github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
69 676 коммитов 1 534 Ветки 130 Теги 471 MiB
Граф коммитов

2426 Коммитов

Автор SHA1 Сообщение Дата
Chris Smowton 67d94376e8
Merge pull request #17227 from smowton/smowton/fix/baseline-vs-nonroot-vendor-dirs 
Go / configure-baseline: account for multiple vendor directories and the `CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS` setting
 2024-08-22 15:00:51 +01:00
Owen Mansel-Chan 2edadbf423
Try to fix packages in frameworks coverage 2024-08-22 11:44:34 +01:00
Edward Minnix III 2f3ebfb81f
Merge pull request #17205 from egregius313/egregius313/go/dataflow/models/environment 
Go: Add models for environment variables
 2024-08-21 12:27:33 -04:00
Ed Minnix c2fa721966 Fix stub 2024-08-21 09:56:42 -04:00
Ed Minnix 6fdff977e5 Fix test cases 2024-08-21 09:47:46 -04:00
Edward Minnix III 2aa3e1f7a2
Alphabetize models 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-21 09:44:20 -04:00
Edward Minnix III 210ea5be79
Add model from older versions of caarlos0/env 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-21 09:43:58 -04:00
Edward Minnix III 7ae52425ce
Update package list in change note 2024-08-21 09:43:24 -04:00
Edward Minnix III 318a376a78
Remove ProcAttr models 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-21 09:43:04 -04:00
Owen Mansel-Chan a1a6fe45f1
Merge pull request #17245 from owen-mc/go/update-frameworks 
Go: Update frameworks.csv
 2024-08-21 10:52:21 +01:00
Chris Smowton f13f19d5dc Fix typo 2024-08-21 10:22:42 +01:00
Chris Smowton 2939cefc68 Use platform path separators for file testing, and forward-slashes for reporting to CodeQL 2024-08-21 10:15:44 +01:00
Chris Smowton c99a84689b Switch test expectations to use unix-style paths 2024-08-21 09:56:08 +01:00
Ed Minnix 0eddaa0664 syscall environment variables 2024-08-21 00:36:48 -04:00
Ed Minnix 9f00a0060d gobuffalo/envy 2024-08-21 00:30:36 -04:00
Ed Minnix cf3b3d75d0 Fix caarlos0 test 2024-08-21 00:29:17 -04:00
Ed Minnix 8a7e378b40 caarlos0/env 2024-08-21 00:06:10 -04:00
Ed Minnix f0f535b0e4 Fix frontend errors 2024-08-21 00:06:06 -04:00
Ed Minnix 257436a49d Convert test to inline expectation test 2024-08-21 00:06:02 -04:00
Edward Minnix III 47974914a5 Apply suggestions from code review 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-21 00:05:53 -04:00
Ed Minnix ed36aaa570 Fix some minor issues 2024-08-21 00:03:36 -04:00
Ed Minnix 69679dec1d Add defer statement 2024-08-21 00:03:32 -04:00
Ed Minnix 69f02293f5 Add change note 2024-08-21 00:03:29 -04:00
Ed Minnix 65a6fa7bc3 Go Environment variable (parsing) models and tests 2024-08-21 00:03:18 -04:00
Edward Minnix III 6103749188
Merge pull request #16710 from egregius313/egregius313/go/dataflow/file-sources 
Go: Add `file` sources
 2024-08-20 23:45:17 -04:00
Owen Mansel-Chan f0fe3a3388
Merge pull request #17260 from owen-mc/go/mad/convert-sink-5 
Go: Allow MaD models for XSS sinks using "html-injection" or "js-injection"
 2024-08-20 22:40:44 +01:00
Ed Minnix b14c58445a Fix formatting 2024-08-20 16:47:19 -04:00
Ed Minnix 06f73e76b8 Add additional test cases 2024-08-20 12:44:23 -04:00
Edward Minnix III e066c52ac6
Update change note 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2024-08-20 12:33:38 -04:00
Chris Smowton fc301206d1 Change note 2024-08-20 17:11:58 +01:00
Chris Smowton 3acab640b2 Add configure-baseline integration test 2024-08-20 17:07:09 +01:00
Chris Smowton 15b5bcc67c Output to stdout, not stderr 2024-08-20 17:01:54 +01:00
Chris Smowton 8b9617cd38 Update bazel build files 2024-08-20 15:56:28 +01:00
Chris Smowton ea3e5c8a99 Clarify comment 2024-08-20 15:56:27 +01:00
Chris Smowton f1f6f9b580 Share vendor-dir extraction logic between extractor and configure-baseline script 2024-08-20 15:56:26 +01:00
Chris Smowton 22802fd41f Improve struct naming 2024-08-20 15:56:25 +01:00
Chris Smowton 5d34dbf2c2 Remove unnecessary batch script flag 2024-08-20 15:56:24 +01:00
Chris Smowton 624d2b83c0 Tidy comments 2024-08-20 15:56:23 +01:00
Chris Smowton 21366dd502 Go / configure-baseline: account for multiple vendor directories and the `CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS` setting 
Our existing configure-baseline scripts would give the wrong result if a `vendor` directory wasn't at the root of the repository, or if the `CODEQL_EXTRACTOR_GO_EXTRACT_VENDOR_DIRS` variable was set to `true` indicating the user wants their vendored code scanned.

Here I replace the shell scripts that implemented the very simplest behaviour with a small Go program.
 2024-08-20 15:56:22 +01:00
Owen Mansel-Chan 30f8d6e4ff
Allow MaD models for XSS sinks using "html-injection" or "js-injection" 2024-08-20 14:04:23 +01:00
Anders Schack-Mulligen 993bfee096
Merge pull request #17259 from aschackmull/dataflow/remove-srcsink-grouping 
Dataflow: Remove src/sink grouping feature
 2024-08-20 14:42:33 +02:00
Anders Schack-Mulligen 8470e91c16 Legacy Dataflow: Sync. 2024-08-20 10:07:57 +02:00
Ed Minnix 0361b5c342 Fix AllocationSizeOverflow expectations 2024-08-19 22:31:29 -04:00
Ed Minnix bb1cf4f51f Fix tests 2024-08-19 20:14:23 -04:00
Ed Minnix e3ffbbe3b7 Fix extensible name in io/fs models 2024-08-19 19:02:07 -04:00
Ed Minnix 442026cc9d Fix test results 2024-08-19 17:23:32 -04:00
Ed Minnix 2629e09b67 Add `io/ioutil` and `io/fs` models 2024-08-19 17:22:46 -04:00
Ed Minnix a308bdb75d Modify UnhandledCloseWritableHandle to use post processing 2024-08-19 12:59:34 -04:00
Ed Minnix 5e8185ac4f Port test to inline expectations test 2024-08-19 12:44:30 -04:00
Ed Minnix 704cd8aee3 Update change note 2024-08-19 12:28:55 -04:00