2057 Commits

Author	SHA1	Message	Date
Cornelius Riemenschneider	b9da01a384	Merge remote-tracking branch 'origin/main' into criemen/new-pkg	2024-06-03 15:47:15 +02:00
Chuan-kai Lin	8d5bb21643	Merge pull request #16642 from github/post-release-prep/codeql-cli-2.17.4 ... Post-release preparation for codeql-cli-2.17.4	2024-05-31 09:08:03 -07:00
github-actions[bot]	a19149032f	Post-release preparation for codeql-cli-2.17.4	2024-05-31 14:49:11 +00:00
Paolo Tranquilli	096a31dbef	Mark all integration tests as legacy ... This is in preparation for the new integration test framework. Tests marked thus will be run by the current framework and ignored by the new one.	2024-05-31 16:04:50 +02:00
github-actions[bot]	a22e70373a	Release preparation for version 2.17.4	2024-05-31 13:40:51 +00:00
Owen Mansel-Chan	d112073a13	Edit change note	2024-05-30 21:04:05 +01:00
Owen Mansel-Chan	ffc25add70	Accept test changes	2024-05-30 21:01:06 +01:00
Owen Mansel-Chan	a5c392ed4b	Add back taint models for append and copy ... This is needed when they are used with string arguments.	2024-05-30 21:01:03 +01:00
Chuan-kai Lin	b41835a7d9	Revert "Release preparation for version 2.17.4"	2024-05-30 09:25:15 -07:00
Cornelius Riemenschneider	dcd44859f5	Go: Move to new packaging rules.	2024-05-30 14:25:17 +02:00
Owen Mansel-Chan	7ff1eabfc3	Add tests (mostly failing) for writes to global variables ... This was based on the equivalent for java: https://github.com/github/codeql/pull/16500	2024-05-29 16:07:16 +01:00
Anders Schack-Mulligen	2f95851537	Merge pull request #16603 from aschackmull/dataflow/location ... Dataflow/Go: Add getLocation to DataFlowCall and DataFlowCallable for easier debugging.	2024-05-29 08:58:22 +02:00
github-actions[bot]	906b65d09c	Post-release preparation for codeql-cli-2.17.4	2024-05-28 18:02:25 +00:00
github-actions[bot]	33b4ae8bbb	Release preparation for version 2.17.4	2024-05-28 15:44:32 +00:00
Anders Schack-Mulligen	3b12f69dd9	Dataflow/Go: Add getLocation to calls and callables for easier debugging.	2024-05-28 13:47:08 +02:00
Anders Schack-Mulligen	1432519cc2	Dataflow: Add totalorder predicates to all languages.	2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen	bc8ca1af86	Dataflow: Introduce NodeRegions for use in isUnreachableInCall.	2024-05-27 11:01:51 +02:00
Dave Bartolomeo	613ccaac1d	Add change note to all v1.0.0 packs	2024-05-23 13:01:22 -04:00
Dave Bartolomeo	ffe4c8c87b	Update all pack versions to 1.0.0	2024-05-22 13:39:08 -04:00
Anders Schack-Mulligen	f931c8d836	Go: Accept qltest .expected file changes.	2024-05-22 15:39:47 +02:00
Anders Schack-Mulligen	8db9187698	Go: Accept qltest .expected file changes (interesting).	2024-05-22 15:38:01 +02:00
Rasmus Wriedt Larsen	2451a6d3f6	Accept .expected changes	2024-05-21 14:47:42 +02:00
Tom Hvitved	454687d583	Data flow: Synthesize parameter return nodes	2024-05-21 14:47:42 +02:00
Erik Krogh Kristensen	bfc95c6f13	Merge pull request #16510 from erik-krogh/go-command ... Go: Update the QHelp for `go/command-injection`.	2024-05-17 17:45:10 +02:00
erik-krogh	384649b336	changes based on review, and improve the new command-injection test	2024-05-17 08:38:54 +02:00
erik-krogh	2848ccf0e2	fix frontend errors that Go complained about	2024-05-16 20:06:26 +02:00
erik-krogh	08c0d8ec60	autoformat go files	2024-05-16 19:59:40 +02:00
erik-krogh	9aeebc6f39	update the QHelp to add a "--" example	2024-05-16 19:49:22 +02:00
Owen Mansel-Chan	2dd42f7aa5	Merge pull request #16509 from owen-mc/go/fix-missing-underlying-types ... Go: make two barriers recognise named types whose underlying types are integer types	2024-05-16 12:41:42 +01:00
Owen Mansel-Chan	8cc118f781	Add change note	2024-05-16 11:16:54 +01:00
Owen Mansel-Chan	b008f98782	Fix missing getUnderlyingType() calls ... In both cases we also care about named types whose underlying type is an integer type.	2024-05-16 11:10:15 +01:00
Owen Mansel-Chan	410543f26b	Add change note	2024-05-16 10:10:22 +01:00
Owen Mansel-Chan	e71cf0ff1d	Use value flow instead of taint flow	2024-05-16 10:10:18 +01:00
Owen Mansel-Chan	5dbb91f508	Merge pull request #16504 from owen-mc/go/allow-array-reads-from-named-types ... Go: allow read and store steps from named types	2024-05-16 09:47:54 +01:00
erik-krogh	ea2b73bda2	add a sanitizer that checks that the string does not start with "--"	2024-05-16 09:25:19 +02:00
erik-krogh	b9a7f6a8f7	add regexp check as a sanitizer for command-injection	2024-05-16 08:55:03 +02:00
erik-krogh	761f9cac97	make a new go/command-injection qhelp	2024-05-16 08:54:55 +02:00
erik-krogh	e2a4c2aa1b	move the code samples for the Go command-injection queries to an examples/ folder	2024-05-16 08:54:54 +02:00
Owen Mansel-Chan	6ffa821aa3	Add change note	2024-05-16 00:41:28 +01:00
Owen Mansel-Chan	21ff705b73	Fix bug with read/store steps and named types	2024-05-16 00:35:45 +01:00
Owen Mansel-Chan	1af3374322	Add tests for data flow through ranged for loops ... Including the case where the type of the domain is a named type rather than an array type or map type or whatever.	2024-05-16 00:32:30 +01:00
Owen Mansel-Chan	253965096b	Merge branch 'main' into workflow/coverage/update	2024-05-15 10:10:44 +01:00
Michael B. Gale	964b3f2339	Merge pull request #16480 from github/mbg/go/improve-script-fail-message ... Go: Improve log messages in `buildWithoutCustomCommands`	2024-05-15 10:00:30 +01:00
Michael B. Gale	586e90043a	Merge pull request #16462 from github/mbg/go/add-resolve-env-tests ... Go: Add tests for `resolve build-environment`	2024-05-15 09:59:52 +01:00
Michael B. Gale	38e1065b24	Go: Document return values for Autobuild	2024-05-15 09:38:31 +01:00
Michael B. Gale	28c8611f93	Go: Add build-environment.expected for linux-only tests	2024-05-15 09:34:28 +01:00
Michael B. Gale	b44ad2d39f	Go: Add missing diagnostics.expected file	2024-05-15 09:33:44 +01:00
Michael B. Gale	7e10f212cd	Go: Move resolve build-environment test into subdirectory	2024-05-15 08:54:24 +01:00
Michael B. Gale	7cf61ffb18	Go: Add integration test for resolve build-environment	2024-05-15 08:51:54 +01:00
Michael B. Gale	eb2e587637	Go: Add build-environment.expected files	2024-05-15 08:41:31 +01:00