hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
69,188 Commits 1,671 Branches 157 Tags
codeql-cli/v2.18.2
Commit Graph

2313 Commits

Author SHA1 Message Date
github-actions[bot]
019da8c287 Release preparation for version 2.18.2 2024-08-07 14:02:38 +00:00
Alexander Eyers-Taylor
46577b585e Revert "Release preparation for version 2.18.2" 2024-08-07 14:24:37 +01:00
github-actions[bot]
c14ba0e4bd Release preparation for version 2.18.2 2024-08-06 12:46:15 +00:00
Paolo Tranquilli
79740ed72b Merge pull request #17145 from github/redsun82/go 
Go/Bazel: fix gazelle invocation to use bundled bazel go
 2024-08-06 10:36:40 +02:00
Dave Bartolomeo
7e82986e7c Update Go test expectations 2024-08-05 13:20:12 -04:00
Paolo Tranquilli
841f317cbd Merge branch 'main' into redsun82/go 2024-08-05 14:30:28 +02:00
Paolo Tranquilli
ccec347b0a Go/Bazel: fix gazelle invocation to use bundled bazel go 2024-08-05 10:13:14 +02:00
dependabot[bot]
74596ef000 Bump golang.org/x/mod 
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/mod](https://github.com/golang/mod).


Updates `golang.org/x/mod` from 0.19.0 to 0.20.0
- [Commits](https://github.com/golang/mod/compare/v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-05 03:18:38 +00:00
github-actions[bot]
f5394c9ee9 Add changed framework coverage reports 2024-08-04 00:19:56 +00:00
Owen Mansel-Chan
4d75832c9a Update go/ql/test/query-tests/Security/CWE-643/XPathInjection.expected 2024-08-02 07:41:26 +01:00
Owen Mansel-Chan
b95189d132 Merge branch 'main' into go/gokogiri/update-import-paths 2024-08-01 16:30:52 +01:00
Owen Mansel-Chan
c23938d119 Merge pull request #17113 from owen-mc/go/xmlpath/add-more-package-paths 
Go: add more import paths for `xmlpath`
 2024-08-01 16:26:33 +01:00
Owen Mansel-Chan
9167057dfd Update test expectations 2024-08-01 15:22:08 +01:00
Owen Mansel-Chan
c75db669ed Add import path for gokogiri 2024-08-01 15:21:24 +01:00
Owen Mansel-Chan
1a697fe993 Merge pull request #17115 from owen-mc/go/update-frameworks 
Go: add newly modeled packages to frameworks.csv
 2024-08-01 15:13:12 +01:00
Owen Mansel-Chan
3ccdce291a Update test expectations 2024-08-01 15:12:08 +01:00
Owen Mansel-Chan
62adb31ca6 Add more import paths for xmlpath 2024-08-01 14:52:19 +01:00
Owen Mansel-Chan
9d866192a6 Add paths from QL models to MaD models 2024-08-01 14:52:18 +01:00
Owen Mansel-Chan
8325c4c69c Updated .expected files 2024-08-01 13:12:21 +01:00
Owen Mansel-Chan
cbe54717f6 Revert "Revert post-processing for 6 queries pending bug fix" 
This reverts commit a8236e1545.
 2024-08-01 13:10:06 +01:00
Owen Mansel-Chan
d5dc95f1e6 Update frameworks.csv 2024-08-01 11:03:50 +01:00
Anders Schack-Mulligen
377301a55a Merge pull request #17108 from aschackmull/dataflow/flowthrough-provenance 
Dataflow: Propagate provenance correctly for flow-through wrappers.
 2024-08-01 09:35:56 +02:00
Anders Schack-Mulligen
9724516c84 C#/Go/Java/Python/Ruby: Accept qltest .expected changes. 2024-07-31 14:45:10 +02:00
Owen Mansel-Chan
01c6dbaa27 Accept provenance numbering changes 2024-07-31 12:19:18 +01:00
Owen Mansel-Chan
e4cd29efc6 Fix missing go-jose package path 2024-07-31 11:09:53 +01:00
