Taus
8e1bb4b364
Python: Accept moved consistency test results
...
Co-authored-by: Rasmus Lerchedahl Petersen <yoff@github.com >
2023-10-10 09:22:36 +00:00
amammad
4283bb7d48
clean up unused vars,fix tests
2023-10-09 23:15:58 +02:00
amammad
9d86e7946c
move library file to experimental lib directory
2023-10-09 23:10:30 +02:00
amammad
1318afdb27
modularize
2023-10-09 23:07:52 +02:00
Erik Krogh Kristensen
4489e2bf28
Merge pull request #14403 from erik-krogh/dDEps
...
All: delete outdated deprecations
2023-10-09 21:04:55 +02:00
amammad
3175db226e
upgrade fastAPI remote sources
2023-10-09 20:51:19 +02:00
Taus
e8ac258994
Python: Add missing flow for AssignmentExpr nodes
...
Also extend the tests surrounding this construct to be a bit more comprehensive.
Co-authored-by: Rasmus Lerchedahl Petersen <yoff@github.com >
2023-10-09 14:16:03 +00:00
Erik Krogh Kristensen
625e889c62
Merge pull request #14339 from erik-krogh/range-printing
...
JS/PY/RB/Java: escape unicode chars in overly-large-range
2023-10-09 14:22:38 +02:00
erik-krogh
a7ab9fd93b
add change-notes
2023-10-09 09:43:06 +02:00
erik-krogh
194f918c0b
Python: delete various outdated deprecations
2023-10-09 09:14:55 +02:00
erik-krogh
1c9f59e491
Python:delete deprecated files modelling web frameworks
2023-10-09 09:14:54 +02:00
erik-krogh
0d992a3d1f
delete old deprecated aliases of various regex libraries
2023-10-09 09:14:54 +02:00
amammad
ad2631202d
fix comments
2023-10-08 21:32:04 +02:00
amammad
6c8cc79b4d
v1
2023-10-08 21:24:54 +02:00
erik-krogh
4bc4e0845d
delete the deprecated isBarrierGuard predicate from the shared dataflow library, and its uses
2023-10-07 21:48:49 +02:00
Cornelius Riemenschneider
d3a1dbc0c7
Merge pull request #14381 from github/criemen/add-bazel-dbschemes
...
Add skeleton bazel files for accessing the dbschemes.
2023-10-05 16:53:45 +02:00
Cornelius Riemenschneider
96edc1d349
Add skeleton bazel files for accessing the dbschemes.
2023-10-05 09:00:38 +02:00
github-actions[bot]
9fe993bec3
Release preparation for version 2.15.0
2023-10-04 14:15:27 +00:00
Rasmus Wriedt Larsen
9c02b4f21c
Merge pull request #14289 from microsoft/jb1/16-cryptography-models-libraries-and-queries-migration
...
16 cryptography models libraries and queries migration
2023-10-04 12:27:59 +02:00
Josh Brown
de2e8b0b12
explicit "this" qualifiers
2023-10-03 16:13:54 -07:00
Josh Brown
ad86e576a4
autoformat
2023-10-03 13:40:17 -07:00
Josh Brown
b683a3caf8
Merge branch 'main' into jb1/16-cryptography-models-libraries-and-queries-migration
2023-10-04 07:24:29 +11:00
Henry Mercer
da92da2204
Bump minor versions of packs we regularly release
2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51
Merge branch 'main' into henrymercer/rc-3.11-mergeback
2023-10-03 16:30:23 +01:00
Mathew Payne
a23904ca39
Add taint tests
2023-10-02 15:09:11 +01:00
Mathew Payne
3ab5fd5ca4
Add RestFramework handler kwargs
2023-10-02 14:58:21 +01:00
Rasmus Wriedt Larsen
3162033d56
Python: Make tests run for django rest framework
2023-09-29 16:21:04 +02:00
Mathew Payne
41bb8377d9
Add change notes
2023-09-29 14:44:36 +01:00
Mathew Payne
19c93b0228
Add RestFramework tests
2023-09-29 14:41:57 +01:00
Rasmus Lerchedahl Petersen
177db998c7
Python: add change note
2023-09-29 15:28:08 +02:00
Mathew Payne
eb9b32473e
Add support for ModelViewSet functions
2023-09-29 14:26:39 +01:00
Rasmus Lerchedahl Petersen
ed3ffde5e6
Python: modules are now possibly non-unique
...
We should consider if this is the right way..
2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
be506c64ba
Python: update test-expectations
...
These are semantic differences.
They generally look good, except perhaps
we should exclude illegal package names?
(It passes `legalShortName`, though).
2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
4f35a62583
Python: broaden search for imports
...
This now finds vulnerabilities in
https://github.com/github/field-security-codeql/issues/100
2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
d9854eb409
Python: Add QLDoc
2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
1d4832cbfe
python: allow namespace packages as packages
...
remove the logic around isPotentialPackage
2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
362cf107a4
python: add tests for module import
...
- `--max-import-depth=3` to give points-to a chance
- `not_root` dir to force namespace package logic
- add usage in `example.py` to get files extracted
2023-09-29 15:10:19 +02:00
yoff
dbecb1bd0f
Merge pull request #14070 from yoff/python/promote-nosql-query
...
Python: promote nosql query
2023-09-29 14:21:22 +02:00
Rasmus Wriedt Larsen
9b73bbfc31
Python: Add keyword argument support
...
and a fair bit of refactoring
2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
d6d13f84a9
Python: -> NoSQL in QLDocs
2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
3676262313
Python: Clean trailing whitespace
2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
d7ad5a0f23
Python: List NoSQL injection sinks
2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
16e1a00e88
Python: NoSQLInjection -> NoSqlInjection
2023-09-29 13:52:51 +02:00
Rasmus Lerchedahl Petersen
97696680e6
Python: require dict sinks be dangerous.
2023-09-29 13:45:23 +02:00
Rasmus Lerchedahl Petersen
f3a01612e8
Python: rename flow states
...
Close to being a revert of
3043633d9c
2023-09-29 13:23:36 +02:00
Rasmus Lerchedahl Petersen
e1708054a4
Python: fix QL alert
2023-09-29 12:06:51 +02:00
Rasmus Lerchedahl Petersen
2d845e3e55
Python: nicer paths
...
turn "the long jump" that would end up
straight at the argument into a short jump
that ends up at the dictionary being written to.
Dataflow takes care of the rest of the path.
2023-09-29 12:02:16 +02:00
Rasmus Lerchedahl Petersen
74d6f37467
Python: update meta query TaintSinks
2023-09-29 12:02:16 +02:00
yoff
2e028a41ee
Apply suggestions from code review
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2023-09-29 11:32:51 +02:00
erik-krogh
5d4b542995
escape unicode chars in overly-large-range
2023-09-28 20:16:09 +02:00
