hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 04:56:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,368 Commits 1,714 Branches 162 Tags
codeql-cli/v2.24.0
Commit Graph

85368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ed Minnix
65a6fa7bc3 Go Environment variable (parsing) models and tests 2024-08-21 00:03:18 -04:00
Edward Minnix III
6103749188 Merge pull request #16710 from egregius313/egregius313/go/dataflow/file-sources 
Go: Add `file` sources
 2024-08-20 23:45:17 -04:00
Edward Minnix III
8b73d4af86 Fix typo 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 21:19:11 -04:00
Owen Mansel-Chan
f0fe3a3388 Merge pull request #17260 from owen-mc/go/mad/convert-sink-5 
Go: Allow MaD models for XSS sinks using "html-injection" or "js-injection"
 2024-08-20 22:40:44 +01:00
Ed Minnix
1079486032 Mention Go in codeql-for-go toctree 2024-08-20 17:31:20 -04:00
Edward Minnix III
cc6b09da48 Fix name of section 2024-08-20 17:16:29 -04:00
Edward Minnix III
a99dd69d87 Remove function signature 2024-08-20 17:12:07 -04:00
Edward Minnix III
de2f8a1577 Make field consistent with existing model 2024-08-20 17:09:47 -04:00
Edward Minnix III
e142818fe5 Remove Select example. 
Go does not currently have any equivalent with regards to lambda flow
 2024-08-20 17:08:50 -04:00
Edward Minnix III
e8aac2be9a Remove neutral example 
Go currently does not use `neutralModel`s and they are less relevant for Go than for Java/C#.
 2024-08-20 17:06:58 -04:00
Edward Minnix III
27ad882f54 Usage range pattern instead of comma separation 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 17:05:33 -04:00
Edward Minnix III
2bfca21a2f Replace ss with elems 2024-08-20 17:04:42 -04:00
Edward Minnix III
9b92ff7e78 Typos and minor wording 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 17:02:24 -04:00
Edward Minnix III
211cda390d Method signatures and receiver/qualifier language 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 17:01:45 -04:00
Edward Minnix III
cfa1ad65c8 Consistently replace usage of namespace with package 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 17:00:32 -04:00
Ed Minnix
b14c58445a Fix formatting 2024-08-20 16:47:19 -04:00
am0o0
b001c24dfc update tests to pass the github actions 2024-08-20 20:57:11 +02:00
Ed Minnix
06f73e76b8 Add additional test cases 2024-08-20 12:44:23 -04:00
Edward Minnix III
e066c52ac6 Update change note 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 12:33:38 -04:00
Chris Smowton
fc301206d1 Change note 2024-08-20 17:11:58 +01:00
Chris Smowton
3acab640b2 Add configure-baseline integration test 2024-08-20 17:07:09 +01:00
Chris Smowton
15b5bcc67c Output to stdout, not stderr 2024-08-20 17:01:54 +01:00
Chris Smowton
8b9617cd38 Update bazel build files 2024-08-20 15:56:28 +01:00
Chris Smowton
ea3e5c8a99 Clarify comment 2024-08-20 15:56:27 +01:00
Chris Smowton
f1f6f9b580 Share vendor-dir extraction logic between extractor and configure-baseline script 2024-08-20 15:56:26 +01:00
Chris Smowton
22802fd41f Improve struct naming 2024-08-20 15:56:25 +01:00
Chris Smowton
5d34dbf2c2 Remove unnecessary batch script flag 2024-08-20 15:56:24 +01:00
Chris Smowton
624d2b83c0 Tidy comments 2024-08-20 15:56:23 +01:00
Chris Smowton
21366dd502 Go / configure-baseline: account for multiple vendor directories and the CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS setting 
Our existing configure-baseline scripts would give the wrong result if a `vendor` directory wasn't at the root of the repository, or if the `CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS` variable was set to `true` indicating the user wants their vendored code scanned.

Here I replace the shell scripts that implemented the very simplest behaviour with a small Go program.
 2024-08-20 15:56:22 +01:00
Tamas Vajk
73674e72e6 Use cancallation token in download stream copying 2024-08-20 16:51:32 +02:00
Tamas Vajk
658326d7f2 Work around some instability on Windows 2024-08-20 16:42:49 +02:00
Felicity Chapman
8b4e060934 Merge pull request #17199 from github/8456-remove-old-references 
Remove references to a deprecated data flow library for C/C++
 2024-08-20 15:42:13 +01:00
Michael Nebel
6ea01b81bb C#: Add some summary debugging queries. 2024-08-20 16:28:18 +02:00
Michael Nebel
fd311d5143 Java: Add some summary debugging queries. 2024-08-20 16:28:15 +02:00
Tom Hvitved
d15e1b5598 Ruby: Prevent synthetic splat matching for actual splats at same positions 2024-08-20 16:21:59 +02:00
Tom Hvitved
c4b0f81883 Ruby: Prevent positional matching when preceded by a splat 2024-08-20 16:21:58 +02:00
Tom Hvitved
20dc242830 Ruby: Rework hash splat argument/parameter matching 2024-08-20 16:21:57 +02:00
Tom Hvitved
6d4f3bd014 Ruby: Rework splat argument/parameter matching 2024-08-20 16:21:56 +02:00
Owen Mansel-Chan
30f8d6e4ff Allow MaD models for XSS sinks using "html-injection" or "js-injection" 2024-08-20 14:04:23 +01:00
Anders Schack-Mulligen
993bfee096 Merge pull request #17259 from aschackmull/dataflow/remove-srcsink-grouping 
Dataflow: Remove src/sink grouping feature
 2024-08-20 14:42:33 +02:00
Tamas Vajk
07a5c20309 Fix/add doc comments 2024-08-20 14:35:31 +02:00
Tamas Vajk
a0dc20caef Fix hashed value on Windows 2024-08-20 14:33:33 +02:00
Chris Smowton
f0327732ef Merge pull request #17247 from smowton/smowton/admin/add-spring-component-scan-test 
Java: add a test exercising Spring component liveness detection
 2024-08-20 12:56:26 +01:00
Tamas Vajk
0037ad406d C#: Adjust buildless source generator folders 2024-08-20 13:43:10 +02:00
Cornelius Riemenschneider
ff242dc6cf Merge pull request #17252 from github/criemen/pytest-java 
kotlin: Move integration tests to pytest
 2024-08-20 13:17:22 +02:00
Owen Mansel-Chan
38f4f4c724 Merge pull request #17242 from owen-mc/go/mad/convert-sink-4 
Go: convert sql-injection and nosql-injection sinks to use models-as-data
 2024-08-20 12:01:40 +01:00
Tamas Vajk
79bd81fa12 C#: Adjust buildless package restore folders and tests 2024-08-20 12:12:23 +02:00
Cornelius Riemenschneider
932c07a0f4 Address review. 2024-08-20 11:46:28 +02:00
Anders Schack-Mulligen
e73fc94354 Dataflow: Add change note. 2024-08-20 10:12:01 +02:00
Anders Schack-Mulligen
8470e91c16 Legacy Dataflow: Sync. 2024-08-20 10:07:57 +02:00