hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,540 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.8
Commit Graph

9615 Commits

Author SHA1 Message Date
Sim4n6
d939f192d5 Deleted the UBV query change note. 2023-05-20 11:46:18 +01:00
Sim4n6
21e99d52c7 Fix a redundant import 2023-05-20 10:23:04 +01:00
Sim4n6
b8969707c5 Delete the vulnerability flow image from the QHelp file. 2023-05-20 10:21:38 +01:00
Sim4n6
16ce024429 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:13:23 +01:00
Sim4n6
8462b14b54 Update python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.qhelp 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-20 10:12:55 +01:00
Sim4n6
2a8645c447 Fix 'Singleton set literal' warning 2023-05-20 10:11:26 +01:00
Sim4n6
58be109a70 Moved UnicodeBypassValidation Customizations & Query.qll to src/experimental 2023-05-20 10:08:56 +01:00
erik-krogh
480e71fd69 avoid contractions 2023-05-17 08:42:45 +02:00
Rasmus Lerchedahl Petersen
5d68473d12 python: elide nodes without location from basic 2023-05-16 14:38:51 +02:00
Rasmus Lerchedahl Petersen
5b4f98d6c4 python: Add summaries for container constructors 
Also:
- turn on flow summaries for taint
- do not restrict node type
  (as now we need summary nodes)
 2023-05-16 14:38:51 +02:00
Rasmus Lerchedahl Petersen
145eaf3947 python: remove steps for container constructors 2023-05-16 10:35:10 +02:00
erik-krogh
83ca1495e0 trim the whitespace in the poly-redos examples 2023-05-15 16:47:24 +02:00
erik-krogh
d989359656 add another example to the qhelp in poly-redos, showing how to just limit the length of the input 2023-05-15 16:47:02 +02:00
Tom Hvitved
9dede31c0d Merge pull request #13077 from hvitved/ruby/track-regexp-improvements 
Ruby: Improvements to `RegExpTracking`
 2023-05-15 16:02:00 +02:00
Rasmus Lerchedahl Petersen
81adf5aad4 python: remember to adjust annotation 2023-05-12 14:28:41 +02:00
Rasmus Lerchedahl Petersen
1b848bb510 python: fix tests 2023-05-12 13:51:50 +02:00
yoff
3adaa21571 Merge branch 'main' into python/test-container-steps 2023-05-12 13:19:53 +02:00
yoff
72c6919f4e Merge pull request #13095 from yoff/python/interpret-summary-content 
Python: Interpret summary content
 2023-05-12 13:09:14 +02:00
yoff
6a5fc3c1b1 Update python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/test_collections.py 2023-05-12 13:06:08 +02:00
yoff
62b60f490c Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-12 12:54:17 +02:00
Rasmus Wriedt Larsen
62f0c64a03 Merge pull request #12552 from erik-krogh/py-type-trackers 
Py: refactor regex tracking to type-trackers
 2023-05-11 16:18:34 +02:00
Rasmus Lerchedahl Petersen
0a9515dbcd python: add tests for built-in collections 
- constructors: list, tuple, set, dict
- methods:
  - general: copy, pop
  - list: append
  - set: add
  - dict: keys, values, items, get, popitem
- functions: sorted, reversed, iter, next
 2023-05-10 18:10:05 +02:00
yoff
9bd3957bc8 Merge branch 'main' into python/interpret-summary-content 2023-05-10 11:41:50 +02:00
yoff
9cc7cdef4c Merge branch 'main' into python/update-taint-debug 2023-05-10 10:26:19 +02:00
Tom Hvitved
211a1e188c Sync files 2023-05-10 09:36:00 +02:00
yoff
25899c15c9 Merge pull request #13098 from hvitved/python/update-consistency-expected 
Python: Update expected test output
 2023-05-10 08:58:27 +02:00
Tom Hvitved
4d84f92e8c Python: Update expected test output 2023-05-10 08:15:15 +02:00
Rasmus Lerchedahl Petersen
064877140e Python: interpret remaining content 2023-05-09 21:40:01 +02:00
Rasmus Lerchedahl Petersen
c1110666b5 Python: remaining content-based summary components 2023-05-09 21:40:01 +02:00
yoff
4849f43d16 Merge branch 'main' into python/update-taint-debug 2023-05-09 21:35:56 +02:00
Rasmus Lerchedahl Petersen
30d3c3e8cd python: fix warnings 
- rename `Conf` -> `Config`
- comment out unused code
- rearrange code so it is easy to see how to swap comments
- autoformat
 2023-05-09 15:01:31 +02:00
yoff
1a57f81aca Merge pull request #12537 from yoff/python/captured-variables-for-typetracking 
Python: Captured variables for type tracking and the API graph
 2023-05-09 12:34:22 +02:00
Michael Nebel
4ac0396b67 Go/Python/Ruby/Swift: Sync files and make dummy implementation. 2023-05-08 16:18:59 +02:00
Mathias Vorreiter Pedersen
09ba9a74ce Merge pull request #12959 from MathiasVP/identity-consistency-check 
DataFlow: Add an "identity-step" consistency check
 2023-05-05 10:03:20 +01:00
yoff
42090b55fa Merge branch 'main' into python/captured-variables-for-typetracking 2023-05-04 13:52:23 +02:00
yoff
d1206ea620 Update python/ql/test/library-tests/ApiGraphs/py3/test_captured_inheritance.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-04 13:52:08 +02:00
Kasper Svendsen
d9f29a85d6 Python: Enable implicit this warnings 2023-05-04 10:16:52 +02:00
Mathias Vorreiter Pedersen
77001a070b Merge branch 'main' into identity-consistency-check 2023-05-03 22:01:06 +01:00
Mathias Vorreiter Pedersen
e650df810d Python: Accept consistency changes. 2023-05-03 20:33:00 +01:00
Rasmus Lerchedahl Petersen
64068f1c88 python: longer name and longer comment 2023-05-03 18:23:08 +02:00
Rasmus Lerchedahl Petersen
6d9fd24f1b python: update comments 2023-05-03 18:10:15 +02:00
yoff
e49f7a5d33 Update python/ql/test/experimental/dataflow/variable-capture/by_value.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-03 18:03:39 +02:00
yoff
a905917123 Merge pull request #12937 from RasmusWL/fix-module-variable-node 
Python: Hide `ModuleVariableNode` in data-flow paths
 2023-05-03 17:58:26 +02:00
Erik Krogh Kristensen
f29db40371 Merge pull request #13011 from kaspersv/kaspersv/explicit-this-receivers-shared2 
JS, Python, Ruby: Make implicit this receivers explicit
 2023-05-03 15:34:59 +02:00
Ian Lynagh
b56b843d13 Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 
Post-release preparation for codeql-cli-2.13.1
 2023-05-03 13:12:10 +01:00
Kasper Svendsen
aca2ace843 JS, Python, Ruby: Make implicit this receivers explicit 2023-05-03 13:51:51 +02:00
Kasper Svendsen
3eb5a95ee3 Python: Make implicit this receivers explicit 2023-05-03 12:16:21 +02:00
Sim4n6
6d3fdc3a07 all forms considered+ more unicode normalize sink 2023-05-02 21:18:37 +01:00
Sim4n6
083cd612cd add a change note markdown 2023-05-02 15:17:03 +01:00
Sim4n6
1fa1a4e268 Add Unicode Bypass Validation query tests and help 2023-05-02 15:09:16 +01:00