hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-29 23:26:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,239 Commits 1,673 Branches 157 Tags
codeql-cli/v2.15.2
Commit Graph

1090 Commits

Author SHA1 Message Date
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Owen Mansel-Chan
c1ecd5a0da Merge pull request #14608 from Kwstubbs/golang-cookie-reflectedxss-sanitizer 
Go: GoAdd Cookie Sanitizer to Reflected XSS
 2023-10-27 21:47:39 +01:00
Kevin Stubbings
57cbacb495 test.go change 2023-10-27 12:07:51 -07:00
Kevin Stubbings
ce0104799a Fix minor issues 2023-10-27 11:42:22 -07:00
Owen Mansel-Chan
d534c93ff1 Merge pull request #14606 from owen-mc/go/incorrect-integer-conversion-fixes 
Go: Two fixes to upper bound checks in "incorrect integer conversion" query
 2023-10-27 14:50:11 +01:00
Owen Mansel-Chan
3c9783c7c9 Add change note 2023-10-27 11:12:37 +01:00
Owen Mansel-Chan
581305b234 Improve QLDoc for UpperBoundCheckGuard 2023-10-27 10:59:20 +01:00
Owen Mansel-Chan
8beacb8d4a Change predicate name from getX to getOrder 2023-10-27 10:44:42 +01:00
Kevin Stubbings
52a0fdabcf formatting 2023-10-27 00:03:30 -07:00
Kevin Stubbings
135923c9c1 Change XNetHtmltest 2023-10-26 20:48:38 -07:00
Kevin Stubbings
e6e87a44a3 Add change note 2023-10-26 12:36:35 -07:00
Owen Mansel-Chan
b451adabfc Two small QLDoc improvements 2023-10-26 17:10:12 +01:00
Owen Mansel-Chan
896a3c65be Avoid doing float arithmetic with large integers 
There is the possibility of overflow.
 2023-10-26 17:09:53 +01:00
Owen Mansel-Chan
570ca3b6fe Fix upper bound check to make test pass 2023-10-26 17:08:19 +01:00
Owen Mansel-Chan
773f46d3b4 Add failing test for upper bound checks 2023-10-26 16:58:36 +01:00
Owen Mansel-Chan
0ed01453b9 Fix getMaxIntValue to accept bitSize 64 2023-10-26 12:27:43 +01:00
Owen Mansel-Chan
39eeed9238 Add failing test showcasing problem 2023-10-26 10:20:27 +01:00
Kevin Stubbings
21e4a5b2d5 Add Cookie Sanitizer 2023-10-25 22:07:08 -07:00
Owen Mansel-Chan
27646ce971 Merge pull request #14547 from owen-mc/go/enable-data-flow-consistency-checks 
Go: make data flow consistency checks available (and fix some)
 2023-10-25 11:15:44 +01:00
Chris Smowton
e301223644 Merge pull request #14541 from JarLob/patch-3 
fix CWE number
 2023-10-23 15:05:02 +01:00
Owen Mansel-Chan
0ba0063e6d Update go/ql/lib/change-notes/2023-10-20-enclosing-callable-for-external-files.md 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2023-10-20 13:37:44 +01:00
Owen Mansel-Chan
da68153a96 Fix change note name and location 2023-10-20 11:24:25 +01:00
Owen Mansel-Chan
e19ebf9ca8 Add external file scope 2023-10-19 16:48:38 +01:00
Owen Mansel-Chan
563805ff0c Fix nodeGetEnclosingCallable 
It wasn't updated when MkImplicitVarargsSlice was added as a branch of
TNode. This meant that it gave no result for `ImplicitVarargsSlice`s
in function calls used to initialise variables declared at file level.
 2023-10-19 16:48:37 +01:00
Owen Mansel-Chan
a3cecd178f Add consistency query 
This can be run on an existing database to check for any assumptions
of the data flow library which do not hold.
 2023-10-19 16:47:56 +01:00
Owen Mansel-Chan
67601b5312 Add DataFlowImplConsistency.qll for Go library 2023-10-19 11:43:00 +01:00
Jaroslav Lobačevski
2b541b78ac fix CWE number 2023-10-19 09:36:25 +02:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Owen Mansel-Chan
53561008a1 Merge pull request #14445 from owen-mc/go/automated-mad-coverage-report 
Go: automated mad coverage report
 2023-10-15 21:49:47 +01:00
BD
0ef83b3c74 Merge branch 'main' into enable-gokit-by-default 2023-10-15 10:22:27 +05:30
Owen Mansel-Chan
5fcdb9e112 Merge pull request #14442 from owen-mc/go/test-qldoc-coverage 
Fix module name
 2023-10-11 23:45:53 +01:00
Owen Mansel-Chan
286271340e Merge branch 'main' into go/automated-mad-coverage-report 2023-10-11 21:31:25 +01:00
Owen Mansel-Chan
e300440a8b Delete redundant import 2023-10-11 21:28:31 +01:00
Owen Mansel-Chan
06a600c7fb Set up automated coverage reports for Go 
Copied from https://github.com/github/codeql/pull/6148
 2023-10-11 21:09:54 +01:00
Henry Mercer
1a370bfbbe Merge pull request #14443 from github/post-release-prep/codeql-cli-2.15.0 
Post-release preparation for codeql-cli-2.15.0
 2023-10-11 17:39:04 +01:00
github-actions[bot]
ae6af17c74 Post-release preparation for codeql-cli-2.15.0 2023-10-11 14:19:20 +00:00
Owen Mansel-Chan
b6bf4d04ff Fix module name 2023-10-11 14:47:46 +01:00
Michael B. Gale
7a98afe6ec Merge pull request #14439 from github/mbg/go/workspace-experiments 
Go: Move `go.mod` into `extractor` subdirectory
 2023-10-11 14:11:07 +01:00
Michael B. Gale
7d7d90e7e0 Update expected test output 2023-10-11 13:18:27 +01:00
Michael B. Gale
94b0bc1e35 Move go.mod into extractor directory 2023-10-11 13:10:20 +01:00
Owen Mansel-Chan
477d8f8b9a Merge pull request #14064 from amammad/amammad-go-NewFileSystemAccess 
Go: New File System Access Sinks
 2023-10-11 12:58:38 +01:00
Owen Mansel-Chan
96543b8337 Merge pull request #14075 from amammad/amammad-go-JWT 
Go: Improved JWT query, JWT decoding without verification
 2023-10-11 12:31:43 +01:00
Owen Mansel-Chan
8a3aa2c767 Fix formatting 2023-10-11 11:46:31 +01:00
amammad
5e273238ca fix qldoc 2023-10-11 10:33:44 +02:00
amammad
4499048d8e better query quality thanks to owen 2023-10-10 23:41:45 +02:00
amammad
877605d31b change c to C for fixing the qhelp error :) 2023-10-10 23:35:05 +02:00
amammad
b6968d9260 fix beego tests 2023-10-10 23:30:26 +02:00
amammad
8d6f985aea fix afero additional step and tests 2023-10-10 23:24:04 +02:00
amammad
db9f74bc78 fix tests 2023-10-10 23:15:07 +02:00