hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,697 Commits 1,684 Branches 159 Tags
6c0fe2ed45a03454da8548610fcfe18e8eb3e607
Commit Graph

1697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
6c0fe2ed45 Merge branch 'main' into add-missing-licences-for-stubbed-libraries 2021-02-23 17:14:28 +00:00
Owen Mansel-Chan
b7323bf9b6 Merge pull request #487 from sauyon/add-shati 
Add shati-patel to CODEOWNERS
 2021-02-23 17:11:28 +00:00
Sauyon Lee
f3969372a4 Add shati-patel to CODEOWNERS 2021-02-23 09:00:10 -08:00
Owen Mansel-Chan
4728b7a866 Add license files for stubbed dependencies 2021-02-23 16:29:17 +00:00
Sauyon Lee
a4b701d2c5 Merge pull request #480 from sauyon/go116 
Add preliminary support for go 1.16
 2021-02-23 08:16:12 -08:00
Owen Mansel-Chan
7e37c2b63a Merge pull request #485 from owen-mc/add-new-location-for-beego 
Add new module path for beego and xmlpath
 2021-02-23 11:06:47 +00:00
Owen Mansel-Chan
ff317e63de Remove http:// in package path 2021-02-22 15:11:59 +00:00
Owen Mansel-Chan
f32b4883bf Make use of URLs in comments more consistent 2021-02-22 15:08:20 +00:00
Owen Mansel-Chan
370afe3383 Fix incorrect calls to package() 2021-02-22 15:08:20 +00:00
Owen Mansel-Chan
083512acef Add extra module path for xmlpath package 2021-02-22 15:08:20 +00:00
Owen Mansel-Chan
2bcf73c9fb Add new module path for beego 
Beego moved from astaxie/beego to beego/beego on 13 Dec 2020. The
old location still works but is not being updated.
 2021-02-22 11:38:13 +00:00
Sauyon Lee
9e45b08178 Merge pull request #484 from sauyon/change-note-action 
Actions: Add change note checker
 2021-02-19 20:12:59 -08:00
Sauyon Lee
17cd04c6b2 Avoid attempting to build i386 darwin binaries 2021-02-19 10:20:29 -08:00
Sauyon Lee
65e6da9b0e Actions: Add change note checker 
Co-authored-by: Taus <tausbn@github.com>
 2021-02-19 09:40:50 -08:00
Sauyon Lee
23103fd8e0 Add support for 'path/filepath.WalkDir' 2021-02-19 07:59:13 -08:00
Sauyon Lee
82849fe91a Explicitly set GO111MODULE=off 2021-02-19 07:59:13 -08:00
Sauyon Lee
41cacd579f Model moved io/ioutil functions 2021-02-19 07:59:12 -08:00
Sauyon Lee
4056ac4ab5 os.FileInfo -> io/fs.FileInfo 2021-02-19 06:25:52 -08:00
Sauyon Lee
adc2f08b76 Add tests for go 1.16 libraries 2021-02-19 06:25:51 -08:00
Sauyon Lee
a327fb7e97 Add support for go 1.16 frameworks 2021-02-19 06:25:51 -08:00
Sauyon Lee
62ae3ec7c5 Add extractor test for go 1.16 2021-02-18 14:52:54 -08:00
Sauyon Lee
fc9bc68829 Add change note for go 1.16 2021-02-18 11:49:00 -08:00
Sauyon Lee
42939a70b8 Update go.mod to 1.16 2021-02-18 11:48:48 -08:00
Sauyon Lee
fee0355ea0 Update actions to use go 1.16 2021-02-18 11:48:36 -08:00
Sauyon Lee
e6d11fc99e Merge pull request #475 from sauyon/yaml 
Add models for gopkg.in/yaml
 2021-02-16 15:11:47 +00:00
Chris Smowton
2be66d1d74 Merge pull request #479 from smowton/smowton/admin/add-missing-change-notes 
Add missing change notes
 2021-02-16 09:58:29 +00:00
Owen Mansel-Chan
1c6a68ae93 Merge pull request #478 from owen-mc/update-logrus-model 
Simplify Logrus model
 2021-02-16 07:35:44 +00:00
Sauyon Lee
1acbfaafcc Add models for gopkg.in/yaml 2021-02-15 18:27:09 +00:00
Chris Smowton
95008d1ccb Update change-notes/2021-02-09-html-templates.md 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2021-02-15 14:39:24 +00:00
Chris Smowton
6f5f1c4829 Add missing change notes 2021-02-15 14:07:10 +00:00
Owen Mansel-Chan
46cc9e9fa4 Add change note 2021-02-15 13:51:01 +00:00
Owen Mansel-Chan
a2c0b6ade6 Merge pull request #464 from owen-mc/list-constants-sanitizers 
List of constants sanitizer guards (switch statement in function only)
 2021-02-15 11:39:40 +00:00
Owen Mansel-Chan
6d29a35ac9 Factor the duplicate code in LogCall 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-15 11:20:19 +00:00
Owen Mansel-Chan
68c54d43e6 Move code to TaintTrackingUtil.qll 2021-02-15 10:18:00 +00:00
Owen Mansel-Chan
ef94cde0b3 Simplify Logrus model 
Make methods which add data to entries sinks in their own right, rather
than trying to track the data flow of the entry to a later logging call.

