diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 458e78e..3bf0224 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,10 +10,11 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - id: init - uses: github/codeql-action/init@v3 - name: Run tests run: | - ${{ steps.init.outputs.codeql-path }} test run ./cpp/test/ - ${{ steps.init.outputs.codeql-path }} test run ./go/test/ - ${{ steps.init.outputs.codeql-path }} test run ./java/test/ + wget https://github.com/github/codeql-cli-binaries/releases/download/v2.23.0/codeql-linux64.zip + unzip codeql-linux64.zip + ./codeql/codeql --version + ./codeql/codeql pack install ./java/src/ + ./codeql/codeql pack install ./java/test/ + ./codeql/codeql test run -vvv ./java/test/ diff --git a/cpp/lib/codeql-pack.lock.yml b/cpp/lib/codeql-pack.lock.yml index e7600d8..95d5312 100644 --- a/cpp/lib/codeql-pack.lock.yml +++ b/cpp/lib/codeql-pack.lock.yml @@ -1,10 +1,28 @@ --- lockVersion: 1.0.0 dependencies: + codeql/controlflow: + version: 2.0.14 codeql/cpp-all: - version: 0.6.1 + version: 5.5.0 + codeql/dataflow: + version: 2.0.14 + codeql/mad: + version: 1.0.30 + codeql/quantum: + version: 0.0.8 + codeql/rangeanalysis: + version: 1.0.30 codeql/ssa: - version: 0.0.14 + version: 2.0.6 codeql/tutorial: - version: 0.0.7 + version: 1.0.30 + codeql/typeflow: + version: 1.0.30 + codeql/typetracking: + version: 2.0.14 + codeql/util: + version: 2.0.17 + codeql/xml: + version: 1.0.30 compiled: false diff --git a/cpp/src/codeql-pack.lock.yml b/cpp/src/codeql-pack.lock.yml index 55116c2..95d5312 100644 --- a/cpp/src/codeql-pack.lock.yml +++ b/cpp/src/codeql-pack.lock.yml @@ -1,24 +1,28 @@ --- lockVersion: 1.0.0 dependencies: + codeql/controlflow: + version: 2.0.14 codeql/cpp-all: - version: 3.0.0 + version: 5.5.0 codeql/dataflow: - version: 1.1.7 + version: 2.0.14 codeql/mad: - version: 1.0.13 + version: 1.0.30 + codeql/quantum: + version: 0.0.8 codeql/rangeanalysis: - version: 1.0.13 + version: 1.0.30 codeql/ssa: - version: 1.0.13 + version: 2.0.6 codeql/tutorial: - version: 1.0.13 + version: 1.0.30 codeql/typeflow: - version: 1.0.13 + version: 1.0.30 codeql/typetracking: - version: 1.0.13 + version: 2.0.14 codeql/util: - version: 2.0.0 + version: 2.0.17 codeql/xml: - version: 1.0.13 + version: 1.0.30 compiled: false diff --git a/cpp/test/codeql-pack.lock.yml b/cpp/test/codeql-pack.lock.yml index 55116c2..95d5312 100644 --- a/cpp/test/codeql-pack.lock.yml +++ b/cpp/test/codeql-pack.lock.yml @@ -1,24 +1,28 @@ --- lockVersion: 1.0.0 dependencies: + codeql/controlflow: + version: 2.0.14 codeql/cpp-all: - version: 3.0.0 + version: 5.5.0 codeql/dataflow: - version: 1.1.7 + version: 2.0.14 codeql/mad: - version: 1.0.13 + version: 1.0.30 + codeql/quantum: + version: 0.0.8 codeql/rangeanalysis: - version: 1.0.13 + version: 1.0.30 codeql/ssa: - version: 1.0.13 + version: 2.0.6 codeql/tutorial: - version: 1.0.13 + version: 1.0.30 codeql/typeflow: - version: 1.0.13 + version: 1.0.30 codeql/typetracking: - version: 1.0.13 + version: 2.0.14 codeql/util: - version: 2.0.0 + version: 2.0.17 codeql/xml: - version: 1.0.13 + version: 1.0.30 compiled: false diff --git a/go/src/codeql-pack.lock.yml b/go/src/codeql-pack.lock.yml index a3cbfd5..9c9d2cf 100644 --- a/go/src/codeql-pack.lock.yml +++ b/go/src/codeql-pack.lock.yml @@ -1,20 +1,22 @@ --- lockVersion: 1.0.0 dependencies: + codeql/controlflow: + version: 2.0.14 codeql/dataflow: - version: 1.1.7 + version: 2.0.14 codeql/go-all: - version: 3.0.0 + version: 4.3.3 codeql/mad: - version: 1.0.13 + version: 1.0.30 codeql/ssa: - version: 1.0.13 + version: 2.0.6 codeql/threat-models: - version: 1.0.13 + version: 1.0.30 codeql/tutorial: - version: 1.0.13 + version: 1.0.30 codeql/typetracking: - version: 1.0.13 + version: 2.0.14 codeql/util: - version: 2.0.0 + version: 2.0.17 compiled: false diff --git a/go/src/security/MissingMinVersionTLS/MissingMinVersionTLS.ql b/go/src/security/MissingMinVersionTLS/MissingMinVersionTLS.ql index b79bb8b..8a544a0 100644 --- a/go/src/security/MissingMinVersionTLS/MissingMinVersionTLS.ql +++ b/go/src/security/MissingMinVersionTLS/MissingMinVersionTLS.ql @@ -94,12 +94,12 @@ predicate configOrConfigPointer(Type t) { ) or exists(Type tp | tp.hasQualifiedName("crypto/tls", "Config") and - t.