hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,003 Commits 1,672 Branches 157 Tags
ginsbach/NewOverlayLocalJavaRebase
Commit Graph

2900 Commits

Author SHA1 Message Date
Arthur Baars
ef3005ea9e Python: sync shared dbscheme fragments 2023-05-22 19:37:58 +02:00
Rasmus Lerchedahl Petersen
5b4f98d6c4 python: Add summaries for container constructors 
Also:
- turn on flow summaries for taint
- do not restrict node type
  (as now we need summary nodes)
 2023-05-16 14:38:51 +02:00
Rasmus Lerchedahl Petersen
145eaf3947 python: remove steps for container constructors 2023-05-16 10:35:10 +02:00
Tom Hvitved
9dede31c0d Merge pull request #13077 from hvitved/ruby/track-regexp-improvements 
Ruby: Improvements to `RegExpTracking`
 2023-05-15 16:02:00 +02:00
yoff
72c6919f4e Merge pull request #13095 from yoff/python/interpret-summary-content 
Python: Interpret summary content
 2023-05-12 13:09:14 +02:00
Rasmus Wriedt Larsen
62f0c64a03 Merge pull request #12552 from erik-krogh/py-type-trackers 
Py: refactor regex tracking to type-trackers
 2023-05-11 16:18:34 +02:00
Tom Hvitved
211a1e188c Sync files 2023-05-10 09:36:00 +02:00
Rasmus Lerchedahl Petersen
064877140e Python: interpret remaining content 2023-05-09 21:40:01 +02:00
Rasmus Lerchedahl Petersen
c1110666b5 Python: remaining content-based summary components 2023-05-09 21:40:01 +02:00
yoff
1a57f81aca Merge pull request #12537 from yoff/python/captured-variables-for-typetracking 
Python: Captured variables for type tracking and the API graph
 2023-05-09 12:34:22 +02:00
Michael Nebel
4ac0396b67 Go/Python/Ruby/Swift: Sync files and make dummy implementation. 2023-05-08 16:18:59 +02:00
Mathias Vorreiter Pedersen
09ba9a74ce Merge pull request #12959 from MathiasVP/identity-consistency-check 
DataFlow: Add an "identity-step" consistency check
 2023-05-05 10:03:20 +01:00
yoff
42090b55fa Merge branch 'main' into python/captured-variables-for-typetracking 2023-05-04 13:52:23 +02:00
Kasper Svendsen
d9f29a85d6 Python: Enable implicit this warnings 2023-05-04 10:16:52 +02:00
Mathias Vorreiter Pedersen
77001a070b Merge branch 'main' into identity-consistency-check 2023-05-03 22:01:06 +01:00
Rasmus Lerchedahl Petersen
64068f1c88 python: longer name and longer comment 2023-05-03 18:23:08 +02:00
yoff
a905917123 Merge pull request #12937 from RasmusWL/fix-module-variable-node 
Python: Hide `ModuleVariableNode` in data-flow paths
 2023-05-03 17:58:26 +02:00
Erik Krogh Kristensen
f29db40371 Merge pull request #13011 from kaspersv/kaspersv/explicit-this-receivers-shared2 
JS, Python, Ruby: Make implicit this receivers explicit
 2023-05-03 15:34:59 +02:00
Ian Lynagh
b56b843d13 Merge pull request #12987 from github/post-release-prep/codeql-cli-2.13.1 
Post-release preparation for codeql-cli-2.13.1
 2023-05-03 13:12:10 +01:00
Kasper Svendsen
aca2ace843 JS, Python, Ruby: Make implicit this receivers explicit 2023-05-03 13:51:51 +02:00
Kasper Svendsen
3eb5a95ee3 Python: Make implicit this receivers explicit 2023-05-03 12:16:21 +02:00
github-actions[bot]
18d4af994d Post-release preparation for codeql-cli-2.13.1 2023-05-02 10:50:20 +00:00
Anders Schack-Mulligen
ca09649679 Dataflow: Forward hasLocationInfo. 2023-05-02 10:48:32 +02:00
Anders Schack-Mulligen
