hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

2826 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
6c8cb0dc5e Merge pull request #12930 from aschackmull/dataflow/split-typedcontent 
Dataflow: Refactor access paths to split TypedContent into an explicit pair
 2023-05-01 14:58:15 +02:00
erik-krogh
18f8c69261 satisfy the signature of HostnameRegexpSig, which doesn't understand RegExpSink 2023-05-01 10:49:51 +02:00
erik-krogh
d5029c94b6 changes based on review 2023-05-01 10:42:15 +02:00
erik-krogh
a7f733ab8c move RegExpInterpretation into Concepts.qll 2023-05-01 10:42:15 +02:00
erik-krogh
2fad406b5c move StdLibRegExpInterpretation to Stdlib.qll 2023-05-01 10:42:15 +02:00
erik-krogh
a64848c022 simplify StdLibRegExpInterpretation to only consider re.compile, because the rest is handled by RegexExecution 2023-05-01 10:42:14 +02:00
erik-krogh
113ce61d40 fix nit in qldoc 2023-05-01 10:42:14 +02:00
erik-krogh
2d2602b668 use that strings are local-source-nodes in regex-tracking 2023-05-01 10:42:14 +02:00
erik-krogh
3cde11efc8 use StrConst instead of Bytes and Unicode 2023-05-01 10:42:14 +02:00
erik-krogh
f2adc4f958 add missing qldoc 2023-05-01 10:42:14 +02:00
erik-krogh
59cc90e547 move Regex into a ParseRegExp file, and rename the class to RegExp 2023-05-01 10:42:14 +02:00
erik-krogh
556bb41999 move all code to find Regex flag into a module 2023-05-01 10:42:14 +02:00
erik-krogh
f0254fc089 introduce RegExpInterpretation instead of RegexString, and move RegexTreeView.qll into a regexp folder 2023-05-01 10:42:13 +02:00
erik-krogh
e677b62241 use type-tracking instead of global dataflow for tracking regular expressions 2023-05-01 10:41:53 +02:00
Rasmus Wriedt Larsen
1bba5258d6 Merge pull request #11280 from RasmusWL/dict-dataflow-steps 
Python: Support more dictionary read/store steps
 2023-04-30 16:07:29 +02:00
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
Mathias Vorreiter Pedersen
e506f638fc DataFlow: Sync identical files. 2023-04-27 18:40:33 +01:00
yoff
54ced06ada Merge branch 'main' into python/captured-variables-for-typetracking 2023-04-27 17:32:41 +02:00
Anders Schack-Mulligen
71ae0909d8 Dataflow: Enforce type pruning in all forward stages. 2023-04-27 14:55:26 +02:00
Anders Schack-Mulligen
9140cbefc0 Dataflow: Sync. 2023-04-27 14:55:23 +02:00
Anders Schack-Mulligen
246d904712 Merge pull request #12948 from aschackmull/dataflow/pathnode-type-tostring 
Dataflow: Add type to PathNode.toString.
 2023-04-27 14:14:10 +02:00
Arthur Baars
128d102bbc Merge pull request #12871 from aibaars/py-yaml 
Python: add YAML support
 2023-04-26 18:13:26 +02:00
Rasmus Wriedt Larsen
d274fa16a1 Python: Hide ModuleVariableNode in data-flow paths 
They just add an extra step, and don't actually contribute any good
information for end-users.
 2023-04-26 16:04:16 +02:00
Rasmus Wriedt Larsen
0c4bcec39e Python: Fix ModuleVariableNode.toString 
In some cases mod.getName() does not have a result, so toString of
ModuleVariableNode would also not have a result, which would cause
data-flow paths that use these as an edge to not be valid :O
 2023-04-26 16:03:21 +02:00
Anders Schack-Mulligen
d681671356 Dataflow: Sync. 2023-04-26 14:45:07 +02:00
Arthur Baars
5b6d3afd89 Python: Yaml printAst and tests 2023-04-26 13:41:57 +02:00
Rasmus Wriedt Larsen
1a97e8f329 Python: Add flow-step for arg[1] to dict.setdefault 2023-04-26 13:30:11 +02:00
Arthur Baars
c1c2bcf419 Python: rename YAML.qll to Yaml.qll 2023-04-26 12:44:53 +02:00
yoff
d4953ef26a Merge branch 'main' into python/captured-variables-for-typetracking 2023-04-25 21:32:18 +02:00
Rasmus Lerchedahl Petersen
141c5af30e Merge branch 'main' of https://github.com/github/codeql into python/captured-variables-for-typetracking 2023-04-25 14:07:11 +02:00
Kasper Svendsen
361b15b2c7 Merge branch 'main' into kaspersv/prevent-python-join-order-regression 2023-04-24 13:35:07 +02:00
Rasmus Lerchedahl Petersen
a25c7f7549 Merge branch 'main' of https://github.com/github/codeql into python/captured-variables-for-typetracking 2023-04-24 11:50:32 +02:00
Arthur Baars
b919547e31 Add change note 2023-04-21 17:42:02 +02:00
Arthur Baars
bc44b9e4fb Python: update stats for YAML tables 2023-04-21 17:42:02 +02:00
Arthur Baars
c4a7353583 Python: upgrade/downgrade scripts 2023-04-21 17:42:02 +02:00
Arthur Baars
f61565cab1 Python: add YAML library 2023-04-21 17:42:02 +02:00
Arthur Baars
9c25c150a3 Python: add YAML dbscheme fragment 2023-04-21 17:42:02 +02:00
Rasmus Wriedt Larsen
4094ec5fcc Python: Change additional dict store/read steps to not affect taint-tracking 2023-04-21 14:43:24 +02:00
Rasmus Wriedt Larsen
e0e978bd3e Python: Fix ql4ql alerts 2023-04-21 14:18:50 +02:00
Rasmus Wriedt Larsen
b56869551d Python: Support more dictionary read/store steps 
The `setdefault` behavior is kinda strange, but no reason not to support
it.
 2023-04-21 14:18:50 +02:00
Kasper Svendsen
603a97faf9 Prevent Python join order regression 2023-04-20 13:44:30 +02:00
Michael Nebel
656d8d2451 Sync files. 2023-04-20 11:29:51 +02:00
github-actions[bot]
648f0e19ec Post-release preparation for codeql-cli-2.13.0 2023-04-17 15:39:24 +00:00
Jeroen Ketema
0c7346707b Fix minor issues with change notes 2023-04-14 15:37:04 +02:00
github-actions[bot]
075d063370 Release preparation for version 2.13.0 2023-04-14 13:31:30 +00:00
Alex Eyers-Taylor
c6a482819a Bump all qlpacks major versions 2023-04-13 19:15:27 +01:00
Michael Nebel
52bc43b22b Merge pull request #12595 from michaelnebel/enhanceprovenance 
Java/C# : Enhance provenance.
 2023-04-13 14:27:53 +02:00
Alex Ford
8c46bfd051 Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Michael Nebel
1d82b09ec1 Sync files. 2023-04-13 09:21:05 +02:00
Chris Smowton
7eefa43f5a Rename and document viableArgParamSpecific to make clear it is a temporary hook. 2023-04-12 14:33:46 +01:00