hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
aabbfce01014efcacc0bac1fc017634eed2de9da
codeql/go
History
Paolo Tranquilli 69b87a63b8 Go: remove invalid toolchain version diagnostics 
This diagnostic was introduced by https://github.com/github/codeql/pull/15979.
However in the meantime the Go team [has backtracked](https://github.com/golang/go/issues/62278#issuecomment-2062002018)
on their decision, which leads to confusing alerts for user (e.g. https://github.com/github/codeql-action/issues/2868).
Even using Go toolchains from 1.21 to 1.22 we weren't immediately able
to reproduce the problem that this diagnostics was meant to guard
against. Therefore it was deemed simpler to just remove it.

_En passant_ the `Makefile` now accepts `rtjo` not being set.
2025-04-24 14:41:05 +02:00
..
actions/test
Go: add RTJO language tests CI job
2025-03-25 14:46:06 +01:00
build
codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00
codeql-tools
Remove unnecessary batch script flag
2024-08-20 15:56:24 +01:00
docs/language/learn-ql/go
Delete old docs for data flow in Go
2025-01-16 12:03:14 +00:00
documentation/library-coverage
Add changed framework coverage reports
2025-04-08 00:22:09 +00:00
downgrades
Address review comments
2025-02-13 21:59:14 +00:00
external-packs/codeql/suite-helpers/0.0.2
Go: Enable implicit this warnings for remaining packs
2023-06-27 11:49:37 +02:00
extractor
Go: remove invalid toolchain version diagnostics
2025-04-24 14:41:05 +02:00
extractor-smoke-test
Fix search paths.
2024-06-03 16:33:17 +02:00
old-change-notes
spelling: recognition
2022-10-20 08:21:02 -04:00
ql
Go: remove invalid toolchain version diagnostics
2025-04-24 14:41:05 +02:00
scripts
Remove Go's install-deps.sh script
2023-01-03 10:45:06 +00:00
templates/project
codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00
tools
Go: fix search and tool paths for 'make test'
2022-05-20 10:22:47 -07:00
.gitignore
Add .gitignore for artifacts of make test
2025-02-27 16:34:38 +00:00
alert_weighting.properties
codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00
BUILD.bazel
Format
2025-02-06 11:36:45 +00:00
CODE_OF_CONDUCT.md
codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00
codeql-extractor.yml
Golang vendor dir extraction: add extractor option
2024-09-30 18:24:49 +01:00
CONTRIBUTING.md
Deprecate the CodeQL for VS Code docs in favour of docs.github.com version
2024-04-25 07:59:33 +00:00
gen.py
Go/Bazel: fix gazelle invocation to use bundled bazel go
2024-08-05 10:13:14 +02:00
Makefile
Go: remove invalid toolchain version diagnostics
2025-04-24 14:41:05 +02:00
README.md
Update CodeQL CLI articles with migration message
2023-02-02 14:11:02 -05:00
rules.bzl
Bazel/Go: use native cross compilation for fat binaries
2024-05-02 09:21:43 +02:00
SECURITY.md
codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00

README.md

Go analysis support for CodeQL

This sub-folder contains the extractor, CodeQL libraries, and queries that power Go support for CodeQL.

It contains two major components:

  • an extractor, itself written in Go, that parses Go source code and converts it into a database that can be queried using CodeQL.
  • static analysis libraries and queries written in CodeQL that can be used to analyze such a database to find coding mistakes or security vulnerabilities.

Usage

To analyze a Go codebase, either use the CodeQL command-line interface to create a database yourself, or download a pre-built database from GitHub.com. You can then run any of the queries contained in this repository either on the command line or using the VS Code extension.

Contributions

Contributions are welcome! Please see our contribution guidelines and our code of conduct for details on how to participate in our community.

Licensing

The code in this repository is licensed under the MIT license.

Resources