hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 06:12:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,009 Commits 1,684 Branches 159 Tags
040b166eb221ca68501992febe1bf59f1d3582d8
Commit Graph

2009 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sauyon Lee
040b166eb2 Add new style build constraints and add test for the old style 2021-08-19 14:00:04 -07:00
Sauyon Lee
189070cf2c Add support for go:build style constraints 
This doesn't account for the new syntax, but there was no syntax
parsing in the old version anyway, and the only user doesn't currently
care about semantics
 2021-08-19 14:00:03 -07:00
Sauyon Lee
f39e43e5d0 Allow conversions to an array to panic 2021-08-19 14:00:03 -07:00
Sauyon Lee
2a5e7e24cd Update dependencies for go1.17 2021-08-19 14:00:03 -07:00
Sauyon Lee
b9871add53 Merge pull request #565 from sauyon/remove-dots 
Remove non-goific dot in method signatures
 2021-08-19 13:41:25 -07:00
Sauyon Lee
ff1eb8ef43 Remove non-goific dot in method signatures 2021-08-19 12:36:59 -07:00
Owen Mansel-Chan
51b3f7f62d Merge pull request #555 from owen-mc/upstream-weak-crypto-key 
Promote weak crypto key from experimental
 2021-08-18 12:57:27 +01:00
Owen Mansel-Chan
b96efc655e Improve grammar and punctuation 2021-08-18 11:54:06 +01:00
Owen Mansel-Chan
6f2040da51 Add security severity score 2021-08-18 11:54:06 +01:00
Owen Mansel-Chan
8c97395884 Add change note 2021-08-18 11:54:05 +01:00
Owen Mansel-Chan
3bf2cf0ed8 Add precision metadata 2021-08-18 11:54:05 +01:00
Owen Mansel-Chan
9634e8d7b0 Update path in qlref file 2021-08-18 11:54:04 +01:00
Owen Mansel-Chan
ca01d55297 Promote insufficient key size query 
Files were just moved - changes made in next commit
 2021-08-18 11:54:04 +01:00
Chris Smowton
10e362a0f2 Merge pull request #562 from sauyon/remove-binary 
Remove accidentally added binary
 2021-08-17 19:55:26 +01:00
Chris Smowton
2b6dde8e6c Merge pull request #561 from github/developer-happiness-query-suite 
Add a query suite for new experimental "developer happiness" queries
 2021-08-17 19:45:44 +01:00
Sauyon Lee
dc50d73008 Remove accidentally added binary 2021-08-17 10:11:04 -07:00
Sam Partington
78a4823bde Ensure all 3 IDs are considered 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-08-17 09:53:11 +01:00
Sam Partington
4e36d1f52f Add a query suite for new experimental "developer happiness" queries 
These are the queries added in https://github.com/github/codeql-go/pull/558.
 2021-08-16 18:05:31 +01:00
Chris Smowton
fbc65b3f87 Merge pull request #558 from sauyon/add-sample-queries 
Add sample DB-related queries
 2021-08-12 21:55:14 +01:00
Sauyon Lee
4c5d3ff344 Move defer in loop query to experimental 2021-08-12 10:13:30 -07:00
Sauyon Lee
02396dbd04 Add database query in loop query 
co-authored-by: Robert <robertbrignull@github.com>
co-authored-by: Sam Partington <sampart@github.com>
 2021-08-11 18:15:23 -07:00
Sauyon Lee
1ffeb26a61 Add query for a GORM error not checked 
co-authored-by: Sam Partington <sampart@github.com>
co-authored-by: Robin Neatherway <rneatherway@github.com>
 2021-08-11 18:15:23 -07:00
Shati Patel
65e9262b41 Merge pull request #556 from github/shati-patel-patch-1 
Update CODEOWNERS
 2021-07-28 12:56:48 +01:00
Shati Patel
0c4674cf86 Update CODEOWNERS 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2021-07-28 11:54:25 +01:00
Shati Patel
e83af8e4ea Update CODEOWNERS 2021-07-28 11:42:33 +01:00
Chris Smowton
e39753c72a Merge pull request #552 from github/deferinloop-kind 
Add @kind to deferinloop.ql
 2021-07-19 11:17:26 +01:00
Chris Smowton
b03513bcd2 Merge pull request #542 from gagliardetto/cors-misconfig 
Add query to detect CORS misconfiguration
 2021-07-16 16:12:15 +01:00
Chris Smowton
87afdae1c7 use hasFlowTo where possible 2021-07-16 14:38:05 +01:00
Sam Partington
e227a4315f Add @kind to deferinloop.ql 
Required to use this query with the CodeQL CLI
 2021-07-16 14:25:58 +01:00
Slavomir
52b650a1be Add AllowOriginHeaderWrite and AllowCredentialsHeaderWrite classes 2021-07-16 00:01:55 +02:00
Slavomir
e92738a93f Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-16 00:42:36 +03:00
Chris Smowton
73227f12df Merge pull request #539 from gagliardetto/fiber 
Add web framework: github.com/gofiber/fiber
 2021-07-15 17:53:45 +01:00
Slavomir
d252d6003f Remove Protocol as UntrustedFlowSource 2021-07-15 16:20:33 +02:00
Slavomir
498332c186 Mention Fiber.json in Fiber.qll 2021-07-15 15:15:10 +02:00
Slavomir
7d1a632b61 Move fiber spec in the same folder as source 2021-07-15 15:12:02 +02:00
Slavomir
92e0f02d2a Remove special cases inside if 2021-07-15 15:06:28 +02:00
Slavomir
66bd56f444 Don't use any() as sink 2021-07-05 13:14:56 +02:00
Chris Smowton
cd1e14ed09 Merge pull request #549 from edoardopirovano/change-pragma 
Performance: Remove `pragma[noopt]`
 2021-06-22 19:14:52 +01:00
Edoardo Pirovano
65a34b4aa6 Performance: Remove pragma[noopt] 2021-06-22 10:05:53 +01:00
Chris Smowton
52028cf363 Merge pull request #547 from edoardopirovano/fix-join-order 
Performance: Fix bad join ordering
 2021-06-21 20:11:22 +01:00
Edoardo Pirovano
a7c656db8b Performance: Fix bad join ordering 2021-06-21 18:58:35 +01:00
Slavomir
c0f195ba16 Reduce false positives 2021-06-19 22:25:51 +02:00
edvraa
ac777d237d autoformat 2021-06-17 09:23:26 +01:00
edvraa
0456d4793a Fix path tracking 2021-06-17 09:23:26 +01:00
edvraa
4576b16f30 Use dataflow gettype 2021-06-17 09:23:26 +01:00
edvraa
062acedd49 Unify and make getValueForFieldWrite private 2021-06-17 09:23:26 +01:00
edvraa
236b623f60 Get rid of NetHttpCookieTrackingConfiguration 2021-06-17 09:23:26 +01:00
edvraa
031a79b8f5 Gorilla Store Save sink 2021-06-17 09:23:26 +01:00
edvraa
8110c3d059 Use HasFlow 2021-06-17 09:23:26 +01:00
edvraa
d60d18a8d0 Stay on dataflow level 2021-06-17 09:23:26 +01:00