hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-15 01:41:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
47,812 Commits 1,784 Branches 169 Tags
54109b8ea7ce7b413f2d672b52e2ccfde8795e72
Commit Graph

6395 Commits

Author SHA1 Message Date
ALJI Mohamed
54109b8ea7 Add source wget.download 2022-12-13 15:34:01 +01:00
ALJI Mohamed
2f68b54b27 A simple download_file() call from maybe boto3 2022-12-12 19:46:34 +01:00
ALJI Mohamed
b19452467d read by chunks as additional step 2022-12-10 21:59:14 +01:00
ALJI Mohamed
eff132512c Copying the response data to the archive 2022-12-10 08:15:42 +01:00
ALJI Mohamed
545aab0e07 tarball path provided using CLI argument (source) 2022-12-09 15:54:43 +01:00
ALJI Mohamed
9336f4f1a2 Considering the use of contextlib.closing() method 2022-12-08 12:26:59 +01:00
ALJI Mohamed
2801b8495a A fix of the tag name 2022-12-06 14:50:47 +01:00
ALJI Mohamed
4896e62117 Use of more generic terms 2022-12-06 14:44:52 +01:00
Sim4n6
58570b4d2c Update python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.ql 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-12-06 14:40:48 +01:00
Sim4n6
9a60202de6 Update python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-12-06 14:40:35 +01:00
Sim4n6
c22c0b5029 Update python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.qhelp 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-12-06 14:39:16 +01:00
ALJI Mohamed
a5849eb9b0 Improved the additional taint step using InstanceSource 2022-12-06 14:00:08 +01:00
ALJI Mohamed
054c06be65 Update UnsafeUnpack.ql 2022-12-06 02:51:07 +01:00
ALJI Mohamed
68fd75ca34 UnpackUnsafe query and tests 2022-12-05 17:20:22 +01:00
Tom Hvitved
faca4b5b56 Merge pull request #11461 from hvitved/ruby/unique-hash-splat-param 
Ruby: At most one hash-splat `ParameterNode` per callable
 2022-12-05 11:53:28 +01:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
Rasmus Wriedt Larsen
d47b3265c4 Python: Fix py/meta/points-to-call-graph 2022-12-01 14:56:10 +01:00
Rasmus Wriedt Larsen
e7264fb495 Merge pull request #11480 from RasmusWL/sink-meta-query 
Python: Add taint-sinks meta query
 2022-12-01 10:23:33 +01:00
Tom Hvitved
b33f5925bb Data flow: Sync files 2022-11-30 13:39:25 +01:00
Owen Mansel-Chan
55c4643b20 Dataflow: Sync. 2022-11-30 11:00:07 +00:00
Rasmus Wriedt Larsen
607639c100 Python: restrict py/meta/points-to-call-graph to non-ignored files 2022-11-29 15:10:45 +01:00
Rasmus Wriedt Larsen
d7aea228ce Python: Add taint-sinks meta query 
Inspired by the one they have in JS:
097d5189e9/javascript/ql/src/meta/alerts/TaintSinks.ql
 2022-11-29 15:10:09 +01:00
Arthur Baars
cf7ebe2fa8 Merge pull request #11471 from github/rc/3.8 
Merge rc/3.8 into main
 2022-11-29 12:57:34 +01:00
Tom Hvitved
f3dca95958 Merge pull request #11087 from hvitved/dataflow/summary-ctx 
Data flow: Add summary/return context to pruning stages 2-4
 2022-11-29 10:36:53 +01:00
Felicity Chapman
a76d47681d Replace references in Qhelp files 2022-11-28 15:25:37 +01:00
Tom Hvitved
cde05e1190 Data flow: Sync files 2022-11-28 12:11:38 +01:00
Taus
530b795eaa Merge pull request #11402 from yoff/python/port-super-not-enclosing-class 
Python: port `py/super-not-enclosing-class`
 2022-11-28 11:52:57 +01:00
Rasmus Lerchedahl Petersen
77d98b217e Python: add import 2022-11-25 08:52:35 +01:00
yoff
d804acdef7 Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2022-11-25 08:50:37 +01:00
Erik Krogh Kristensen
03737543d4 Merge pull request #11403 from erik-krogh/additional 
ReDoS: add missing additional keywords
 2022-11-24 15:53:51 +01:00
Erik Krogh Kristensen
1eec067474 Merge pull request #11294 from erik-krogh/fileDoc 
QL: improve the "this block-comment should have been a QLDoc"-query
 2022-11-23 22:23:36 +01:00
erik-krogh
95f35196e4 add missing additional keywords 2022-11-23 20:45:51 +01:00
Asger F
abf0c0f296 Python: update more comments referring to the package column 2022-11-23 15:02:08 +01:00
Rasmus Lerchedahl Petersen
91198524cd Python: port py/super-not-enclosing-class 2022-11-23 14:37:45 +01:00
Asger F
1c910550e6 Python: merge package/type columns 2022-11-23 11:17:42 +01:00
Rasmus Wriedt Larsen
5866af413f Merge pull request #11347 from tausbn/python-clean-up-import-resolution 
Python: Add change note for module resolution
 2022-11-22 15:28:38 +01:00
Rasmus Wriedt Larsen
04a68f8d52 Merge pull request #11372 from RasmusWL/getpass 
Python: Model `getpass.getpass` as source of passwords
 2022-11-22 14:49:04 +01:00
Rasmus Wriedt Larsen
9195b73d84 Python: Model getpass.getpass as source of passwords 2022-11-22 14:11:52 +01:00
Rasmus Wriedt Larsen
80e71b202a Python: Cleartext queires: Remove flow from getpass.py 2022-11-22 14:08:00 +01:00
Rasmus Wriedt Larsen
9342e3ba76 Python: Enable new test 
But look at all those elements from getpass.py implementation :(
 2022-11-22 13:59:59 +01:00
Rasmus Wriedt Larsen
e01df3ea7c Python: Prepare for new test 
.expected line changes 😠
 2022-11-22 13:52:50 +01:00
Taus
18be30d177 Python: Apply suggestion from review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-11-22 13:46:45 +01:00
Rasmus Wriedt Larsen
1b30cf8eca Merge branch 'main' into call-graph-tests 2022-11-22 13:39:27 +01:00
Rasmus Wriedt Larsen
84faf49bf0 Python: Add tests for compound arguments field flow 2022-11-22 11:29:00 +01:00
Rasmus Wriedt Larsen
d876acde4c Python: Fix SINK/SINK_F usage for crosstalk tests 
As discussed in PR review
https://github.com/github/codeql/pull/11208#discussion_r1022473421
 2022-11-22 11:29:00 +01:00
Edoardo Pirovano
6c33ddcd47 Merge pull request #11349 from github/edoardo/2.11.4-mergeback 
Merge `rc/3.8` into `main`
 2022-11-21 18:08:27 +00:00
Taus
f12e15b46b Python: Fix implicit this warnings 2022-11-21 15:23:13 +00:00
Taus
a385e87273 Python: Add change note for module resolution 
Also adapts the version-specific tests to support results specific to
Python 2 (though at the moment there are no such tests).
 2022-11-21 14:29:39 +00:00
Taus
8f4eb7107a Merge pull request #10861 from tausbn/python-clean-up-import-resolution 
Python: Clean up import resolution
 2022-11-21 15:18:08 +01:00
Tom Hvitved
99e70e9a50 Data flow: Sync files 2022-11-20 10:19:23 +01:00