hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

9380 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
32251a041b Python: Fill getFullyQualifiedName for rest of subclassing specs 2023-12-19 17:07:02 +01:00
Rasmus Wriedt Larsen
a78f13cb2e Python: Ignore known subclass models 2023-12-19 17:07:02 +01:00
Rasmus Wriedt Larsen
24a3a23c9c Python: Regenerate rest_framework models 2023-12-19 17:07:02 +01:00
Rasmus Wriedt Larsen
3e878f5a0b Python: Model django response subclass relationship 2023-12-19 17:07:02 +01:00
Rasmus Wriedt Larsen
abe6f1639a Python: Add example of models subclassing problem 
In reality, we only want to model this as a `rest_framework.response.Response`, since our .qll modeling is more precise for rest-framework responses than if we also modeled it as a basic django http response. (specifically, that default mime-type handling is way different).
 2023-12-19 17:07:02 +01:00
Rasmus Wriedt Larsen
5c89c38c92 Python: Add the rest_framework models for demonstration purposes 
Although it might be hidden by github UI by default, it could be
interesting for a reviewer to notice the effect changes in the modeling
query has to the results in this file.
 2023-12-19 17:07:02 +01:00
Rasmus Wriedt Larsen
ee3319b7b0 Python: Make split/join executable (chmod +x) 2023-12-19 17:07:02 +01:00
Rasmus Wriedt Larsen
cfd3f8938e Python: Highlight split/join subclass files usage 2023-12-19 17:07:02 +01:00
Rasmus Wriedt Larsen
933938d926 Python: Make rest_framework tests runnable again 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
3e6423a13c Python: Add ability to split and join autogenerated yml files 
Verified by joining all files, splitting again, and observing no diff in
git.

(these operations only take a few seconds on my local machine, so
shouldn't be too much of an issue)
 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
f30a3b0aba Python: Script: Improve performance by using C++ impl 
these changes took performance for loading and writing all files locally
29.60s to 3.17s

