Esta versão do GitHub Enterprise Server será descontinuada em 2026-03-17. Nenhum lançamento de patch será feito, mesmo para questões críticas de segurança. Para obter melhor desempenho, segurança aprimorada e novos recursos, atualize para a última versão do GitHub Enterprise Server. Para obter ajuda com a atualização, entre em contato com o suporte do GitHub Enterprise.

Consultas Go para análise CodeQL

Explore as consultas que o CodeQL usa para analisar o código escrito em Go (Golang) quando você seleciona o conjunto de consultas default ou security-extended.

Quem pode usar esse recurso?

O CodeQL está disponível para os seguintes tipos de repositórios:

CodeQL includes many queries for analyzing Go code. All queries in the default query suite are run by default. If you choose to use the security-extended query suite, additional queries are run. For more information, see CodeQL query suites.

Built-in queries for Go analysis

This table lists the queries available with the latest release of the CodeQL action and CodeQL CLI. For more information, see CodeQL change logs in the CodeQL documentation site.

Observação

The initial release of GitHub Enterprise Server 3.14 included CodeQL action and CodeQL CLI 2.17.6, which may not include all of these queries. Your site administrator can update your CodeQL version to a newer release. For more information, see Configuring code scanning for your appliance.

Query nameRelated CWEsDefaultExtendedCopilot Autofix
Arbitrary file access during archive extraction ("Zip Slip")022
Arbitrary file write extracting an archive containing symbolic links022
Bad redirect check601
Clear-text logging of sensitive information312, 315, 359
Command built from user-controlled sources078
Cookie 'HttpOnly' attribute is not set to true1004
Cookie 'Secure' attribute is not set to true614
Cross-site scripting via HTML template escaping bypass079, 116
Database query built from user-controlled sources089
Disabled TLS certificate check295
Email content injection640
Incomplete regular expression for hostnames020
Incomplete URL scheme check020
Incorrect conversion between integer types190, 681
Information exposure through a stack trace209, 497
Insecure TLS configuration327
Missing JWT signature check347
Missing regular expression anchor020
Open URL redirect601
Potentially unsafe quoting078, 089, 094
Reflected cross-site scripting079, 116
Size computation for allocation may overflow190
Slice memory allocation with excessive size value770
Suspicious characters in a regular expression020
Uncontrolled data used in network request918
Uncontrolled data used in path expression022, 023, 036, 073, 099
Use of a broken or weak cryptographic algorithm327, 328
Use of a broken or weak cryptographic hashing algorithm on sensitive data327, 328, 916
Use of a weak cryptographic key326
Use of constant state value in OAuth 2.0 URL352
Use of insecure HostKeyCallback implementation322
Use of insufficient randomness as the key of a cryptographic algorithm338
XPath injection643
Log entries created from user input117