hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,540 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.8
Commit Graph

4863 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
befe73df14 Python: supress non-useful results (w/ tests) for iter str/seq query 
Fixes https://github.com/Semmle/ql/issues/3207
 2020-04-07 11:46:36 +02:00
Rasmus Wriedt Larsen
46ecbef8f2 Python: Consistenly use TestScope instead of Test 
It's not clear which one is the correct to use, but there were more uses of
TestScope than Test, so I'm assuming that is the right one ¯\_(ツ)_/¯
 2020-04-07 11:42:13 +02:00
Rasmus Wriedt Larsen
2871eb307a Python: Fix (some) shortcomings of tests filter 2020-04-07 11:24:06 +02:00
Rasmus Wriedt Larsen
75e6470009 Python: Fix FN in py/unused-import 2020-04-07 09:41:42 +02:00
Rebecca Valentine
c1ba1345df Python: ObjAPI to ValAPI: WrongNumArgsInCall: ObjectAPI.qll: Adds doc for getAnInferredType 2020-04-06 11:03:42 -07:00
Rebecca Valentine
16eedf9ea5 Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-04-06 10:35:49 -07:00
Henning Makholm
bf579dedd4 Add extractor field in base language QL packs 2020-04-06 18:48:01 +02:00
Robert
1096e5d947 Merge pull request #3163 from robertbrignull/code_scanning_suites 
Add code-scanning suites
 2020-04-06 08:45:40 +01:00
Rebecca Valentine
26bdb9ab04 Python: ObjAPI to ValAPI: WrongNumArgsInCall: Exceptions.qll: Removes extraneous spaces in comments 2020-04-03 20:33:17 -07:00
Rebecca Valentine
bbe7314c17 Python: ObjAPI to ValAPI: WrongNumArgsInCall: Autoformats ObjectAPI.qll 2020-04-03 20:30:24 -07:00
Rebecca Valentine
7615452b31 Python: ObjAPI to ValAPI: WrongNumArgsInCall: Autoformat CallArgs.qll 2020-04-03 20:28:19 -07:00
Rebecca Valentine
1e76720a92 Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-04-03 20:25:53 -07:00
Rebecca Valentine
f25428b7a9 Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Exceptions.qll: Fixes incorrect implementation of localRaisedType 2020-04-03 20:08:00 -07:00
Rebecca Valentine
c6fbbb1cd1 Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: CallArgs.qll: Fixes too_*_args refs to getA*Call 2020-04-03 20:06:43 -07:00
Rebecca Valentine
2ad0f5af2d Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: ObjectAPI.qll: Adds getAFunctionCall and getAMethodCall predicates to FunctionValue 2020-04-03 20:04:32 -07:00
Rebecca Valentine
be86c9c066 Python: ObjectAPI to ValueAPI: IterReturnsNonSelf: ObjectAPI.qll: Explains why getAnInferredReturnType is weird for builtins 2020-04-03 15:16:16 -07:00
Rebecca Valentine
64b17888e5 Python: ObjectAPI to ValueAPI: IterReturnsNonSelf: ObjectAPI.qll: Reorganizes getAnInferredReturnType() 2020-04-03 15:14:25 -07:00
Rebecca Valentine
2a7b77c0e1 Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Adds new version of FunctionObject.qll 2020-04-02 12:18:07 -07:00
Rebecca Valentine
161613f59e Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Adds new version of Exceptions.qll 2020-04-02 12:17:14 -07:00
Rebecca Valentine
6517feda9a Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInCall: Adds new version of ObjectsAPI.qll 2020-04-02 11:56:15 -07:00
Rebecca Valentine
712fb8badc Python: ObjectAPI to ValueAPI: IterReturnsNonSelf: Autoformats 2020-04-02 09:19:41 -07:00
Rebecca Valentine
cdda80623d Merge branch 'master' into python-objectapi-to-valueapi-iterreturnsnonself 2020-04-02 09:16:23 -07:00
semmle-qlci
6757924183 Merge pull request #3157 from tausbn/python-fix-analysis-qhelp-link 
Approved by felicitymay
 2020-04-02 11:43:15 +01:00
Taus
