hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,644 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.1
Commit Graph

9483 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
9682c8218a Python: rename file 2023-09-28 12:54:05 +02:00
yoff
c2b63830f1 Apply suggestions from code review 
Claim conversions do not execute inputs in order to remove interaction with `py/unsafe-deserialization`.

Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-09-28 12:40:37 +02:00
Rasmus Lerchedahl Petersen
d90630aa66 Python: fix query file 2023-09-28 12:34:10 +02:00
Rasmus Lerchedahl Petersen
3fb579eaff Python: add test for type tracking 2023-09-28 12:14:12 +02:00
Rasmus Lerchedahl Petersen
37a4f35650 Python: further rename 2023-09-28 11:49:42 +02:00
yoff
8156fa9a4d Apply naming suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-09-28 11:47:10 +02:00
Asger F
0d96ed8aee Merge pull request #14305 from asgerf/shared/flow-state-inout-barriers 
Shared: add in/out barriers with flow state
 2023-09-28 11:07:23 +02:00
Rasmus Wriedt Larsen
f3acc89900 Python: Accept .expected 2023-09-28 10:41:16 +02:00
Anders Schack-Mulligen
73521ca16b Python: Use shared FileSystem library. 2023-09-28 08:58:55 +02:00
Benjamin Rodes
25203db4e7 Removing 'security' tags from all queries. 2023-09-27 12:43:51 -04:00
Rasmus Lerchedahl Petersen
8ade9ed164 Python: fix inconsistency 
Since we calculate the end column by offset,
we must believ that the end line is the same
as the start line.
 2023-09-26 21:02:14 +02:00
Rasmus Lerchedahl Petersen
db95eade64 Python: accept improved test output 2023-09-26 20:58:51 +02:00
Rasmus Lerchedahl Petersen
35f28c832a Python: small refactor (reviewer suggestion) 2023-09-26 20:55:35 +02:00
Rasmus Lerchedahl Petersen
f5059a6918 Python: fix computation at part boundaries 2023-09-26 20:51:15 +02:00
Rasmus Lerchedahl Petersen
cdf1db09bd Python: add test for part boundaries 2023-09-26 20:50:08 +02:00
Rasmus Lerchedahl Petersen
73aa302bd2 Python: only expose lengths of quote and prefix 2023-09-26 20:45:24 +02:00
Rasmus Lerchedahl Petersen
d25b93d944 Python: fix ql alerts 2023-09-26 20:33:24 +02:00
Rasmus Lerchedahl Petersen
d10b181d89 Python: add change note 2023-09-26 12:13:07 +02:00
Rasmus Lerchedahl Petersen
c1ebde4288 Python: improve location computation 2023-09-26 12:08:50 +02:00
Rasmus Lerchedahl Petersen
aa64390af7 Python: add more tests 2023-09-26 10:54:45 +02:00
yoff
c9976cf724 Merge pull request #14307 from yoff/python/inline-regex-location-tests 
Python: switch regex location tests to inline expectations
 2023-09-25 13:37:48 +02:00
Rasmus Lerchedahl Petersen
417907b36d Python: switch to inline expectations 2023-09-25 11:44:56 +02:00
Anders Schack-Mulligen
06cb277eb0 Merge pull request #14299 from aschackmull/dataflow/more-defaults 
Dataflow: Make use of defaults for language-specific hooks.
 2023-09-25 11:19:44 +02:00
Rasmus Wriedt Larsen
05ab28f11d autoformat 2023-09-25 10:35:18 +02:00
Rasmus Wriedt Larsen
db7b1eea55 Merge branch 'main' into maikypedia/python-unsafe-deserialization 2023-09-25 10:29:18 +02:00
Rasmus Wriedt Larsen
f515559e56 Python: Sort Frameworks.qll 2023-09-25 10:25:43 +02:00
Rasmus Wriedt Larsen
a45e10d64f Python: Slight rewrite of numpy test 
To use positional argument for allow_pickle
 2023-09-25 10:25:11 +02:00
Rasmus Wriedt Larsen
56d99fbd8a Add numpy reference 2023-09-25 10:24:53 +02:00
Rasmus Wriedt Larsen
d1caa75053 Python: Fix format for pandas.read_pickle 2023-09-25 10:24:27 +02:00
Asger F
d501856519 Update DataFlowImpl.qll copies 2023-09-25 10:05:29 +02:00
Anders Schack-Mulligen
66da997b7b Dataflow: Make use of defaults for language-specific hooks. 2023-09-22 14:54:22 +02:00
Max Schaefer
dfec1620ea Update expected test output. 2023-09-22 11:28:50 +01:00
Max Schaefer
6f67055852 Correctly account for length of string literal prefix when computing locations for RegExpTerms. 2023-09-22 11:24:25 +01:00
Max Schaefer
d4ff9c8ed1 Add test for locations of regexp terms. 2023-09-22 11:24:24 +01:00
Josh Brown
7ad2932b3f Update SymmetricEncryptionAlgorithms.ql 
Changing metadata to under python namespace
 2023-09-21 12:12:16 -07:00
Benjamin Rodes
5fed923af0 Changed python inventory subdirectory structure to add old and new inventory models. Added some example old models. 2023-09-21 12:12:15 -07:00
Benjamin Rodes
50db4fd63e Moved Cpp into sub directory 'cryptography' instead of crypto. Added python models, inventory, and example alerts. 2023-09-21 12:12:15 -07:00
Anders Schack-Mulligen
13f7daf71e Merge pull request #13982 from aschackmull/dataflow/typeflow-calledge-pruning 
Dataflow: Add type-based call-edge pruning.
 2023-09-21 13:33:08 +02:00
Rasmus Lerchedahl Petersen
12dab88ec7 Python: rename concept 
`NoSqlQuery` -> `NoSqlExecution`
 2023-09-20 15:49:35 +02:00
Rasmus Lerchedahl Petersen
4ec8b3f02f Python: Model map_reduce 2023-09-20 15:44:12 +02:00
Rasmus Lerchedahl Petersen
7c085ecc61 Python: Add test for map_reduce 
Also log requirement for old versions of `pymongo`
 2023-09-20 15:23:18 +02:00
github-actions[bot]
3acf5244b0 Post-release preparation for codeql-cli-2.14.6 2023-09-20 10:25:10 +00:00
Rasmus Lerchedahl Petersen
30c37ca8cb Python: model §accumulator 
also slightly rearrange the modelling
 2023-09-19 22:21:14 +02:00
Rasmus Lerchedahl Petersen
5611bda7ee Python: add test for $accumulator 2023-09-19 17:04:28 +02:00
github-actions[bot]
0a3670727f Release preparation for version 2.14.6 2023-09-19 11:40:30 +00:00
yoff
811a7d0671 Merge pull request #14248 from RasmusWL/debug-queries 
Python: Add debug queries
 2023-09-19 11:27:27 +02:00
Rasmus Wriedt Larsen
fd8d186b34 Python: Add debug queries 
For manually debugging things, it's nice to be able to share debug
queries.

I had the DebugStats.ql lying around from way back, and thought it was
kinda cute. I've extended it with a bunch of things, not too sure if
they're all important, but I think it's kinda fun to see the
distribution of things 😊
 2023-09-18 20:46:52 +02:00
Rasmus Lerchedahl Petersen
4614b1ae9c Python: add change note 2023-09-18 14:34:03 +02:00
Rasmus Wriedt Larsen
ad1743ecde Python: Modernize modeling of BaseHTTPRequestHandler 2023-09-18 14:13:27 +02:00
Maiky
1764aa0caf Fixing NumpyLoadCall 2023-09-17 19:44:48 +02:00