5 Commits

Author	SHA1	Message	Date
oittaa	35a92b49d5	feat(sql): enhance SQL injection detection with improved string concatenation checks (#1454) ... * feat(sql): enhance SQL injection detection with improved string concatenation checks * optimize: only one ast.Inspect loop, use slices.ContainsFunc * refactor(sql): streamline SQL argument retrieval, replace constObject with TryResolve, minor cleanup * feat(sql): enhance query mutation checks for shadowed variables and add regression tests * remove deprecated ast.Object	2026-01-06 14:30:54 +01:00
Eshani Parulekar	40ac53017b	rules(G202): detect SQL concat in ValueSpec declarations; add test sample\n\n- Handle var query string = 'SELECT ...' + user style declarations\n- Reuse existing binary expr detection on ValueSpec.Values\n- Add postgres sample mirroring issue #1309 report\n- Rules tests: 42 passed	2025-09-12 13:27:02 +00:00
Ilia Mirkin	017d1d655c	G201/G202: add checks for injection into sql.Conn methods ... We check sql.DB and sql.Tx, but sql.Conn appears to have been missed. It carries the same issues as DB/Tx in terms of injection.	2025-06-03 16:22:56 +02:00
Cosmin Cojocar	2aad3f02a5	Fix lint warnings by properly formatting the files ... Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>	2023-12-08 14:46:36 +01:00
Adam Kaplan	0e2a61899a	chore: Refactor Sample Code to Separate Files ... Split the code in `source.go` to individual sample files, one per rule. This will help contributors submit samples for new rules, or improvements to existing rules. The cgo sample was all that was left after refactoring, which resulted in its own sample file. Sample code was also formatted to have some level of consistency. Each sample go "file" attempts to keep the formatting of `gofmt`, and each code sample is in its own section in the sample file. Signed-off-by: Adam Kaplan <adam@adambkaplan.com>	2023-12-08 14:46:36 +01:00