hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

4030 Commits

Author SHA1 Message Date
Taus
e592fd60ff Merge pull request #20495 from github/tausbn/python-fix-unmatchable-dollar-in-lookahead 
Python: Fix false positive for unmatchable dollar/caret
 2025-09-25 15:27:32 +02:00
Joe Farebrother
463f79bed2 Merge pull request #20263 from joefarebrother/python-qual-exceptions 
Python: Modernize the Unreachable Except Block query
 2025-09-22 09:42:09 +01:00
Taus
b9f073e596 Python: Update test output 2025-09-19 15:39:12 +00:00
Taus
95a84ad655 Python: Fix false positive for unmatchable dollar/caret 
Our previous modelling did not account for the fact that a lookahead can
potentially extend all the way to the end of the input (and similarly,
that a lookbehind can extend all the way to the beginning).

To fix this, I extended `firstPart` and `lastPart` to handle lookbehinds
and lookaheads correctly, and added some test cases (all of which yield
no new results).

Fixes #20429.
 2025-09-19 15:06:46 +00:00
Joe Farebrother
2cd1d2fd2f Merge pull request #20392 from joefarebrother/python-qual-file-not-closed 
Python: Improve File Not Closed query to reduce false positives and provide clearer alerts
 2025-09-18 09:33:08 +01:00
Joe Farebrother
f3802ec60f Merge pull request #20217 from joefarebrother/python-qual-signature-mismatch 
Python: Modernize the Signature Mismatch query
 2025-09-17 13:29:33 +01:00
Napalys Klicius
8393ccf39d Python: Update globalVariableAttrPathAtDepth base case 2025-09-16 18:08:53 +02:00
Napalys Klicius
e60d0c88f1 Python: Add global variable nested field jump steps 2025-09-16 18:08:53 +02:00
Napalys Klicius
9d4b168977 Python: Added extra test for global variable nested attribute reads/writes. 2025-09-16 18:08:53 +02:00
Napalys Klicius
6c779c7fa5 Python: Added extra test cases for path injection with FastAPI 2025-09-16 18:08:53 +02:00
Napalys Klicius
f209e3a0fe Python: Updated PathInjection tests to use inline test expectations 2025-09-16 18:08:53 +02:00
Joe Farebrother
ea562de3e6 Fix tests 2025-09-09 15:17:16 +01:00
Joe Farebrother
b01b40b51b Update test output 2025-09-09 13:44:03 +01:00
Joe Farebrother
e382f7cd43 Improve check for containment in with statement 2025-09-09 11:26:17 +01:00
Joe Farebrother
869b7e09d7 Merge pull request #19932 from joefarebrother/python-qual-init-del-calls 
Python: Modernize 4 queries for missing/multiple calls to init/del methods
 2025-09-08 09:29:38 +01:00
Joe Farebrother
ff4c11f503 Update test output. Accepting some FNs due to dataflow issue. 2025-09-06 00:45:15 +01:00
Joe Farebrother
0b293eaba5 Update test output 2025-09-05 22:43:21 +01:00
Joe Farebrother
bd3fa7fb21 Switch to dataflow check for guards exceptions 
This reduces some confusing FPs, though appears to introduce another
 2025-09-05 16:03:55 +01:00
Arthur Baars
5d3ec35e29 Remove non-breaking spaces from code 2025-09-05 09:41:15 +02:00
Joe Farebrother
cd6a151d9b Add missing predicate + update test output 2025-09-03 09:48:07 +01:00
Joe Farebrother
318d1cd392 Increase precision in detecting call matches signature 2025-09-02 12:02:08 +01:00
Joe Farebrother
502ea82c91 Updae other test output 2025-09-01 16:31:04 +01:00
Joe Farebrother