(that is, using `gather_from_existing`)
 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
13c2378b58 Python: Update a few QLdocs 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
937af906fd Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
0fe29b6a86 Python: Recover subclass finder .expected after cherry picking commits from https://github.com/github/codeql/pull/15030 2023-12-19 17:07:01 +01:00
Rasmus Lerchedahl Petersen
75f9eeb4e9 Python: adjust test expectations 
mostly removing of nodes from the graph.
One result lost:
```
check("submodule.submodule_attr", submodule.submodule_attr, "submodule_attr", globals()) #$ MISSING:prints=submodule_attr
```
 2023-12-19 17:07:01 +01:00
Rasmus Lerchedahl Petersen
c563c7fbe4 Python: remove control flow nodes 
for module entry definitions from the dataflow graph.
 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
e050f2e998 Python: Adjust subclass finder to no ESSA nodes 
But the new test results looks very strange indeed!
 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
60b784a919 Python: Don't filter subclass tests away 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
a9a0216c43 Python: Add change-note 2023-12-19 17:07:01 +01:00
Rasmus Wriedt Larsen
fa3e16adea Python: Refactor taint-sinks meta queries 2023-12-19 17:07:01 +01:00
github-actions[bot]
8f72b0e4f7 Post-release preparation for codeql-cli-2.15.5 2023-12-19 10:32:57 +00:00
Rasmus Wriedt Larsen
2305d55967 Merge pull request #15101 from yoff/python/update-InlineTaintTestPaths-to-new-api 
Python: update to new API update is in a comment, so compilation never failed in CI.
 2023-12-19 11:10:55 +01:00
yoff
1417c2cdd5 Update python/ql/lib/change-notes/2023-12-18-support-variable-capture.md 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-12-19 10:08:59 +01:00
yoff
a60c52b8b7 Merge branch 'main' into python/captured-variables-basic 2023-12-18 23:44:46 +01:00
Rasmus Lerchedahl Petersen
8b7b58279a Python: add change-note 
I chose `category: majorAnalysis`, the description is
"An API has changed in a way that may affect the results produced
by a query that consumes the API."
The API in question here is `flowPath` which is used by all our
data flow queries.
 2023-12-18 23:42:39 +01:00
Rasmus Lerchedahl Petersen
78c484faab Python: remove support for capturing callbacks 
This will be added in a follow-up PR instead.
 2023-12-18 23:24:57 +01:00
Rasmus Lerchedahl Petersen
6e4011d2ae Python: rename sythetic nodes 
Avoid the term "closure" as it is somewhat academic.
 2023-12-18 23:16:51 +01:00
Rasmus Lerchedahl Petersen
c0b3d98c6d Python: Add a bit more detail to comment. 2023-12-18 22:44:26 +01:00
Rasmus Lerchedahl Petersen
456209b269 Python: Move predicate closer to its use 2023-12-18 22:29:09 +01:00
Rasmus Lerchedahl Petersen
86bb884f67 Python: better comment 2023-12-18 22:26:46 +01:00
github-actions[bot]
19af35b29a Release preparation for version 2.15.5 2023-12-18 21:22:44 +00:00
Rasmus Lerchedahl Petersen
7324177786 Python: address QL alerts 2023-12-18 22:20:28 +01:00
Rasmus Lerchedahl Petersen
25c83dc70d Python: adjust comment 2023-12-18 22:15:37 +01:00
Rasmus Lerchedahl Petersen
bf1ad23678 Python: add comments 
- on debug predicates
- on JS implementation
 2023-12-18 22:00:13 +01:00
Rasmus Lerchedahl Petersen
c88d686ce4 Python: move SynthCapturePostUpdateNode 
next to `SynthCaptureNode`
 2023-12-18 21:37:52 +01:00
yoff
f50817e92a Merge pull request #15104 from RasmusWL/fewer-meta-queries 
Python: Remove `@tags meta` from internal debug queries
 2023-12-18 21:27:33 +01:00
yoff
e0c027f13c Merge pull request #14848 from hvitved/python/shared-type-tracking 
Python: Adopt shared type tracking library
 2023-12-18 21:14:42 +01:00
Rasmus Lerchedahl Petersen
d6544cc550 Python: remove consistency exclusion 2023-12-18 15:24:49 +01:00
Tom Hvitved
a776132a10 Python: Deprecate more predicates 2023-12-18 13:05:17 +01:00
Rasmus Lerchedahl Petersen
64655a0ea8 Python: Use enw class name 2023-12-16 01:36:46 +01:00
Rasmus Lerchedahl Petersen
b505778bc8 Python: remove non-local steps 2023-12-16 01:03:27 +01:00
Rasmus Lerchedahl Petersen
661ba1ca7b Python: move restriction into branch predicate 
Otherwise we get loads of nodes with missing locations
from the brnach nodes that are not matched.
 2023-12-16 00:33:11 +01:00
Rasmus Lerchedahl Petersen
5de1725648 Python: update class name 2023-12-15 23:50:29 +01:00
Rasmus Lerchedahl Petersen
4a1fcde649 Python: abandon synthetic node 
for `CapturingClosureArgumentNode`.

Unless we define it for every single `CallNode`, we need a more
sophisticated mutual recursion with the call graph construction.
There is built-in support for that, but we are currently not using it.
 2023-12-15 23:42:29 +01:00
Rasmus Lerchedahl Petersen
e36b079e0f Python: fix compilation error 
introduced by bad merge
 2023-12-15 21:27:22 +01:00
Rasmus Lerchedahl Petersen
416ba6a709 Python: use updated API 2023-12-15 21:26:05 +01:00
Rasmus Lerchedahl Petersen
1ee11ae7af Merge branch 'main' of https://github.com/github/codeql into python/captured-variables-basic 2023-12-15 14:31:57 +01:00
Rasmus Lerchedahl Petersen
8601105988 Python: Address TODO comment 2023-12-15 14:03:38 +01:00
Rasmus Lerchedahl Petersen
e1bf2821d9 Python: split variable capture instantiation out 
into its own file.
 2023-12-15 13:59:52 +01:00
Rasmus Lerchedahl Petersen
f668453d01 Python: move things around 2023-12-15 13:48:50 +01:00