hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,235 Commits 1,671 Branches 157 Tags
75b13da4e422c6f00519b51a3d29017cebf40aab
Commit Graph

1485 Commits

Author SHA1 Message Date
amammad
d3099ff482 fix tests, move from SharedXss::Sink to Http::* classes 2023-12-06 15:52:50 +01:00
Owen Mansel-Chan
aad847497b Merge pull request #14962 from owen-mc/go/improve-tests-incorrect-integer-conversion 
Go: Improve tests for Incorrect Integer Conversion
 2023-12-06 07:40:00 +00:00
Owen Mansel-Chan
570538b4ec Merge pull request #14938 from owen-mc/go/improve-test-unhandled-close-writable-handle 
Go: improve test unhandled close writable handle
 2023-12-04 16:56:09 +00:00
Anders Schack-Mulligen
67f0529cda Dataflow: Sync. 2023-12-04 12:36:57 +01:00
Owen Mansel-Chan
d52b23db8e Improve tests for Incorrect Integer Conversion 
We changed the test query when the query was changed so that the
comments in the test file would stay the same.
I've reverted the test query and updated the comments in the test file.
This avoids problems in the branch switching to use-use flow.
 2023-11-30 11:58:10 +00:00
Owen Mansel-Chan
e958a75223 Add comments indicating whether results are expected at new calls 2023-11-30 11:48:10 +00:00
Owen Mansel-Chan
de87dd5dee Test no result if deferred function returns error 2023-11-28 14:23:37 +00:00
Owen Mansel-Chan
57dafd3732 Improve test for UnhandledCloseWritableHandle 
Now the different paths won't have the same two sources.
 2023-11-28 14:21:43 +00:00
dependabot[bot]
d2cad03e28 Bump the extractor-dependencies group in /go/extractor with 1 update 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).

- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-28 03:58:15 +00:00
amammad
ffe2e398c9 fix tests, add support for Response.BodyWriter() Thanks to @owen-mc 2023-11-25 15:36:37 +01:00
amammad
accc09fd8c Lists of strings should be in alphabetical order. In a QLDoc, there should be a full stop at the end of each sentence. shorter model summary. change target from getACall() to getACall().getResult(.). better tests 2023-11-25 13:36:06 +01:00
Owen Mansel-Chan
6f9a70475d Merge pull request #14882 from owen-mc/go/minor-fixes 
Go: improve CallNode documentation
 2023-11-24 10:36:07 +00:00
Owen Mansel-Chan
2c99e70e2b Merge pull request #14890 from owen-mc/go/fix-change-note-query-reference 
Go: Change how we refer to a query in a change note
 2023-11-23 14:15:05 +00:00
Owen Mansel-Chan
25a2aef623 Update library name in change note 2023-11-23 13:42:21 +00:00
Owen Mansel-Chan
25d5104468 Change how we refer to a query in a change note 2023-11-23 13:22:05 +00:00
Owen Mansel-Chan
a130c0f6b3 Merge branch 'main' into main 2023-11-22 16:50:41 +00:00
Owen Mansel-Chan
dd8fb29a65 Improve QLDocs of CallNode and MethodCallNode 
When a function is assigned to a variable and called through that
variable then we can't always tell it was a method.
 2023-11-22 16:32:10 +00:00
Owen Mansel-Chan
b147bacd48 Merge branch 'main' into amammad-go-fastHttp 2023-11-21 21:36:11 +00:00
amammad
2ad59a5403 fix SSRF sinks 2023-11-21 18:46:35 +01:00
Owen Mansel-Chan
d26dc68baa Merge pull request #14798 from owen-mc/go/improve-value-flow-through-slice-exprs 
Go: model value flow with array content through slice expressions
 2023-11-21 11:50:08 +00:00
github-actions[bot]
bad499e360 Post-release preparation for codeql-cli-2.15.3 2023-11-17 14:35:41 +00:00
Yunus AYDIN
9e5a80ac59 update select clause and expected file 2023-11-17 13:37:17 +03:00
Yunus AYDIN
7bf7e59017 update expected file 2023-11-17 13:06:46 +03:00
Yunus AYDIN
4f6421946c update the rule and select clause 2023-11-17 10:49:02 +03:00
Yunus AYDIN
43f100fd69 Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-17 10:40:42 +03:00
Yunus AYDIN
96646abab9 Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-17 10:40:32 +03:00
Yunus AYDIN
0091b83258 Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-17 10:40:18 +03:00
Yunus AYDIN
8ff38321a3 update rule and expected file 2023-11-17 00:08:01 +03:00
github-actions[bot]
6ec9b95072 Release preparation for version 2.15.3 2023-11-16 13:07:16 +00:00
Yunus AYDIN
8a24daf293 modify tests and rule 2023-11-15 19:38:16 +03:00
Owen Mansel-Chan
64bf6cc62b Update existing test (extra nodes, no extra alerts) 2023-11-15 15:33:09 +00:00
Owen Mansel-Chan
1ac3a9e8d3 Add change note 2023-11-15 15:12:58 +00:00
Owen Mansel-Chan
e0879969c9 Update tests 2023-11-15 15:08:48 +00:00
Owen Mansel-Chan
aaa8f9c41f Add read and store steps for SliceElementNode 2023-11-15 14:58:23 +00:00
Owen Mansel-Chan
2b897a9825 Add synthetic SliceElementNode 2023-11-15 14:58:21 +00:00
Owen Mansel-Chan
5af3e119a6 Test value flow through SliceExpr with array content 2023-11-15 14:57:53 +00:00
Yunus AYDIN
7877082869 fix tests code issues and expected file 2023-11-15 16:08:20 +03:00
Yunus AYDIN
1ed4d2ada7 remove database 2023-11-15 15:49:31 +03:00
Yunus AYDIN
1e915720e9 fix the rule issues 2023-11-15 15:49:09 +03:00
Yunus AYDIN
d5f254781e Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-15 15:11:02 +03:00
Yunus AYDIN
fa1fa0d19d Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-15 15:08:29 +03:00
Yunus AYDIN
74f1344ac5 Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-11-15 15:08:14 +03:00
Yunus AYDIN
9178cec0e6 fix test errors 2023-11-15 09:33:52 +03:00
Owen Mansel-Chan
83d1fc33e1 Add change note 2023-11-14 23:16:32 +00:00
Yunus AYDIN
2cea720f6e remove wcd directory 2023-11-14 20:19:49 +03:00
Yunus AYDIN
dbdf9e1a4f remove change-notes and fix build error 2023-11-14 20:19:28 +03:00
Yunus AYDIN
e576650293 remove qhelp file and add qlref 2023-11-14 17:23:42 +03:00
Owen Mansel-Chan
45faed057c Improve SliceExpr documentation 2023-11-14 11:25:16 +00:00
Yunus AYDIN
47ef123601 Fix Pull Requests Problems 2023-11-14 09:26:37 +03:00
Owen Mansel-Chan
c8779d0d0b Fix another test 
No change in alerts, just 3 extra nodes.
 2023-11-13 23:56:25 +00:00