2bbf24b3ea Add additional test cases 2025-09-01 16:30:53 +01:00
Joe Farebrother
f429b9038c Update tests, update alert messages 2025-09-01 16:30:44 +01:00
Joe Farebrother
f7097136f1 Rank multiple calls so only the first 2 calls are alerted 2025-09-01 16:23:42 +01:00
Joe Farebrother
ba8658491a Update qhelp + alert messages 2025-09-01 14:11:01 +01:00
Joe Farebrother
daa5525a10 Update tests and add an additional test 2025-09-01 14:10:55 +01:00
Joe Farebrother
9619ae8a2d Add additional test case + update missing del tests 2025-09-01 14:10:47 +01:00
Joe Farebrother
c9932e187a Update tests for calls to init + fixes 2025-09-01 14:10:44 +01:00
Joe Farebrother
99a05ed5a4 Update test outputs + fix semantics 2025-09-01 14:10:36 +01:00
Joe Farebrother
732c818916 Move tests and add inline expectation postprocessing 2025-09-01 14:10:33 +01:00
Taus
f89fae39c5 Merge pull request #20276 from github/tausbn/python-model-psycopg2-connection-pools 
Python: Add support for Psycopg2 database connection pools
 2025-08-29 13:52:59 +02:00
Napalys Klicius
bafe22c50c Merge pull request #20048 from Napalys/js/xml_bomb_sinks 
JS: Exclude patched libraries from `xml-bomb` sink
 2025-08-29 08:10:55 +02:00
Joe Farebrother
7ef2b01119 Merge pull request #20142 from joefarebrother/python-qual-subclass-shadow 
Python: Modernise Superclass attribute shadows subclass method query
 2025-08-28 13:40:26 +01:00
Tom Hvitved
fa7295f0a1 Merge pull request #20303 from hvitved/python/jump-to-def-unpack-tests 
Python: Add jump-to-def tests for unpacking assignments
 2025-08-28 12:03:55 +02:00
Tom Hvitved
bf47f66691 Python: Add jump-to-def tests for unpacking assignments 2025-08-28 10:38:21 +02:00
Joe Farebrother
bde143e4c1 Merge pull request #20038 from joefarebrother/python-qual-comparison 
Python: Modernize 3 quality queries for comparison methods
 2025-08-28 09:37:20 +01:00
Joe Farebrother
c6ababd262 Fix test output 2025-08-28 08:49:34 +01:00
Joe Farebrother
ada0b372c6 Merge pull request #20120 from joefarebrother/python-qual-unexpected-raise-special 
Python: Modernize Unexpected Raise In Special Method query
 2025-08-27 15:01:46 +01:00
Taus
1008ca9744 Python: Add psycopg2.pool tests 2025-08-25 14:14:16 +00:00
Joe Farebrother
eb4841230a Add tests (WIP) 2025-08-25 13:30:45 +01:00
Nora Dimitrijević
4199859eaa Merge pull request #20079 from d10c/d10c/diff-informed-phase-3-python 
Python: Diff-informed queries: phase 3 (non-trivial locations)
 2025-08-18 09:33:57 +02:00
Joe Farebrother
bc60914ed7 Update test output 2025-08-01 12:37:51 +01:00
Joe Farebrother
2516f9452e Move to subfolder 2025-07-30 15:17:19 +01:00
Joe Farebrother
796a6060b2 Exclude setters and update tests 2025-07-30 13:56:05 +01:00
Joe Farebrother
af94ebe1fc Modernize attribute shadows subclass, Add cases for properties 2025-07-30 13:55:11 +01:00
Joe Farebrother
c0da9c407e Fix typo in test dir name + update examples 2025-07-25 13:15:46 +01:00
Joe Farebrother
362bfba049 Update unit tests 2025-07-24 14:50:36 +01:00
Joe Farebrother
b1ee795225 Merge pull request #20086 from joefarebrother/python-qual-raise-not-implemented 
Python: Modernise raise-not-implemented query
 2025-07-24 13:18:21 +01:00
Joe Farebrother
6d33a7ec70 Update test output 2025-07-17 22:25:18 +01:00