hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

9543 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
7c44c37d8b Python: Autoformat (4 spaces) pyramid library 2019-10-23 16:28:46 +02:00
Rasmus Wriedt Larsen
4463b30ce7 Python: Update pyramid library to use correct response class 
Tested with pyramid 1.10.4 and python 3.6.8
 2019-10-23 16:28:46 +02:00
Rasmus Wriedt Larsen
66a0e153a5 Python: Modernise pyramid library 2019-10-23 16:28:46 +02:00
Rasmus Wriedt Larsen
59e09d6d5d Python: Add nullary pointsTo to Expr class 
Like the one existing in ControlFlowNode.

This is useful for checking class of value being poitned to, as

    expr.pointsTo().getClass() = someClass

Without this you need to do

    exists(Value v | v.getClass() = someClass | expr.pointsTo(v))
 2019-10-23 16:28:46 +02:00
Rasmus Wriedt Larsen
8767d29d21 Python: Use src for naming in TaintTrackign::Configuration 
We picked `src` since this is used much more than `source` in our existing code.
 2019-10-23 15:56:37 +02:00
Taus
30483db621 Merge pull request #2146 from RasmusWL/python-improve-iter-returns-non-iterator 
Python: improve py/iter-returns-non-iterator
 2019-10-23 11:53:00 +02:00
Rasmus Wriedt Larsen
5c5eaacc09 Python: Remove cached annotation in py/iter-returns-non-iterator 2019-10-23 10:46:07 +02:00
Rasmus Wriedt Larsen
a98466392d Python: Improve tests and docs for py/iter-returns-non-iterator 2019-10-23 10:46:07 +02:00
Henning Makholm
347d97c14c qlpack.json is now qlpack.yml 2019-10-22 17:36:35 +02:00
Pavel Avgustinov
72de1b25ab Merge pull request #2164 from hmakholm/suites 
Add some new-style suite definitions
 2019-10-22 16:35:19 +01:00
Taus
a19569ce3e Merge pull request #2161 from RasmusWL/python-fix-cookieset-tostring 
Python: Fix toString for CookieSet classes
 2019-10-22 16:48:31 +02:00
Henning Makholm
fd768a1af6 Add some new-style suite definitions 2019-10-22 15:51:00 +02:00
Taus Brock-Nannestad
32de65c0c6 Python: Add discussed test case (a false negative). 2019-10-22 15:10:40 +02:00
Taus Brock-Nannestad
83bf54c524 Python: Move false positive (now a true negative) into subfolder. 2019-10-22 15:08:29 +02:00
Rasmus Wriedt Larsen
e487fd3648 Python: Improve alert message for py/iter-returns-non-iterator 
Fixes https://github.com/Semmle/ql/issues/1427
 2019-10-22 10:27:55 +02:00
Rasmus Wriedt Larsen
6056b457e9 Python: Autoformat py/iter-returns-non-iterator 2019-10-22 10:25:01 +02:00
Taus Brock-Nannestad
ab2c8f312c Python: Apply autoformat. 2019-10-21 17:40:36 +02:00
Taus Brock-Nannestad
4fe1ba0ea4 Python: Refactor py/undefined-export for more clarity. 2019-10-21 17:40:36 +02:00
Taus Brock-Nannestad
8a1d1e7b7a Python: Modernise and false positive in py/undefined-export. 2019-10-21 16:07:48 +02:00
Rasmus Wriedt Larsen
016c95a69c Merge pull request #2078 from taus-semmle/python-unreachable-suppressed 
Python: Teach `py/unreachable-statement` about `contextlib.suppress`.
 2019-10-21 15:14:39 +02:00
Taus Brock-Nannestad
b2f7b0921b Python: Add false negative test case. 2019-10-21 14:31:05 +02:00
Taus Brock-Nannestad
99b99ef2b6 Python: Teach py/unreachable-statement about contextlib.suppress. 2019-10-21 14:31:05 +02:00
Rasmus Wriedt Larsen
9cf0e244b1 Python: Fix toString for CookieSet classes 
The old implementation would result in empty recursion.
 2019-10-21 11:26:10 +02:00
Taus
45158a7177 Merge pull request #2053 from RasmusWL/python-modernise-falcon-library 
Python modernise falcon library
 2019-10-18 14:47:33 +02:00
Taus Brock-Nannestad
70d9d1bd0e Python: Add false positive test case for cyclic import. 2019-10-18 14:03:23 +02:00
Taus
37291c5642 Merge pull request #2100 from RasmusWL/python-fix-hasFlowPath 
Python: Fix hasFlowPath default implementation of isSink/2
 2019-10-18 11:16:58 +02:00
Taus Brock-Nannestad
067bdf5ec4 Python: Disregard packages when looking for cyclic imports. 2019-10-17 12:47:34 +02:00
Rasmus Wriedt Larsen
d3f3cefa54 Python: Autoformat (4 spaces) falcon library 2019-10-15 11:23:51 +02:00
Rasmus Wriedt Larsen
7a112f37cb Python: Modernise falcon library 2019-10-15 11:22:46 +02:00
Henning Makholm
29167bbff8 Add qlpack.json files 
Eventually these files will subsume the current `queries.xml` files
at the top of query-containing and library directories. For now they're
just here to support internal testing of the tooling support for them
we're writing on.

