From 4d1b49a7dd0258ae4801fd46487134c4a51443c7 Mon Sep 17 00:00:00 2001 From: yoff Date: Thu, 11 Mar 2021 15:57:44 +0100 Subject: [PATCH] Apply suggestions from code review Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> --- .vscode/settings.json | 5 ++--- .../analyzing-data-flow-in-python.rst | 6 +++--- docs/codeql/codeql-language-guides/codeql-for-python.rst | 2 +- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 8897b69a721..8b22c91bb77 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,4 +1,3 @@ { - "omnisharp.autoStart": false, - "restructuredtext.confPath": "${workspaceFolder}/docs/codeql" -} \ No newline at end of file + "omnisharp.autoStart": false +} diff --git a/docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst b/docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst index bdd7f73767d..5637ae3ec47 100644 --- a/docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst +++ b/docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst @@ -174,7 +174,7 @@ The global data flow library is used by extending the class ``DataFlow::Configur .. code-block:: ql - import csharp + import python class MyDataFlowConfiguration extends DataFlow::Configuration { MyDataFlowConfiguration() { this = "..." } @@ -212,7 +212,7 @@ Global taint tracking is to global data flow what local taint tracking is to loc .. code-block:: ql - import csharp + import python class MyTaintTrackingConfiguration extends TaintTracking::Configuration { MyTaintTrackingConfiguration() { this = "..." } @@ -247,7 +247,7 @@ This query shows a data flow configuration that uses all network input as data s .. code-block:: ql - import csharp + import python import semmle.code.csharp.dataflow.flowsources.PublicCallableParameter class MyDataFlowConfiguration extends DataFlow::Configuration { diff --git a/docs/codeql/codeql-language-guides/codeql-for-python.rst b/docs/codeql/codeql-language-guides/codeql-for-python.rst index 07de774c7ae..3504b1fb2c3 100644 --- a/docs/codeql/codeql-language-guides/codeql-for-python.rst +++ b/docs/codeql/codeql-language-guides/codeql-for-python.rst @@ -19,7 +19,7 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat - :doc:`CodeQL library for Python `: When you need to analyze a Python program, you can make use of the large collection of classes in the CodeQL library for Python. -- :doc:`Analyzing data flow in Python `: You can use CodeQL to track the flow of data through a Python program. Tracking user-controlled, or tainted, data is a key technique for security researchers. +- :doc:`Analyzing data flow in Python `: You can use CodeQL to track the flow of data through a Python program to places where the data is used. - :doc:`Functions in Python `: You can use syntactic classes from the standard CodeQL library to find Python functions and identify calls to them.