hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,868 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.4
Commit Graph

9591 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
9dbd280d31 Python: Fix syntax error 2020-07-21 18:01:27 +05:30
Porcupiney Hairs
49df4169cf Python : Add query to detect Server Side Template Injection 2020-07-21 18:01:27 +05:30
Rasmus Wriedt Larsen
89e8202d11 Python: CG trace: Add some tests using classes 2020-07-21 11:16:52 +02:00
Rasmus Wriedt Larsen
eeeadad359 Python: CG trace: Don't commit examples traces all the time 2020-07-21 11:14:07 +02:00
Rasmus Wriedt Larsen
38af1930fe Python: CG trace: Rename ValidRecordedCall to IdentifiedRecordedCall 2020-07-21 10:19:47 +02:00
Rasmus Wriedt Larsen
bbfea44db0 Python: CG trace: Handle multiple calls to same func on same line 
Such as

```
one(); one()
```

Now there are no InvalidRecordedCall in the current examples.
 2020-07-20 14:54:05 +02:00
Rasmus Wriedt Larsen
cb98f4433d Python: CG trace: Handle multiple calls on one line 
Reduced number of InvalidRecordedCall from 16 to 2. This is the calls

```
one(); one()
```

since they are not distinguishable from the expression.
 2020-07-20 14:07:09 +02:00
Rasmus Wriedt Larsen
a1c1ab080b Python: CG trace: Add examples of multiple calls on one line 
There are currently 16 InvalidRecordedCall
 2020-07-20 14:03:37 +02:00
Rasmus Wriedt Larsen
49a90c058d Python: CG trace: minor adjustment to recreate-dh.sh 2020-07-20 13:00:47 +02:00
Rasmus Wriedt Larsen
5ef817012a Python: CG trace: restructure QL for new XML format 2020-07-20 13:00:07 +02:00
Rasmus Wriedt Larsen
c2748bf7cf Python: CG trace: reconstruct call expr from bytecode 
So we can differentiate multiple calls in one line.
 2020-07-20 11:28:05 +02:00
Rasmus Wriedt Larsen
d46b410111 Python: CG trace: Proper exception handling 2020-07-20 01:22:33 +02:00
Rasmus Wriedt Larsen
10ec1e078a Python: CG trace: Better type hints 2020-07-18 17:56:56 +02:00
Rasmus Wriedt Larsen
8b6de17461 Python: CG trace: Use logging module for debuging 2020-07-18 17:56:10 +02:00
Rasmus Wriedt Larsen
acc5f70d4a Python: CG trace: Python 3.7 is minimal version 2020-07-18 17:10:53 +02:00
Taus Brock-Nannestad
cec3694c89 Python: Add type tracker and step summary implementation. 2020-07-17 16:36:56 +02:00
Rasmus Wriedt Larsen
6c60881cbe Python: CG trace: Move code to src/ 
As recommended in https://blog.ionelmc.ro/2014/05/25/python-packaging/ and
following pattern of black and pytest
 2020-07-17 14:41:49 +02:00
Rasmus Wriedt Larsen
0a0c24f3c5 Python: CG trace: Make code modular 2020-07-17 14:40:54 +02:00
Rasmus Wriedt Larsen
94a03d73a3 Python: CG trace: blackify 
And make code pass flake8 tests
 2020-07-17 13:49:25 +02:00
Rasmus Wriedt Larsen
1c2e259970 Python: CG trace: Handle builtins 2020-07-16 18:04:04 +02:00
Rasmus Wriedt Larsen
92e8e1622c Python: CG trace: move traces to own dir 2020-07-16 16:47:23 +02:00
Rasmus Wriedt Larsen
abcc76baec Python: CG trace: use lxml to pretty-print xml 2020-07-15 14:48:58 +02:00
Rasmus Wriedt Larsen
7ac4ea9bf1 Python: CG trace: use standardized etree import 
makes it easy to switch out XML library.
 2020-07-15 14:41:39 +02:00
Rasmus Wriedt Larsen
ba4207fc90 Python: CG trace: sort output before writing/printing 
Allows comparing output of one run with another
 2020-07-15 14:37:41 +02:00
Rasmus Wriedt Larsen
e6873956ca Python: CG trace: add canonic_filename helper 2020-07-15 14:25:42 +02:00
semmle-qlci
0bee0687cb Merge pull request #3911 from RasmusWL/python-call-graph-tracing 
Approved by tausbn
 2020-07-14 15:33:45 +01:00
Rasmus Wriedt Larsen
f1601d643a Python: autoformat 2020-07-14 14:12:56 +02:00
Rasmus Wriedt Larsen
1d9c3b3bcd Python: call-graph tracing: callable => callee 
to use consistent naming
 2020-07-14 14:12:02 +02:00
semmle-qlci
f8c03dcae6 Merge pull request #3924 from RasmusWL/python-metrics-queries-for-dist-compare 
Approved by tausbn
 2020-07-14 13:03:02 +01:00
Rasmus Wriedt Larsen
ee42d0839e Python: Rename target => callee 
To use a standardised naming :)
 2020-07-14 11:26:05 +02:00
Rasmus Wriedt Larsen
d913d33289 Python: Autoformat 2020-07-14 11:21:55 +02:00
Rasmus Wriedt Larsen
dc7d92ba2f Python: Autoformat experimental/library-tests/CallGraph/ 2020-07-13 16:20:02 +02:00
Rasmus Wriedt Larsen
83bd14b687 Python: Make experimental/library-tests/CallGraph pass for Python 2 
The import doesn't actually work the intended way, so running
```
$ python python/ql/test/experimental/library-tests/CallGraph/test.py
```