Owen Mansel-Chan
f8e8b362ab Merge branch 'main' into workflow/coverage/update 2024-07-31 10:07:35 +01:00
github-actions[bot]
d0c2b4a60f Add changed framework coverage reports 2024-07-31 00:15:22 +00:00
Owen Mansel-Chan
a8236e1545 Revert post-processing for 6 queries pending bug fix 
This commit will be reverted when a bug is fixed which is currently
stopping these tests from working with post-processing.
 2024-07-30 12:58:01 +01:00
Owen Mansel-Chan
ffeb86c1f5 Update .expected files 2024-07-30 12:54:42 +01:00
Owen Mansel-Chan
5c8f21d596 Use post-process provenance pretty-printing in ql tests 2024-07-30 11:35:10 +01:00
Owen Mansel-Chan
94f290411f Use post-process provenance pretty-printing in qlref tests 2024-07-30 11:35:09 +01:00
Owen Mansel-Chan
9cb01d4573 Merge branch 'main' into go/mad/convert-sinks 2024-07-30 08:03:18 +01:00
Owen Mansel-Chan
f307f272d5 Go: Use provenance pretty-printing as a qltest post-process step 2024-07-28 21:31:50 +01:00
Owen Mansel-Chan
6960c5232b Go: Add support for provenance pretty-printing as a qltest post-process step 2024-07-28 21:31:50 +01:00
Owen Mansel-Chan
1aa63c3f2e Accept model numbering changes 2024-07-25 14:55:50 +01:00
Owen Mansel-Chan
a6cb511ed7 Convert XPath injection sinks to MaD 2024-07-25 12:56:06 +01:00
Owen Mansel-Chan
f3069c8fbb Improve XPath injection test (incl extra sinks) 
Currently the extra sinks are not detected. This will be fixed in the
next commit.
 2024-07-25 12:55:05 +01:00
Owen Mansel-Chan
78b66abad3 Convert existing credentials sinks to MaD 
I checked that the tests failed when I removed the classes and passed
again when I add the MaD models.
 2024-07-25 12:53:16 +01:00
Owen Mansel-Chan
93c9910e6f Convert go/request-forgery sinks to MaD 2024-07-25 12:53:15 +01:00
Owen Mansel-Chan
f7d681516a Allow MaD sinks for go/request-forgery 
Request forgery sinks which have `getRequest` different from the sink
itself cannot be modeled using models-as-data.
 2024-07-25 12:53:14 +01:00
Anders Schack-Mulligen
7a48fe1102 Dataflow: Replace ppReprType with DataFlowType.toString. 2024-07-25 13:08:47 +02:00
github-actions[bot]
49cc8f8ff8 Post-release preparation for codeql-cli-2.18.1 2024-07-22 22:00:48 +00:00
github-actions[bot]
368bcb684a Release preparation for version 2.18.1 2024-07-22 21:30:50 +00:00
Chuan-kai Lin
23320b6e5e Revert "Release preparation for version 2.18.1" 2024-07-22 13:22:49 -07:00
github-actions[bot]
55935fc123 Release preparation for version 2.18.1 2024-07-22 14:56:15 +00:00
github-actions[bot]
f83b70dbc2 Add changed framework coverage reports 2024-07-20 00:17:36 +00:00
Owen Mansel-Chan
24261b29d5 Merge pull request #17012 from owen-mc/go/mad/convert-sources-websockets 
Go: convert models for websocket readers as remote flow sources to models-as-data
 2024-07-19 10:04:27 +01:00
Michael B. Gale
3a9ff64780 Go: Output stdout/stderr for go version if something goes wrong 2024-07-18 15:37:59 +01:00
Owen Mansel-Chan
cb0589dfb7 Tests: accept model numbering changes 2024-07-18 11:35:52 +01:00
Owen Mansel-Chan
fc17b905f0 Convert WebSocketReaderAsSource to MaD 2024-07-18 10:53:13 +01:00