Go: Add database source models for the squirrel package

[egregius313]

Adds database source models and relevant summaries for the github.com/Masterminds/squirrel ORM package.

[Copilot]

PR Overview

This PR adds database source models for the squirrel package to support the CodeQL Go-all pack, along with new tests for taint flows.

• New YAML definitions for database sources have been added to the squirrel model.
• Test files have been introduced or updated to exercise the new source models.
• Test extension files have been modified to incorporate the new mappings for the database source.

Reviewed Changes

File	Description
go/ql/lib/ext/github.com.mastermind.squirrel.model.yml	Adds database source model mappings for squirrel ORM methods.
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/test_Masterminds_squirrel.go	Adds taint flow tests for various squirrel source methods.
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/test.ext.yml	Updates test extension configuration with a new source model entry.
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/source.ext.yml	Updates source extension configuration with a new source model entry.

Copilot reviewed 10 out of 10 changed files in this pull request and generated no comments.

Comments suppressed due to low confidence (1)

go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/test_Masterminds_squirrel.go:97

• QueryRow does not return an error, so checking err immediately after its call is redundant. Please remove this check and handle errors from Scan instead.

if err != nil {

Tip: Copilot only keeps its highest confidence comments to reduce noise and keep you focused. Learn more

[github-actions]

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

go

Generated file changes for go

• Changes to framework-coverage-go.rst:

-    `Squirrel <https://github.com/Masterminds/squirrel>`_,"``github.com/Masterminds/squirrel*``, ``github.com/lann/squirrel*``, ``gopkg.in/Masterminds/squirrel``",,,96
+    `Squirrel <https://github.com/Masterminds/squirrel>`_,"``github.com/Masterminds/squirrel*``, ``github.com/lann/squirrel*``, ``gopkg.in/Masterminds/squirrel``",84,,96
-    Totals,,494,958,1556
+    Totals,,578,958,1556

• Changes to framework-coverage-go.csv:

- github.com/Masterminds/squirrel,32,,,,,,,,,,,,,,32,,,,,,,,,,,,
+ github.com/Masterminds/squirrel,32,28,,,,,,,,,,,,,32,,,,,,28,,,,,,
- github.com/lann/squirrel,32,,,,,,,,,,,,,,32,,,,,,,,,,,,
+ github.com/lann/squirrel,32,28,,,,,,,,,,,,,32,,,,,,28,,,,,,
- gopkg.in/Masterminds/squirrel,32,,,,,,,,,,,,,,32,,,,,,,,,,,,
+ gopkg.in/Masterminds/squirrel,32,28,,,,,,,,,,,,,32,,,,,,28,,,,,,

[owen-mc]

This work was merged in #19090