hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3906f2560d356a822b11d0147ec7d9f58fec074e
codeql/go
History
Owen Mansel-Chan 3906f2560d Adjust Stack Exposure test so it passes 
A minor bug in our CFG means that we evaluate the base of a
SliceExpr before the bounds. Since the bounds may have side
effects, as in this case, it would be better to evaluate them first.
But in the short term I am just adjusting the test to make it work.
2025-10-01 16:12:59 +01:00
..
actions/test
Go: Update Go version in tests to 1.25.0
2025-08-13 13:39:32 +02:00
build
codeql-tools
Remove unnecessary batch script flag
2024-08-20 15:56:24 +01:00
docs/language/learn-ql/go
Delete old docs for data flow in Go
2025-01-16 12:03:14 +00:00
documentation/library-coverage
Add changed framework coverage reports
2025-06-05 00:24:03 +00:00
downgrades
Address review comments
2025-02-13 21:59:14 +00:00
external-packs/codeql/suite-helpers/0.0.2
extractor
Configure git to use the certificate, if needed
2025-09-24 15:52:04 +01:00
extractor-smoke-test
Fix search paths.
2024-06-03 16:33:17 +02:00
old-change-notes
Remove non-breaking spaces from code
2025-09-05 09:41:15 +02:00
ql
Adjust Stack Exposure test so it passes
2025-10-01 16:12:59 +01:00
scripts
templates/project
tools
.gitignore
Add .gitignore for artifacts of make test
2025-02-27 16:34:38 +00:00
alert_weighting.properties
BUILD.bazel
Format
2025-02-06 11:36:45 +00:00
CODE_OF_CONDUCT.md
codeql-extractor.yml
Specify default queries in codeql-extractor.yml
2025-08-29 17:34:45 +01:00
CONTRIBUTING.md
Deprecate the CodeQL for VS Code docs in favour of docs.github.com version
2024-04-25 07:59:33 +00:00
gen.py
Go/Bazel: fix gazelle invocation to use bundled bazel go
2024-08-05 10:13:14 +02:00
Makefile
Merge branch 'main' into cklin/check-diff-informed
2025-05-28 10:47:47 -07:00
README.md
rules.bzl
Bazel/Go: use native cross compilation for fat binaries
2024-05-02 09:21:43 +02:00
SECURITY.md

README.md

Go analysis support for CodeQL

This sub-folder contains the extractor, CodeQL libraries, and queries that power Go support for CodeQL.

It contains two major components:

  • an extractor, itself written in Go, that parses Go source code and converts it into a database that can be queried using CodeQL.
  • static analysis libraries and queries written in CodeQL that can be used to analyze such a database to find coding mistakes or security vulnerabilities.

Usage

To analyze a Go codebase, either use the CodeQL command-line interface to create a database yourself, or download a pre-built database from GitHub.com. You can then run any of the queries contained in this repository either on the command line or using the VS Code extension.

Contributions

Contributions are welcome! Please see our contribution guidelines and our code of conduct for details on how to participate in our community.

Licensing

The code in this repository is licensed under the MIT license.

Resources