hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,577 Commits 1,671 Branches 157 Tags
testing-power-shell-on-dca
Commit Graph

9444 Commits

Author SHA1 Message Date
Joe Farebrother
02f395f5f8 Add qhelp 2024-12-09 19:55:57 +00:00
Joe Farebrother
cea196ec61 Add concepts tests + some fixes 2024-12-09 19:55:42 +00:00
Joe Farebrother
1cb01a286d Add tests for jinja 2024-12-09 19:55:36 +00:00
Joe Farebrother
71ab82dee0 Fix qldoc, formatting, and redundant import warnings 2024-12-09 19:55:21 +00:00
Joe Farebrother
b2c13fe351 Promote template injection sinks for each framework covered 
`Cheetah` was excluded as it was last updated 15 years ago and its documentation links are dead.
 2024-12-09 19:55:17 +00:00
Joe Farebrother
60d8a85a9c Promote jinja sinks 2024-12-09 19:54:57 +00:00
Joe Farebrother
8647073433 Copy template injection to standard pack + add jinja sinks 2024-12-09 19:47:06 +00:00
github-actions[bot]
8c64648520 Release preparation for version 2.20.0 2024-12-06 19:10:28 +00:00
Henry Mercer
a6a4ad6400 Revert "Release preparation for version 2.20.0" 2024-12-06 19:00:27 +00:00
yoff
81c8a702ff Merge pull request #18112 from github/tausbn/add-api-graph-support-for-parameter-annotations 2024-12-05 15:05:27 +01:00
github-actions[bot]
cf71a1525b Post-release preparation for codeql-cli-2.20.0 2024-12-04 18:36:17 +00:00
github-actions[bot]
96564b7128 Release preparation for version 2.20.0 2024-12-04 16:01:14 +00:00
Henry Mercer
963f084d87 Merge branch 'main' into henrymercer/merge-back-rc-3.16 2024-12-04 13:39:10 +00:00
yoff
f2d457d083 Merge pull request #18145 from github/tausbn/python-add-guide-for-extending-the-parser 
Python: Add guide describing how to extend the parser
 2024-12-04 13:07:05 +01:00
Jeroen Ketema
10592bb1c4 Merge pull request #18192 from jketema/inline-rm 
Remove deprecated `InlineExpectationsTest` class-based API
 2024-12-04 11:34:39 +01:00
Anders Schack-Mulligen
8a5fc97b06 Python: Remove deprecated configuration classes referencing deleted api. 2024-12-03 20:08:45 +01:00
dilanbhalla
a7cdda7a5b Revert "Failed Extraction Queries" 2024-12-03 10:50:15 -08:00
Anders Schack-Mulligen
cca27e4c77 Add change notes for all languages. 2024-12-03 19:42:33 +01:00
Jeroen Ketema
c3ea883b11 Python: Update expected test results 2024-12-03 19:18:57 +01:00
Anders Schack-Mulligen
acc260cc3c Python: Delete deprecated data flow api. 2024-12-03 14:41:49 +01:00
Dilan
0e25de1af0 Merge tag 'codeql-cli/latest' 
Compatible with the latest released version of the CodeQL CLI
 2024-12-02 13:59:17 +00:00
github-actions[bot]
b36f3f97ee Release preparation for version 2.19.4 2024-11-28 19:28:05 +00:00
Alexander Eyers-Taylor
6f18d69925 Revert "Release preparation for version 2.19.4" 2024-11-28 19:19:56 +00:00
Taus
a9817a0281 Python: Add guide describing how to extend the parser 2024-11-28 12:32:00 +00:00
Taus
d779ae5c3e Python: Add change note for CFG pruning fix 
... And also bump the extractor version.
 2024-11-26 15:39:15 +00:00
Taus
2734377e5d Python: Add API graph support for parameter annotations 
Adds API graph support for observing that in
```python
def foo(x : Bar): ...
```
The variable `x` is likely to be an instance of the type `Bar` inside
this function.
In particular, we add `getInstanceFromAnnotation` as a predicate on API
graph nodes that tracks this step (corresponding to a new edge type
labeled with "annotation" in the API graph), and extend the existing
`getAnInstance` predicate to also include instances arising from type
annotations.

A more complete solution would also add support for annotated
assignments (`x : Foo = ...` or just `x : Foo`) as well as track types
through type aliases (`type Foo = Bar`). This turns out to be
non-trivial, however, as these type constructs don't have any CFG nodes
(and so no data-flow nodes by default either). In order to not have
perfect be the enemy of good, this commit is only targeting the type
parameter case (which is also likely to be the most common use case
anyway).

