hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
43,179 Commits 1,672 Branches 157 Tags
1d834799a2c46d01c251aa1757d42974cbb7dcb5
Commit Graph

5928 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
1d834799a2 Merge pull request #10114 from RasmusWL/shared-http-client-request 
Ruby/Python: Shared HTTP client request concept
 2022-09-08 11:58:06 +02:00
Asger F
6b2ebcce3a Merge pull request #10276 from asgerf/mad-typedef-entry-points 
Add TypeModel hook for adding MaD type-defs from CodeQL
 2022-09-07 14:14:48 +02:00
Taus
3bb7e28712 Merge pull request #10176 from RasmusWL/import-problem 
Python: Add testcase for import problem
 2022-09-06 18:12:37 +02:00
Asger F
95c60858d4 Export as DataFlow instead of DF 2022-09-06 15:02:48 +02:00
Rasmus Wriedt Larsen
a9e1e72196 Merge branch 'main' into shared-http-client-request 2022-09-06 10:52:27 +02:00
Rasmus Wriedt Larsen
07457b2b5f Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
d708abfc80 Python: Accept more .expected changes 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
c9cd809ef2 Python: Add change-note 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
e979dffc08 Python: Fix variable access from extractor-change 
These changes are from internal PR.
 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
985e87ccde Python: Add variable scope example with subclass 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
0e3d520712 Python: Add variables regression test 
As illustrated when running the python file, the non qualified reads in
the `use` method all refer to the global variables, whereas `ex =
func(baz)` are to the things defined on the class.

The important part of the .expected changes is that the _global_
variable `bar` is used inside the function, whereas it's the local
variable for `foo` (on class scope) that is used inside the function
(which is wrong).
 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
98db1af898 Python: Also show variable access 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
fd4f60dd1b Python: Adjust variables tests 2022-09-06 10:11:37 +02:00
Rasmus Wriedt Larsen
ebd97f4496 Python: Add type-tracking regession example 2022-09-06 10:11:36 +02:00
Asger F
c7c3ad29cd Python: sync with Python 2022-09-06 09:30:02 +02:00
Taus
c19574b9a4 Merge pull request #10267 from yoff/python/port-EmptyExcept 
python: Rewrite EmptyExcept from `points-to` to API graph
 2022-09-05 14:11:34 +02:00
erik-krogh
0de0325c8e change the alert-message for py/modification-of-default-value 2022-09-05 13:30:56 +02:00
Asger F
f22de8a3b7 Python: Sync with Python 2022-09-03 13:51:02 +02:00
Asger F
296aa52ef0 Python: Add API::EntryPoint 
Python: add EntryPoint test
 2022-09-03 13:24:46 +02:00
erik-krogh
089ce5a8a4 change alert messages of path queries to use the same template 2022-09-02 14:45:40 +02:00
Erik Krogh Kristensen
6cee635cb5 Merge pull request #10180 from erik-krogh/fixTags 
Add missing security tags
 2022-09-02 08:04:57 +02:00
Rasmus Lerchedahl Petersen
1d2d28be76 python: replace points-to with API graph 2022-09-01 23:24:10 +02:00
Edoardo Pirovano
8f332714f4 Merge pull request #10260 from github/edoardo/3.7-mergeback 
Merge `rc/3.7` into `main`
 2022-09-01 15:44:17 +01:00
Ian Lynagh
7dc5bdafe3 Merge pull request #10186 from github/post-release-prep/codeql-cli-2.10.4 
Post-release preparation for codeql-cli-2.10.4
 2022-08-31 17:29:57 +01:00
Asger F
5ad6c05a9c Merge pull request #10205 from asgerf/mad-generics 
Support type variables in MaD typings
 2022-08-30 18:07:39 +02:00
Asger F
dd44187aed Sync files again 2022-08-30 14:08:33 +02:00
Asger F
d5d1365104 Synchronize ApiGraphModels.qll 2022-08-30 14:07:37 +02:00
erik-krogh
7fd426e748 print a correct range for ranges that doesn't contain any alpha-numeric chars 2022-08-30 13:57:11 +02:00
Erik Krogh Kristensen
8f0b999c31 Merge pull request #10207 from erik-krogh/fixRank 
fix performance issue in the ReDoS query
 2022-08-30 10:17:11 +02:00
erik-krogh
e2caf3e8c0 put a limit on the length of the equivalent range 2022-08-30 09:29:22 +02:00
erik-krogh
f47b097d7c put a limit on the length of the equivalent range 2022-08-29 21:03:52 +02:00
erik-krogh
77949cbeb3 add context to the rankState predicate in ExponentialBackTracking.qll 2022-08-29 13:42:05 +02:00
erik-krogh
f678c8a967 PY: add python change-note 2022-08-29 13:08:52 +02:00
erik-krogh
4353937bcf PY: add missing security tags on Python queries 2022-08-29 13:08:47 +02:00
github-actions[bot]
3b4ad3c4f1 Post-release preparation for codeql-cli-2.10.4 2022-08-26 09:32:11 +00:00
erik-krogh
1d1aa7c8b4 update some expected output 2022-08-25 20:52:30 +02:00
erik-krogh
cc7a9ef97a rename more acronyms 2022-08-25 20:52:27 +02:00
Rasmus Wriedt Larsen
0728ecebbb Python: Highlight that import problem is not just a relative problem 2022-08-25 15:54:21 +02:00
Rasmus Wriedt Larsen
1ca19533e0 Python: Add import problem test from the wild 2022-08-25 15:50:55 +02:00
Ian Lynagh
f20825ae55 Update python/ql/lib/CHANGELOG.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:25:10 +01:00
Ian Lynagh
b21883292d Update python/ql/lib/change-notes/released/0.5.4.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:24:58 +01:00
Erik Krogh Kristensen
06afe9c0f4 Merge pull request #9816 from erik-krogh/msgConsis 
Make alert messages consistent across languages
 2022-08-25 15:20:01 +02:00
github-actions[bot]
0f63bc077f Release preparation for version 2.10.4 2022-08-25 12:52:26 +00:00
Erik Krogh Kristensen
ba1ad00d2a Merge pull request #10062 from erik-krogh/redosPrefix 
JS: use the shared regular expression libraries in `js/case-sensitive-middleware-path`
 2022-08-25 12:57:16 +02:00
Ian Lynagh
3fcfd32eb1 Make *.ql non-executable 2022-08-24 16:55:11 +01:00
Ian Lynagh
4cd618f81c Make *.expected non-executable 2022-08-24 16:51:50 +01:00
Ian Lynagh
501a9b3c6b Make *.qll non-executable 2022-08-24 16:36:15 +01:00
erik-krogh
014dcd1454 fixup a Python query, it didn't select something with a location 2022-08-24 16:23:20 +02:00
erik-krogh
1c0f2251e2 Merge branch 'main' into msgConsis 2022-08-24 14:38:57 +02:00
erik-krogh
5e3cb08ed2 rename stateInPumpableRegexp to stateInRelevantRegexp 2022-08-23 12:40:45 +02:00