codeql

mirror of https://github.com/github/codeql.git synced 2025-12-28 22:56:32 +01:00

Author	SHA1	Message	Date
Rasmus Wriedt Larsen	df6039d6cf	Python: Add import resolution regression	2023-02-15 13:50:27 +01:00
Rasmus Wriedt Larsen	e1ae3c3cfb	Python: sys.exit if import resolution tests fail	2023-02-15 13:44:45 +01:00
Rasmus Wriedt Larsen	9e2eb56032	Python: Remove support for late `*args` arguments I found this to cause bad performance, so the implementation of this has to be thought out more carefully.	2023-02-15 09:42:11 +01:00
Taus	1b30043422	Python: Move change note to correct directory	2023-02-14 13:48:55 +00:00
Taus	4f7c598ffc	Python: Add change note	2023-02-14 13:22:48 +00:00
Taus	39516862c1	Merge remote-tracking branch 'origin/main' into tausbn/python-clean-up-version-handling	2023-02-14 13:07:40 +00:00
Rasmus Wriedt Larsen	dc5bb4fb77	Python: Update a few examples so queries work on them Fixes problem highlighted in https://github.com/github/codeql/issues/12156	2023-02-14 11:54:18 +01:00
Rasmus Wriedt Larsen	1c7fe97427	Python: Add modeling of `hmac`	2023-02-13 15:39:43 +01:00
Rasmus Wriedt Larsen	df22181963	Python: Add tests of `hmac`	2023-02-13 15:38:14 +01:00
Anders Schack-Mulligen	e877b161d8	Merge pull request #12124 from hvitved/dataflow/stage1-dispatch Data flow: Call context virtual dispatch pruning in stage 1	2023-02-13 13:13:43 +01:00
Rasmus Wriedt Larsen	b2e79e2948	Python/Ruby/JS Crypto: Add a few algorithms + block modes I have tried to add a few links to support the claim that these algorithms are strong/safe. It wasn't always super easy, so in some cases I have ended up just linking to the documentation of the `cryptography` Python package. Co-authored-by: REDMOND\brodes <brodes@microsoft.com>	2023-02-13 10:40:47 +01:00
Tom Hvitved	f7a5a33474	Address review comment	2023-02-13 09:01:15 +01:00
Sim4n6	d7af80136e	Fail tests when missing annotation on sink orfail	2023-02-12 21:27:20 +01:00
Sim4n6	518684b736	Put back the annotation result=BAD	2023-02-12 21:26:12 +01:00
Sim4n6	80d4fb5e33	Organisation TarSlip/UnsafeUnpack into two folders	2023-02-12 10:51:53 +01:00
Sim4n6	eed19a3e15	Fix autoformatting issues	2023-02-10 21:58:29 +01:00
Sim4n6	09df055d86	Fix the exists cast warning	2023-02-09 15:25:54 +01:00
Sim4n6	b04d5684fb	add a blank line at the end of the file	2023-02-09 15:23:58 +01:00
Sim4n6	16ef50401b	Update python/ql/src/experimental/Security/UnsafeUnpackQuery.qll Co-authored-by: yoff <lerchedahl@gmail.com>	2023-02-09 14:59:28 +01:00
Sim4n6	4196230a8a	use if-then-else rather than nested exists	2023-02-08 21:46:50 +01:00
Sim4n6	9e285020a1	Comment modif + remove redundant cast	2023-02-08 21:14:53 +01:00
Rasmus Wriedt Larsen	5c23b47ef4	Python: Fix typo in QLDoc Co-authored-by: Taus <tausbn@github.com>	2023-02-08 16:27:06 +01:00
Rasmus Wriedt Larsen	8bb1d8631a	Python: Add call-graph hotfix for `sympy`	2023-02-08 16:19:29 +01:00
Rasmus Wriedt Larsen	23144f584a	Merge branch 'main' into call-graph-code	2023-02-08 16:17:34 +01:00
