hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

4008 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
4b9c9b0c8d move most of asyncpg test into SqlInjection after moving MaD sql-injection sink 2022-05-04 10:59:02 +02:00
Erik Krogh Kristensen
571fc3e73b Revert "deprecate SqlConstruction" 
This reverts commit c0eca0d09a.
 2022-05-04 10:59:02 +02:00
Erik Krogh Kristensen
1062aae21c add test that the foo.bar package syntax works 2022-05-04 10:58:59 +02:00
Erik Krogh Kristensen
8ffc05c84b count both named and positional arguments in the WithArity filter 2022-05-03 21:21:57 +02:00
yoff
56ed68b3eb Merge pull request #9001 from RasmusWL/files-refactoring 
Python: Flask: Improve `request.files` modeing
 2022-05-03 12:19:55 +02:00
Rasmus Wriedt Larsen
fb0133d276 Python: Fix Flask request.files modeling 2022-05-02 14:14:58 +02:00
Rasmus Wriedt Larsen
0c62916af5 Python: Highlight problem with Flask request.files modeling 2022-05-02 14:14:53 +02:00
Erik Krogh Kristensen
c0eca0d09a deprecate SqlConstruction 2022-05-02 12:58:21 +02:00
Erik Krogh Kristensen
6c67e51ec3 add test for the .Call token 2022-05-02 12:58:21 +02:00
Erik Krogh Kristensen
9c3d45a16a last test of taint steps 2022-05-02 12:58:21 +02:00
Erik Krogh Kristensen
894252dfa7 third test of taint steps 2022-05-02 12:58:21 +02:00
Erik Krogh Kristensen
0f1e070d82 second test of taint steps 2022-05-02 12:58:21 +02:00
Erik Krogh Kristensen
649df1dd31 simple taint-flow test 2022-05-02 12:58:21 +02:00
Erik Krogh Kristensen
a8790412dd add support for the Argument[any] and Argument[any-named] tokens 2022-05-02 12:58:21 +02:00
Erik Krogh Kristensen
b1fa7f86a8 add support for the any argument tokens 2022-05-02 12:58:15 +02:00
Erik Krogh Kristensen
413d182bcf add support for named parameters 2022-05-02 12:56:44 +02:00
Erik Krogh Kristensen
547047ef19 add self parameters to API-graphs, and add support for self parameters in MaD 2022-05-02 12:50:31 +02:00
Erik Krogh Kristensen
dc38aa8a96 add support for the Method[name] token 2022-05-02 12:50:29 +02:00
Erik Krogh Kristensen
ea01bcf5ec have the Instance token be an alias for Subclass.ReturnValue 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
46acce0ad4 add support for the Subclass token 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
a02e812de8 add test for the Instance token 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
682cab3737 add test for awaited 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
48408ca45d Add TODO list 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
8d60336396 add tests for callsite filters 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
20992af037 add test for parameter syntax 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
35b143a1a5 add tests for argument syntax 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
86a9bc6aca add test for keyword arguments 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
d4b882519a convert most of the asyncpg model to MaD 2022-05-02 12:45:21 +02:00
Erik Krogh Kristensen
1c2c9159a9 initial MaD implementation for Python 2022-05-02 12:45:19 +02:00
yoff
1d44694280 Merge pull request #8732 from RasmusWL/dataflow-imports 
Python: Don't re-export `python` under `DataFlow::`
 2022-05-02 12:08:28 +02:00
Taus
231def026f Merge pull request #8890 from tausbn/python-add-global-attribute-writes 
Python: Add support for global attribute writes
 2022-05-02 12:03:41 +02:00
yoff
c67b06b1fd Update python/ql/test/experimental/dataflow/typetracking/attribute_tests.py 
Co-authored-by: Taus <tausbn@github.com>
 2022-05-02 11:36:58 +02:00
Rasmus Wriedt Larsen
5f01fc24e4 Merge branch 'main' into promote-xxe 2022-05-02 11:25:55 +02:00
Rasmus Wriedt Larsen
3c1a37e7e1 Merge branch 'main' into new-nosql-examples 2022-05-02 11:21:36 +02:00
Taus
b4a31e572f Python: Add global attribute writes 2022-04-27 16:45:00 +00:00
Taus
f71cf2e1fc Python: Add test 2022-04-27 15:48:11 +00:00
yoff
39753d5a0b Merge pull request #8693 from erik-krogh/pyApi 
PY: more API-graphs refactorings
 2022-04-27 13:19:50 +02:00
Erik Krogh Kristensen
e1c7d369be Merge pull request #8796 from erik-krogh/redundantImport 
Remove redundant imports
 2022-04-27 12:39:51 +02:00
yoff
9d774463f5 Merge pull request #8859 from tausbn/python-fix-bad-essa-joins 
Python: Fix a bunch of bad joins
 2022-04-27 12:27:50 +02:00
Taus
7d736952db Python: Update expected output 2022-04-26 15:49:40 +00:00
Erik Krogh Kristensen
d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00
yoff
76f2eca1ee Merge pull request #8560 from erik-krogh/movePolyTest 
PY: move the polynomialbacktracking-test to the test folder
 2022-04-26 14:21:30 +02:00
Tom Hvitved
bffa8fa7cb Merge pull request #8641 from hvitved/dataflow/interpret-read-store 
Data flow: Introduce `ContentSet`
 2022-04-25 12:17:34 +02:00
Erik Krogh Kristensen
acac8919b3 PY: update expected output for deprecation warning in test file 2022-04-22 15:28:31 +02:00
Tom Hvitved
b033f107df Merge remote-tracking branch 'upstream/main' into dataflow/interpret-read-store 2022-04-22 14:35:02 +02:00
Rasmus Wriedt Larsen
03c0366fd4 Merge branch 'main' into stdlib-FileSystemAccess-improvement 2022-04-22 14:31:31 +02:00
Erik Krogh Kristensen
8fcbaea273 Merge branch 'main' into labelNaming 2022-04-22 13:19:44 +02:00
Erik Krogh Kristensen
ff73dbc35c delete redundant imports 2022-04-22 12:55:28 +02:00
Erik Krogh Kristensen
a96489b23d delete duplicate imports 2022-04-22 12:41:30 +02:00
Rasmus Wriedt Larsen
650d57083b Python: Recognize path arguments to pathlib methods 2022-04-22 11:01:59 +02:00