hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,475 Commits 1,671 Branches 157 Tags
js/move-cors-query-from-experimental
Commit Graph

3180 Commits

Author SHA1 Message Date
Owen Mansel-Chan
c045e77d61 Fix QLDoc for interpretPackage 2024-06-26 05:01:09 +01:00
Owen Mansel-Chan
7d11fc2c7d Fix bug in regex 
I accidentally included a `$` at the end, so it only matched a major
version suffix at the end of the package path.
 2024-06-26 05:01:09 +01:00
Owen Mansel-Chan
a9afbfa993 Document version matching and "$THISVERSION" 2024-06-26 05:01:09 +01:00
Owen Mansel-Chan
3e2bbd38d4 Remove "$ANYVERSION" from models 2024-06-26 05:01:09 +01:00
Owen Mansel-Chan
47d946fb1c Make MaD package match any version without $ANYVERSION 
Note that if the package column contains major version suffix (like
"/v2") or if it ends with "$THISVERSION" (which is removed) then we
don't do any version matching.
 2024-06-26 05:01:09 +01:00
Owen Mansel-Chan
ea0db4d55e Add predicate for package path without "/v2" etc 2024-06-26 05:01:09 +01:00
Owen Mansel-Chan
890da5377e Merge pull request #16819 from owen-mc/go/remove-dataflowtype-optimizer-bug-workaround 
Go: Make DataFlowType a singleton (remove workaround)
 2024-06-25 10:03:08 +01:00
github-actions[bot]
fd385736e6 Post-release preparation for codeql-cli-2.17.6 2024-06-25 06:39:45 +00:00
github-actions[bot]
e32a587078 Release preparation for version 2.17.6 2024-06-24 14:33:10 +00:00
Owen Mansel-Chan
d8df38c683 Make DataFlowType a singleton (remove workaround) 2024-06-24 13:43:10 +01:00
Anders Schack-Mulligen
8c23e21073 Dataflow: Cache compatibleTypes. 2024-06-24 13:35:48 +02:00
Owen Mansel-Chan
f04a85e121 Merge pull request #16753 from owen-mc/go/misc-clean-up 
Go: a few small clean ups
 2024-06-24 10:47:21 +01:00
Owen Mansel-Chan
aa35bd771b Fix bug removing "vendor/" from package paths 2024-06-20 13:18:21 +01:00
Owen Mansel-Chan
754fd8e84c Drop leading . from getQualifiedName for built-in functions 
So it will be "panic" instead of ".panic".
 2024-06-19 22:04:21 +01:00
Owen Mansel-Chan
68a661f3c7 Write out whole function names 2024-06-19 21:58:31 +01:00
Owen Mansel-Chan
b79711b17e Move deprecated notice to top of comment 2024-06-19 21:58:28 +01:00
Ed Minnix
5bbd003dfc Reword change note 2024-06-18 12:27:21 -04:00
Ed Minnix
b53712cae0 Change note 2024-06-18 12:27:19 -04:00
Ed Minnix
6a0be6ad09 ExternalAPIs 2024-06-18 12:27:18 -04:00
Ed Minnix
46e16b88bb Refactor experimental queries to use ThreadModelFlowSource 2024-06-18 12:27:17 -04:00
Ed Minnix
cfd5f53eb0 Refactor Customizations libraries to use ThreatModelFlowSource 2024-06-18 12:27:15 -04:00
Edward Minnix III
8997f2cdf2 Merge pull request #16697 from egregius313/egregius313/go/dataflow/threat-modeling 
Go: Introduce Threat Modeling
 2024-06-18 12:25:33 -04:00
Chris Smowton
4da5d6660a Add change note 2024-06-17 16:49:09 +01:00
Chris Smowton
38ee085782 Adjust test expectation 2024-06-17 16:46:49 +01:00
Chris Smowton
822f6eebfb Add support for flow through content of global variables 2024-06-17 16:42:23 +01:00
Ed Minnix
b4ecc81145 Fix provenance numbers in tests 2024-06-17 11:33:19 -04:00
Ed Minnix
fa2c50616b Remove getSourceType definitions 2024-06-17 10:57:11 -04:00
Ed Minnix
b6adff6377 Fix jsoniter test 2024-06-17 10:51:13 -04:00
Ed Minnix
53dd269f9f Go: Threat model tests 2024-06-17 10:51:11 -04:00
Ed Minnix
7f19f449eb Change note 2024-06-17 10:51:10 -04:00
Ed Minnix
49fb372eb9 Add getSourceType declarations to existing remote flow sources 2024-06-17 10:51:09 -04:00
Ed Minnix
df6449cfc7 Go: Add the SourceNode and ThreatModelFlowSource classes 2024-06-17 10:51:07 -04:00
Ed Minnix
b697068e9a Go: Add threat modeling shared library 2024-06-17 10:51:06 -04:00
Michael B. Gale
039537f7ba Merge pull request #16727 from github/mbg/go/fix/too-many-go-mod-files-initialised 2024-06-14 10:14:57 +01:00
Michael B. Gale
e10e2899bd Go: Update comment in gen.py 2024-06-12 15:24:33 +01:00
Michael B. Gale
8629e00686 Go: Remove workspace from vendor/modules.txt 2024-06-12 15:22:56 +01:00
Michael B. Gale
a90968d277 Go: Replace go work vendor with go mod vendor 2024-06-12 15:19:14 +01:00
Michael B. Gale
a04f08f026 Go: Remove go.work file 2024-06-12 15:10:28 +01:00
github-actions[bot]
bbeebfae73 Add changed framework coverage reports 2024-06-12 00:17:31 +00:00
Michael B. Gale
e9bd85e0ba Merge pull request #16704 from github/mbg/go/fix/build-scripts-running-more-than-once 2024-06-11 22:23:15 +01:00
Michael B. Gale
202d77d94f Merge pull request #16726 from github/mbg/go/log-one-line-for-stray-sources 
Go: Only log one line for stray .go files
 2024-06-11 22:16:21 +01:00
Owen Mansel-Chan
24c9062b35 Merge pull request #16671 from owen-mc/go/mad-builtin-taint-models-try-2 
Go: Convert old-style models for built-ins to MaD
 2024-06-11 19:45:34 +01:00
Michael B. Gale
d8d1ae632c Merge branch 'mbg/go/fix/build-scripts-running-more-than-once' into mbg/go/fix/too-many-go-mod-files-initialised 2024-06-11 18:31:03 +01:00
Michael B. Gale
0f56e408f8 Merge branch 'main' into mbg/go/fix/build-scripts-running-more-than-once 2024-06-11 18:29:41 +01:00
Michael B. Gale
864d629a13 Go: Prevent go.mod files from being added to every directory with stray source files 2024-06-11 18:24:11 +01:00
Michael B. Gale
20b7def543 Go: Only log one line for stray .go files 2024-06-11 18:06:08 +01:00
Mathias Vorreiter Pedersen
3351b9547d Merge branch 'rc/3.14' into rc-3.14-mergeback 2024-06-11 16:21:08 +01:00
Owen Mansel-Chan
2ae7fa4897 Tests: accept expected changes 2024-06-11 16:20:06 +01:00
Owen Mansel-Chan
6fd2ab7cef Tests: Accept model renumbering in edge provenance 2024-06-11 16:18:18 +01:00
Owen Mansel-Chan
700604a1c2 Convert old-style models for built-ins to MaD 
These models are to cover the special cases where `append` can be used
with a second argument which is a string followed by `...`, and `copy`
can be used with a second argument which is a string. In this case the
taint is carried by the whole string, rather than in array elements.
 2024-06-11 16:16:45 +01:00