hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-19 03:41:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
f67d0ea9611c857fa49934615fdf7c24c9faaa1c
codeql/go
History
Owen Mansel-Chan f67d0ea961 Go: Account for deferred Close in writable-file-close query 
A deferred Close runs at function exit, but the CFG splices it in at the exit node where it can be reached along paths that never execute Sync. The previous dominance check therefore produced a false positive when a statement followed the if-block that registered the defer (e.g. deferredCloseWithSync2). For deferred closes, require instead that a handled Sync post-dominates the point where the defer is registered, which guarantees Sync runs before Close on every path on which Close is registered. Non-deferred closes keep the existing dominance check.
2026-06-04 13:09:05 +01:00
..
actions/test
restore ~ in action.yml version
2026-02-10 22:32:36 +00:00
build
codeql-tools
All languages: account for paths and paths-ignore in XML and other ancillary extraction
2026-01-06 12:48:01 +00:00
docs/language/learn-ql/go
Delete old docs for data flow in Go
2025-01-16 12:03:14 +00:00
documentation/library-coverage
Add changed framework coverage reports
2026-02-12 00:32:08 +00:00
downgrades
Go: add dbscheme relations for overlay support
2025-11-07 16:52:05 +00:00
external-packs/codeql/suite-helpers/0.0.2
Go: Enable implicit this warnings for remaining packs
2023-06-27 11:49:37 +02:00
extractor
Merge pull request #21817 from jketema/go-version
2026-05-18 10:45:55 +02:00
extractor-smoke-test
Fix search paths.
2024-06-03 16:33:17 +02:00
old-change-notes
Remove non-breaking spaces from code
2025-09-05 09:41:15 +02:00
ql
Go: Account for deferred Close in writable-file-close query
2026-06-04 13:09:05 +01:00
scripts
templates/project
tools
.gitignore
Add .gitignore for artifacts of make test
2025-02-27 16:34:38 +00:00
alert_weighting.properties
BUILD.bazel
Format
2025-02-06 11:36:45 +00:00
CODE_OF_CONDUCT.md
codeql-extractor.yml
Go: add extractor pack field indicating overlay support
2025-11-07 16:52:06 +00:00
CONTRIBUTING.md
Deprecate the CodeQL for VS Code docs in favour of docs.github.com version
2024-04-25 07:59:33 +00:00
gen.py
Go/Bazel: fix gazelle invocation to use bundled bazel go
2024-08-05 10:13:14 +02:00
Makefile
Run data flow consistency tests in CI
2025-11-26 10:44:56 +00:00
README.md
rules.bzl
Bazel/Go: use native cross compilation for fat binaries
2024-05-02 09:21:43 +02:00
SECURITY.md

README.md

Go analysis support for CodeQL

This sub-folder contains the extractor, CodeQL libraries, and queries that power Go support for CodeQL.

It contains two major components:

  • an extractor, itself written in Go, that parses Go source code and converts it into a database that can be queried using CodeQL.
  • static analysis libraries and queries written in CodeQL that can be used to analyze such a database to find coding mistakes or security vulnerabilities.

Usage

To analyze a Go codebase, either use the CodeQL command-line interface to create a database yourself, or download a pre-built database from GitHub.com. You can then run any of the queries contained in this repository either on the command line or using the VS Code extension.

Contributions

Contributions are welcome! Please see our contribution guidelines and our code of conduct for details on how to participate in our community.

Licensing

The code in this repository is licensed under the MIT license.

Resources