2972 Commits

Author	SHA1	Message	Date
Chris Smowton	9f82088f5d	Remove unnecessary casts	2022-08-15 11:47:58 +01:00
Chris Smowton	50fb6621a9	Create 2022-08-12-cross-thread-flow.md	2022-08-12 09:00:16 +01:00
github-actions[bot]	21d0c78376	Post-release preparation for codeql-cli-2.10.3	2022-08-11 23:20:39 +00:00
github-actions[bot]	57c4f9145b	Release preparation for version 2.10.3	2022-08-11 11:12:15 +00:00
Erik Krogh Kristensen	887f6557ed	fix common misspellings throughout github/codeql	2022-08-10 23:21:41 +02:00
Chris Smowton	bf24d7886a	Accept test changes	2022-08-10 18:10:02 +01:00
Chris Smowton	2abd1f77f4	Go: implement conservative cross-thread dataflow ... Steps into captured variables are moved into jumpStep where they always should have been, and the store/load step implementation for channels is completed. For the time being this takes a very conservative approach to identify channels that are likely connected: if there is exactly one receive site and one send site for a field, the two are presumed connected.	2022-08-10 12:44:12 +01:00
Erik Krogh Kristensen	559ec7ba56	Merge branch 'main' into repeatedWord	2022-08-09 21:22:47 +02:00
Chris Smowton	96091e4fa0	Merge pull request #9947 from github/smowton/fix/golang-path-injection-numeric-sanitizer ... Go: note that numeric-typed nodes can't cause path traversal	2022-08-04 09:00:34 +01:00
Chris Smowton	e04c77ce15	Rename sanitizer	2022-08-03 09:37:20 +01:00
Chris Smowton	e04a9b5805	Add change note	2022-08-02 11:37:27 +01:00
Chris Smowton	13b2b7674d	Go: note that numeric-typed nodes can't cause path traversal	2022-08-02 11:28:28 +01:00
github-actions[bot]	e8747d3176	Post-release preparation for codeql-cli-2.10.2	2022-07-28 20:00:09 +00:00
github-actions[bot]	212786ed91	Release preparation for version 2.10.2	2022-07-28 13:38:35 +00:00
Cornelius Riemenschneider	ca819573f5	Merge pull request #9862 from github/adityasharad/codeql-cli-2.10.1-mergeback ... Merge codeql-cli-2.10.1 into main	2022-07-20 10:42:34 +02:00
Andrew Eisenberg	2f50549184	Move definitions.ql back to src	2022-07-15 11:48:15 -07:00
github-actions[bot]	0ee476129a	Post-release preparation for codeql-cli-2.10.1	2022-07-14 14:38:49 +00:00
Erik Krogh Kristensen	85a652f3d1	remove a bunch of repeated words	2022-07-14 12:42:48 +02:00
github-actions[bot]	d1aa0d7dd3	Release preparation for version 2.10.1	2022-07-14 08:56:03 +00:00
github-actions[bot]	d506f448ef	Post-release preparation for codeql-cli-2.10.0	2022-06-24 07:36:33 +00:00
github-actions[bot]	a74051c658	Release preparation for version 2.10.0	2022-06-23 11:17:46 +00:00
Anders Schack-Mulligen	df6d68b215	Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class ... Dataflow: Deprecate BarrierGuard class	2022-06-22 10:44:08 +02:00
Anders Schack-Mulligen	f8f9b7d3b4	Apply suggestions from code review	2022-06-21 14:11:36 +02:00
Chris Smowton	7bb0d62863	Update comparisonBarrierGuard qldoc	2022-06-21 12:12:17 +01:00
Chris Smowton	8ae4c21a3e	Update doc for divideByZeroSanitizerGuard	2022-06-21 12:11:19 +01:00
Edoardo Pirovano	70dbd92e25	Bump minor version of all regularly released packs	2022-06-21 11:22:58 +01:00
Edoardo Pirovano	ad02b85efa	Merge branch main into rc/3.6	2022-06-21 11:15:25 +01:00
Cornelius Riemenschneider	091299668a	Merge pull request #9617 from github/criemen/fix-go-pattern-lua-config ... Go: Properly escape dash in tracing-config.lua	2022-06-21 11:45:14 +02:00
Anders Schack-Mulligen	a4796e1542	Add change notes.	2022-06-21 11:17:47 +02:00
Ian Lynagh	f22de1ac81	Merge pull request #9583 from igfoo/igfoo/locationdocs ... Fix broken links to information about Locations	2022-06-20 17:28:24 +01:00
Anders Schack-Mulligen	87d5305f5b	Go: Ad-hoc patch the shared libs.	2022-06-20 15:46:38 +02:00
Anders Schack-Mulligen	406f5b525b	Go: Deprecate and replace BarrierGuard class	2022-06-20 15:46:27 +02:00
Cornelius Riemenschneider	d3c7395fa2	Go: Properly escape dash in tracing-config.lua ... Previously, the pattern didn't match what it was intended to match.	2022-06-20 14:29:50 +02:00
Rasmus Wriedt Larsen	ae44a941f9	Merge pull request #9421 from RasmusWL/inline-brackets ... Inline Expectation Tests: Allow `tag[foo bar]`	2022-06-20 10:01:19 +02:00
Rasmus Wriedt Larsen	b65a10d1ef	Inline Expectation Tests: sync	2022-06-17 17:38:19 +02:00
Ian Lynagh	b80e6421b6	Fix broken links to information about Locations	2022-06-16 16:57:59 +01:00
Chris Smowton	16a2107f89	Go autobuilder: don't attempt a go mod tidy when there's a vendor directory present ... This is likely to spuriously remove dependencies leading to a later build failure due to missing requirements.	2022-06-16 10:12:39 +01:00
github-actions[bot]	1ed70d51d7	Post-release preparation for codeql-cli-2.9.4	2022-06-15 13:25:20 +00:00
github-actions[bot]	104ac05f49	Release preparation for version 2.9.4	2022-06-15 08:22:38 +00:00
Dave Bartolomeo	5e5e2646e2	Fix codeql/suite-helpers dependency for Go	2022-06-07 10:55:49 -04:00
Rasmus Wriedt Larsen	50196d099b	Inline Expectation Tests: sync	2022-06-03 11:39:57 +02:00
Rasmus Wriedt Larsen	07c22a857f	Merge pull request #9420 from RasmusWL/sync-go-inline ... Go: Sync InlineExpectationsTest	2022-06-03 11:37:13 +02:00
Chris Smowton	04422eeaee	Merge pull request #9378 from porcupineyhairs/goJwtSign ... Golang : Add query to detect JWT signing vulnerabilities	2022-06-02 20:53:03 +01:00
Chris Smowton	d5ac7190cc	Remove duplicate function	2022-06-02 17:02:54 +01:00
Chris Smowton	e54b29a846	Autoformat	2022-06-02 15:58:29 +01:00
Chris Smowton	602495df4c	Replace cases accidentally handled by CompareExprSanitizer with ReturnedAlongsideErrorSanitizerGuard	2022-06-02 15:53:41 +01:00
Chris Smowton	b48a07e7b8	Tighten up CompareExprSanitizer ... - Document - Only actually consider comparisons - Don't sanitize literals	2022-06-02 15:18:38 +01:00
Chris Smowton	3155771abe	Rename empty-string sanitizer to reflect what it actually does.	2022-06-02 15:10:02 +01:00
Chris Smowton	bfbc1d48b7	Simplify redundant sanitizer	2022-06-02 15:02:41 +01:00
Porcupiney Hairs	361b7037c6	Include suggested changes from review.	2022-06-02 19:11:44 +05:30