will procude no output. but our extractor will extract the things we need, so
for a quick fix this will need to suffice.
 2020-07-13 14:52:28 +02:00
Rasmus Wriedt Larsen
3127bb27d0 Python: Remove strange empty line 2020-07-13 10:55:43 +02:00
Rasmus Wriedt Larsen
0b6c3ff99d Python: Don't use PointsTo module name in metrics query 
To avoid confusion with the normal PointsTo module in
python/ql/src/semmle/python/pointsto/PointsTo.qll
 2020-07-13 10:46:03 +02:00
Rasmus Wriedt Larsen
a7d23063de Python: Fix grammar 
Co-authored-by: Taus <tausbn@github.com>
 2020-07-13 10:44:19 +02:00
Taus
df3eb9f9c5 Merge pull request #3790 from RasmusWL/python-add-annotated-callgraph-tests 
Python: Add annotated call-graph tests
 2020-07-10 15:38:38 +02:00
Rasmus Wriedt Larsen
e7c89dc24b Python: Fix grammar 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-07-09 10:39:58 +02:00
Rasmus Wriedt Larsen
32219e58c0 Python: Add basic call-graph metric queries 
For use with dist-compare
 2020-07-08 13:29:54 +02:00
dilanbhalla
26b030f8cc fixed pr suggestions 2020-07-07 10:52:26 -07:00
Rasmus Wriedt Larsen
7306f58e57 Python: Fix experimental tests 2020-07-07 19:44:43 +02:00
Taus Brock-Nannestad
45eccb2521 Python: Fix test failures. 2020-07-07 17:01:17 +02:00
Taus
df4d145490 Merge branch 'master' into python-qlformat-everything-again 2020-07-07 16:33:21 +02:00
Taus Brock-Nannestad
f07a7bf8cf Python: Autoformat everything using qlformat. 
Will need subsequent PRs fixing up test failures (due to deprecated
methods moving around), but other than that everything should be
straight-forward.
 2020-07-07 15:43:52 +02:00
Anders Schack-Mulligen
67db1df00c C++/C#/JavaScript/Python: Port Location qldoc update. 2020-07-07 11:39:27 +02:00
Rasmus Wriedt Larsen
42227c625d Python: Fix grammar 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-07-07 11:33:54 +02:00
Rasmus Wriedt Larsen
27d1512a75 Python: MWE for call-graph tracing and ql comparison 2020-07-07 11:05:03 +02:00
Rasmus Wriedt Larsen
d00e7396c4 Python: Consistently use camelCase in annotated call-graph tests 2020-07-06 17:59:16 +02:00
Rasmus Wriedt Larsen
65c4e6c02a Python: Disable class instantiation annotation for now 
Adjusting test setup properly requires some deep thinking, and I don't think I'm
ready to do that right now. Added a TODO instead.
 2020-07-06 17:48:15 +02:00
Rasmus Wriedt Larsen
cd8ea78420 Python: Autoformat 2020-07-06 17:34:19 +02:00