hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,207 Commits 1,672 Branches 157 Tags
7579f182ad310d97c68c49f3cdceaace5724637c
Commit Graph

729 Commits

Author SHA1 Message Date
Owen Mansel-Chan
bb3101e649 Merge pull request #13022 from owen-mc/go/identify-environment-fixes 
Go: `go-autobuilder --identify-environment` fixes
 2023-05-04 14:30:31 +01:00
Owen Mansel-Chan
d2cf1a24e0 Merge pull request #13014 from owen-mc/go/misc-go-cleanups 
Go: Misc go cleanups
 2023-05-04 10:34:32 +01:00
Owen Mansel-Chan
011c9272cf Remove inconsistent line break in message 2023-05-04 10:33:05 +01:00
Owen Mansel-Chan
c21b1a6e3b Be clear when no Go version in environment file 2023-05-04 10:32:21 +01:00
Owen Mansel-Chan
5d06adb1e6 Only check if go env version is supported if go mod version is supported 
This is what I meant to implement in the first place.
 2023-05-04 10:24:43 +01:00
Kasper Svendsen
a7f5decb2b Merge branch 'main' into kaspersv/go-enable-warn-on-implicit-this 2023-05-04 07:45:07 +02:00
Owen Mansel-Chan
62653fbec5 Simplify return statements in tryReadGoDirective 
This makes it easier to reason about what is returned and would have
avoided the bug with variable shadowing.
 2023-05-03 16:55:19 +01:00
Owen Mansel-Chan
d30b736eb2 Move check for EmitNewerGoVersionNeeded diagnostic 
This should only be done when --identify-environment has not been passed
 2023-05-03 16:52:48 +01:00
Owen Mansel-Chan
afb692300a Fix typo in field name 2023-05-03 16:46:44 +01:00
Owen Mansel-Chan
742a6d9264 Fix accidental variable shadowing 2023-05-03 16:32:53 +01:00
Owen Mansel-Chan
347b5f1b1a Remove unused code 2023-05-03 16:03:17 +01:00
Owen Mansel-Chan
509dda5af5 Use raw string literals to avoid double-escaping 2023-05-03 16:02:36 +01:00
Owen Mansel-Chan
4de4f35855 Merge pull request #12957 from owen-mc/go/autobuilder-identify-environment 
Go: Add `go-autobuilder --identify-environment`
 2023-05-03 16:01:45 +01:00
Kasper Svendsen
46727af948 Go: Enable warnings for implicit this receivers 2023-05-03 15:41:55 +02:00
Owen Mansel-Chan
3f645e9401 Merge pull request #13006 from kaspersv/kaspersv/go-explicit-this-receivers 
Go: Make implicit this receivers explicit
 2023-05-03 13:47:10 +01:00
Ian Lynagh
b56b843d13 Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 
Post-release preparation for codeql-cli-2.13.1
 2023-05-03 13:12:10 +01:00
Owen Mansel-Chan
841db151f6 Improve naming 2023-05-03 13:01:23 +01:00
Owen Mansel-Chan
0f134c6a3c Wrap long line 2023-05-03 12:52:11 +01:00
Owen Mansel-Chan
f86e540d2a msg is always non-empty 2023-05-03 12:50:58 +01:00
Owen Mansel-Chan
af2a9b21ab Add function comments 2023-05-03 12:47:28 +01:00
Owen Mansel-Chan
a9d3cfccd4 use severityNote for all diagnostics 2023-05-03 12:03:12 +01:00
Owen Mansel-Chan
532e1446f0 Change diagnostic ids and use "lower than or equal to" 2023-05-03 12:03:12 +01:00
Owen Mansel-Chan
4b88279ccc Improve usage message formatting 2023-05-03 12:03:11 +01:00
Kasper Svendsen
e969018f99 Go: Make implicit this receivers explicit 2023-05-03 12:45:42 +02:00
Owen Mansel-Chan
27fb42db76 Env var for path to environment file 2023-05-03 11:11:09 +01:00
Owen Mansel-Chan
0c6efb8c84 Add telemetry-only diagnostics 2023-05-02 17:17:06 +01:00
Owen Mansel-Chan
3bfcbbf7af Add unit test 2023-05-02 17:17:05 +01:00
Owen Mansel-Chan
0710ed97db Refactor to be more easily testable 2023-05-02 17:17:05 +01:00
Owen Mansel-Chan
2db304edee Choose which version to install and write file 2023-05-02 17:17:04 +01:00
Owen Mansel-Chan
644d7f18c2 Factor out tryReadGoDirective() 2023-05-02 14:15:03 +01:00
Owen Mansel-Chan
5e87111a8b Stop using deprecate io/ioutil package 2023-05-02 14:15:02 +01:00
Owen Mansel-Chan
1e2bdd88b1 Add --identify-environment flag 2023-05-02 14:15:01 +01:00
github-actions[bot]
18d4af994d Post-release preparation for codeql-cli-2.13.1 2023-05-02 10:50:20 +00:00
Anders Schack-Mulligen
ca09649679 Dataflow: Forward hasLocationInfo. 2023-05-02 10:48:32 +02:00
Anders Schack-Mulligen
5927bb2030 Dataflow: Replace "extends Node" with "instanceof Node". 2023-05-02 09:48:34 +02:00
Anders Schack-Mulligen
6c8cb0dc5e Merge pull request #12930 from aschackmull/dataflow/split-typedcontent 
Dataflow: Refactor access paths to split TypedContent into an explicit pair
 2023-05-01 14:58:15 +02:00
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
Michael B. Gale
edfe2d7ab7 Merge pull request #12944 from github/mbg/go/html-template-sanitizers 
Go: Add `html/template` functions as sanitisers for XSS queries
 2023-04-28 12:15:57 +01:00
Michael B. Gale
5a44fae515 Go: add test for unrelated A->C data flow 2023-04-28 10:56:12 +01:00
Michael B. Gale
72b082806b Go: Update html-template-escaping-passthrough 
Modify this query to apply sanitizers only in the data flow
between untrusted inputs and passthrough conversion types.
 2023-04-27 17:14:38 +01:00
Anders Schack-Mulligen
71ae0909d8 Dataflow: Enforce type pruning in all forward stages. 2023-04-27 14:55:26 +02:00
Anders Schack-Mulligen
9140cbefc0 Dataflow: Sync. 2023-04-27 14:55:23 +02:00
Michael B. Gale
1aa1153ed6 Go: Add html/template as XSS queries sanitizer 2023-04-26 21:21:52 +01:00
Anders Schack-Mulligen
d681671356 Dataflow: Sync. 2023-04-26 14:45:07 +02:00
Owen Mansel-Chan
1afe845ed3 Add missing "v" to semver version string 
Because it was missing, that function always returned +1,
so we were doing the wrong thing when the Go version
installed was lower than 1.16.
 2023-04-24 14:31:46 +01:00
Michael Nebel
656d8d2451 Sync files. 2023-04-20 11:29:51 +02:00
Owen Mansel-Chan
3ca04338ca Use named initialization for struct 2023-04-19 13:06:51 +01:00
Owen Mansel-Chan
219c1686fd Wrap return values of moveToTemporaryGopath in a struct 2023-04-19 12:40:23 +01:00
Owen Mansel-Chan
1bb006f43e Move defer statements to the right place 
It turns out that extracting defer statements into a separate function
changes behaviour.
 2023-04-19 12:20:52 +01:00
Owen Mansel-Chan
641f16b0df Factor out extract() 2023-04-19 12:20:52 +01:00