hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,671 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

274 Commits

Author SHA1 Message Date
Owen Mansel-Chan
c964fc2dca Update expected results (only empty predicate names added) 2024-06-04 11:46:00 +01:00
Owen Mansel-Chan
0870946e05 Add model validation to more tests 2024-06-04 11:45:58 +01:00
Owen Mansel-Chan
ffc25add70 Accept test changes 2024-05-30 21:01:06 +01:00
Owen Mansel-Chan
b2deea4606 Avoid duplicate additional flow steps in configs 
`localTaintStep` includes a lot of steps which are already part of value
flow. Instead use `defaultAdditionalTaintStep`, which is just the extra
steps that are added for taint tracking.
 2024-05-23 11:13:35 +01:00
Anders Schack-Mulligen
f931c8d836 Go: Accept qltest .expected file changes. 2024-05-22 15:39:47 +02:00
Anders Schack-Mulligen
8db9187698 Go: Accept qltest .expected file changes (interesting). 2024-05-22 15:38:01 +02:00
erik-krogh
384649b336 changes based on review, and improve the new command-injection test 2024-05-17 08:38:54 +02:00
erik-krogh
2848ccf0e2 fix frontend errors that Go complained about 2024-05-16 20:06:26 +02:00
erik-krogh
08c0d8ec60 autoformat go files 2024-05-16 19:59:40 +02:00
erik-krogh
ea2b73bda2 add a sanitizer that checks that the string does not start with "--" 2024-05-16 09:25:19 +02:00
erik-krogh
b9a7f6a8f7 add regexp check as a sanitizer for command-injection 2024-05-16 08:55:03 +02:00
erik-krogh
761f9cac97 make a new go/command-injection qhelp 2024-05-16 08:54:55 +02:00
Owen Mansel-Chan
827d15aaa0 Test changes due to model renumbering 2024-05-14 14:40:57 +01:00
Owen Mansel-Chan
f7e6bf7ef5 Two tests have different paths but same results 2024-05-10 23:41:00 +01:00
Owen Mansel-Chan
76946184de Accept MaD renumbering for edge provenance 2024-05-10 23:40:58 +01:00
Owen Mansel-Chan
674e65e134 Fix test expectations 2024-05-09 16:26:30 +01:00
Owen Mansel-Chan
57ff30c5f3 Update tests: built-in models now work 2024-05-08 16:07:02 +01:00
Owen Mansel-Chan
4140942479 Update tests 2024-04-24 14:19:33 +01:00
Owen Mansel-Chan
8962307291 Add second good go file to tests 2024-04-24 14:19:29 +01:00
Owen Mansel-Chan
80c3993ddc Remove redundant test 
It was introduced in https://github.com/github/codeql-go/pull/718 in
response to https://github.com/github/codeql-go/issues/717, to check
that we don't have type assertions as sinks. We now have other tests
covering type assertions.
 2024-04-17 16:32:41 +01:00
Owen Mansel-Chan
3ad2d90014 Make type switches tranform flow state 2024-04-17 16:32:36 +01:00
Owen Mansel-Chan
611f98bca4 Make type assertions transform the flow state 2024-04-17 16:32:30 +01:00
Owen Mansel-Chan
f08a598821 Add tests for FPs: type switches, type assertions 2024-04-17 16:32:13 +01:00
Anders Schack-Mulligen
20e91f9cac Go: Update expected output (uninteresting). 2024-04-12 09:20:23 +02:00
Owen Mansel-Chan
c3fefa8f69 Add extra sanitizer Part.FileName() 2024-04-11 07:35:45 +01:00
Owen Mansel-Chan
dc3ea6c418 Merge pull request #11703 from Kwstubbs/go-taintedpath-additions 
Go: Add and Modify Sanitizers For TaintedPath
 2024-04-10 15:13:13 +01:00
Max Schaefer
d7258f76d3 Go: Improve QHelp for go/unvalidated-url-redirection. 
