hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-21 18:34:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
61,938 Commits 1,683 Branches 158 Tags
c870b0d4e96beb168e2766f908fbcb8d87af94de
Commit Graph

700 Commits

Author SHA1 Message Date
Owen Mansel-Chan
5675df842e Merge pull request #15054 from owen-mc/go/find-more-callees-for-captured-variables 
Go: Also follow jump steps when looking for a callee source
 2023-12-12 15:49:15 +00:00
Owen Mansel-Chan
0fb58caa8c Update go/ql/lib/change-notes/2023-12-08-find-more-callees-for-captured-functions.md 
Co-authored-by: Chris Smowton <smowton@github.com>
 2023-12-11 20:42:48 +00:00
Owen Mansel-Chan
2e2a82c237 Add change note 2023-12-08 23:33:58 +00:00
Owen Mansel-Chan
40b3598fd0 Also follow jump steps when looking for a callee source 
This is needed because capturing a variable is a jump step
and we want to find a callee source for captured functions.
 2023-12-08 18:44:14 +00:00
Anders Schack-Mulligen
67f0529cda Dataflow: Sync. 2023-12-04 12:36:57 +01:00
Owen Mansel-Chan
6f9a70475d Merge pull request #14882 from owen-mc/go/minor-fixes 
Go: improve CallNode documentation
 2023-11-24 10:36:07 +00:00
Owen Mansel-Chan
25a2aef623 Update library name in change note 2023-11-23 13:42:21 +00:00
Owen Mansel-Chan
25d5104468 Change how we refer to a query in a change note 2023-11-23 13:22:05 +00:00
Owen Mansel-Chan
dd8fb29a65 Improve QLDocs of CallNode and MethodCallNode 
When a function is assigned to a variable and called through that
variable then we can't always tell it was a method.
 2023-11-22 16:32:10 +00:00
Owen Mansel-Chan
d26dc68baa Merge pull request #14798 from owen-mc/go/improve-value-flow-through-slice-exprs 
Go: model value flow with array content through slice expressions
 2023-11-21 11:50:08 +00:00
github-actions[bot]
bad499e360 Post-release preparation for codeql-cli-2.15.3 2023-11-17 14:35:41 +00:00
github-actions[bot]
6ec9b95072 Release preparation for version 2.15.3 2023-11-16 13:07:16 +00:00
Owen Mansel-Chan
1ac3a9e8d3 Add change note 2023-11-15 15:12:58 +00:00
Owen Mansel-Chan
aaa8f9c41f Add read and store steps for SliceElementNode 2023-11-15 14:58:23 +00:00
Owen Mansel-Chan
2b897a9825 Add synthetic SliceElementNode 2023-11-15 14:58:21 +00:00
Owen Mansel-Chan
83d1fc33e1 Add change note 2023-11-14 23:16:32 +00:00
Owen Mansel-Chan
45faed057c Improve SliceExpr documentation 2023-11-14 11:25:16 +00:00
Owen Mansel-Chan
ed349f7d6b Improve value flow through arrays 2023-11-13 23:26:16 +00:00
Owen Mansel-Chan
359dcf37e9 Merge pull request #14649 from Kwstubbs/go-cors 
Go: Add Cors Gin Support
 2023-11-13 15:46:59 +00:00
Tom Hvitved
af7b295c59 Address review comments 2023-11-07 13:01:19 +01:00
Kevin Stubbings
57c645bd24 Added support for same struct and added new test 2023-11-05 22:34:35 -08:00
Kevin Stubbings
1f2e8d898d Address Feedback 2023-11-05 14:28:34 -08:00
Kevin Stubbings
3697ef72c4 Small changes 2023-10-31 12:23:18 -07:00
Kevin Stubbings
5cab25662c Address issues 2023-10-31 11:50:51 -07:00
Kevin Stubbings
020b4becfd Finish up 2023-10-31 11:00:00 -07:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Kevin Stubbings
e0782683eb Added gin cors framework 2023-10-27 17:50:43 -07:00
Owen Mansel-Chan
c1ecd5a0da Merge pull request #14608 from Kwstubbs/golang-cookie-reflectedxss-sanitizer 
Go: GoAdd Cookie Sanitizer to Reflected XSS
 2023-10-27 21:47:39 +01:00
Kevin Stubbings
ce0104799a Fix minor issues 2023-10-27 11:42:22 -07:00
Owen Mansel-Chan
d534c93ff1 Merge pull request #14606 from owen-mc/go/incorrect-integer-conversion-fixes 
Go: Two fixes to upper bound checks in "incorrect integer conversion" query
 2023-10-27 14:50:11 +01:00
Owen Mansel-Chan
581305b234 Improve QLDoc for UpperBoundCheckGuard 2023-10-27 10:59:20 +01:00
Owen Mansel-Chan
8beacb8d4a Change predicate name from getX to getOrder 2023-10-27 10:44:42 +01:00
Kevin Stubbings
52a0fdabcf formatting 2023-10-27 00:03:30 -07:00
Kevin Stubbings
e6e87a44a3 Add change note 2023-10-26 12:36:35 -07:00
Owen Mansel-Chan
b451adabfc Two small QLDoc improvements 2023-10-26 17:10:12 +01:00
Owen Mansel-Chan
896a3c65be Avoid doing float arithmetic with large integers 
There is the possibility of overflow.
 2023-10-26 17:09:53 +01:00
Owen Mansel-Chan
570ca3b6fe Fix upper bound check to make test pass 2023-10-26 17:08:19 +01:00
Owen Mansel-Chan
0ed01453b9 Fix getMaxIntValue to accept bitSize 64 2023-10-26 12:27:43 +01:00
Kevin Stubbings
21e4a5b2d5 Add Cookie Sanitizer 2023-10-25 22:07:08 -07:00
Kevin Stubbings
dafcd5ec98 Added support for Gin CORS 2023-10-25 17:23:10 -07:00
Owen Mansel-Chan
27646ce971 Merge pull request #14547 from owen-mc/go/enable-data-flow-consistency-checks 
Go: make data flow consistency checks available (and fix some)
 2023-10-25 11:15:44 +01:00
Owen Mansel-Chan
0ba0063e6d Update go/ql/lib/change-notes/2023-10-20-enclosing-callable-for-external-files.md 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2023-10-20 13:37:44 +01:00
Owen Mansel-Chan
da68153a96 Fix change note name and location 2023-10-20 11:24:25 +01:00
Owen Mansel-Chan
e19ebf9ca8 Add external file scope 2023-10-19 16:48:38 +01:00
Owen Mansel-Chan
563805ff0c Fix nodeGetEnclosingCallable 
It wasn't updated when MkImplicitVarargsSlice was added as a branch of
TNode. This meant that it gave no result for `ImplicitVarargsSlice`s
in function calls used to initialise variables declared at file level.
 2023-10-19 16:48:37 +01:00
Owen Mansel-Chan
67601b5312 Add DataFlowImplConsistency.qll for Go library 2023-10-19 11:43:00 +01:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Owen Mansel-Chan
53561008a1 Merge pull request #14445 from owen-mc/go/automated-mad-coverage-report 
Go: automated mad coverage report
 2023-10-15 21:49:47 +01:00