hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 23:02:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
407493094de3d6bc3be7e5f1065fb765f760ed09
codeql/change-notes/1.23/analysis-go.md
Felicity Chapman de2c7d8884 Minor text changes
2019-11-25 15:48:58 +00:00

1.9 KiB
Raw Blame History

Improvements to Go analysis

New queries

Query Tags Purpose
Clear-text logging of sensitive information (go/clear-text-logging) security, external/cwe/cwe-312, external/cwe/cwe-315, external/cwe/cwe-359 Highlights code that writes sensitive information to a log file, or to the console, without encryption or hashing. Results are shown on LGTM by default.
Open URL redirect (go/unvalidated-url-redirection) security, external/cwe/cwe-601 Highlights code that redirects to a URL that may be controlled by an attacker. Results are shown on LGTM by default.

Changes to existing queries

Query Expected impact Change
Expression has no effect (go/useless-expression) Fewer false positive results This query no longer flags calls to empty stub functions.
Hard-coded credentials (go/hardcoded-credentials) Fewer false positive results This query now recognizes more placeholder credentials.