hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

2826 Commits

Author SHA1 Message Date
Dave Bartolomeo
4c53caf021 Update python/ql/lib/change-notes/released/3.1.0.md 2025-01-07 15:58:28 -05:00
Dave Bartolomeo
45c00d6880 Update python/ql/lib/CHANGELOG.md 2025-01-07 15:58:19 -05:00
github-actions[bot]
88b6f1e79a Release preparation for version 2.20.1 2025-01-07 20:50:36 +00:00
Dave Bartolomeo
72a53c4b23 Revert "Release preparation for version 2.20.1" 2025-01-07 13:32:23 -05:00
Dave Bartolomeo
cb31394729 Update python/ql/lib/CHANGELOG.md 2025-01-07 12:23:52 -05:00
Dave Bartolomeo
2e46d26eca Update python/ql/lib/change-notes/released/3.1.0.md 2025-01-07 12:22:31 -05:00
github-actions[bot]
fbf9f2fff8 Release preparation for version 2.20.1 2025-01-07 17:20:13 +00:00
Dave Bartolomeo
22e030584c Revert "Release preparation for version 2.20.1" 2025-01-07 12:14:27 -05:00
Dave Bartolomeo
8a2398aaf0 Update python/ql/lib/CHANGELOG.md 2025-01-06 13:26:09 -05:00
github-actions[bot]
a121c5a5d0 Release preparation for version 2.20.1 2025-01-06 18:20:22 +00:00
Rasmus Wriedt Larsen
a9704d8de0 Update change-note wording 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2024-12-19 14:08:23 +01:00
Rasmus Wriedt Larsen
2b3fc9b36c Python: Add change-note 2024-12-18 16:02:02 +01:00
Rasmus Wriedt Larsen
34631a8784 Python: Model FastAPI requests 
Co-authored-by: Joe Farebrother <joefarebrother@github.com>
 2024-12-18 15:58:51 +01:00
Michael Nebel
aaf0cd5dee Merge pull request #17968 from michaelnebel/java/movetestutils 
Move test utilities to the query pack.
 2024-12-16 13:41:30 +01:00
Geoffrey White
03f962ed86 Merge pull request #18226 from geoffw0/badcrypto 
Rust: Weak encryption algorithm query.
 2024-12-12 14:21:16 +00:00
Michael Nebel
0bfc1b6ea8 Also move the postprocessing queries to the library pack. 2024-12-12 15:03:03 +01:00
Michael Nebel
941b0abbf6 Move modules to the library packs. 2024-12-12 15:03:01 +01:00
Geoffrey White
44a0ad2942 Update data-flow -> data flow in all versions of ConceptsShared.qll. 2024-12-12 13:36:26 +00:00
Michael Nebel
2321ca59f6 Python: Update all test util paths to point to the new location. 2024-12-12 13:54:30 +01:00
Joe Farebrother
ef1d898b0d Add qldoc 2024-12-09 19:57:39 +00:00
Joe Farebrother
ebaab89933 Formatting updates 2024-12-09 19:57:25 +00:00
Joe Farebrother
55557f8dd3 Use API graohs directly 2024-12-09 19:57:07 +00:00
Joe Farebrother
cea196ec61 Add concepts tests + some fixes 2024-12-09 19:55:42 +00:00
Joe Farebrother
71ab82dee0 Fix qldoc, formatting, and redundant import warnings 2024-12-09 19:55:21 +00:00
Joe Farebrother
b2c13fe351 Promote template injection sinks for each framework covered 
`Cheetah` was excluded as it was last updated 15 years ago and its documentation links are dead.
 2024-12-09 19:55:17 +00:00
Joe Farebrother
60d8a85a9c Promote jinja sinks 2024-12-09 19:54:57 +00:00
Joe Farebrother
8647073433 Copy template injection to standard pack + add jinja sinks 2024-12-09 19:47:06 +00:00
yoff
81c8a702ff Merge pull request #18112 from github/tausbn/add-api-graph-support-for-parameter-annotations 2024-12-05 15:05:27 +01:00
github-actions[bot]
cf71a1525b Post-release preparation for codeql-cli-2.20.0 2024-12-04 18:36:17 +00:00
github-actions[bot]
96564b7128 Release preparation for version 2.20.0 2024-12-04 16:01:14 +00:00
Henry Mercer
963f084d87 Merge branch 'main' into henrymercer/merge-back-rc-3.16 2024-12-04 13:39:10 +00:00
Anders Schack-Mulligen
8a5fc97b06 Python: Remove deprecated configuration classes referencing deleted api. 2024-12-03 20:08:45 +01:00
Anders Schack-Mulligen
cca27e4c77 Add change notes for all languages. 2024-12-03 19:42:33 +01:00
Anders Schack-Mulligen
acc260cc3c Python: Delete deprecated data flow api. 2024-12-03 14:41:49 +01:00
Taus
d779ae5c3e Python: Add change note for CFG pruning fix 
... And also bump the extractor version.
 2024-11-26 15:39:15 +00:00
Taus
2734377e5d Python: Add API graph support for parameter annotations 
Adds API graph support for observing that in
```python
def foo(x : Bar): ...
```
The variable `x` is likely to be an instance of the type `Bar` inside
this function.
In particular, we add `getInstanceFromAnnotation` as a predicate on API
graph nodes that tracks this step (corresponding to a new edge type
labeled with "annotation" in the API graph), and extend the existing
`getAnInstance` predicate to also include instances arising from type
annotations.

