codeql

mirror of https://github.com/github/codeql.git synced 2026-03-31 04:38:18 +02:00

Author	SHA1	Message	Date
erik-krogh	d5c45056bd	fix some more style-guide violations in the alert-messages	2022-10-07 11:21:01 +02:00
Chris Smowton	812a5e5c74	Autoformat test.go	2022-10-06 14:08:56 +01:00
gregxsunday	9960d11042	added RequestBody source to Beego framework	2022-10-06 13:23:56 +02:00
erik-krogh	175d3acf4d	reword alert-message `go/user-controlled-bypass` to avoid using "here"	2022-09-20 22:51:35 +02:00
erik-krogh	83bedc0320	be more specific about what the source is in `go/suspicious-character-in-regex`, which also avoids using "here" in the alert-message	2022-09-20 22:51:35 +02:00
erik-krogh	1be14962a0	use "depends to" for a taint-tracking query	2022-09-20 22:51:35 +02:00
erik-krogh	c241185c21	avoid more instances of "this location" and "here" in alert-messages	2022-09-20 22:51:35 +02:00
erik-krogh	2602a38d94	update expected test output	2022-09-20 22:51:35 +02:00
erik-krogh	26d8553f6e	ensure consistent casing of names	2022-09-09 10:34:14 +02:00
Erik Krogh Kristensen	06afe9c0f4	Merge pull request #9816 from erik-krogh/msgConsis Make alert messages consistent across languages	2022-08-25 15:20:01 +02:00
Ian Lynagh	b9a4b5ab9a	Make *.qlref non-executable	2022-08-24 16:53:16 +01:00
erik-krogh	1c0f2251e2	Merge branch 'main' into msgConsis	2022-08-24 14:38:57 +02:00
Michael Nebel	2e273f2273	C#: Re-arange the import order, such that CsvValidation follows ExternalFlow directly.	2022-08-24 09:58:54 +02:00
Michael Nebel	37976d56bc	C#/Java/Go/Swift: Move CsvValidation back into ExternalFlow.	2022-08-24 09:58:53 +02:00
Michael Nebel	37f01fe10e	Go: Re-factor CSV validation into separate file.	2022-08-24 09:58:52 +02:00
erik-krogh	7e0bd5bde4	update expected output of tests	2022-08-22 21:41:47 +02:00
erik-krogh	e89e0eb7fb	make some acronyms camelCase	2022-08-22 21:22:35 +02:00
Chris Smowton	25195bb0ba	Merge pull request #10103 from smowton/smowton/feature/golang-1.19-support Go: support go 1.19	2022-08-22 16:49:11 +01:00
Chris Smowton	f3ef8510d3	Merge pull request #10093 from smowton/smowton/feature/java-singular-locations Java: pick an arbitrary representative location when an entity has many candidate locations.	2022-08-22 09:32:43 +01:00
Chris Smowton	259b942fac	Indent blocks that gofmt would mistake for markdown As of go 1.19 it will try to format markdown nicely, but in both these cases the formatting isn't supposed to be interpreted this way, so indent it to make it a preformatted block.	2022-08-19 19:06:21 +01:00
Chris Smowton	8d20b9cf52	Use hasLocationInfo to match several Location fields at once	2022-08-19 19:03:17 +01:00
Chris Smowton	1ea7caf559	Fix join ordering in inline-expectations test	2022-08-19 18:17:22 +01:00
Chris Smowton	e2afc80aff	Autoformat go	2022-08-19 10:29:45 +01:00
Chris Smowton	45f922b3f2	Add models for Go 1.19's new url.JoinPath and URL.JoinPath functions	2022-08-19 10:29:45 +01:00
Chris Smowton	6068f63e9e	Add taint models for go 1.19's new fmt.Append functions	2022-08-19 10:29:45 +01:00
Chris Smowton	d2055283de	Add models for go 1.19's new atomic pointer typex	2022-08-18 17:47:13 +01:00
Erik Krogh Kristensen	4f93f2b9ba	Merge pull request #10076 from erik-krogh/ql-for-ql-fixes various QL-for-QL fixes	2022-08-18 15:46:48 +02:00
Chris Smowton	3802deab70	Adjust test expectations re: reformatting	2022-08-17 17:31:27 +01:00
Chris Smowton	e33ddbdcfd	Format go	2022-08-17 16:42:06 +01:00
Chris Smowton	077bae55fe	Go: don't use WriteNode for channel writes I overlooked the fact that this has a WriteInstruction, which wasn't bound in the channel-write case, but somehow the evaluator discarded the implied cartesian product until last night's performance evaluation. Rather than try to cram channel writes into WriteInstruction, just handle them as their own beast.	2022-08-17 14:27:16 +01:00
erik-krogh	8066e39d07	delete some redundant imports	2022-08-17 13:50:04 +02:00
Chris Smowton	bf24d7886a	Accept test changes	2022-08-10 18:10:02 +01:00
Anders Schack-Mulligen	df6d68b215	Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class Dataflow: Deprecate BarrierGuard class	2022-06-22 10:44:08 +02:00
Anders Schack-Mulligen	406f5b525b	Go: Deprecate and replace BarrierGuard class	2022-06-20 15:46:27 +02:00
Rasmus Wriedt Larsen	b65a10d1ef	Inline Expectation Tests: sync	2022-06-17 17:38:19 +02:00
Rasmus Wriedt Larsen	50196d099b	Inline Expectation Tests: sync	2022-06-03 11:39:57 +02:00
Rasmus Wriedt Larsen	07c22a857f	Merge pull request #9420 from RasmusWL/sync-go-inline Go: Sync InlineExpectationsTest	2022-06-03 11:37:13 +02:00
Chris Smowton	04422eeaee	Merge pull request #9378 from porcupineyhairs/goJwtSign Golang : Add query to detect JWT signing vulnerabilities	2022-06-02 20:53:03 +01:00
Chris Smowton	d5ac7190cc	Remove duplicate function	2022-06-02 17:02:54 +01:00
Porcupiney Hairs	361b7037c6	Include suggested changes from review.	2022-06-02 19:11:44 +05:30
Rasmus Wriedt Larsen	0b486ade9b	Go: Autoformat	2022-06-02 15:12:13 +02:00
Rasmus Wriedt Larsen	aadf7aefb0	Go: Use new location in `hasLocationInfo`	2022-06-02 15:05:58 +02:00
Rasmus Wriedt Larsen	3f857e113c	Go: Adjust `hasActualResult` overrides	2022-06-02 14:55:27 +02:00
Rasmus Wriedt Larsen	86caf747f3	Go: Sync InlineExpectationsTest	2022-06-02 14:54:51 +02:00
Porcupiney Hairs	1ef42a11ad	Include suggested changes from review.	2022-06-02 16:04:29 +05:30
Porcupiney Hairs	ae2bc1b410	Include suggested changes from review.	2022-05-31 23:10:57 +05:30
Porcupiney Hairs	e0f74a51ac	Include suggested changes from review.	2022-05-31 17:17:54 +05:30
Porcupiney Hairs	bd1ddc177e	Golang : Add query to detect JWT signing vulnerabilities Supersedes github/codeql-go#705	2022-05-31 01:56:59 +05:30
Porcupiney Hairs	ae2cc378e5	Golang : Add Query To Detect PAM Authorization Bugs	2022-05-31 01:28:55 +05:30
Chuan-kai Lin	c58b5397c2	Go: delete test qhelp file There shouldn't be qhelp files in the ql/test tree. https://github.com/github/codeql/pull/8631#issuecomment-1087316116	2022-05-20 10:22:47 -07:00

1 2

51 Commits