CodeQL library for Go
codeql/go-all 2.1.3 (changelog, source)
Search

Module InsecureFeatureFlag

Provides classes and predicates relating to flags that may indicate security expectations.

Import path

import semmle.go.security.InsecureFeatureFlag

Predicates

astNodeIsFlag

Holds if node involves a string of kind flagKind.

exprIsFlag

Holds for string literals or named values matching flagKind and their fields.

getASecurityFeatureFlagCheck

Gets a control-flow node that represents a (likely) security feature-flag check

Classes

FlagKind

A kind of flag that may indicate security expectations regarding the code it guards.

SecurityFeatureFlag

A flag suggesting an optional feature, perhaps deliberately insecure.