hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,676 Commits 1,671 Branches 157 Tags
yo-h/java15
Commit Graph

2409 Commits

Author SHA1 Message Date
Rasmus Lerchedahl Petersen
b21da86ac1 Python: Field flow for sequence elements 
only from displays so far
 2020-07-31 15:45:20 +02:00
Rasmus Lerchedahl Petersen
e8ce62e211 Python: Fix missing flow annotation 2020-07-31 15:28:27 +02:00
Rasmus Lerchedahl Petersen
e13cf2e126 Python: fix formatting 2020-07-31 14:25:09 +02:00
Rasmus Lerchedahl Petersen
29493f5bd7 Python: Make the coverage test a path query 2020-07-31 12:38:57 +02:00
Arthur Baars
7e72ef350e Merge pull request #3975 from aibaars/lgtm-suites 
CodeQL: complete LGTM suites
 2020-07-30 18:39:01 +02:00
Rasmus Lerchedahl Petersen
133e18edd9 Python: Annotate missing flow 2020-07-30 18:13:39 +02:00
Rasmus Lerchedahl Petersen
1467d6b419 Python: Test all expressions that incur dataflow 2020-07-30 17:51:17 +02:00
Arthur Baars
5bad003c0c Add qlpack.yml files for example queries 2020-07-29 16:57:04 +02:00
Rasmus Lerchedahl Petersen
d32e2772a0 Python: some doc, a generator, and a corotuine 2020-07-29 15:52:56 +02:00
Rasmus Lerchedahl Petersen
488a7f4d01 Python: update test expectations 2020-07-28 21:46:45 +02:00
Arthur Baars
c4041e55ba CodeQL: complete LGTM suites 2020-07-28 20:40:44 +02:00
Rasmus Lerchedahl Petersen
eab64f125b Python: Dataflow, start on test for classes 2020-07-28 20:32:12 +02:00
Rasmus Lerchedahl Petersen
38acea633f Python: Dataflow, expand callable to classes 2020-07-27 17:58:21 +02:00
Taus
f40242dc3f Merge pull request #3396 from porcupineyhairs/python-ssti 
Python : Add query to detect Server Side Template Injection
 2020-07-27 14:43:39 +02:00
Rasmus Wriedt Larsen
e0016f6c52 Python: CG trace: Mention adding projects in README 2020-07-24 20:08:39 +02:00
Rasmus Wriedt Larsen
aca703e131 Python: CG trace: Add support for flask 2020-07-24 20:06:53 +02:00
Rasmus Wriedt Larsen
bb80635dc3 Python: CG trace: Updated README 2020-07-24 19:35:06 +02:00
Rasmus Wriedt Larsen
ecafc760e8 Python: CG trace: Improved debugging queries a bit 2020-07-24 19:34:51 +02:00
Rasmus Wriedt Larsen
2407c8b07e Python: CG trace: Better handling of builtins without __module__ 
Not 100% perfect, but better
 2020-07-24 19:13:53 +02:00
Rasmus Wriedt Larsen
9c76618d8b Python: CG trace: Make ./helper.sh show help again 2020-07-24 18:59:29 +02:00
Rasmus Wriedt Larsen
8057e11fe4 Python: CG trace: Add ./helper.sh metrics command 2020-07-24 18:38:12 +02:00
Rasmus Wriedt Larsen
779a82ee07 Python: CG trace: Minor cleanup in helper.sh 2020-07-24 18:37:48 +02:00
Rasmus Wriedt Larsen
4c689434c3 Python: CG trace: Restructure QL code 2020-07-24 17:00:13 +02:00
Rasmus Wriedt Larsen
321d5104f0 Python: CG trace: Autogenerate BytecodeExpr.qll 
Some code I had lying around, just hadn't comitted.

