hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

907 Commits

Author SHA1 Message Date
Rebecca Valentine
1e76720a92 Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-04-03 20:25:53 -07:00
Rebecca Valentine
e0f26d4f7e Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Updates expected results 2020-04-03 20:11:42 -07:00
Taus
d540bf6ce5 Merge pull request #3039 from BekaValentine/python-objectapi-to-valueapi-returnvalueignored 
Python: ObjectAPI to ValueAPI: ReturnValueIgnored
 2020-04-02 11:42:01 +02:00
Rebecca Valentine
97b4077162 Merge branch 'master' into python-objectapi-to-valueapi-signatureoverriddenmethod 2020-04-01 07:42:10 -07:00
Rebecca Valentine
12377badf9 Merge branch 'master' into python-objectapi-to-valueapi-returnvalueignored 2020-04-01 07:37:17 -07:00
Rebecca Valentine
093eb71433 Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Adds getAReturnType 2020-04-01 00:17:12 -07:00
Rebecca Valentine
eb4a567a34 Merge branch 'master' into python-objectapi-to-valueapi-signatureoverriddenmethod 2020-03-31 23:36:15 -07:00
Rebecca Valentine
eab31d3bef Python: ObjectAPI to ValueAPI: SignatureOverriddenMethod: Updates expected results 2020-03-31 23:34:17 -07:00
Taus Brock-Nannestad
87a9f51c78 Python: Autoformat all .ql files. 2020-03-30 11:59:10 +02:00
semmle-qlci
a413a3254b Merge pull request #3114 from RasmusWL/python-add-fp-for-non-callable 
Approved by tausbn
 2020-03-25 10:34:50 +00:00
semmle-qlci
ac7c74dcee Merge pull request #3111 from RasmusWL/python-fabric-command-injection 
Approved by BekaValentine
 2020-03-25 10:07:33 +00:00
Taus
fe00d1cbf4 Merge pull request #2888 from RasmusWL/python-tarslip-sanitizer 
Python: Improve tarslip sanitizer
 2020-03-24 12:59:20 +01:00
Rasmus Wriedt Larsen
5ec0716cb0 Python: Add points-to regression when using @classmethod decorators 
Specifically a problem when using a second decorator
 2020-03-24 11:39:08 +01:00
Rasmus Wriedt Larsen
b567205579 Python: Model fabric v1.x command injection sinks 2020-03-23 17:49:56 +01:00
Rasmus Wriedt Larsen
a57eadaeb6 Python: Model fabric/invoke command injection sinks 2020-03-23 17:33:41 +01:00
Rasmus Wriedt Larsen
dcfc9a8796 Python: TarSlip sanitizer: explain tests with not 
It was a bit confusing what was meant before
 2020-03-23 12:00:59 +01:00
semmle-qlci
2c7af72f14 Merge pull request #2858 from RasmusWL/python-support-django2 
Approved by tausbn
 2020-03-23 09:35:46 +00:00
Rasmus Wriedt Larsen
f4e5079dd3 Merge pull request #2991 from BekaValentine/python-objectapi-to-valueapi-unguardednextingenerator 
Python: ObjectAPI to ValueAPI: UnguardedNextInGenerator
 2020-03-19 10:33:32 +01:00
Rebecca Valentine
9560c804b8 Update python/ql/test/query-tests/Exceptions/generators/test.py 
Co-Authored-By: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-03-18 14:15:49 -07:00
Rasmus Wriedt Larsen
9a0b2b1843 Merge pull request #2989 from BekaValentine/python-objectapi-to-valueapi-incorrectexceptorder 
Python: ObjectAPI to ValueAPI: IncorrectExceptOrder
 2020-03-18 18:03:25 +01:00
Rasmus Wriedt Larsen
290e33a912 Merge pull request #2922 from tausbn/python-fix-multi-assign-points-to 
Python: Fix bug in `multi_assignment_points_to`.
 2020-03-18 17:50:37 +01:00
Rebecca Valentine
ff6e0ce35c Python: UnguardedNextInGenerator.ql: Excludes next with default value 2020-03-16 17:08:06 -07:00
Taus Brock-Nannestad
dda32abd6a Python: Fix test result for pruning test. 2020-03-16 12:55:12 +01:00
Rasmus Wriedt Larsen
b45f8ff41d Merge pull request #3053 from tausbn/python-make-test-not-depend-on-minor-version 
Python: Make two tests not depend on minor Python version.
 2020-03-13 10:56:40 +01:00
Taus Brock-Nannestad
3d0ee90880 Python: Make two tests not depend on minor Python version. 
For syntax errors, we simply report the major version.