d540bf6ce5 Merge pull request #3039 from BekaValentine/python-objectapi-to-valueapi-returnvalueignored 
Python: ObjectAPI to ValueAPI: ReturnValueIgnored
 2020-04-02 11:42:01 +02:00
Rebecca Valentine
cc53b15a5d Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Reorganizes predicates 2020-04-01 14:41:49 -07:00
Rebecca Valentine
09349f1957 Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Autoformats 2020-04-01 12:54:42 -07:00
Rebecca Valentine
28319ee0f7 Python: ObjectAPI to ValueAPI: SignatureOverriddenMethod: Autoformats 2020-04-01 12:32:21 -07:00
Rebecca Valentine
838e37ca98 Python: ObjectAPI to ValueAPI: ReturnValueIgnore: Moves getAnInferredType to CallableObjectInternal 2020-04-01 08:45:27 -07:00
Rebecca Valentine
97b4077162 Merge branch 'master' into python-objectapi-to-valueapi-signatureoverriddenmethod 2020-04-01 07:42:10 -07:00
Rebecca Valentine
12377badf9 Merge branch 'master' into python-objectapi-to-valueapi-returnvalueignored 2020-04-01 07:37:17 -07:00
Rasmus Wriedt Larsen
f8f51109d0 Python: Add missing ` in qldoc 2020-04-01 12:07:19 +02:00
Rebecca Valentine
093eb71433 Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Adds getAReturnType 2020-04-01 00:17:12 -07:00
Rebecca Valentine
eb4a567a34 Merge branch 'master' into python-objectapi-to-valueapi-signatureoverriddenmethod 2020-03-31 23:36:15 -07:00
Rebecca Valentine
0256eb15bf Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-03-31 22:58:11 -07:00
Rebecca Valentine
741317bd05 Python: ObjectAPI to ValueAPI: Makes isAbstract a predicate in CallArgs 2020-03-31 22:56:44 -07:00
Rebecca Valentine
0b2db56051 Python: ObjectAPI to ValueAPI: ObjectAPI.qll: Fixes error in isIterator 2020-03-31 22:15:21 -07:00
Rebecca Valentine
42388b0d97 Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Adds prototype version of getAnInferredReturnType 2020-03-31 22:11:58 -07:00
Rasmus Wriedt Larsen
0b4bfed726 Merge pull request #3156 from tausbn/python-autoformat-all-ql-files 
Python: Autoformat all `.ql` files.
 2020-03-30 16:24:18 +02:00
Taus Brock-Nannestad
2229e34466 Python: Fix outdated link in ImportFailure.qhelp. 2020-03-30 13:14:37 +02:00
Taus Brock-Nannestad
ab4cef53c2 Python: Autoformat one final straggler. 2020-03-30 12:36:43 +02:00
Taus Brock-Nannestad
727cde31c9 Python: Autoformat a few final stragglers. 2020-03-30 12:30:14 +02:00
Taus Brock-Nannestad
6eb9c6f84d Merge branch 'master' into python-autoformat-almost-everything 2020-03-30 12:24:01 +02:00
Taus Brock-Nannestad
87a9f51c78 Python: Autoformat all .ql files. 2020-03-30 11:59:10 +02:00
Robert Brignull
90fad6f762 add code scanning suites 2020-03-27 17:03:23 +00:00
Rasmus Wriedt Larsen
d55acc38df Python: Constrain execution paths for taint_at_depth 
Thanks Taus!
 2020-03-27 16:20:08 +01:00
Rasmus Wriedt Larsen
96d1fc8c0b Python: Fix iterable-unpacking taint CP 
When running ql/python/ql/src/Security/CWE-079/ReflectedXss.ql against the
database for flask.

Iitially there were 10 million result-tuples for iterable_unpacking_descent.

With this change, we're down to roughly 2100,
 2020-03-26 16:42:48 +01:00
semmle-qlci
ac7c74dcee Merge pull request #3111 from RasmusWL/python-fabric-command-injection 
Approved by BekaValentine
 2020-03-25 10:07:33 +00:00
Taus
fe00d1cbf4 Merge pull request #2888 from RasmusWL/python-tarslip-sanitizer 
Python: Improve tarslip sanitizer
 2020-03-24 12:59:20 +01:00
Rasmus Wriedt Larsen
4b8020b98d Python: Autoformat Command.qll 2020-03-24 10:11:57 +01:00
Rasmus Wriedt Larsen
b567205579 Python: Model fabric v1.x command injection sinks 2020-03-23 17:49:56 +01:00