codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Ed Minnix	e9fdc8a34c	database source tests	2025-01-07 06:41:33 -05:00
Ed Minnix	c02430607a	Add post-processing to StoredXss.qlref test	2025-01-03 13:26:29 -05:00
Kevin Stubbings	4b95ea0987	Merge branch 'main' into go-rs-cors	2024-12-17 17:35:29 -08:00
Michael Nebel	d0e9c3bb70	Fix failing tests on main.	2024-12-16 14:16:47 +01:00
Michael Nebel	aaf0cd5dee	Merge pull request #17968 from michaelnebel/java/movetestutils Move test utilities to the query pack.	2024-12-16 13:41:30 +01:00
Owen Mansel-Chan	7ab06fca2f	Merge pull request #18275 from owen-mc/go/mad/variadic-params-sources Go: Make models-as-data source models for variadic parameters work	2024-12-15 13:22:21 +00:00
Ed Minnix	7852c8666c	Update provenance in test results	2024-12-13 15:22:17 -05:00
Edward Minnix III	f844105722	Fix test result	2024-12-13 14:53:58 -05:00
Ed Minnix	3f9af5bfe4	Tests	2024-12-13 12:42:01 -05:00
Owen Mansel-Chan	e9dcd69cc0	Add readStep back to local taint flow	2024-12-13 13:30:18 +00:00
Owen Mansel-Chan	3a3e053f12	Only add taint steps for implicit varargs slice post-update nodes	2024-12-13 13:17:44 +00:00
Michael Nebel	96fe1449f8	Go: Update all test util paths to point to the new location.	2024-12-12 13:54:21 +01:00
Michael Nebel	f8e0c4799d	Go: Move test utilities into the query pack.	2024-12-12 13:21:35 +01:00
Owen Mansel-Chan	3f7c37e1ed	Treat container flow as taint flow in global taint flow	2024-12-12 11:41:32 +00:00
Owen Mansel-Chan	e13c4b7550	Treat container flow as taint flow in localTaintStep	2024-12-12 10:41:23 +00:00
Owen Mansel-Chan	7e5e634bc7	Update .expected files (no new results)	2024-12-06 15:41:28 +00:00
Owen Mansel-Chan	67572712ea	Fix flow out of varargs param with models-as-data This still doesn't allow for a variadic out parameter to be defined as a source using MaD. This is due to the lack of an implicit store step at sources, to match implicit read steps at sinks.	2024-12-06 15:00:40 +00:00
Owen Mansel-Chan	8cc4cd58c6	Add failing test for flow out of varargs param with models-as-data	2024-12-06 15:00:37 +00:00
Owen Mansel-Chan	96c8af8943	Test flow out of varargs param with function models	2024-12-06 15:00:34 +00:00
Owen Mansel-Chan	1612a7a9a0	Delete accidentally committed binary	2024-12-06 15:00:33 +00:00
Owen Mansel-Chan	69f087a46d	Fix pre-existing failing test in VarArgsWithFunctionModels It was failing for a silly reason.	2024-12-06 15:00:31 +00:00
Owen Mansel-Chan	ec7cbf93d9	Add failing test for flow out of varargs parameter	2024-12-06 15:00:30 +00:00
Owen Mansel-Chan	1935c26b56	Trivial variable name fixes	2024-12-06 15:00:28 +00:00
Owen Mansel-Chan	f56b2c912a	Merge pull request #18201 from owen-mc/go/mad/improve-externalflowinheritance-tests Go: Fix some spurious results in ExternalFlowInheritance tests	2024-12-04 14:24:30 +00:00
Owen Mansel-Chan	ec0c0f1b35	Fix some spurious results in ExternalFlowInheritance tests Several struct types were being considered as the same. The fix is to give them unique fields.	2024-12-04 11:57:32 +00:00
Jeroen Ketema	99cbeb7eb6	Go: Update expected test results	2024-12-03 19:18:50 +01:00
Owen Mansel-Chan	8dc0688b6f	Fix bug	2024-11-26 22:25:47 +00:00
Owen Mansel-Chan	593896b40e	Add test showing promoted field bug NCField should be promoted to EmbedsNameClash. Currently it isn't because its embedded parent pkg2.NameClash is not a promoted field in EmbedsNameClash (because of a name clash with pkg1.NameClash), but this should not make a difference.	2024-11-26 22:25:41 +00:00
Owen Mansel-Chan	196634ecdb	Model `slices` package Skipping functions that involve iterators for now.	2024-11-26 12:01:09 +00:00
Owen Mansel-Chan	47eb407be9	Update Go version in stdlib tests	2024-11-26 12:00:10 +00:00
Owen Mansel-Chan	9aede5f433	Merge pull request #17494 from owen-mc/go/reinstate-mad-with-fixes Go: reinstate models-as-data sink conversions with fixes	2024-11-20 14:50:47 +00:00
Owen Mansel-Chan	bf824cac0a	Allow package-level variables in MaD	2024-11-19 16:59:42 +00:00
Owen Mansel-Chan	307fdc0864	Add tests for heuristic logger calls	2024-11-19 11:41:53 +00:00
Owen Mansel-Chan	874dc83f3f	Update test expectations	2024-11-19 11:28:43 +00:00
Owen Mansel-Chan	bc784268fd	Make Logrus log injection tests more comprehensive	2024-11-19 11:18:28 +00:00
Owen Mansel-Chan	791313fbdf	Add tests for logrus.FieldLogger	2024-11-19 11:18:26 +00:00
Owen Mansel-Chan	cc62db796c	Add tests for Xorm first argument of varargs slice	2024-11-19 11:18:24 +00:00
Owen Mansel-Chan	5a0cd2e7d6	Add tests for squirrel.Eq	2024-11-19 11:18:22 +00:00
Owen Mansel-Chan	fbaad09179	Convert mongodb nosql-injection sinks to MaD	2024-11-19 11:18:02 +00:00
Owen Mansel-Chan	e4eef6791a	Convert database/sql sql-injection sinks to MaD	2024-11-19 11:15:42 +00:00
Owen Mansel-Chan	4cca6cff59	Convert Beego orm sql-injection sinks to MaD	2024-11-19 11:13:32 +00:00
Owen Mansel-Chan	2282a8184b	Convert Bun sql-injection sinks to MaD	2024-11-19 11:13:30 +00:00
Owen Mansel-Chan	1ab50fc62c	Convert Gorm sql-injection sinks to MaD	2024-11-19 11:13:26 +00:00
Owen Mansel-Chan	fb050e8b43	Convert sqlx sql-injection sinks to MaD	2024-11-19 11:13:23 +00:00
Owen Mansel-Chan	d9d3e74e8c	Convert gogf/gf sql-injection sinks to MaD	2024-11-19 11:13:17 +00:00
Owen Mansel-Chan	1315a1e9ae	Upgrade and convert gorqlite sql-injection sinks to MaD	2024-11-19 11:13:13 +00:00
Owen Mansel-Chan	924467bebe	Convert squirrel sql-injection sinks to MaD (non-existent methods removed) Various non-existent methods were modeled, and I couldn't find any evidence that they used to exist. They aren't in the stubs or tests. I have removed them.	2024-11-19 11:13:10 +00:00
Owen Mansel-Chan	06b72e5782	Update models in test expectation files	2024-11-16 19:44:32 +00:00
Owen Mansel-Chan	5745969462	Set subtypes=false when it has no meaning	2024-11-16 19:34:23 +00:00
Kevin Stubbings	a94ba25ebe	Apply suggestions from code review Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>	2024-11-13 14:45:45 -08:00

... 3 4 5 6 7 ...

990 Commits