hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,003 Commits 1,671 Branches 157 Tags
ginsbach/NewOverlayLocalJavaRebase
Commit Graph

3063 Commits

Author SHA1 Message Date
Tony Torralba
582f341d9e Add references to qhelp 2024-02-14 17:25:09 +01:00
Tony Torralba
f9638760ff Fix MaD rows 2024-02-14 17:25:08 +01:00
Tony Torralba
769ec16803 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-02-14 17:25:08 +01:00
Tony Torralba
5a82d2188a Fix double quotes in MaD row 2024-02-14 17:25:08 +01:00
Tony Torralba
85b22a2b98 Fix QHelp 2024-02-14 17:25:08 +01:00
Tony Torralba
ad7d40f0af Add missing QLDoc 2024-02-14 17:25:08 +01:00
Tony Torralba
2a30898af6 Go: Promote go/missing-jwt-signature-check from experimental 2024-02-14 17:25:03 +01:00
Tony Torralba
1202b5b429 Go: Use less confusing name for hardcoded credentials tests 
We don't want name-based heuristics to pick these variable names, but also using something like 'safeName' may mislead readers into believing the test cases are intended to be GOOD cases (i.e. safe)
 2024-02-14 17:06:05 +01:00
Chris Smowton
7ed73bc4ed change note 2024-02-14 15:45:03 +00:00
Chris Smowton
9016997b51 Golang: fix flow from a map value via a range statement 2024-02-14 14:56:24 +00:00
Tony Torralba
5ce35e47b9 Adjust a test case so that the key isn't considered dummy 
(len < 4)
 2024-02-14 13:06:31 +01:00
Tony Torralba
458bbb3581 Rename fwk module 2024-02-14 12:23:27 +01:00
Tony Torralba
16284fdd20 Discard sources that are obvious dummy values 2024-02-14 12:21:52 +01:00
Tony Torralba
a76de495e0 Simplify sanitizers 
Use DataFlow::returnedWithError instead
 2024-02-14 12:21:51 +01:00
Tony Torralba
6b74cb7e75 Remove unneeded $ANYVERSION 2024-02-14 12:21:51 +01:00
Tony Torralba
3fb422ca25 Split Jwt.qll into framework libraries, which makes more sense 2024-02-14 12:21:38 +01:00
Tony Torralba
8afaa231ee Update go/ql/lib/semmle/go/security/Jwt.qll 2024-02-14 12:15:20 +01:00
Tony Torralba
304998d50e Update go/ql/src/Security/CWE-798/HardcodedCredentials.ql 2024-02-14 12:15:20 +01:00
Tony Torralba
84d1d72497 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-02-14 12:15:19 +01:00
Tony Torralba
750c8085cb Remove duplicated main from tests 2024-02-14 12:15:19 +01:00
Tony Torralba
ba1faea630 Go: Promote go/hardcoded-key from experimental 2024-02-14 12:15:14 +01:00
Michael B. Gale
f7955db841 Merge pull request #15603 from github/mbg/go/fix-file-info-extraction 2024-02-13 20:02:13 +00:00
Michael B. Gale
205847df64 Go: Add DummyFile class 2024-02-13 17:49:31 +00:00
Michael B. Gale
c6f4495ada Go: Exclude dummy files from File 2024-02-13 17:46:41 +00:00
Michael B. Gale
be521508c2 Go: Do not add dummy files to CompilationCompilingFilesTable 2024-02-13 14:21:07 +00:00
Michael B. Gale
5e08bf0dbf Go: Add missing call to extractFileInfo 2024-02-13 14:20:45 +00:00
dependabot[bot]
a3008083ea Bump the extractor-dependencies group in /go/extractor with 1 update 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.17.0 to 0.18.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-13 03:58:21 +00:00
Anders Schack-Mulligen
3b8af1e52a Go: Add empty provenance column to expected files. 2024-02-09 11:32:07 +01:00
Dave Bartolomeo
92bd550c55 Merge pull request #15531 from github/post-release-prep/codeql-cli-2.16.2 
Post-release preparation for codeql-cli-2.16.2
 2024-02-08 05:58:17 -08:00
Henry Mercer
23921afd8d Merge pull request #15532 from github/henrymercer/add-build-modes 
Add supported build modes to extractor metadata
 2024-02-07 15:54:44 +00:00
dependabot[bot]
565426940c Bump the extractor-dependencies group in /go/extractor with 1 update 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/mod](https://github.com/golang/mod).


Updates `golang.org/x/mod` from 0.14.0 to 0.15.0
- [Commits](https://github.com/golang/mod/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-07 03:32:07 +00:00
Henry Mercer
e71f0fc1ba Add supported build modes to extractor metadata 2024-02-06 19:51:13 +00:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Michael B. Gale
90eba711a3 Go: Include versions in newer Go version log message 2024-01-31 17:45:58 +00:00
Michael B. Gale
84baea5df2 Go: Include versions in newer Go version needed diagnostic 2024-01-31 13:29:53 +00:00
Henry Mercer
10343dd822 Merge pull request #15416 from github/post-release-prep/codeql-cli-2.16.1 
Post-release preparation for codeql-cli-2.16.1
 2024-01-25 14:15:25 +00:00
Tony Torralba
cbcc090a19 Merge pull request #15423 from atorralba/atorralba/go/awslambda-global-context 
Go: Add AwsLambda to the global context
 2024-01-24 17:40:00 +01:00
Tony Torralba
3b7d6a4806 Go: Add AwsLambda to the global context 2024-01-24 11:33:26 +01:00
github-actions[bot]
d0b74c00fe Post-release preparation for codeql-cli-2.16.1 2024-01-23 23:02:29 +00:00
github-actions[bot]
7ef611e6dc Release preparation for version 2.16.1 2024-01-23 19:45:16 +00:00
Michael B. Gale
cf1aab0157 Go: Move identify environment code to separate file 2024-01-23 13:59:34 +00:00
Michael B. Gale
ee36e7424a Go: Move project analysis code to separate file 2024-01-23 13:59:33 +00:00
Michael B. Gale
0dc3c847bc Go: Move go invocations to separate file 2024-01-23 13:59:33 +00:00
Erik Krogh Kristensen
f1d6f56621 Merge pull request #15393 from erik-krogh/deps-jan-2024 
All: delete outdated deprecations
 2024-01-23 13:52:38 +01:00
Chris Smowton
43453fea52 Merge pull request #15408 from smowton/smowton/admin/log-setup-go-message 
Log advice when a newer Go version is required under Actions
 2024-01-23 11:32:38 +00:00
Chris Smowton
7e96eaa273 Log advice when a newer Go version is required under Actions 2024-01-23 10:49:52 +00:00
erik-krogh
865df920f9 add change-notes 2024-01-22 19:30:57 +01:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Tony Torralba
8d6aa281b9 Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 10:48:34 +01:00