5927bb2030 Dataflow: Replace "extends Node" with "instanceof Node". 2023-05-02 09:48:34 +02:00
Anders Schack-Mulligen
6c8cb0dc5e Merge pull request #12930 from aschackmull/dataflow/split-typedcontent 
Dataflow: Refactor access paths to split TypedContent into an explicit pair
 2023-05-01 14:58:15 +02:00
erik-krogh
18f8c69261 satisfy the signature of HostnameRegexpSig, which doesn't understand RegExpSink 2023-05-01 10:49:51 +02:00
erik-krogh
d5029c94b6 changes based on review 2023-05-01 10:42:15 +02:00
erik-krogh
a7f733ab8c move RegExpInterpretation into Concepts.qll 2023-05-01 10:42:15 +02:00
erik-krogh
2fad406b5c move StdLibRegExpInterpretation to Stdlib.qll 2023-05-01 10:42:15 +02:00
erik-krogh
a64848c022 simplify StdLibRegExpInterpretation to only consider re.compile, because the rest is handled by RegexExecution 2023-05-01 10:42:14 +02:00
erik-krogh
113ce61d40 fix nit in qldoc 2023-05-01 10:42:14 +02:00
erik-krogh
2d2602b668 use that strings are local-source-nodes in regex-tracking 2023-05-01 10:42:14 +02:00
erik-krogh
3cde11efc8 use StrConst instead of Bytes and Unicode 2023-05-01 10:42:14 +02:00
erik-krogh
f2adc4f958 add missing qldoc 2023-05-01 10:42:14 +02:00
erik-krogh
59cc90e547 move Regex into a ParseRegExp file, and rename the class to RegExp 2023-05-01 10:42:14 +02:00
erik-krogh
556bb41999 move all code to find Regex flag into a module 2023-05-01 10:42:14 +02:00
erik-krogh
f0254fc089 introduce RegExpInterpretation instead of RegexString, and move RegexTreeView.qll into a regexp folder 2023-05-01 10:42:13 +02:00
erik-krogh
e677b62241 use type-tracking instead of global dataflow for tracking regular expressions 2023-05-01 10:41:53 +02:00
Rasmus Wriedt Larsen
1bba5258d6 Merge pull request #11280 from RasmusWL/dict-dataflow-steps 
Python: Support more dictionary read/store steps
 2023-04-30 16:07:29 +02:00
github-actions[bot]
3bd29171fb Release preparation for version 2.13.1 2023-04-28 12:14:35 +00:00
Mathias Vorreiter Pedersen
e506f638fc DataFlow: Sync identical files. 2023-04-27 18:40:33 +01:00
yoff
54ced06ada Merge branch 'main' into python/captured-variables-for-typetracking 2023-04-27 17:32:41 +02:00
Anders Schack-Mulligen
71ae0909d8 Dataflow: Enforce type pruning in all forward stages. 2023-04-27 14:55:26 +02:00
Anders Schack-Mulligen
9140cbefc0 Dataflow: Sync. 2023-04-27 14:55:23 +02:00
Anders Schack-Mulligen
246d904712 Merge pull request #12948 from aschackmull/dataflow/pathnode-type-tostring 
Dataflow: Add type to PathNode.toString.
 2023-04-27 14:14:10 +02:00
Arthur Baars
128d102bbc Merge pull request #12871 from aibaars/py-yaml 
Python: add YAML support
 2023-04-26 18:13:26 +02:00
Rasmus Wriedt Larsen
d274fa16a1 Python: Hide ModuleVariableNode in data-flow paths 
They just add an extra step, and don't actually contribute any good
information for end-users.
 2023-04-26 16:04:16 +02:00
Rasmus Wriedt Larsen
0c4bcec39e Python: Fix ModuleVariableNode.toString 
In some cases mod.getName() does not have a result, so toString of
ModuleVariableNode would also not have a result, which would cause
data-flow paths that use these as an edge to not be valid :O
 2023-04-26 16:03:21 +02:00
Anders Schack-Mulligen
d681671356 Dataflow: Sync. 2023-04-26 14:45:07 +02:00
Arthur Baars
5b6d3afd89 Python: Yaml printAst and tests 2023-04-26 13:41:57 +02:00