hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'github:main' into main

Browse Source
This commit is contained in:
Chris Campbell
2023-11-20 12:15:45 +00:00
committed by GitHub
parent 114b694553 b8a2716ced
commit 27a2781954
179 changed files with 1061 additions and 399 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,9 @@
## 0.11.3
### Minor Analysis Improvements
* Added basic flow for attributes defined on classes, when the attribute lookup is on a direct reference to that class (so not instance, cls parameter, or self parameter). Example: class definition `class Foo: my_tuples = (dangerous, safe)` and usage `SINK(Foo.my_tuples[0])`.
## 0.11.2
### Minor Analysis Improvements

7
python/ql/lib/change-notes/2023-11-07-class-attribute-flow.md → python/ql/lib/change-notes/released/0.11.3.md
View File

@@ -1,4 +1,5 @@
---
category: minorAnalysis
---
## 0.11.3
### Minor Analysis Improvements
* Added basic flow for attributes defined on classes, when the attribute lookup is on a direct reference to that class (so not instance, cls parameter, or self parameter). Example: class definition `class Foo: my_tuples = (dangerous, safe)` and usage `SINK(Foo.my_tuples[0])`.

2
python/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.11.2
lastReleaseVersion: 0.11.3

2
python/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/python-all
version: 0.11.3-dev
version: 0.11.4-dev
groups: python
dbscheme: semmlecode.python.dbscheme
extractor: python

6
python/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,9 @@
## 0.9.3
### Minor Analysis Improvements
* Added modeling of more `FileSystemAccess` in packages `cherrypy`, `aiofile`, `aiofiles`, `anyio`, `sanic`, `starlette`, `baize`, and `io`. This will mainly affect the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
## 0.9.2
No user-facing changes.

7
python/ql/src/change-notes/2023-11-06-more-filesystem-modeling.md → python/ql/src/change-notes/released/0.9.3.md
View File

@@ -1,4 +1,5 @@
---
category: minorAnalysis
---
## 0.9.3
### Minor Analysis Improvements
* Added modeling of more `FileSystemAccess` in packages `cherrypy`, `aiofile`, `aiofiles`, `anyio`, `sanic`, `starlette`, `baize`, and `io`. This will mainly affect the _Uncontrolled data used in path expression_ (`py/path-injection`) query.

2
python/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.9.2
lastReleaseVersion: 0.9.3

2
python/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/python-queries
version: 0.9.3-dev
version: 0.9.4-dev
groups:
- python
- queries