The example showed a different (and better) fix from what the help claimed, but the suggestion also had a subtle bug that I fixed at the same time.
 2024-03-26 10:57:36 +00:00
Tony Torralba
87b2dcc892 Adjust test expectations 2024-03-14 10:25:04 +01:00
Kevin Stubbings
30fe4168e3 Removed filepath.base sanitizer 2024-03-11 15:08:10 -07:00
Kevin Stubbings
c9b49d3760 resolve feedback 2024-03-11 14:54:28 -07:00
Kevin Stubbings
530c76ca8b Add New Sanitizers and Modify Old Ones 2024-03-11 14:53:29 -07:00
Tony Torralba
7d74125508 Go: Promote go/uncontrolled-allocation-size 2024-03-07 15:17:49 +01:00
Tony Torralba
1704bfe2bf Merge pull request #15585 from atorralba/atorralba/go/promote-jwt-unsafe-verification 
Go: Promote `go/missing-jwt-signature-check` from experimental
 2024-02-19 15:35:44 +01:00
Tony Torralba
2a30898af6 Go: Promote go/missing-jwt-signature-check from experimental 2024-02-14 17:25:03 +01:00
Tony Torralba
1202b5b429 Go: Use less confusing name for hardcoded credentials tests 
We don't want name-based heuristics to pick these variable names, but also using something like 'safeName' may mislead readers into believing the test cases are intended to be GOOD cases (i.e. safe)
 2024-02-14 17:06:05 +01:00
Tony Torralba
5ce35e47b9 Adjust a test case so that the key isn't considered dummy 
(len < 4)
 2024-02-14 13:06:31 +01:00
Tony Torralba
750c8085cb Remove duplicated main from tests 2024-02-14 12:15:19 +01:00
Tony Torralba
ba1faea630 Go: Promote go/hardcoded-key from experimental 2024-02-14 12:15:14 +01:00
Anders Schack-Mulligen
3b8af1e52a Go: Add empty provenance column to expected files. 2024-02-09 11:32:07 +01:00
Tony Torralba
05b487e3a6 Go: Recognize unsafe candidate selection in go/insecure-randomness 2024-01-11 11:58:12 +01:00
Tony Torralba
5e8c63c3aa Use arg position instead of arg as class field to reduce number of instances 2024-01-10 14:12:29 +01:00
Tony Torralba
78c0cdfa2c Apply suggestions from code review 
co-authored-by: Owen Mansel-Chan <owen-mc@github.com>
 2024-01-10 13:33:41 +01:00
Tony Torralba
3534f692dc Fix test expectations 
Barrier-in addition removes an overlapping path
 2024-01-10 13:33:41 +01:00
Tony Torralba
a0f6b5ea10 Update test expectations 2024-01-09 17:00:20 +01:00
Owen Mansel-Chan
697aa609f4 Merge pull request #15211 from owen-mc/go/redefine-successfully-extracted-files 
Go: report any extracted file as successfully extracted
 2024-01-03 16:07:09 +00:00
Owen Mansel-Chan
14cffc3170 Merge pull request #15128 from owen-mc/go/fix-fp-incorrect-integer-conversion-signedness 
Go: fix FP in incorrect integer conversion query relating to strict comparisons with MaxInt and MaxUint
 2024-01-03 14:57:34 +00:00
Owen Mansel-Chan
13b00bae17 Update test expectation 2024-01-02 22:38:30 +00:00
Chad Bentz
7c93a2c825 Add const XMLParseNoEnt to stub 2023-12-21 00:49:14 +00:00
Chad Bentz
667861f575 depstubber with latest change 
- still failing with ./tst.go:195:25: undefined: parser.XMLParseNoEnt
 2023-12-21 00:42:37 +00:00
Chad Bentz
6f3867d804 stub the type Parser + the function New 
(it will automatically make stubs for all the methods on that type)

Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-12-20 19:25:48 -05:00