codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Chris Smowton	c8eefb7c5c	Golang: Mark filepath.IsLocal as a tainted-path sanitizer guard	2025-07-15 14:47:17 +01:00
Owen Mansel-Chan	990043ce86	Add net/http.Head and net/http.Client.Head as client requests They were previously deliberately excluded.	2025-07-08 14:31:48 +01:00
Owen Mansel-Chan	d437a096f1	Test more client request URL sinks	2025-07-08 13:20:04 +01:00
Owen Mansel-Chan	0788a90d88	Convert RequestForgery test to inline expectations	2025-07-04 16:56:05 +01:00
Owen Mansel-Chan	d10b9e665c	Fix linter warnings in Request Forgery tests	2025-07-04 16:55:09 +01:00
Owen Mansel-Chan	0f07ab58cf	Merge pull request #19654 from owen-mc/go/fix-definedtype-getbasetype Go: fix `DefinedType.getBaseType`	2025-06-26 00:19:19 +01:00
Owen Mansel-Chan	d7b1d7bef4	Merge pull request #19677 from owen-mc/go/better-class-names-and-helpers Go: Improve two class names and add some helper predicates	2025-06-26 00:17:32 +01:00
Nora Dimitrijević	cf92b0e91b	Go: convert IncorrectIntegerConversion test to .qlref	2025-06-24 14:57:48 +02:00
Nora Dimitrijević	76a3306c63	Go: convert UncontrolledAllocationSize test to .qlref	2025-06-24 14:57:44 +02:00
Owen Mansel-Chan	ef5e605cc4	Merge pull request #19386 from owen-mc/go/promote/html-template-escaping-bypass-xss Go: promote `html-template-escaping-bypass-xss`	2025-06-06 12:36:27 +01:00
Owen Mansel-Chan	75d9b298b2	Test helper predicates for `TypeSpec`	2025-06-05 10:52:01 +01:00
Owen Mansel-Chan	8b9cc99158	Test helper predicates for `FieldDecl`	2025-06-05 10:35:34 +01:00
Owen Mansel-Chan	e7e4286233	Merge pull request #19561 from owen-mc/go/mad/bigquery-sql-injection-sink Go: Add BigQuery as a sink for SQLi queries #2	2025-06-04 11:36:18 +01:00
Owen Mansel-Chan	b2f310cda7	Add change note	2025-06-03 15:36:03 +01:00
Owen Mansel-Chan	4711feb344	Add test for `DefinedType.getBaseType`	2025-06-03 14:50:05 +01:00
Owen Mansel-Chan	681f9af710	Fix MethodTypes test	2025-06-03 14:50:00 +01:00
Owen Mansel-Chan	164cfaf3e7	Merge pull request #19532 from owen-mc/go/make-test-version-independent Go: Make type param test independent of standard library version	2025-05-28 11:30:13 +01:00
Owen Mansel-Chan	66bbaf2dc8	Add tests for cloud.google.com/go/bigquery.Client.Query	2025-05-22 15:16:12 +01:00
Owen Mansel-Chan	d39e7c2066	Added named import to definitions test This makes the test slightly more thorough.	2025-05-20 13:13:21 +01:00
Owen Mansel-Chan	f6f6a5ccc6	Only list type params in test files This will make the test results not depend on the version of the standard library being used, which means we don't have to update it with each new release.	2025-05-20 02:25:24 +01:00
Owen Mansel-Chan	7da1ade835	Add tests for extracting tuples in `f(g(...))`	2025-05-13 15:54:05 +01:00
Owen Mansel-Chan	b06491125e	Expand test for Extract Tuple Instruction	2025-05-13 15:48:29 +01:00
Owen Mansel-Chan	e6c19b0cbd	Modernize tests	2025-05-01 15:40:14 +01:00