For unused imports, we were getting a result for `typing.py` when run under
Python 3.7.3. To prevent this import from being considered, I've set the maximum
import depth to `0`.
 2020-03-12 18:19:53 +01:00
Rasmus Wriedt Larsen
2da1503942 Merge branch 'master' into python-support-django2 2020-03-11 11:21:47 +01:00
Rasmus Wriedt Larsen
f5a8084a33 Merge pull request #2827 from BekaValentine/objectapi-to-valueapi-expectedmappingforformatstring 
Python: ObjectAPI to ValueAPI: ExpectedMappingForFormatString
 2020-03-11 10:52:48 +01:00
Rasmus Wriedt Larsen
47cd9c8956 Merge pull request #3038 from BekaValentine/python-objectapi-to-valueapi-deprecatedslicemethod 
Python: ObjectAPI to ValueAPI: DeprecatedSliceMethod
 2020-03-11 10:51:01 +01:00
Taus
11b5c54a0e Merge pull request #2820 from RasmusWL/python-modernise-statements 
Python: modernise Statements/ queries
 2020-03-10 16:46:50 +01:00
Rebecca Valentine
b36214ae47 Python: Modernizes query and updates expecteds 2020-03-10 08:33:29 -07:00
Rebecca Valentine
b7bcf6c3d0 Merge branch 'master' into objectapi-to-valueapi-expectedmappingforformatstring 2020-03-10 07:51:48 -07:00
Rasmus Wriedt Larsen
b1d1974a0f Merge branch 'master' into python-modernise-statements 2020-03-10 14:53:44 +01:00
Rebecca Valentine
e8708a083f Python: Modernizes query and expecteds 2020-03-09 19:13:54 -07:00
Rebecca Valentine
bf92cee1b1 Python: Updates expected results 2020-03-09 11:16:58 -07:00
Taus
f3b62e106d Merge pull request #2840 from BekaValentine/python-objectapi-to-valueapi-useofapply 
Python: ObjectAPI to ValueAPI: UseofApply
 2020-03-02 21:40:35 +01:00
Rebecca Valentine
2fb722b04e Removes the general versions of the query. 2020-02-25 14:55:55 -08:00
Rasmus Wriedt Larsen
f10a86d3ac Python: Remove --optimize: true from options files 
Tests will be run with optimizations on by default now.
 2020-02-25 15:52:00 +01:00
Rasmus Wriedt Larsen
1029f04e76 Python: TarSlip sanitizer: handle not 2020-02-20 16:27:54 +01:00
Rasmus Wriedt Larsen
3c317ed0e6 Python: TarSlip sanitizer: only clear taint on false edge 
maybe it was on purpose, will have to investigate FPs when query is good
 2020-02-20 16:11:24 +01:00
Rasmus Wriedt Larsen
2d637e1cf7 Python: Add more tarslip examples 2020-02-20 16:09:10 +01:00
Rasmus Wriedt Larsen
e7fdfd3d3e Python: Move subprocess.call so super-class detection works 
This is a temporary fix!

Added minimal working example (MWE) as a regression, so it's easier to fix the
real problem.

only Python 3 is facing the problem -- and without --max-import-depth=1 the test
times out at 10 minutes :O
 2020-02-19 14:12:22 +01:00
Rasmus Wriedt Larsen
13568b7b9f Python: Modernise Statements/ queries 
Almost. Left out a few things marked with TODO
 2020-02-19 14:10:29 +01:00
Rasmus Wriedt Larsen
6e349eb6e7 Python: Make py/side-effect-in-assert handle example 
Also removed parantheses
 2020-02-19 14:05:55 +01:00
Rasmus Wriedt Larsen
ae8dbd81f3 Python: Update test-file for py/redundant-assignment 
now the test code can be pasted, and actually works ;)
 2020-02-19 14:05:55 +01:00
Rebecca Valentine
7997e1dc98 Merge branch 'master' into objectapi-to-valueapi-expectedmappingforformatstring 2020-02-18 21:33:12 -08:00
Taus
ffbb5d0529 Merge pull request #2739 from RasmusWL/python-modernise-security 
Python: modernise Security/ queries
 2020-02-18 16:28:53 +01:00
Rasmus Wriedt Larsen
5a0babe88b Python: Add support for Django 2.x and 3.x 
I changed the django mock to support both 1.x and 2.x routing APIs, which is not
really a nice long term solution.
 2020-02-18 11:22:35 +01:00
Rebecca Valentine
4178002d59 Merge branch 'master' into python-objectapi-to-valueapi-useofapply 2020-02-17 17:20:00 -08:00
Rebecca Valentine
13cd8d2435 Fixes expected results bug 2020-02-17 11:47:03 -08:00
Rasmus Wriedt Larsen
362e7aebbb Python: Add HttpRedirectSinks test for django 2020-02-17 16:54:06 +01:00