hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,343 Commits 1,672 Branches 157 Tags
2dd862661bfa62080e68f4ac8281da5d901b6986
Commit Graph

3550 Commits

Author SHA1 Message Date
jorgectf
6159fbea2b Update functions naming 2021-05-07 22:15:51 +02:00
jorgectf
34b8af30ac Move structure to LDAP.qll 2021-05-07 22:09:57 +02:00
Jorge
c2b96b3a5e Add documentation to main classes' functions. 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-05-07 21:51:10 +02:00
Rasmus Wriedt Larsen
d50f22504e Python: Fix .expected 2021-05-05 14:07:15 +02:00
Rasmus Wriedt Larsen
668bfd3a41 Python: Support EC keygen without class-instance for cryptography 
I also added a new test to show off how what the origin ends up looking
like... I think it looks ok
 2021-05-05 12:29:55 +02:00
Rasmus Wriedt Larsen
3ceb8bbcc6 Python: Add cryptography test for EC 
Apparently, passing in the class (without instantiating it) is allowed
 2021-05-05 10:52:57 +02:00
Rasmus Wriedt Larsen
dc4a0c1d38 Python/JS: Fix typo 2021-05-05 10:13:54 +02:00
CodeQL CI
95f26aadd3 Merge pull request #5681 from yoff/python-support-pathlib 
Approved by tausbn
 2021-05-04 09:20:24 -07:00
Taus
483199878d Merge pull request #5793 from RasmusWL/fix-qldoc 
Python: Minor fix to Django RawSQL QLDoc
 2021-05-03 18:18:02 +02:00
intrigus
08731fc6cf Fix typo. 2021-04-29 20:26:34 +02:00
Jorge
bd4b189373 Polish documentation consistency 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-04-29 16:26:28 +02:00
Arthur Baars
6693c5bdd0 Merge pull request #5395 from tausbn/python-share-typetracker 
Python: Make the type tracking implementation shareable
 2021-04-29 12:06:12 +02:00
CodeQL CI
84d43946de Merge pull request #5755 from RasmusWL/non-alert-data-part1 
Approved by tausbn
 2021-04-29 02:51:34 -07:00
jorgectf
213d011a8c Edit code example in CompiledRegex 
Signed-off-by: jorgectf <jorgectf@protonmail.com>
 2021-04-29 11:10:03 +02:00
Rasmus Lerchedahl Petersen
16bde2729d Python: add flow from methods to calls 2021-04-28 17:02:24 +02:00
Tom Hvitved
c35a2b959a Python: Update data-flow caching 2021-04-28 14:49:05 +02:00
Rasmus Wriedt Larsen
baa926359e Python: Minor fix to Django RawSQL QLDoc 2021-04-28 12:18:27 +02:00
Rasmus Wriedt Larsen
8b9c5f8228 Python/JS: Remove "Only added to aid with internal rewrite" 2021-04-28 11:50:06 +02:00
Rasmus Wriedt Larsen
f2b4e31e7f Python: Make Diagnostics tests pass 
I had comitted a bad .expected file it seems, and since the encoding for UTF-8
is named differently from Python 2 to Python 3, we're only going to run the test
for one version.
 2021-04-28 10:21:59 +02:00
Taus
4ae3a23089 Python: Limit absolute imports 
Limits the behaviour of github/codeql#5614 in two ways:

First, we only consider files that are contained in the source archive.
This prevents unnecessary computation involving files in e.g. the
standard library.

Secondly, we ignore any relative imports (e.g. `from .foo import ...`),
as these only work inside packages anyway.

This fixes an observed performance regression on projects that include
`google-cloud-sdk` as part of their source code.
 2021-04-27 21:47:38 +00:00
jorgectf
21e01b809f Add code example in CompiledRegex 
Signed-off-by: jorgectf <jorgectf@protonmail.com>
 2021-04-27 19:54:42 +02:00
jorgectf
8a800986a2 Remove unused class variables 
Signed-off-by: jorgectf <jorgectf@protonmail.com>
 2021-04-27 19:54:42 +02:00
jorgectf
20b532ec5e Update to-cast sink's naming 
Signed-off-by: jorgectf <jorgectf@protonmail.com>
 2021-04-27 19:54:41 +02:00
Jorge
c0c71c509c Apply suggestions from code review 
Update `RegexExecution` docs and use `flowsTo()` instead of `getALocalSource()`.

Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-04-27 19:54:41 +02:00
jorgectf
c4322848ec Polish qhelp 2021-04-27 19:54:40 +02:00
jorgectf
12ccd7e3b6 Update .expected 2021-04-27 19:54:39 +02:00
jorgectf
05ee853c4e Remove wrong comment 2021-04-27 19:54:39 +02:00
jorgectf
3fae3fd93e Take ApiGraphs out of Concepts.qll 2021-04-27 19:54:39 +02:00
jorgectf
6a20a4dcc3 Add newline to qhelp 2021-04-27 19:54:38 +02:00
jorgectf
d968eea914 Move expected to /test 2021-04-27 19:54:38 +02:00
jorgectf
81d23c066c Move tests and qlref from /src to /test 2021-04-27 19:54:37 +02:00
jorgectf
d401d18e71 Add .expected and qlref 2021-04-27 19:54:36 +02:00
jorgectf
ec85ee4537 Sink's predicate typo 2021-04-27 19:54:36 +02:00
jorgectf
03825a6052 Add comment to Sink's predicates 2021-04-27 19:54:36 +02:00
jorgectf
fc27c6c547 Fix RegexExecution ambiguity 2021-04-27 19:54:35 +02:00
jorgectf
3655514924 Fix ambiguity 2021-04-27 19:54:35 +02:00
jorgectf
b6721971dd Improve code comments 2021-04-27 19:54:35 +02:00
jorgectf
d4a89b2fd8 Fix qhelp typo while converting to python's regex injection 2021-04-27 19:54:34 +02:00
jorgectf
d49c23fe67 Improve tests' readability 2021-04-27 19:54:34 +02:00
jorgectf
0e169ba10e Format qhelp 2021-04-27 19:54:33 +02:00
jorgectf
c54f08f33a Improve qhelp 2021-04-27 19:54:33 +02:00
jorgectf
66ee67a781 Polished select statement 2021-04-27 19:54:32 +02:00
jorgectf
f75110365f Fix Sink utilization in select 2021-04-27 19:54:32 +02:00
jorgectf
a5850f4a99 Use getRegexModule to know used lib 2021-04-27 19:54:31 +02:00
jorgectf
e78e2ac266 Get rid of (get)regexMethod 2021-04-27 19:54:30 +02:00
jorgectf
18ce257fc8 Move RegexInjectionSink to query config (qll) 2021-04-27 19:54:29 +02:00
jorgectf
53d61c4fb6 Use custom Sink 2021-04-27 19:54:29 +02:00
jorgectf
36cc7b5e3f Fix CompiledRegex 2021-04-27 19:54:28 +02:00
jorgectf
35f1c45d32 Change from Attribute to DataFlow::CallCfgNode in getRegexMethod() 2021-04-27 19:54:28 +02:00
jorgectf
c127b109d0 Create re.compile().ReMethod test 2021-04-27 19:54:27 +02:00