Owen Mansel-Chan	cba0bec3c6	Rename files	2025-05-01 15:40:12 +01:00
Owen Mansel-Chan	cbdbb0310b	Tidy up test (remove duplicated `main`)	2025-05-01 15:40:06 +01:00
Owen Mansel-Chan	4e5a865337	Manually fix copilot's mistakes and get query working	2025-05-01 15:40:04 +01:00
Owen Mansel-Chan	c2ebdf5266	Change query id to `go/html-template-escaping-bypass-xss`	2025-05-01 15:39:20 +01:00
Owen Mansel-Chan	1926ffd450	Convert XSS tests to use inline expectations	2025-05-01 15:39:19 +01:00
Owen Mansel-Chan	1530ac123c	Update path in qlref and update test results	2025-05-01 15:39:17 +01:00
Owen Mansel-Chan	5bce70f78c	Move files out of experimental (no changes)	2025-05-01 15:39:15 +01:00
Owen Mansel-Chan	b6053e3f91	Merge pull request #19076 from owen-mc/go/update-depstubber-files Go: update files generated by depstubber	2025-04-09 11:44:20 +01:00
Owen Mansel-Chan	ecd09edf64	Add stubs for gogf/gf and uptrace/bun	2025-04-02 14:17:40 +01:00
Owen Mansel-Chan	1687042c3b	Add Bun models and tests	2025-04-02 14:17:39 +01:00
Owen Mansel-Chan	ddb7da4c13	Add gogf models and tests	2025-04-02 14:17:37 +01:00
Ed Minnix	9cf4117120	Add tests for gogf/gf/database/gdb	2025-04-02 14:17:35 +01:00
Owen Mansel-Chan	89e853b4be	Don't use non-existent dependency This makes some go tooling, like `go mod tidy`, not work.	2025-04-02 14:17:31 +01:00
Owen Mansel-Chan	dc242da4be	Merge pull request #19090 from owen-mc/review/egregius313/18902 Go: Add `database` source models for the `squirrel` package (#2)	2025-03-27 15:54:25 +00:00
Owen Mansel-Chan	c3bc6519fb	Merge pull request #19053 from owen-mc/go/fp/log-type Go: Fix false positives when logging using `%T`	2025-03-25 10:49:51 +00:00
Owen Mansel-Chan	bbed79cf58	Add squirrel to go.mod	2025-03-25 10:33:23 +00:00
Owen Mansel-Chan	09d69293b5	Fix package name in stub	2025-03-25 10:33:23 +00:00
Ed Minnix	c5f5427d72	Add test for `squirrel` package	2025-03-25 10:33:23 +00:00
Ed Minnix	4ab5d3405c	Add fake `Source` function and models	2025-03-25 10:33:23 +00:00
Owen Mansel-Chan	6d61820c92	Merge pull request #19088 from owen-mc/review/egregius313/18913 Go: Add database source models for the github.com/couchbase/gocb package (#2)	2025-03-25 10:31:44 +00:00
Owen Mansel-Chan	2790415772	Remove imports that aren't used	2025-03-21 11:16:46 +00:00
Owen Mansel-Chan	84872c8c7f	Use depstubber for stubs (with manual edits) I had to remove quite a few incorrect method declarations for promoted methods.	2025-03-21 10:15:08 +00:00
Owen Mansel-Chan	e44f7f946f	Sort package paths in vendor/modules.txt	2025-03-21 09:45:50 +00:00
Owen Mansel-Chan	662af6e248	Update test expectations	2025-03-20 15:49:20 +00:00
Owen Mansel-Chan	f944ff4d78	Create `getAValueFormattedMessageComponent`	2025-03-20 15:08:06 +00:00
Owen Mansel-Chan	11ff0a08f3	Add log injection and cleartext logging tests for %T	2025-03-20 15:08:02 +00:00
Owen Mansel-Chan	646d28feeb	Make cleartext logging tests more realistic	2025-03-20 15:08:00 +00:00

1 2 3 4 5 ...

926 Commits