Not that useful since most of these have been disabled in 55404ae98 for now.
 2020-07-24 16:51:14 +02:00
Rasmus Wriedt Larsen
a7bc9544b6 Python: CG trace: Metrics, number of recorded calls not ignored 
turned out to be useful after all :P
 2020-07-24 16:49:54 +02:00
Rasmus Wriedt Larsen
367a49803b Python: CG trace: handle class instantiation properly in points-to 2020-07-24 11:19:11 +02:00
Porcupiney Hairs
7a71ca3e0f fix tests. 2020-07-24 00:57:19 +05:30
Rasmus Wriedt Larsen
3ead2e3dc7 Python: CG trace: Improve performance by only logging when needed 
Seems like a 2x performance overall

wcwidth:
  - DEBUG=True 5.78 seconds
  - DEBUG=False 2.70 seconds

youtube-dl
  - DEBUG=True 238.90 seconds
  - DEBUG=False 120.70 seconds
 2020-07-23 20:14:49 +02:00
Rasmus Wriedt Larsen
c49311e69e Python: Fix JinjaSSTISinks.expected 2020-07-23 20:11:27 +02:00
Rasmus Wriedt Larsen
fbd939133e Python: CG trace: More caching 
Improves runtime of tracing youtube-dl from 296.19 seconds to 224.50 seconds.

Better, but still not that amazing :|
 2020-07-23 18:07:55 +02:00
Rasmus Wriedt Larsen
ce42221cf7 Python: CG trace: Fix some printing in helper.sh 2020-07-23 17:57:52 +02:00
Rasmus Wriedt Larsen
55404ae980 Python: CG trace: Experiment with disabling some opcodes 
Currently not supported in the QL code, so no reason to pay performance to
record them right now :P
 2020-07-23 17:39:43 +02:00
Rasmus Wriedt Larsen
14c51eb3c7 Python: CG trace: XML exporter will tell what file it wrote to 2020-07-23 17:38:54 +02:00
Rasmus Wriedt Larsen
c45cc2aa2f Python: CG trace: Add helper.sh to run tracing against real projects 2020-07-23 17:37:01 +02:00
Rasmus Wriedt Larsen
5d031d7abe Python: CG trace: Fix sorting of ExternalCallee 
Also exposed that the better_compare_for_dataclass was exposed to bad loop
variable capture :|
 2020-07-23 17:36:31 +02:00
Rasmus Wriedt Larsen
03d22fa8e3 Python: Fix filenames in qhelp 2020-07-23 17:32:01 +02:00
Rasmus Wriedt Larsen
e283d289fd Python: Update TemplateInjection.qhelp 
Moved things around so there is only a single `<example>` tag (and had to rewrite contents a bit).
 2020-07-23 17:23:26 +02:00
Porcupiney Hairs
1e7921e575 add qhelp and fix tests. 2020-07-23 20:04:32 +05:30
porcupineyhairs
8e85dc755a Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-07-23 19:37:40 +05:30
Rasmus Wriedt Larsen
da518ed0d5 Python: CG trace: Remove Python 3.8 only f"{var=}" usage 2020-07-23 14:01:29 +02:00
Rasmus Wriedt Larsen
bb4b8dceaa Python: CG trace: More robust logging setup 2020-07-23 14:01:29 +02:00
Rasmus Wriedt Larsen
a97f942a17 Python: Autoformat 2020-07-23 11:38:34 +02:00
Alexey Tereshenkov
7840dfce3b Put the closing tag back 2020-07-22 20:51:29 +01:00
Alexey Tereshenkov
e2939377e9 Update python/ql/src/Expressions/WrongNumberArgumentsForFormat.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2020-07-22 20:07:34 +01:00
Alexey Tereshenkov
a6eb3caa5f Update python/ql/src/Expressions/WrongNumberArgumentsForFormat.qhelp 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-07-22 20:07:27 +01:00
Rasmus Wriedt Larsen
9157385571 Python: CG trace: XML can export list of dataclass 2020-07-22 17:40:59 +02:00
Alexey Tereshenkov
a5f566b563 Fix typo 2020-07-22 15:39:50 +01:00
Rasmus Wriedt Larsen
746c577d72 Python: CG trace: Update naming and add QLDoc 2020-07-22 15:49:11 +02:00
Rasmus Wriedt Larsen
67b45164eb Python: CG trace: Partial matching of BytecodeExpr and AST not safe 2020-07-22 15:19:57 +02:00
Rasmus Wriedt Larsen
1e89388f2b Python: CG trace: Don't abuse example dir 2020-07-22 14:22:04 +02:00