codeql

Граф коммитов

Автор	SHA1	Сообщение	Дата
Erik Krogh Kristensen	6cee635cb5	Merge pull request #10180 from erik-krogh/fixTags Add missing security tags	2022-09-02 08:04:57 +02:00
Edoardo Pirovano	8f332714f4	Merge pull request #10260 from github/edoardo/3.7-mergeback Merge `rc/3.7` into `main`	2022-09-01 15:44:17 +01:00
erik-krogh	d0814aa37c	Go: add change-note for go	2022-08-29 13:10:23 +02:00
erik-krogh	33ba01927f	Go: add CWE tag and @security-severity tag to go/insecure-hostkeycallback	2022-08-29 13:10:23 +02:00
github-actions[bot]	3b4ad3c4f1	Post-release preparation for codeql-cli-2.10.4	2022-08-26 09:32:11 +00:00
erik-krogh	cc7a9ef97a	rename more acronyms	2022-08-25 20:52:27 +02:00
Ian Lynagh	711e769382	Update go/ql/lib/change-notes/released/0.2.4.md Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>	2022-08-25 14:25:30 +01:00
Ian Lynagh	b951e94d85	Update go/ql/lib/CHANGELOG.md Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>	2022-08-25 14:25:20 +01:00
Erik Krogh Kristensen	06afe9c0f4	Merge pull request #9816 from erik-krogh/msgConsis Make alert messages consistent across languages	2022-08-25 15:20:01 +02:00
github-actions[bot]	0f63bc077f	Release preparation for version 2.10.4	2022-08-25 12:52:26 +00:00
Ian Lynagh	3fcfd32eb1	Make *.ql non-executable	2022-08-24 16:55:11 +01:00
Ian Lynagh	b9a4b5ab9a	Make *.qlref non-executable	2022-08-24 16:53:16 +01:00
Ian Lynagh	344863d896	Make *.qhelp non-executable	2022-08-24 16:38:15 +01:00
erik-krogh	1c0f2251e2	Merge branch 'main' into msgConsis	2022-08-24 14:38:57 +02:00
Michael Nebel	c514c8838d	Merge pull request #9867 from michaelnebel/csharp/nosummary C#: Negative summaries (ie. no flow through)	2022-08-24 12:06:05 +02:00
Arthur Baars	acff279e8d	Merge pull request #10147 from github/aibaars-fix-go Go: fix tracing spec for windows	2022-08-24 11:17:34 +02:00
Michael Nebel	761ed283b6	C#/Java/Ruby/Swift: Address review comments.	2022-08-24 09:58:54 +02:00
Michael Nebel	2e273f2273	C#: Re-arange the import order, such that CsvValidation follows ExternalFlow directly.	2022-08-24 09:58:54 +02:00
Michael Nebel	37976d56bc	C#/Java/Go/Swift: Move CsvValidation back into ExternalFlow.	2022-08-24 09:58:53 +02:00
Michael Nebel	2c2e09b20b	Go: Add summary model validation on the kind column.	2022-08-24 09:58:52 +02:00
Michael Nebel	37f01fe10e	Go: Re-factor CSV validation into separate file.	2022-08-24 09:58:52 +02:00
Arthur Baars	8996c54b8e	Go: fix tracing spec for windows	2022-08-23 20:00:10 +02:00
erik-krogh	f7846a598e	add change-notes	2022-08-23 07:54:01 +02:00
erik-krogh	7e0bd5bde4	update expected output of tests	2022-08-22 21:41:47 +02:00
erik-krogh	20625ae60d	update {js/go/py}/xpath-injection to match csharp/java	2022-08-22 21:41:46 +02:00
erik-krogh	2d0a4c3d83	update {go/py}/stack-trace-exposure to match javascript	2022-08-22 21:41:46 +02:00
erik-krogh	151529d08f	correct the query-id of the experimental go/pam-auth-bypass query	2022-08-22 21:41:46 +02:00
erik-krogh	3553f3d9b8	update {rb/py/js/go}/path-injection to match java/csharp	2022-08-22 21:41:45 +02:00
erik-krogh	28083ebe09	run the implicit-this patch	2022-08-22 21:23:31 +02:00
erik-krogh	a593a52b5e	add missing qldoc (that was already missing?)	2022-08-22 21:22:39 +02:00
erik-krogh	e89e0eb7fb	make some acronyms camelCase	2022-08-22 21:22:35 +02:00
Chris Smowton	25195bb0ba	Merge pull request #10103 from smowton/smowton/feature/golang-1.19-support Go: support go 1.19	2022-08-22 16:49:11 +01:00
Chris Smowton	f3ef8510d3	Merge pull request #10093 from smowton/smowton/feature/java-singular-locations Java: pick an arbitrary representative location when an entity has many candidate locations.	2022-08-22 09:32:43 +01:00
Chris Smowton	259b942fac	Indent blocks that gofmt would mistake for markdown As of go 1.19 it will try to format markdown nicely, but in both these cases the formatting isn't supposed to be interpreted this way, so indent it to make it a preformatted block.	2022-08-19 19:06:21 +01:00
Chris Smowton	8d20b9cf52	Use hasLocationInfo to match several Location fields at once	2022-08-19 19:03:17 +01:00
Chris Smowton	1ea7caf559	Fix join ordering in inline-expectations test	2022-08-19 18:17:22 +01:00
Chris Smowton	6f4fbac412	Create 2022-08-19-go-119-support.md	2022-08-19 17:20:03 +01:00
Chris Smowton	e2afc80aff	Autoformat go	2022-08-19 10:29:45 +01:00
Chris Smowton	45f922b3f2	Add models for Go 1.19's new url.JoinPath and URL.JoinPath functions	2022-08-19 10:29:45 +01:00
Chris Smowton	6068f63e9e	Add taint models for go 1.19's new fmt.Append functions	2022-08-19 10:29:45 +01:00
Chris Smowton	d2055283de	Add models for go 1.19's new atomic pointer typex	2022-08-18 17:47:13 +01:00
Chris Smowton	8eb5d001f7	Upgrade Go extractor to latest golang and x-packages	2022-08-18 16:22:04 +01:00
Erik Krogh Kristensen	4f93f2b9ba	Merge pull request #10076 from erik-krogh/ql-for-ql-fixes various QL-for-QL fixes	2022-08-18 15:46:48 +02:00
Chris Smowton	72009f8614	Merge pull request #10085 from smowton/smowton/fix/dont-use-write-instruction-for-channel-flow Go: don't use WriteNode for channel writes	2022-08-18 12:47:55 +01:00
Chris Smowton	3802deab70	Adjust test expectations re: reformatting	2022-08-17 17:31:27 +01:00
Chris Smowton	e33ddbdcfd	Format go	2022-08-17 16:42:06 +01:00
erik-krogh	6b9f01535b	change All to Most in the change-notes	2022-08-17 15:34:57 +02:00
Chris Smowton	077bae55fe	Go: don't use WriteNode for channel writes I overlooked the fact that this has a WriteInstruction, which wasn't bound in the channel-write case, but somehow the evaluator discarded the implied cartesian product until last night's performance evaluation. Rather than try to cram channel writes into WriteInstruction, just handle them as their own beast.	2022-08-17 14:27:16 +01:00
erik-krogh	2622c78766	add change-notes	2022-08-17 13:55:16 +02:00
erik-krogh	8066e39d07	delete some redundant imports	2022-08-17 13:50:04 +02:00

1 2 3

126 Коммитов