(NamedType).getUnderlyingType().(StructType).hasField(_, tp) + t.(DefinedType).getUnderlyingType().(StructType).hasField(_, tp) ) or exists(Type tp, Type tp2 | tp.hasQualifiedName("crypto/tls", "Config") and tp2 = tp.getPointerType+() and - t.(NamedType).getUnderlyingType().(StructType).hasField(_, tp2) + t.(DefinedType).getUnderlyingType().(StructType).hasField(_, tp2) ) } @@ -149,4 +149,4 @@ where ) else any() -select configStruct, "TLS.Config.MinVersion is never set for variable $@ ", v, v.getName() \ No newline at end of file +select configStruct, "TLS.Config.MinVersion is never set for variable $@ ", v, v.getName() diff --git a/go/test/codeql-pack.lock.yml b/go/test/codeql-pack.lock.yml index a3cbfd5..9c9d2cf 100644 --- a/go/test/codeql-pack.lock.yml +++ b/go/test/codeql-pack.lock.yml @@ -1,20 +1,22 @@ --- lockVersion: 1.0.0 dependencies: + codeql/controlflow: + version: 2.0.14 codeql/dataflow: - version: 1.1.7 + version: 2.0.14 codeql/go-all: - version: 3.0.0 + version: 4.3.3 codeql/mad: - version: 1.0.13 + version: 1.0.30 codeql/ssa: - version: 1.0.13 + version: 2.0.6 codeql/threat-models: - version: 1.0.13 + version: 1.0.30 codeql/tutorial: - version: 1.0.13 + version: 1.0.30 codeql/typetracking: - version: 1.0.13 + version: 2.0.14 codeql/util: - version: 2.0.0 + version: 2.0.17 compiled: false diff --git a/java/src/codeql-pack.lock.yml b/java/src/codeql-pack.lock.yml index b1acfc0..f55d5af 100644 --- a/java/src/codeql-pack.lock.yml +++ b/java/src/codeql-pack.lock.yml @@ -1,28 +1,32 @@ --- lockVersion: 1.0.0 dependencies: + codeql/controlflow: + version: 2.0.14 codeql/dataflow: - version: 1.1.5 + version: 2.0.14 codeql/java-all: - version: 4.2.0 + version: 7.6.1 codeql/mad: - version: 1.0.11 + version: 1.0.30 + codeql/quantum: + version: 0.0.8 codeql/rangeanalysis: - version: 1.0.11 + version: 1.0.30 codeql/regex: - version: 1.0.11 + version: 1.0.30 codeql/ssa: - version: 1.0.11 + version: 2.0.6 codeql/threat-models: - version: 1.0.11 + version: 1.0.30 codeql/tutorial: - version: 1.0.11 + version: 1.0.30 codeql/typeflow: - version: 1.0.11 + version: 1.0.30 codeql/typetracking: - version: 1.0.11 + version: 2.0.14 codeql/util: - version: 1.0.11 + version: 2.0.17 codeql/xml: - version: 1.0.11 + version: 1.0.30 compiled: false diff --git a/java/test/codeql-pack.lock.yml b/java/test/codeql-pack.lock.yml index b1acfc0..f55d5af 100644 --- a/java/test/codeql-pack.lock.yml +++ b/java/test/codeql-pack.lock.yml @@ -1,28 +1,32 @@ --- lockVersion: 1.0.0 dependencies: + codeql/controlflow: + version: 2.0.14 codeql/dataflow: - version: 1.1.5 + version: 2.0.14 codeql/java-all: - version: 4.2.0 + version: 7.6.1 codeql/mad: - version: 1.0.11 + version: 1.0.30 + codeql/quantum: + version: 0.0.8 codeql/rangeanalysis: - version: 1.0.11 + version: 1.0.30 codeql/regex: - version: 1.0.11 + version: 1.0.30 codeql/ssa: - version: 1.0.11 + version: 2.0.6 codeql/threat-models: - version: 1.0.11 + version: 1.0.30 codeql/tutorial: - version: 1.0.11 + version: 1.0.30 codeql/typeflow: - version: 1.0.11 + version: 1.0.30 codeql/typetracking: - version: 1.0.11 + version: 2.0.14 codeql/util: - version: 1.0.11 + version: 2.0.17 codeql/xml: - version: 1.0.11 + version: 1.0.30 compiled: false