CodeQL includes many queries for analyzing Go code. All queries in the default query suite are run by default. If you choose to use the security-extended query suite, additional queries are run. For more information, see CodeQL query suites.
Built-in queries for Go analysis
This table lists the queries available with the latest release of the CodeQL action and CodeQL CLI. For more information, see CodeQL change logs in the CodeQL documentation site.
| Query name | Related CWEs | Default | Extended | Copilot Autofix |
|---|---|---|---|---|
| Clear-text logging of sensitive information | 312, 315, 359 | |||
| Disabled TLS certificate check | 295 | |||
| Incorrect conversion between integer types | 190, 681 | |||
| Missing regular expression anchor | 020 | |||
| Size computation for allocation may overflow | 190 | |||
| Uncontrolled data used in path expression | 022, 023, 036, 073, 099 | |||
| Use of insufficient randomness as the key of a cryptographic algorithm | 338 | |||
| Log entries created from user input | 117 |