Format and contents is a work in progress. If you're not in Semmle,
don't depend on anything here making sense (or staying stable) until
you see the version tags increase to something nonzero.
 2019-10-12 17:38:01 +02:00
Rasmus Wriedt Larsen
bf197b9f20 Add testcase 2019-10-10 15:34:54 +02:00
Rasmus Wriedt Larsen
36bb5f54ce Python: Fix hasFlowPath default implementation of isSink/2 
If hasFlowPath was used, and isSink/2 was not overridden,
hasFlowPath(src, sink) would not use isSink/1 to restrict the allowed TaintSink.
This resulted in false-positives when we had flows with unrelated TaintSinks.

FP: 1a8e7ffc2e/files/webapp/graphite/dashboard/views.py (x2d486922081db956):1

Fixes https://github.com/Semmle/ql/issues/2081
 2019-10-10 15:34:54 +02:00
semmle-qlci
ff5a98b260 Merge pull request #2074 from taus-semmle/python-unreachable-nonlocal 
Approved by RasmusWL
 2019-10-07 15:45:24 +01:00
semmle-qlci
e36e16af48 Merge pull request #2079 from taus-semmle/python-unused-local-nonlocal 
Approved by RasmusWL
 2019-10-07 15:38:21 +01:00
Rasmus Wriedt Larsen
3f45d8614b Merge pull request #2047 from taus-semmle/python-modernise-and-fix-cyclic-import-fp 
Python: modernise and fix cyclic import false positive.
 2019-10-07 14:28:36 +02:00
Taus Brock-Nannestad
26da6a1178 Python: Apply autoformat. 2019-10-03 17:58:52 +02:00
Taus Brock-Nannestad
5946a4a066 Python: Teach py/unused-local-variable about nonlocal. 2019-10-03 17:56:29 +02:00
AlexTereshenkov
3e6f8fb6be Add bind-socket-all-network-interfaces Python query (#2048) 
Add bind-socket-all-network-interfaces Python query
 2019-10-03 11:23:11 +01:00
Taus Brock-Nannestad
384013e0dc Python: Add tests for reachability when using nonlocal. 2019-10-02 17:13:00 +02:00
Taus
fb20cab4c8 Merge pull request #2012 from RasmusWL/python-modernise-cls-self-checks 
Python: modernise cls self argument name checks
 2019-09-30 15:50:32 +02:00
Taus
9a8b62250f Merge pull request #2043 from RasmusWL/python-modernise-django 
Python: modernise django library
 2019-09-30 11:57:09 +02:00
Taus
04f14f1fe7 Merge pull request #2040 from RasmusWL/python-modernise-cherrypy 
Python: Modernise cherrypy library
 2019-09-30 11:53:59 +02:00
Taus
fc4a583cd9 Merge pull request #2034 from RasmusWL/python-modernise-bottle 
Python: modernise bottle
 2019-09-30 11:52:16 +02:00
Taus Brock-Nannestad
c5c84a11d8 Python: Autoformat. 2019-09-27 15:22:12 +02:00
Taus Brock-Nannestad
aa16d20d5a Python: Fix false positive for cyclic imports guarded by if False:. 2019-09-27 15:22:12 +02:00
Taus Brock-Nannestad
921371d544 Python: Modernise the cyclic import queries. 2019-09-27 13:51:56 +02:00
alexey
70eca91d28 Add tags tag to a Python query 2019-09-27 12:36:38 +01:00
Rasmus Wriedt Larsen
fc59b10ba4 Python: Autoformat (4 spaces) django library 2019-09-27 13:15:28 +02:00
Rasmus Wriedt Larsen
f4e0abd4c4 Python: Modernise django library 2019-09-27 13:14:52 +02:00
Rasmus Wriedt Larsen
bc8e4d2005 Python: Autoformat (4 spaces) cherrypy library 2019-09-27 13:06:09 +02:00