hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,576 Commits 1,672 Branches 157 Tags
005839b46231b5101741c33354afe4b22d626637
Commit Graph

5928 Commits

Author SHA1 Message Date
yoff
834d2603a2 python: update use of barrier guard 2022-06-28 11:15:37 +00:00
Asger F
b3b53360ae Python: change category to deprecated because library is apparently supported anymore 2022-06-28 12:14:28 +02:00
Asger F
5dfc3c6537 Python: rename change note again 2022-06-28 12:10:26 +02:00
Asger F
d9f57e6d23 Python: rename change note file 2022-06-28 11:41:07 +02:00
Asger F
6d25fb6988 Python: add change note 2022-06-28 11:28:30 +02:00
Asger F
4c73ab2679 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2022-06-28 09:48:53 +02:00
Asger F
a033338d20 Python: Explicitly mention lack of transitive flow in asSource/asSink 2022-06-28 09:46:26 +02:00
Asger F
9b27a7cbcd Python: Dont claim that external libraries are excluded from the database 2022-06-28 09:28:26 +02:00
yoff
67b6f215dc Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-06-28 08:05:53 +02:00
Taus
dc0f50d49a Python: Clean up variable names 
Makes it more consistent with the names used in
`legalMergeCandidateNonEmpty`.
 2022-06-27 19:54:09 +00:00
Taus
8fc9ce9699 Python: Fix bad join in MRO 
Fixes a bad join in `list_of_linearization_of_bases_plus_bases`.

Previvously, we joined together `ConsList` and `getBase` before filtering
these out using the recursive call. Now we do the recursion first.

Co-authored-by: yoff <yoff@github.com>
 2022-06-27 19:54:09 +00:00
Asger F
cc57cb8af5 Merge branch 'main' into post-release-prep/codeql-cli-2.10.0 2022-06-27 20:37:25 +02:00
root
655b9d4262 Python: Timing attack 2022-06-27 12:18:45 -04:00
Rasmus Wriedt Larsen
9e154ff4bd Merge branch 'main' into python/port-tarslip 2022-06-27 14:36:15 +02:00
github-actions[bot]
d506f448ef Post-release preparation for codeql-cli-2.10.0 2022-06-24 07:36:33 +00:00
Anders Schack-Mulligen
dc517a758e Autoformat 2022-06-23 14:44:40 +02:00
Anders Schack-Mulligen
4a317a25d3 Dataflow: Sync. 2022-06-23 14:34:52 +02:00
Asger F
d94010c244 Grammar: report -> reports 2022-06-23 14:17:52 +02:00
github-actions[bot]
a74051c658 Release preparation for version 2.10.0 2022-06-23 11:17:46 +00:00
Rasmus Wriedt Larsen
3248f7b423 Merge pull request #9649 from RasmusWL/certificate-modeling 
Python/JS/Ruby: Ignore common words (like certain) as sensitive data source
 2022-06-23 12:04:58 +02:00
Rasmus Wriedt Larsen
876ba71d9b Python/JS/Ruby: Add change-note 2022-06-22 11:14:05 +02:00
Rasmus Wriedt Larsen
4be375521f Python: Handle _ in sensitive-data-sources 2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
4a844312f4 Python: _ in var name not handled by sensitive-data-sources 2022-06-22 11:05:14 +02:00
Rasmus Wriedt Larsen
5dc2bb717a Python: ignore common words (certain/concert) as sensitive source 2022-06-22 11:05:05 +02:00
Anders Schack-Mulligen
df6d68b215 Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class 
Dataflow: Deprecate BarrierGuard class
 2022-06-22 10:44:08 +02:00
Rasmus Wriedt Larsen
abdcfd55c3 Python: uncertainty is treated as a certificate :O 2022-06-22 10:16:28 +02:00
Anders Schack-Mulligen
f8f9b7d3b4 Apply suggestions from code review 2022-06-21 14:11:36 +02:00
Asger F
092a6a01ac Python: Update member documentation 2022-06-21 12:44:06 +02:00
Asger F
fecbfa6ca3 Python: add deprecation 2022-06-21 12:44:06 +02:00
Asger F
3a669a8d21 Python: getAValueReachingRhs -> getAValueReachingSink 2022-06-21 12:44:06 +02:00
Asger F
b096f9ec72 Python: Rename getAUse -> getAValueReachableFromSource 2022-06-21 12:44:06 +02:00
Asger F
181a53bd03 Python: Rename getAnImmediateUse -> asSource 2022-06-21 12:44:06 +02:00
Asger F
60fde3c031 Python: Rename getARhs -> asSink 2022-06-21 12:44:06 +02:00
Asger F
8f259d4bb6 Python: port API graph doc comment 2022-06-21 12:44:06 +02:00
Edoardo Pirovano
70dbd92e25 Bump minor version of all regularly released packs 2022-06-21 11:22:58 +01:00
Edoardo Pirovano
ad02b85efa Merge branch main into rc/3.6 2022-06-21 11:15:25 +01:00
Anders Schack-Mulligen
a4796e1542 Add change notes. 2022-06-21 11:17:47 +02:00
Anders Schack-Mulligen
a6c0a9e480 Python: one more fix 2022-06-21 09:19:45 +02:00
Anders Schack-Mulligen
a7c268f804 Python: adjust test. 2022-06-20 15:46:38 +02:00
Anders Schack-Mulligen
f473a0a961 Python: Deprecate and replace BarrierGuard class. 2022-06-20 15:46:38 +02:00
yoff
94145e9e74 Update python/ql/lib/semmle/python/security/dataflow/TarSlipCustomizations.qll 2022-06-20 10:14:52 +02:00
Rasmus Wriedt Larsen
ae44a941f9 Merge pull request #9421 from RasmusWL/inline-brackets 
Inline Expectation Tests: Allow `tag[foo bar]`
 2022-06-20 10:01:19 +02:00
Taus
3a328f6a3f Merge pull request #6570 from yoff/python/broaden-noqa-regex 
Python: Broaden noqa regex to allow comments
 2022-06-17 23:56:39 +02:00
Rasmus Wriedt Larsen
5fb41e4894 Inline Expectation Tests: Disallow tag[[[foo bar] 2022-06-17 17:36:04 +02:00
Anders Schack-Mulligen
6518a01ded Dataflow: Sync. 2022-06-16 11:25:28 +02:00
Taus
9bf2eb55ca Python: Allow whitespace before colon 
As suggested by @DimitriPapadopolous.

Also fixes the test output to account for the `noqa` annotation (with
added comment) that we're now detecting.
 2022-06-16 11:16:58 +02:00
Rasmus Lerchedahl Petersen
98301332bd Python: Broaden noqa regex 2022-06-16 11:16:58 +02:00
github-actions[bot]
1ed70d51d7 Post-release preparation for codeql-cli-2.9.4 2022-06-15 13:25:20 +00:00
yoff
f14a90ff09 Merge pull request #9200 from tausbn/python-modernise-weak-file-permissions-query 
Python: Modernise weak file permissions query
 2022-06-15 14:37:17 +02:00
Rasmus Lerchedahl Petersen
0608d4d2f9 python: fix alerts 
Also, remove the `toLowerCase` again,
as I do not know what effect it will have.
 2022-06-15 14:18:29 +02:00