hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-02 09:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,317 Commits 1,673 Branches 157 Tags
07650af3572469b606afa16ea8f4bd01997c1ae2
Commit Graph

975 Commits

Author SHA1 Message Date
Asger F
c38cbe859d Merge pull request #13737 from asgerf/dynamic/fuzzy-models 
Dynamic: add Fuzzy token
 2023-08-03 09:58:24 +02:00
yoff
d032bf5c0e Merge pull request #13685 from RasmusWL/captured-variables-default-param-value 
Python: Model parameter with default value as `DefinitionNode`
 2023-07-17 14:25:13 +02:00
Asger F
eb5c600a6b Python: fix some whitespace 2023-07-13 15:42:34 +02:00
Asger F
2b0a8097e6 Python: implement Fuzzy for Python 2023-07-13 15:42:34 +02:00
Jeroen Ketema
8cee4f37a4 Merge branch 'main' into inline-5 2023-07-11 10:30:11 +02:00
Rasmus Wriedt Larsen
44c67171f2 Python: Fix default parameter value flow 
Somehow the previous fix didn't work :O
 2023-07-07 16:17:07 +02:00
Rasmus Wriedt Larsen
a850a481d0 Merge pull request #13676 from RasmusWL/aiohttp-ssrf-sink 
Python: Relax restriction of flow through `async with`
 2023-07-07 14:55:57 +02:00
Rasmus Wriedt Larsen
43b025015d Python: Avoid overlap between AssignmentDefinition and ParameterDefinition 2023-07-07 14:26:28 +02:00
Rasmus Wriedt Larsen
70994b9c57 Python: Accept points-to .expected changes 
They look pretty safe to me, but haven't given them a whole lot of
thought.
 2023-07-07 12:14:19 +02:00
Rasmus Wriedt Larsen
6f3cb67050 Python: Model parameter with default value as DefinitionNode 2023-07-07 11:54:50 +02:00
Rasmus Wriedt Larsen
64a86e8fd7 Python: Update inline expectations 2023-07-07 11:32:05 +02:00
Rasmus Wriedt Larsen
cfd2d09a61 Python: Add test for DefinitionNode default parameter value 2023-07-07 11:00:16 +02:00
Rasmus Wriedt Larsen
1f93e5b58d Python: Relax restriction of flow through async with 2023-07-06 11:51:58 +02:00
Rasmus Wriedt Larsen
43af8d7ac5 Python: Fix test to use async with 
It doesn't work if just using plain `with`
 2023-07-06 11:34:05 +02:00
Rasmus Wriedt Larsen
79039dc7b8 Python: Wrap aiohttp client request in async def 
And I added `await` before all the `resp` assignments
 2023-07-06 11:29:14 +02:00
Jeroen Ketema
abe06e5b95 Python: Update remaining inline expectation tests to use the paramterized module 2023-07-03 10:22:35 +02:00
Jeroen Ketema
277dbdf410 Merge pull request #13498 from jketema/inline-4 
Rework more inline expectation tests to use the parameterized module
 2023-06-22 10:01:07 +02:00
Erik Krogh Kristensen
2341c82450 Merge pull request #13342 from erik-krogh/once-again-deps 
Py: delete more old deprecations
 2023-06-20 15:29:17 +02:00
Jeroen Ketema
dba4460526 Python: Update more inline expectation tests to use the paramterized module 2023-06-20 10:16:15 +02:00
erik-krogh
bfe7e62f35 update some expected outputs - some tests no longer have an edges relation - and XsltSinks lost a result 2023-06-14 08:31:57 +02:00
erik-krogh
e463819bc2 get ParamSource.ql to compile by deleting import that got deleted - I have no if this is a good change 2023-06-14 08:31:57 +02:00
erik-krogh
ae8bf5ed3c delete old deprecations 2023-06-14 08:31:51 +02:00
Rasmus Lerchedahl Petersen
4b4b9bf9da python: add missing summaries 
For append/add:
The new results in the experimental tar slip query
show that we do not recognize the sanitisers.