This may cause some false positives, but only in the situation that
tainted data is added to an entry and that entry is never logged. It will
save us from false negatives when tainted data is added to an entry
which flows across a function boundary to a logging call.
 2021-02-15 09:18:34 +00:00
Owen Mansel-Chan
4a2a1871f7 Merge pull request #476 from owen-mc/model-zap 
Model zap
 2021-02-13 13:15:06 +00:00
Owen Mansel-Chan
1dc474650a Model zap 2021-02-11 14:35:36 +00:00
Chris Smowton
b9a1d9a17e Merge pull request #474 from sauyon/update-codeql 
Update actions codeql to 2.4.3
 2021-02-11 12:34:51 +00:00
Chris Smowton
2d08173631 Merge pull request #442 from monkey-junkie/main 
[CWE-369] Query for divide by zero detection
 2021-02-11 12:11:45 +00:00
Chris Smowton
b84aef6b83 Prevent getACalleeSource() from sharing magic with other users of getASuccessor* 
This avoids recursion through the magic side-condition as each discovery of a ListOfConstantsComparisonSanitizerGuard expands the set of things whose getASuccessor* is wanted, which in turn enlarges the set of transitive successors and causes getACalleeSource() to be pointlessly recomputed (pointlessly because all exprNode(getCalleeExpr())s were already computed)
 2021-02-11 10:29:30 +00:00
Sauyon Lee
9452df1a5c Update actions codeql to 2.4.3 2021-02-10 22:43:02 +00:00
Chris Smowton
617b5510d9 Merge pull request #465 from smowton/smowton/feature/less-equality-test-panic-edges 
Remove panicking edges leading from an equality test where possible
 2021-02-10 08:20:27 +00:00
user
c29ab8958f tests and docs updated 2021-02-10 00:26:46 +03:00
Your Name
4b24e5641e formatting + example 
fix

test fix

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-10 00:26:46 +03:00
Your Name
bd09868686 test fixed, comments added 
Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.qhelp

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-10 00:26:46 +03:00
Your Name
8c5e0a42b3 test fixed 
Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-10 00:26:40 +03:00
Your Name
41e808dab4 conversion detect + tests 2021-02-10 00:26:40 +03:00
Your Name
a77f36fba8 formatting fix 
Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>

Update ql/src/experimental/CWE-369/DivideByZero.ql

Co-authored-by: Chris Smowton <smowton@github.com>
 2021-02-10 00:26:33 +03:00
Chris Smowton
ef658b292a Fix join order for ListOfConstantsComparisonSanitizerGuard 2021-02-09 19:42:23 +00:00
Chris Smowton
1b9abc5310 Merge pull request #470 from sauyon/go116flagadd 
Add -overlay to recognized go build flags
 2021-02-09 18:31:41 +00:00