Taus	080ce09bd7	Python: Update `six` test expectations	2023-02-07 16:21:15 +00:00
Taus	8dea993f41	Python: Update failing test Seems the name for the codec changed between Python 2 and 3. :)	2023-02-07 16:21:15 +00:00
Taus	49a3dd6131	Python: Clean up version handling Depends on an internal PR.	2023-02-07 16:21:15 +00:00
Tom Hvitved	8e8897b08b	Data flow: Sync files	2023-02-07 15:15:04 +01:00
Erik Krogh Kristensen	9360ae9638	Merge pull request #12076 from erik-krogh/poly-sink-track PY: add tracking of strings to compile-sites for poly-redos	2023-02-06 14:21:04 +01:00
Mathias Vorreiter Pedersen	00fe448e3a	Merge pull request #12072 from aschackmull/dataflow/stage3-perf Dataflow: Fix join in `fwdFlowRead` (take 2)	2023-02-06 10:43:11 +00:00
Sim4n6	ec82d61991	Add another frequently used step	2023-02-05 14:36:17 +01:00
Alex Ford	7768026e70	Merge branch 'main' into js-use-shared-cryptography	2023-02-03 15:18:30 +00:00
Alex Ford	6c35feaa98	ConceptsShared: add a default implementation of BlockMode CryptographicOperation#getBlockMode() for compatibility with external code	2023-02-03 14:39:32 +00:00
Alex Ford	b968b59afc	CryptoAlgorithms: make CryptographicAlgorithm#matchesName hold only if that algorithm is the most specific match	2023-02-03 14:15:32 +00:00
github-actions[bot]	faf21f3edb	Post-release preparation for codeql-cli-2.12.2	2023-02-02 23:01:04 +00:00
erik-krogh	6e712b293a	add tracking of strings to compile-sites for poly-redos, in the style of Ruby	2023-02-02 22:56:20 +01:00
Sim4n6	a0150849cb	Updated the expected test file	2023-02-02 21:42:47 +01:00
Alex Ford	1435ef1862	CryptoAlgorithms: make CryptographicAlgorithm#matchesName split on underscores	2023-02-02 20:30:30 +00:00
Alex Ford	e5dfbe2c8d	ConceptsShared: Add BlockMode#matchesString(string) predicate	2023-02-02 20:27:52 +00:00
Alex Ford	61095b3c58	ConceptsShared: Add deprecated DataFlow::Node CryptographicOperation#getInput() predicate	2023-02-02 20:27:05 +00:00
Sim4n6	1a8c9abee2	Incorporate Sink & Source as steps from TarSlipQry	2023-02-02 21:09:40 +01:00
erik-krogh	52959d7c0a	add failing test for not tracking strings to re.compile	2023-02-02 19:10:32 +01:00
Anders Schack-Mulligen	67d4ed53b9	Dataflow: Sync.	2023-02-02 16:33:00 +01:00
github-actions[bot]	a4fa984792	Release preparation for version 2.12.2	2023-02-02 14:34:55 +00:00
Rasmus Wriedt Larsen	db114bb104	Merge branch 'main' into call-graph-code	2023-02-02 11:56:55 +01:00
Rasmus Wriedt Larsen	fdb33ff48e	Python: Fix grammar in change-note Co-authored-by: Taus <tausbn@github.com>	2023-02-01 14:01:20 +01:00
erik-krogh	77e014c5a4	sync added dataflow config	2023-02-01 11:46:57 +01:00
Erik Krogh Kristensen	01f6862965	Merge pull request #11833 from erik-krogh/trackPyReg PY: track string-constants to regular expression uses	2023-02-01 11:40:42 +01:00
Rasmus Wriedt Larsen	c7e552b343	Python: Fix grammar in qldoc Co-authored-by: yoff <lerchedahl@gmail.com>	2023-01-30 09:45:45 +01:00
Rasmus Wriedt Larsen	a1c2f4c138	Python: Small rewrite of `**kwargs` getParameter logic	2023-01-30 09:42:43 +01:00

1 2 3 4 5 ...

6789 Commits