Taus
e8ac258994
Python: Add missing flow for AssignmentExpr nodes
...
Also extend the tests surrounding this construct to be a bit more comprehensive.
Co-authored-by: Rasmus Lerchedahl Petersen <yoff@github.com >
2023-10-09 14:16:03 +00:00
erik-krogh
a7ab9fd93b
add change-notes
2023-10-09 09:43:06 +02:00
erik-krogh
194f918c0b
Python: delete various outdated deprecations
2023-10-09 09:14:55 +02:00
erik-krogh
1c9f59e491
Python:delete deprecated files modelling web frameworks
2023-10-09 09:14:54 +02:00
erik-krogh
0d992a3d1f
delete old deprecated aliases of various regex libraries
2023-10-09 09:14:54 +02:00
amammad
ad2631202d
fix comments
2023-10-08 21:32:04 +02:00
amammad
6c8cc79b4d
v1
2023-10-08 21:24:54 +02:00
erik-krogh
4bc4e0845d
delete the deprecated isBarrierGuard predicate from the shared dataflow library, and its uses
2023-10-07 21:48:49 +02:00
Cornelius Riemenschneider
d3a1dbc0c7
Merge pull request #14381 from github/criemen/add-bazel-dbschemes
...
Add skeleton bazel files for accessing the dbschemes.
2023-10-05 16:53:45 +02:00
Cornelius Riemenschneider
96edc1d349
Add skeleton bazel files for accessing the dbschemes.
2023-10-05 09:00:38 +02:00
github-actions[bot]
9fe993bec3
Release preparation for version 2.15.0
2023-10-04 14:15:27 +00:00
Rasmus Wriedt Larsen
9c02b4f21c
Merge pull request #14289 from microsoft/jb1/16-cryptography-models-libraries-and-queries-migration
...
16 cryptography models libraries and queries migration
2023-10-04 12:27:59 +02:00
Josh Brown
de2e8b0b12
explicit "this" qualifiers
2023-10-03 16:13:54 -07:00
Josh Brown
ad86e576a4
autoformat
2023-10-03 13:40:17 -07:00
Josh Brown
b683a3caf8
Merge branch 'main' into jb1/16-cryptography-models-libraries-and-queries-migration
2023-10-04 07:24:29 +11:00
Henry Mercer
da92da2204
Bump minor versions of packs we regularly release
2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51
Merge branch 'main' into henrymercer/rc-3.11-mergeback
2023-10-03 16:30:23 +01:00
Mathew Payne
3ab5fd5ca4
Add RestFramework handler kwargs
2023-10-02 14:58:21 +01:00
Mathew Payne
41bb8377d9
Add change notes
2023-09-29 14:44:36 +01:00
Rasmus Lerchedahl Petersen
177db998c7
Python: add change note
2023-09-29 15:28:08 +02:00
Mathew Payne
eb9b32473e
Add support for ModelViewSet functions
2023-09-29 14:26:39 +01:00
Rasmus Lerchedahl Petersen
ed3ffde5e6
Python: modules are now possibly non-unique
...
We should consider if this is the right way..
2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
4f35a62583
Python: broaden search for imports
...
This now finds vulnerabilities in
https://github.com/github/field-security-codeql/issues/100
2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
d9854eb409
Python: Add QLDoc
2023-09-29 15:10:19 +02:00
Rasmus Lerchedahl Petersen
1d4832cbfe
python: allow namespace packages as packages
...
remove the logic around isPotentialPackage
2023-09-29 15:10:19 +02:00
yoff
dbecb1bd0f
Merge pull request #14070 from yoff/python/promote-nosql-query
...
Python: promote nosql query
2023-09-29 14:21:22 +02:00
Rasmus Wriedt Larsen
9b73bbfc31
Python: Add keyword argument support
...
and a fair bit of refactoring
2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
d6d13f84a9
Python: -> NoSQL in QLDocs
2023-09-29 13:54:21 +02:00
Rasmus Wriedt Larsen
16e1a00e88
Python: NoSQLInjection -> NoSqlInjection
2023-09-29 13:52:51 +02:00
Rasmus Lerchedahl Petersen
97696680e6
Python: require dict sinks be dangerous.
2023-09-29 13:45:23 +02:00
Rasmus Lerchedahl Petersen
f3a01612e8
Python: rename flow states
...
Close to being a revert of
3043633d9c
2023-09-29 13:23:36 +02:00
Rasmus Lerchedahl Petersen
e1708054a4
Python: fix QL alert
2023-09-29 12:06:51 +02:00
Rasmus Lerchedahl Petersen
2d845e3e55
Python: nicer paths
...
turn "the long jump" that would end up
straight at the argument into a short jump
that ends up at the dictionary being written to.
Dataflow takes care of the rest of the path.
2023-09-29 12:02:16 +02:00
yoff
2e028a41ee
Apply suggestions from code review
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2023-09-29 11:32:51 +02:00
yoff
bc17bf69f4
Merge pull request #14317 from yoff/python/fix-regex-string-part-locations
...
Python: Improve computation of regex fragments inside string parts
2023-09-28 14:35:27 +02:00
Rasmus Lerchedahl Petersen
3043633d9c
Python: Some renaming of flow states
2023-09-28 14:24:49 +02:00
Rasmus Lerchedahl Petersen
a8e0023f39
Python: forgot to list framework
2023-09-28 13:42:33 +02:00
Rasmus Lerchedahl Petersen
2a7b593285
Python: Fix QL alerts
2023-09-28 13:35:29 +02:00
Rasmus Lerchedahl Petersen
eb1be08bce
Python: split modelling
2023-09-28 12:54:06 +02:00
Rasmus Lerchedahl Petersen
2a739b3b7a
Python: rename module
2023-09-28 12:54:05 +02:00
Rasmus Lerchedahl Petersen
9682c8218a
Python: rename file
2023-09-28 12:54:05 +02:00
yoff
c2b63830f1
Apply suggestions from code review
...
Claim conversions do not execute inputs in order to remove interaction with `py/unsafe-deserialization`.
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2023-09-28 12:40:37 +02:00
Rasmus Lerchedahl Petersen
37a4f35650
Python: further rename
2023-09-28 11:49:42 +02:00
yoff
8156fa9a4d
Apply naming suggestions from code review
...
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com >
2023-09-28 11:47:10 +02:00
Asger F
0d96ed8aee
Merge pull request #14305 from asgerf/shared/flow-state-inout-barriers
...
Shared: add in/out barriers with flow state
2023-09-28 11:07:23 +02:00
Anders Schack-Mulligen
73521ca16b
Python: Use shared FileSystem library.
2023-09-28 08:58:55 +02:00
Rasmus Lerchedahl Petersen
8ade9ed164
Python: fix inconsistency
...
Since we calculate the end column by offset,
we must believ that the end line is the same
as the start line.
2023-09-26 21:02:14 +02:00
Rasmus Lerchedahl Petersen
35f28c832a
Python: small refactor (reviewer suggestion)
2023-09-26 20:55:35 +02:00
Rasmus Lerchedahl Petersen
f5059a6918
Python: fix computation at part boundaries
2023-09-26 20:51:15 +02:00
Rasmus Lerchedahl Petersen
73aa302bd2
Python: only expose lengths of quote and prefix
2023-09-26 20:45:24 +02:00
