hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,514 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.3
Commit Graph

9375 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
a892e83c8e python: add simple test for AWS lambda 
made space for other serverless frameworks in the directory `serverless`
 2023-07-12 16:42:00 +02:00
Rasmus Wriedt Larsen
98ed5cf522 Python: Move not this instanceof ParameterDefinition logic 2023-07-12 11:31:27 +02:00
Rasmus Wriedt Larsen
83ca47f32c Python: Add change-note 2023-07-11 11:33:06 +02:00
Rasmus Wriedt Larsen
a1225674ee Python: Add implementation note about why not targeting ESSA node 2023-07-11 11:32:26 +02:00
Jeroen Ketema
92ee31849c Merge pull request #13643 from jketema/inline-5 
Rework the remaining inline expectation tests to use the parameterized module
 2023-07-11 11:29:14 +02:00
Mathias Vorreiter Pedersen
a4c0063ab1 Merge pull request #13679 from MathiasVP/speedup-big-step 
DataFlow: Speed up the big step relation
 2023-07-11 09:44:17 +01:00
Jeroen Ketema
8cee4f37a4 Merge branch 'main' into inline-5 2023-07-11 10:30:11 +02:00
Asger F
d88f557dbe Merge pull request #13683 from asgerf/rb/api-graph-noobject 
Ruby: exclude Object class from API graph
 2023-07-10 12:51:15 +02:00
Mathias Vorreiter Pedersen
44f23bfa59 Merge pull request #13690 from github/post-release-prep/codeql-cli-2.14.0 
Post-release preparation for codeql-cli-2.14.0
 2023-07-07 23:39:38 +01:00
github-actions[bot]
13cf054a9d Post-release preparation for codeql-cli-2.14.0 2023-07-07 14:55:41 +00:00
Rasmus Wriedt Larsen
44c67171f2 Python: Fix default parameter value flow 
Somehow the previous fix didn't work :O
 2023-07-07 16:17:07 +02:00
Rasmus Wriedt Larsen
a850a481d0 Merge pull request #13676 from RasmusWL/aiohttp-ssrf-sink 
Python: Relax restriction of flow through `async with`
 2023-07-07 14:55:57 +02:00
Rasmus Wriedt Larsen
43b025015d Python: Avoid overlap between AssignmentDefinition and ParameterDefinition 2023-07-07 14:26:28 +02:00
Rasmus Wriedt Larsen
4e8a1144f2 Python: Remove explicit jumpStep for default parameter values 
tests added in https://github.com/github/codeql/pull/5238
functionality added in https://github.com/github/codeql/pull/6640
 2023-07-07 14:24:51 +02:00
Rasmus Wriedt Larsen
4920557c36 Merge pull request #13670 from jorgectf/seclab/xxe-sanitizer 
Python: Add `markupsafe` as XXE sanitizer
 2023-07-07 12:30:26 +02:00
Rasmus Wriedt Larsen
70994b9c57 Python: Accept points-to .expected changes 
They look pretty safe to me, but haven't given them a whole lot of
thought.
 2023-07-07 12:14:19 +02:00
Rasmus Wriedt Larsen
c5e8e232e5 Python: Fix dataflow consistencies for default parameter values 2023-07-07 11:55:07 +02:00
Rasmus Wriedt Larsen
6f3cb67050 Python: Model parameter with default value as DefinitionNode 2023-07-07 11:54:50 +02:00
Rasmus Wriedt Larsen
64a86e8fd7 Python: Update inline expectations 2023-07-07 11:32:05 +02:00
Rasmus Wriedt Larsen
cfd2d09a61 Python: Add test for DefinitionNode default parameter value 2023-07-07 11:00:16 +02:00
Mathias Vorreiter Pedersen
1064efa8b3 Update python/ql/lib/change-notes/released/0.10.0.md 2023-07-07 09:25:03 +01:00
Mathias Vorreiter Pedersen
82ff045315 Update python/ql/lib/CHANGELOG.md 2023-07-07 09:24:50 +01:00
github-actions[bot]
6484ee106e Release preparation for version 2.14.0 2023-07-07 08:22:14 +00:00
Asger F
86b5f0adc7 Revert "Merge pull request #13620 from github/revert-13496-rb/tracking-on-demand" 
This reverts commit 133de56ac2, reversing
changes made to 28a8e48351.
