Skip to content
This repository was archived by the owner on Jan 5, 2023. It is now read-only.

Add taint-tracking for packages inside text/* #320

Merged
merged 5 commits into from
Sep 11, 2020
Merged

Add taint-tracking for packages inside text/* #320

merged 5 commits into from
Sep 11, 2020

Conversation

gagliardetto
Copy link
Contributor

@gagliardetto gagliardetto commented Sep 6, 2020
edited
Loading

codebox commands:

codebox --out-dir=./generated/latest --pkg=/usr/local/go/src/text/scanner --http
codebox --out-dir=./generated/latest --pkg=/usr/local/go/src/text/tabwriter --http
codebox --out-dir=./generated/latest --pkg=/usr/local/go/src/text/template --http

Part of #167

@gagliardetto gagliardetto mentioned this pull request Sep 6, 2020
Closed
@smowton
Copy link
Contributor

smowton commented Sep 7, 2020

Needs tests, otherwise looks good! I'll be testing these to see what impact they have on lgtm.com over the course of this week.

@gagliardetto
Copy link
Contributor Author

Awesome! Thanks.

@smowton smowton mentioned this pull request Sep 8, 2020
Merged
@smowton
Copy link
Contributor

smowton commented Sep 11, 2020

We'll need to make sure the various escaper functions that are now generally considered taint conductors are properly considered sanitisers by the queries that care about a particular sort of injection, but I didn't see many false positives so we're likely in a good state. LGTM.

@max-schaefer max-schaefer merged commit c10942d into github:main Sep 11, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
2 more reviewers

@smowton smowton smowton approved these changes

@max-schaefer max-schaefer max-schaefer approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
no-change-note-required
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gagliardetto @smowton @max-schaefer