A more complete solution would also add support for annotated
assignments (`x : Foo = ...` or just `x : Foo`) as well as track types
through type aliases (`type Foo = Bar`). This turns out to be
non-trivial, however, as these type constructs don't have any CFG nodes
(and so no data-flow nodes by default either). In order to not have
perfect be the enemy of good, this commit is only targeting the type
parameter case (which is also likely to be the most common use case
anyway).

The tests for API graphs have been extended accordingly, including tests
for the kinds of type ascriptions that we _don't_ currently model in API
graphs (marked with `MISSING:` in the inline tests).
 2024-11-26 13:03:06 +00:00
Alexander Eyers-Taylor
c0474c4e45 Revert "Revert "Post-release preparation for codeql-cli-2.19.4"" 2024-11-21 15:37:52 +00:00
Alexander Eyers-Taylor
4effe9e364 Revert "Post-release preparation for codeql-cli-2.19.4" 2024-11-21 14:43:15 +00:00
github-actions[bot]
3909df75dc Post-release preparation for codeql-cli-2.19.4 2024-11-19 17:54:03 +00:00
github-actions[bot]
9783a11565 Release preparation for version 2.19.4 2024-11-19 16:21:37 +00:00
yoff
22287be5d1 Merge pull request #17370 from Kwstubbs/Bottle/Tornado-HeaderSupport 
Python: Bottle Framework Support
 2024-11-19 15:34:26 +01:00
github-actions[bot]
f107d16b4e Post-release preparation for codeql-cli-2.19.3 2024-11-04 17:20:08 +00:00
github-actions[bot]
cc7b724123 Release preparation for version 2.19.3 2024-11-04 16:37:28 +00:00
Anders Schack-Mulligen
b556590ef8 Merge pull request #17663 from aschackmull/dataflow/speculative-flow 
Dataflow: Add support for speculative taint flow.
 2024-10-31 08:12:43 +01:00
Kevin Stubbings
ac411f1254 Second round feedback 2024-10-30 13:52:38 -07:00
Kevin Stubbings
0483b8004c Feedback 2024-10-29 15:45:11 -07:00
yoff
c78aeec2ec Update python/ql/lib/semmle/python/frameworks/Pycurl.qll 2024-10-24 11:44:16 +02:00
Porcupiney Hairs
c74f6f587f Merge branch 'main' into pyloadSsl 2024-10-21 20:09:05 +05:30
Porcupiney Hairs
f6369a6ed7 Include changes from review 2024-10-21 20:01:44 +05:30
Porcupiney Hairs
7ef2d79b3f Include changes from review 2024-10-21 03:28:19 +05:30