 2023-06-13 20:22:21 +02:00
Rasmus Lerchedahl Petersen
b72c93ff4f python: remove remaining explicit taint steps 2023-06-13 20:22:20 +02:00
yoff
4056358863 Merge pull request #13438 from RasmusWL/flask-render-string 
Python: Add modeling of `flask.render_template_string`
 2023-06-13 14:56:43 +02:00
Jeroen Ketema
c3ba206b6a Merge pull request #13346 from jketema/inline-2 
Update inline expectation tests to use parameterized module
 2023-06-13 10:10:55 +02:00
Rasmus Wriedt Larsen
6526364045 Python: Add modeling of flask.render_template_string 2023-06-12 21:18:31 +02:00
erik-krogh
6dfeb2536b delete old deprecations 2023-06-09 15:12:23 +02:00
Jeroen Ketema
8f599faf85 Python: Rewrite inline expectation tests to use parameterized module 2023-06-09 10:42:29 +02:00
Rasmus Wriedt Larsen
62f0c64a03 Merge pull request #12552 from erik-krogh/py-type-trackers 
Py: refactor regex tracking to type-trackers
 2023-05-11 16:18:34 +02:00
yoff
1a57f81aca Merge pull request #12537 from yoff/python/captured-variables-for-typetracking 
Python: Captured variables for type tracking and the API graph
 2023-05-09 12:34:22 +02:00
Mathias Vorreiter Pedersen
09ba9a74ce Merge pull request #12959 from MathiasVP/identity-consistency-check 
DataFlow: Add an "identity-step" consistency check
 2023-05-05 10:03:20 +01:00
yoff
42090b55fa Merge branch 'main' into python/captured-variables-for-typetracking 2023-05-04 13:52:23 +02:00
yoff
d1206ea620 Update python/ql/test/library-tests/ApiGraphs/py3/test_captured_inheritance.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-05-04 13:52:08 +02:00
Kasper Svendsen
d9f29a85d6 Python: Enable implicit this warnings 2023-05-04 10:16:52 +02:00
Mathias Vorreiter Pedersen
e650df810d Python: Accept consistency changes. 2023-05-03 20:33:00 +01:00
Rasmus Lerchedahl Petersen
6d9fd24f1b python: update comments 2023-05-03 18:10:15 +02:00
erik-krogh
ffa3425195 rename away from deprecated alias in test-files 2023-05-01 10:42:14 +02:00
erik-krogh
f0254fc089 introduce RegExpInterpretation instead of RegexString, and move RegexTreeView.qll into a regexp folder 2023-05-01 10:42:13 +02:00
yoff
54ced06ada Merge branch 'main' into python/captured-variables-for-typetracking 2023-04-27 17:32:41 +02:00
Rasmus Lerchedahl Petersen
b71306104e python: add test for inheritance 2023-04-26 13:50:12 +02:00
Arthur Baars
5b6d3afd89 Python: Yaml printAst and tests 2023-04-26 13:41:57 +02:00
Rasmus Lerchedahl Petersen
a25c7f7549 Merge branch 'main' of https://github.com/github/codeql into python/captured-variables-for-typetracking 2023-04-24 11:50:32 +02:00
yoff
9e3d57d442 Update python/ql/test/library-tests/ApiGraphs/py3/test_captured_flask.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-04-11 14:34:40 +02:00
Rasmus Wriedt Larsen
7b3f710e91 Python: Model aiosqlite 2023-03-22 15:51:47 +01:00
Rasmus Wriedt Larsen
2b4ebf7377 Python: Add support for .executescript 2023-03-22 15:20:06 +01:00
Rasmus Wriedt Larsen
5930499f1d Python: Add test for missing .executescript SQL method 2023-03-22 14:57:08 +01:00
Rasmus Wriedt Larsen
170a93cc4f Python: Model cassandra-driver PyPI package 2023-03-22 10:28:04 +01:00
Rasmus Wriedt Larsen
e4db5f9a64 Python: Model asyncpg.connection.connect() 2023-03-22 10:28:04 +01:00
Rasmus Wriedt Larsen
4f9117963d Python: Model sqlite3.dbapi2 2023-03-22 10:28:04 +01:00