The tests for API graphs have been extended accordingly, including tests
for the kinds of type ascriptions that we _don't_ currently model in API
graphs (marked with `MISSING:` in the inline tests).
 2024-11-26 13:03:06 +00:00
Dilan Bhalla
eb56cb94b0 metadata fixes 2024-11-22 14:29:43 -08:00
Dilan Bhalla
e3a04757d7 msft extractor queries 2024-11-22 14:11:02 -08:00
yoff
44c94e02fe Merge pull request #18037 from joefarebrother/pythob-test-global-capture 
Python: Add some test cases for flow involving global and captured variables
 2024-11-22 11:33:31 +01:00
github-actions[bot]
f7448f5b43 Release preparation for version 2.19.4 2024-11-21 16:55:07 +00:00
Alex Eyers-Taylor
50ec400fe4 Revert "Merge pull request #18036 from github/release-prep/2.19.4" 
This reverts commit aa4cc72f30, reversing
changes made to e5951516b8.
 2024-11-21 15:41:08 +00:00
Alexander Eyers-Taylor
c0474c4e45 Revert "Revert "Post-release preparation for codeql-cli-2.19.4"" 2024-11-21 15:37:52 +00:00
Alexander Eyers-Taylor
4effe9e364 Revert "Post-release preparation for codeql-cli-2.19.4" 2024-11-21 14:43:15 +00:00
Joe Farebrother
52cd7f2c5c Add 2 more cases 2024-11-20 11:22:42 +00:00
Joe Farebrother
9b4b01a442 Fix typo 2024-11-20 10:59:27 +00:00
github-actions[bot]
3909df75dc Post-release preparation for codeql-cli-2.19.4 2024-11-19 17:54:03 +00:00
Joe Farebrother
a398f707fe Add some test cases for flow involving global variables and captured variables 2024-11-19 16:34:59 +00:00
github-actions[bot]
9783a11565 Release preparation for version 2.19.4 2024-11-19 16:21:37 +00:00
yoff
d4ec8f650a Merge pull request #18030 from github/tausbn/python-fix-match-literal-pruning 
Python: Fix pruning of literals in `match` pattern
 2024-11-19 17:16:22 +01:00
yoff
22287be5d1 Merge pull request #17370 from Kwstubbs/Bottle/Tornado-HeaderSupport 
Python: Bottle Framework Support
 2024-11-19 15:34:26 +01:00
Taus
e2530cf14f Python: Update expected test output 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-11-19 14:10:50 +00:00
Taus
a4ccda5fe3 Python: Fix pruning of literals in match pattern 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-11-19 13:48:13 +00:00
Cornelius Riemenschneider
a66f8209f9 Rust: Vendor 3rdparty dependencies. 
We've been observing some performance issues using crate_universe on CI.
Therefore, we're moving to vendor the auto-generated BUILD files
in our repository. This should provide a nice speed boost, while
getting rid of the complexity of the "rust cache" job we've been using
when we had a lot of git dependencies.

This PR includes a vendor script, and I'll put up a CI job internally
that runs that vendor script on Cargo.toml and Cargo.lock changes, to check
that the vendored files are in sync.
 2024-11-13 13:22:14 +01:00
Dilan
1e1fd4566c Merge tag 'codeql-cli/latest' 
Compatible with the latest released version of the CodeQL CLI
 2024-11-07 17:59:18 +00:00
Paolo Tranquilli
147d66b587 Merge branch 'main' into redsun82/python-match-fps 2024-11-07 09:46:32 +01:00
github-actions[bot]
f107d16b4e Post-release preparation for codeql-cli-2.19.3 2024-11-04 17:20:08 +00:00
github-actions[bot]
cc7b724123 Release preparation for version 2.19.3 2024-11-04 16:37:28 +00:00
yoff
cec0544ca5 Merge pull request #17789 from aschackmull/python/resolvecall-refactor 
Python: Refactor references to NormalCall.
 2024-11-01 14:20:34 +01:00
Taus
0bb5b4b9dc Merge pull request #17875 from github/tausbn/python-improve-parser-logging-and-timing 
Python: Improve parser logging/timing/customisability
 2024-11-01 12:47:46 +01:00
Taus
2892f0ff48 Merge pull request #17873 from github/tausbn/python-fix-generator-expression-locations 
Python: Even more parser fixes
 2024-11-01 12:47:19 +01:00