/github/codeql-go/issues/717, to check
that we don't have type assertions as sinks. We now have other tests
covering type assertions.
 2024-04-17 16:32:41 +01:00
Owen Mansel-Chan
3ad2d90014 Make type switches tranform flow state 2024-04-17 16:32:36 +01:00
Owen Mansel-Chan
611f98bca4 Make type assertions transform the flow state 2024-04-17 16:32:30 +01:00
Owen Mansel-Chan
544660322f Refactor flow state transforming barriers 2024-04-17 16:32:25 +01:00
Owen Mansel-Chan
f08a598821 Add tests for FPs: type switches, type assertions 2024-04-17 16:32:13 +01:00
github-actions[bot]
622e176a16 Post-release preparation for codeql-cli-2.17.1 2024-04-16 14:21:32 +00:00
github-actions[bot]
9bfe4ea90a Release preparation for version 2.17.1 2024-04-15 17:34:47 +00:00
Alexander Eyers-Taylor
feeaef14be Merge pull request #16217 from github/alexet/fix-change-note 
Go: Fix broken changenote metadata
 2024-04-15 17:32:20 +01:00
Alexander Eyers-Taylor
43572fe9ae Go: Fix broken changenote metadata 2024-04-15 16:55:23 +01:00
Michael B. Gale
c0d2b89de0 Go: Respect GOTOOLCHAIN in GetEnvGoVersion if already set 2024-04-15 16:28:24 +01:00
Michael B. Gale
7a0aad87a4 Go: Use shared library for integration tests 2024-04-15 14:46:53 +01:00
Michael B. Gale
4673fff65b Go: Add db and runFunction to go_integration_test 2024-04-15 14:46:53 +01:00
Michael B. Gale
caaccb7709 Go: Run go clean -modcache in finally for integration tests 
This ensures that the temporary GOPATH is cleaned up correctly in case of an integration test failure as well
 2024-04-15 14:46:53 +01:00
Anders Schack-Mulligen
2f0987e980 Dataflow: Add dummy DataFlowSecondLevelScope implementations. 
These could be an empty type, but Unit was available and it probably
doesn't matter.
 2024-04-15 15:16:30 +02:00
Anders Schack-Mulligen
20e91f9cac Go: Update expected output (uninteresting). 2024-04-12 09:20:23 +02:00
Anders Schack-Mulligen
ba6039946b Go: Add alert provenance plumbing. 2024-04-12 09:19:59 +02:00
Anders Schack-Mulligen
eafc0075fd Legacy dataflow: Sync. 2024-04-12 09:19:54 +02:00
Michael B. Gale
9c26cdd0bb Go: Add integration test library 2024-04-11 12:27:31 +01:00
Owen Mansel-Chan
d4bb4d4faa Merge pull request #16120 from owen-mc/go/fix/type-switch-control-flow 
Go: Fix data flow through variable defined in type switch guard
 2024-04-11 11:39:40 +01:00
Owen Mansel-Chan
1e8315d797 Merge pull request #16180 from owen-mc/go/tweak-go-tainted-path-additions 
Go: Tweak go tainted path additions
 2024-04-11 11:17:30 +01:00
Owen Mansel-Chan
a7c5e849f4 Expand ReplaceAll in sanitizer 2024-04-11 07:35:56 +01:00
Owen Mansel-Chan
c3fefa8f69 Add extra sanitizer Part.FileName() 2024-04-11 07:35:45 +01:00
Owen Mansel-Chan
21189af294 Improve QLDoc and refactor QL 2024-04-11 07:34:58 +01:00
Owen Mansel-Chan
1c0ef90e96 Merge pull request #15865 from owen-mc/go/extractor/no-intermediate-string-values 
Go: extractor: do not store intermediate values in long string concatenations
 2024-04-10 15:31:51 +01:00
Owen Mansel-Chan
dc3ea6c418 Merge pull request #11703 from Kwstubbs/go-taintedpath-additions 
Go: Add and Modify Sanitizers For TaintedPath
 2024-04-10 15:13:13 +01:00
Owen Mansel-Chan
5ec3934ac8 Merge branch 'main' into go/extractor/no-intermediate-string-values 2024-04-10 14:51:22 +01:00
Owen Mansel-Chan
0e67aa5baa Merge pull request #16172 from owen-mc/go/perf/synth-location 
Go: Avoid magic in `TSynthLocation` definition
 2024-04-10 13:02:18 +01:00
Owen Mansel-Chan
a18a4fb62e Avoid magic in TSynthLocation definition 
This improves performance, because in this case magic is not beneficial.
 2024-04-10 11:47:13 +01:00
Owen Mansel-Chan
b4829addf7 Add comments with link to online doc 2024-04-10 10:48:23 +01:00
Owen Mansel-Chan
322d9fe105 Update change note wording 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-04-09 12:46:26 +01:00
Owen Mansel-Chan
a65b02eb28 Update test expectations 2024-04-09 10:59:06 +01:00
Owen Mansel-Chan
f89fb8eb57 Add change note 2024-04-09 10:59:00 +01:00
Owen Mansel-Chan
6ae07a2c43 Add location for implicitly declared variables 2024-04-09 10:58:55 +01:00
Owen Mansel-Chan
ffdb610d93 Add new IR::Instruction MkTypeSwitchImplicitVariable 
It represents the implicit declaration of a variable at the beginning of a case clause
 2024-04-09 10:58:49 +01:00
Owen Mansel-Chan
4ffc4f5c62 Add test for dataflow through switches 2024-04-09 10:58:42 +01:00
Owen Mansel-Chan
0ed330056d Add extra CFG test for type switch 2024-04-09 10:55:52 +01:00
Owen Mansel-Chan
8df23522f0 Delete redundant test 2024-04-09 10:55:40 +01:00
Owen Mansel-Chan
32ea94e625 Merge pull request #16123 from owen-mc/go/misc-trivial-fixes 
Go: miscellaneous trivial fixes
 2024-04-04 21:09:15 +01:00