 2023-07-07 09:42:34 +02:00
Rasmus Wriedt Larsen
bea07002d3 Python: Expand captured-variable test with default param 2023-07-06 17:21:29 +02:00
Dave Bartolomeo
9631e9f2f1 Bump minor version numbers post-GHES 2023-07-06 10:10:01 -04:00
Dave Bartolomeo
2bb9adfbf1 Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10 2023-07-06 10:00:46 -04:00
Rasmus Wriedt Larsen
30cf213372 Python: Add change-note 2023-07-06 15:04:49 +02:00
Rasmus Wriedt Larsen
a0dfbfd96f Python: Fix grammar in qldoc 
Co-authored-by: Taus <tausbn@github.com>
 2023-07-06 15:04:21 +02:00
Mathias Vorreiter Pedersen
83d0dec0fb DataFlow: Sync identical files. 2023-07-06 14:00:00 +01:00
Rasmus Wriedt Larsen
1f93e5b58d Python: Relax restriction of flow through async with 2023-07-06 11:51:58 +02:00
Rasmus Wriedt Larsen
43af8d7ac5 Python: Fix test to use async with 
It doesn't work if just using plain `with`
 2023-07-06 11:34:05 +02:00
Rasmus Wriedt Larsen
79039dc7b8 Python: Wrap aiohttp client request in async def 
And I added `await` before all the `resp` assignments
 2023-07-06 11:29:14 +02:00
jorgectf
c82ab2b2ab Add markupsafe as XXE sanitizer 
Co-authored-by: Kevin Stubbings <Kwstubbs@users.noreply.github.com>
 2023-07-05 20:23:20 +02:00
Michael Nebel
238f390738 Merge pull request #13452 from michaelnebel/refactorstackprinting 
Re-factor printing of summary component stacks.
 2023-07-04 08:29:10 +02:00
Michael Nebel
243c592447 Address review comments. 2023-07-03 17:01:08 +02:00
Michael Nebel
bddd22f522 Sync files and make language specific adjustments. 2023-07-03 14:36:07 +02:00
Michael Nebel
d62a5524f8 Python: Improve AccessPath printing. 2023-07-03 14:36:06 +02:00
Michael Nebel
c18f4b1604 Sync files and make language specific rename. 2023-07-03 14:36:06 +02:00
Jeroen Ketema
5d855594ba Python: Use correct class in inline expectation test 
These were missed earlier, and still referred to the classes from the legacy
interface and not the parameterized module.
 2023-07-03 10:23:26 +02:00
Jeroen Ketema
abe06e5b95 Python: Update remaining inline expectation tests to use the paramterized module 2023-07-03 10:22:35 +02:00
amammad
2ba83022c7 delete old qhelp file 2023-07-01 04:49:35 +10:00
Chuan-kai Lin
ce464a7d69 Remove pragma[assume_small_delta] 2023-06-30 11:09:29 -07:00
amammad
931f492df2 cleaning up mistakes 2023-06-30 23:03:29 +10:00
amammad
6f34c3225b Merge branch 'github:main' into amammad-python-WebAppsConstatntSecretKeys 2023-06-30 22:36:45 +10:00
amammad
816799c4ba upgrade query to detect redash CVE too 2023-06-30 22:14:50 +10:00
github-actions[bot]
668aaa2dc8 Post-release preparation for codeql-cli-2.13.5 2023-06-30 08:51:48 +00:00
Asger F
5d1a437e9c Revert "Ruby: overhaul API graphs" 2023-06-29 15:39:19 +02:00
amammad
7aa002fa2a fix an accident :) 2023-06-29 22:20:46 +10:00
amammad
7a17b99c17 V2 2023-06-29 20:55:51 +10:00