hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 06:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,037 Commits 1,684 Branches 159 Tags
bc9764fcde92f8bb7a7ee9eb085cbd7e2aeb420c
Commit Graph

1476 Commits

Author SHA1 Message Date
Dave Bartolomeo
12bb6728d1 Fix dependencies for Go test pack 2021-08-24 10:31:02 -04:00
Dave Bartolomeo
26fd45746c Move Go QL library files into separate pack 2021-08-24 10:31:02 -04:00
Dave Bartolomeo
6d829cfdf3 Modernize Go pack definitions 2021-08-24 10:31:01 -04:00
Ian Lynagh
6a86f1a91b Add getPrimaryQlClasses() 
This is a non-overridable predicate that concatenates all the
getAPrimaryQlClass() results into a comma-separated string.
 2021-08-24 13:03:24 +01:00
Sauyon Lee
dc00a17fd2 Add Xorm license 2021-08-23 08:15:57 -07:00
sn00py
474287dc9f Update SQL.qll 
remove package
 2021-08-23 08:15:57 -07:00
sn00py
7fc045e749 Add inline test for xorm 2021-08-23 08:15:57 -07:00
snoopywu
4975dccd34 Format SQL.qll 2021-08-23 08:15:57 -07:00
snoopywu
8c608bad21 Add Xorm support 2021-08-23 08:15:56 -07:00
Sauyon Lee
4a1daf173c fixup model changes 2021-08-19 14:04:38 -07:00
Sauyon Lee
d4aa572109 Add tests for Go 1.17 library changes 2021-08-19 14:02:30 -07:00
Sauyon Lee
c41502de1e Fix tests for go 1.17 2021-08-19 14:02:29 -07:00
Sauyon Lee
ef1238cdd3 Add test for conversion panic 2021-08-19 14:02:29 -07:00
Sauyon Lee
b1e91e578b Add models for library changes 2021-08-19 14:02:26 -07:00
Sauyon Lee
040b166eb2 Add new style build constraints and add test for the old style 2021-08-19 14:00:04 -07:00
Sauyon Lee
189070cf2c Add support for go:build style constraints 
This doesn't account for the new syntax, but there was no syntax
parsing in the old version anyway, and the only user doesn't currently
care about semantics
 2021-08-19 14:00:03 -07:00
Sauyon Lee
f39e43e5d0 Allow conversions to an array to panic 2021-08-19 14:00:03 -07:00
Sauyon Lee
ff1eb8ef43 Remove non-goific dot in method signatures 2021-08-19 12:36:59 -07:00
Owen Mansel-Chan
b96efc655e Improve grammar and punctuation 2021-08-18 11:54:06 +01:00
Owen Mansel-Chan
6f2040da51 Add security severity score 2021-08-18 11:54:06 +01:00
Owen Mansel-Chan
3bf2cf0ed8 Add precision metadata 2021-08-18 11:54:05 +01:00
Owen Mansel-Chan
9634e8d7b0 Update path in qlref file 2021-08-18 11:54:04 +01:00
Owen Mansel-Chan
ca01d55297 Promote insufficient key size query 
Files were just moved - changes made in next commit
 2021-08-18 11:54:04 +01:00
Chris Smowton
10e362a0f2 Merge pull request #562 from sauyon/remove-binary 
Remove accidentally added binary
 2021-08-17 19:55:26 +01:00
Sauyon Lee
dc50d73008 Remove accidentally added binary 2021-08-17 10:11:04 -07:00
Sam Partington
78a4823bde Ensure all 3 IDs are considered 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-08-17 09:53:11 +01:00
Sam Partington
4e36d1f52f Add a query suite for new experimental "developer happiness" queries 
These are the queries added in https://github.com/github/codeql-go/pull/558.
 2021-08-16 18:05:31 +01:00
Sauyon Lee
4c5d3ff344 Move defer in loop query to experimental 2021-08-12 10:13:30 -07:00
Sauyon Lee
02396dbd04 Add database query in loop query 
co-authored-by: Robert <robertbrignull@github.com>
co-authored-by: Sam Partington <sampart@github.com>
 2021-08-11 18:15:23 -07:00
Sauyon Lee
1ffeb26a61 Add query for a GORM error not checked 
co-authored-by: Sam Partington <sampart@github.com>
co-authored-by: Robin Neatherway <rneatherway@github.com>
 2021-08-11 18:15:23 -07:00
Chris Smowton
e39753c72a Merge pull request #552 from github/deferinloop-kind 
Add @kind to deferinloop.ql
 2021-07-19 11:17:26 +01:00
Chris Smowton
b03513bcd2 Merge pull request #542 from gagliardetto/cors-misconfig 
Add query to detect CORS misconfiguration
 2021-07-16 16:12:15 +01:00
Chris Smowton
87afdae1c7 use hasFlowTo where possible 2021-07-16 14:38:05 +01:00
Sam Partington
e227a4315f Add @kind to deferinloop.ql 
Required to use this query with the CodeQL CLI
 2021-07-16 14:25:58 +01:00
Slavomir
52b650a1be Add AllowOriginHeaderWrite and AllowCredentialsHeaderWrite classes 2021-07-16 00:01:55 +02:00
Slavomir
e92738a93f Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2021-07-16 00:42:36 +03:00
Chris Smowton
73227f12df Merge pull request #539 from gagliardetto/fiber 
Add web framework: github.com/gofiber/fiber
 2021-07-15 17:53:45 +01:00
Slavomir
d252d6003f Remove Protocol as UntrustedFlowSource 2021-07-15 16:20:33 +02:00
Slavomir
498332c186 Mention Fiber.json in Fiber.qll 2021-07-15 15:15:10 +02:00
Slavomir
7d1a632b61 Move fiber spec in the same folder as source 2021-07-15 15:12:02 +02:00
Slavomir
92e0f02d2a Remove special cases inside if 2021-07-15 15:06:28 +02:00
Slavomir
66bd56f444 Don't use any() as sink 2021-07-05 13:14:56 +02:00
Edoardo Pirovano
65a34b4aa6 Performance: Remove pragma[noopt] 2021-06-22 10:05:53 +01:00
Chris Smowton
52028cf363 Merge pull request #547 from edoardopirovano/fix-join-order 
Performance: Fix bad join ordering
 2021-06-21 20:11:22 +01:00
Edoardo Pirovano
a7c656db8b Performance: Fix bad join ordering 2021-06-21 18:58:35 +01:00
Slavomir
c0f195ba16 Reduce false positives 2021-06-19 22:25:51 +02:00
edvraa
ac777d237d autoformat 2021-06-17 09:23:26 +01:00
edvraa
0456d4793a Fix path tracking 2021-06-17 09:23:26 +01:00
edvraa
4576b16f30 Use dataflow gettype 2021-06-17 09:23:26 +01:00
edvraa
062acedd49 Unify and make getValueForFieldWrite private 2021-06-17 09:23:26 +01:00