hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
64,290 Commits 1,693 Branches 160 Tags
d182eae868aada28abe51ba5a29da13210f0fa16
Commit Graph

1330 Commits

Author SHA1 Message Date
Chris Smowton
9f84653283 Merge pull request #15613 from smowton/smowton/fix/golang-map-range-read-dataflow 
Golang: fix flow from a map value via a range statement
 2024-02-27 15:42:43 +00:00
Chris Smowton
a6480a4ca1 Autoformat again / tabify 2024-02-27 13:55:26 +00:00
Chris Smowton
74448c092a Autoformat / uglify 2024-02-27 13:49:12 +00:00
Chris Smowton
e62a0805db Add test for map literal 2024-02-27 13:44:52 +00:00
Chris Smowton
12213a0a08 Add test 2024-02-23 18:39:16 +00:00
Chris Smowton
d57160db5c Direct map stores via a post-update node 2024-02-23 16:37:26 +00:00
Tom Hvitved
62b16c0fa3 Share getFileBySourceArchiveName implementation 2024-02-23 11:25:49 +01:00
github-actions[bot]
37f8fa3413 Post-release preparation for codeql-cli-2.16.3 2024-02-20 16:50:47 +00:00
github-actions[bot]
6d061fbc35 Release preparation for version 2.16.3 2024-02-20 14:26:23 +00:00
Michael B. Gale
ea676469bb Merge pull request #15202 from github/mbg/go/1.22 
Go: Update workflows and expected test results for Go 1.22
 2024-02-20 12:32:57 +00:00
Tony Torralba
1704bfe2bf Merge pull request #15585 from atorralba/atorralba/go/promote-jwt-unsafe-verification 
Go: Promote `go/missing-jwt-signature-check` from experimental
 2024-02-19 15:35:44 +01:00
Tony Torralba
8b8cebd599 Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-02-19 08:59:03 +01:00
Michael B. Gale
25f0692e2c Go: Update expected results for TypeParamType 2024-02-16 17:33:30 +00:00
Tony Torralba
582f341d9e Add references to qhelp 2024-02-14 17:25:09 +01:00
Tony Torralba
f9638760ff Fix MaD rows 2024-02-14 17:25:08 +01:00
Tony Torralba
769ec16803 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-02-14 17:25:08 +01:00
Tony Torralba
5a82d2188a Fix double quotes in MaD row 2024-02-14 17:25:08 +01:00
Tony Torralba
85b22a2b98 Fix QHelp 2024-02-14 17:25:08 +01:00
Tony Torralba
ad7d40f0af Add missing QLDoc 2024-02-14 17:25:08 +01:00
Tony Torralba
2a30898af6 Go: Promote go/missing-jwt-signature-check from experimental 2024-02-14 17:25:03 +01:00
Tony Torralba
1202b5b429 Go: Use less confusing name for hardcoded credentials tests 
We don't want name-based heuristics to pick these variable names, but also using something like 'safeName' may mislead readers into believing the test cases are intended to be GOOD cases (i.e. safe)
 2024-02-14 17:06:05 +01:00
Chris Smowton
7ed73bc4ed change note 2024-02-14 15:45:03 +00:00
Chris Smowton
9016997b51 Golang: fix flow from a map value via a range statement 2024-02-14 14:56:24 +00:00
Tony Torralba
5ce35e47b9 Adjust a test case so that the key isn't considered dummy 
(len < 4)
 2024-02-14 13:06:31 +01:00
Tony Torralba
458bbb3581 Rename fwk module 2024-02-14 12:23:27 +01:00
Tony Torralba
16284fdd20 Discard sources that are obvious dummy values 2024-02-14 12:21:52 +01:00
Tony Torralba
a76de495e0 Simplify sanitizers 
Use DataFlow::returnedWithError instead
 2024-02-14 12:21:51 +01:00
Tony Torralba
6b74cb7e75 Remove unneeded $ANYVERSION 2024-02-14 12:21:51 +01:00
Tony Torralba
3fb422ca25 Split Jwt.qll into framework libraries, which makes more sense 2024-02-14 12:21:38 +01:00
Tony Torralba
8afaa231ee Update go/ql/lib/semmle/go/security/Jwt.qll 2024-02-14 12:15:20 +01:00
Tony Torralba
304998d50e Update go/ql/src/Security/CWE-798/HardcodedCredentials.ql 2024-02-14 12:15:20 +01:00
Tony Torralba
84d1d72497 Apply suggestions from code review 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-02-14 12:15:19 +01:00
Tony Torralba
750c8085cb Remove duplicated main from tests 2024-02-14 12:15:19 +01:00
Tony Torralba
ba1faea630 Go: Promote go/hardcoded-key from experimental 2024-02-14 12:15:14 +01:00
Michael B. Gale
205847df64 Go: Add DummyFile class 2024-02-13 17:49:31 +00:00
Michael B. Gale
c6f4495ada Go: Exclude dummy files from File 2024-02-13 17:46:41 +00:00
Anders Schack-Mulligen
3b8af1e52a Go: Add empty provenance column to expected files. 2024-02-09 11:32:07 +01:00
github-actions[bot]
b5139078d0 Post-release preparation for codeql-cli-2.16.2 2024-02-06 19:22:35 +00:00
github-actions[bot]
c1b35fbf47 Release preparation for version 2.16.2 2024-02-05 17:58:57 +00:00
Henry Mercer
10343dd822 Merge pull request #15416 from github/post-release-prep/codeql-cli-2.16.1 
Post-release preparation for codeql-cli-2.16.1
 2024-01-25 14:15:25 +00:00
Tony Torralba
3b7d6a4806 Go: Add AwsLambda to the global context 2024-01-24 11:33:26 +01:00
github-actions[bot]
d0b74c00fe Post-release preparation for codeql-cli-2.16.1 2024-01-23 23:02:29 +00:00
github-actions[bot]
7ef611e6dc Release preparation for version 2.16.1 2024-01-23 19:45:16 +00:00
erik-krogh
865df920f9 add change-notes 2024-01-22 19:30:57 +01:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Tony Torralba
8d6aa281b9 Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 10:48:34 +01:00
Tony Torralba
9a0fb39382 Model StartWithContext 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 09:25:35 +01:00
Tony Torralba
d3a9a5ec3f Update go/ql/lib/semmle/go/frameworks/AwsLambda.qll 
Co-authored-by: Chris Smowton <smowton@github.com>
 2024-01-19 09:22:46 +01:00
Tony Torralba
1d7dbec719 Go: Add flow sources for AWS Lambda function handlers 2024-01-18 15:17:21 +01:00
Michael B. Gale
783f006d62 Go: Update go clean -modcache comment 2024-01-17 16:04:13 +00:00