hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,392 Commits 1,671 Branches 157 Tags
03d63dec2e151ba647cd3429d3e3a704ae9b2f9b
Commit Graph

3383 Commits

Author SHA1 Message Date
Joe Farebrother
03d63dec2e Address reviews - rename and update doc comments 2025-11-25 14:35:29 +00:00
Joe Farebrother
1bd5005fc1 Fix typos 2025-11-25 14:35:17 +00:00
Joe Farebrother
6282c34396 Update formatting 2025-11-25 14:35:09 +00:00
Joe Farebrother
a25861d8a3 Update integration test 2025-11-25 14:35:02 +00:00
Joe Farebrother
ed483dd5b2 Add change note 2025-11-25 14:34:57 +00:00
Joe Farebrother
d633120f4d Update integration tests 2025-11-25 14:34:48 +00:00
Joe Farebrother
536e885f18 Remove experimental query 2025-11-25 14:34:41 +00:00
Joe Farebrother
fa30041498 Add qhelp & fix tests 2025-11-25 14:34:28 +00:00
Joe Farebrother
2b1cd846b3 Fixes and doc updates 2025-11-25 14:34:10 +00:00
Joe Farebrother
8d544e5b15 Add tests 2025-11-25 14:33:51 +00:00
Joe Farebrother
5094784a4b Add modeling for gin 2025-11-25 14:33:43 +00:00
Joe Farebrother
74c424dc4c Fixes, add secure query 2025-11-25 14:33:33 +00:00
Joe Farebrother
7d76619bea Implement cookie write concepts and httponly query 2025-11-25 14:33:23 +00:00
Owen Mansel-Chan
a70d74220f Add test for good password hashing 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
f562b3d26e Make line differences in test comments relative 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
349e8ca589 Remove unnecessary import 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
adbc1efe59 Fix diff-informed predicates 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
8d7b2757bf Add query help examples 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
69ecdcb4cd Fix capitalization of class names 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
970b5d7496 Fix query suite integration tests 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
d2033ca1d5 Add change note 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
52d7e2dd18 Add query for hashing sensitive data with weak hashing algorithm 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
713e19f6f1 Make non-path query for encryption only 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
f34a625ac2 Model cryptographic operations 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
fac5296efc Avoid duplicate results using in-barriers 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
34b2e3e2bf Copy the structure of the Javascript query 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
5c403d374e Move crypto qll files from query pack to library pack 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
92a3bccfd6 Align metadata with related queries 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
188b25f11f Remove experimental tag from query metadata 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
a71bb4ba9a Convert test to inline expectations 2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
2c20d3ffeb Move weak crypto algorithm query out of experimental 2025-11-19 14:36:26 +00:00
github-actions[bot]
5ee45af3aa Post-release preparation for codeql-cli-2.23.6 2025-11-18 09:53:12 +00:00
github-actions[bot]
18fa6799ce Release preparation for version 2.23.6 2025-11-17 16:38:07 +00:00
Owen Mansel-Chan
59ac2d3d3e Move TransformPath into FileLabelFor 
This way we don't have to remember to transform it at all call sites.
 2025-11-14 10:25:40 +00:00
dependabot[bot]
acfca601bc Bump golang.org/x/tools 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.38.0 to 0.39.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.38.0...v0.39.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-version: 0.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-14 03:08:48 +00:00
Nick Rolfe
86465b36e0 Merge pull request #20623 from github/nickrolfe/go-extractor-overlay 
Go: basic overlay support
 2025-11-12 14:56:25 +00:00
dependabot[bot]
c88952423e Bump golang.org/x/mod 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/mod](https://github.com/golang/mod).


Updates `golang.org/x/mod` from 0.29.0 to 0.30.0
- [Commits](https://github.com/golang/mod/compare/v0.29.0...v0.30.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-12 03:08:31 +00:00
Nick Rolfe
e5ba4143ff Go: add change-note for path transformer fixes 2025-11-11 15:47:53 +00:00
Nick Rolfe
e32a5ca846 Go: add some overlay-related logging 2025-11-07 16:52:24 +00:00
Nick Rolfe
44654bdef6 Go: avoid overlay-discarding @file entities 
...since they are shared between base and overlay
 2025-11-07 16:52:22 +00:00
Nick Rolfe
734cba7b9c Go: add discard predicates for XML entities 
This is adapted from the implementation for Java.

Since the HTML/XML extractor is not (yet) incremental, it will extract
files that were not in the diff. These discard predicates are intended
to cope with that, while also being robust against a future version
where the extractor *is* overlay-aware.
 2025-11-07 16:52:21 +00:00
Nick Rolfe
10fa1d650d Go: be consistent in replacement of backslashes in file labels 2025-11-07 16:52:20 +00:00
Nick Rolfe
e4c9bb3c5c Go: enable overlay compilation 2025-11-07 16:52:19 +00:00
Nick Rolfe
50e01283da Go: overlay workaround for cgo-processed files 2025-11-07 16:52:17 +00:00
Nick Rolfe
5aaed8941a Go: pass source root from autobuilder to extractor 
This ensures the extractor can resolve the relative paths for files
changed in the overlay.
 2025-11-07 16:52:16 +00:00
Nick Rolfe
dd4f27868e Go: apply path transformer for file TRAP labels 2025-11-07 16:52:15 +00:00
Nick Rolfe
4c009d5bc9 Go: implement overlay discarding for @locatable 2025-11-07 16:52:14 +00:00
Nick Rolfe
aff874e835 Go: merge with incoming path transformer when setting GOPATH 2025-11-07 16:52:12 +00:00
Nick Rolfe
99236f7877 Go: skip overlay extraction of unchanged go.mod files 2025-11-07 16:52:10 +00:00
Nick Rolfe
604df2125d Go: implement basic overlay extraction 
When in overlay mode, extractFile will exit early if the file isn't in
the list of files that changed since the base was extracted.
 2025-11-07 16:52:08 +00:00