hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-25 05:06:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,876 Commits 1,673 Branches 157 Tags
56dff8540f78be6cecea395df4eefd1fee823d05
Commit Graph

2502 Commits

Author SHA1 Message Date
yoff
5076b1a214 Merge pull request #16135 from sylwia-budzynska/gradio-model 
Python: Add Gradio models
 2024-05-16 09:00:50 +02:00
Sylwia Budzynska
72493a6bd1 Change classes to private 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-05-15 15:08:27 +02:00
Dave Bartolomeo
b49a61705c Merge pull request #16491 from github/post-release-prep/codeql-cli-2.17.3 
Post-release preparation for codeql-cli-2.17.3
 2024-05-14 19:33:20 -04:00
github-actions[bot]
32e8b5c667 Post-release preparation for codeql-cli-2.17.3 2024-05-14 21:14:08 +00:00
yoff
04c0475251 Merge pull request #16483 from yoff/python/MaD-instance-follow-subclass 
Python: The MaD token `Instance` now follows subclasses
 2024-05-14 21:30:43 +02:00
github-actions[bot]
100166fa53 Release preparation for version 2.17.3 2024-05-14 19:23:18 +00:00
Joe Farebrother
027e5e7291 Merge pull request #16300 from joefarebrother/python-pyramid 
Python: Model the Pyramid framework
 2024-05-14 13:24:19 +01:00
Joe Farebrother
904799b674 Merge pull request #16105 from joefarebrother/python-promote-header-injection 
Python: Promote Header Injection query from experimental
 2024-05-14 13:23:58 +01:00
Sylwia Budzynska
f72afdc7cb Merge branch 'main' into gradio-model 2024-05-14 12:41:00 +02:00
Rasmus Lerchedahl Petersen
52717f8500 python: The MaD token Instance now follows subclasses 2024-05-14 08:40:19 +02:00
Sylwia Budzynska
d6acea1d0c Fix tests 2024-05-10 12:41:47 +02:00
Sylwia Budzynska
52ceb7fb89 Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-05-10 12:07:32 +02:00
Joe Farebrother
ab23d0ad23 Merge branch 'main' into python-promote-header-injection 2024-05-08 13:49:00 +01:00
Sylwia Budzynska
944f8842b7 Change getASuccessor() to getASubscript() 2024-05-08 14:44:06 +02:00
Sylwia Budzynska
8bb4193704 Put GradioInterface models into GradioInput 2024-05-08 14:36:42 +02:00
Sylwia Budzynska
eaba798e34 Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2024-05-08 14:26:34 +02:00
Chuan-kai Lin
535e6db40f Python: Use entities in reorder directives 2024-05-03 11:17:41 -07:00
Owen Mansel-Chan
83249cd9c2 Fix grammar in comment 2024-05-02 09:59:48 +01:00
Owen Mansel-Chan
16dcc0969b Standardise comment explaining why extensible predicates must be defined 2024-05-01 22:00:01 +01:00
Joe Farebrother
fd55713006 add changenote 2024-04-30 18:17:18 +01:00
Joe Farebrother
c6372d5822 Fix qldoc and remove PotentialViewCallable class 2024-04-30 18:13:06 +01:00
Joe Farebrother
ba054bd428 Manually specify subclasses for redirect models 2024-04-30 14:33:46 +01:00
github-actions[bot]
99928b82ed Post-release preparation for codeql-cli-2.17.2 2024-04-30 12:15:35 +00:00
github-actions[bot]
5228d94d42 Release preparation for version 2.17.2 2024-04-30 10:25:51 +00:00
Joe Farebrother
7df8b1ba51 Don't rely on specific parameter names, add qldoc 2024-04-30 09:45:11 +01:00
erik-krogh
800d7546fa change all the change-notes to breaking 2024-04-26 17:17:23 +02:00
erik-krogh
14d88eb3ce add change-notes 2024-04-26 12:56:28 +02:00
erik-krogh
baa31e1469 delete outdated deprecations 2024-04-25 22:19:28 +02:00
Joe Farebrother
2a0459838b Add models for responses 2024-04-25 15:55:59 +01:00
Joe Farebrother
86d1e5b646 Add additional type tracking for request attributes 2024-04-25 13:58:36 +01:00
Rasmus Wriedt Larsen
13ff9412a4 Merge pull request #16252 from RasmusWL/move-dataflow-tests 
Python: Move dataflow tests out of experimental
 2024-04-25 10:05:06 +02:00
Joe Farebrother
2b935e575a Add concept tests + fix typo 2024-04-24 14:05:41 +01:00
Joe Farebrother
ec4c820391 Fix deprecation 2024-04-24 14:05:41 +01:00
Joe Farebrother
f3b27d611a Add test case for validated wsgiref servers + fix typo 2024-04-24 14:05:40 +01:00
Joe Farebrother
d4a072818f Add more tests 2024-04-24 14:05:40 +01:00
Joe Farebrother
eeef062f7c Implement sinks for wsgiref + allow lists in bulk header updates + local flow 2024-04-24 14:05:39 +01:00
Joe Farebrother
8636a50190 Fix qldoc + remove deprecation from experimental concepts (as they are still used in another experimental query) 2024-04-24 14:05:38 +01:00
Joe Farebrother
fa28d94363 Added a sanitizer for replacing newlines. 2024-04-24 14:05:38 +01:00
Joe Farebrother
dbbc944f32 Correct spelling 2024-04-24 14:05:38 +01:00
Joe Farebrother
a88ad62c00 Implemented sinks for bulk header updates, and added corresponding tests. 2024-04-24 14:05:38 +01:00
Joe Farebrother
3e9341ff8a Model class instantiation for werkzueg headers 2024-04-24 14:05:37 +01:00
Joe Farebrother
b9984beb16 Add test cases 2024-04-24 14:05:37 +01:00
Joe Farebrother
68d90918cf Add to header write concept a specification of whether the name or value arg allows newlines. 
Ported sink defenitions from Flask and Werzeug from experimental to main.
Removed experimental sink definitions for Django, as neither name nor value are vulnerable.
 2024-04-24 14:05:37 +01:00
Joe Farebrother
25ffcb2fde Split into customizations file 2024-04-24 14:05:37 +01:00
Joe Farebrother
6021d9238c Move headers injection query and concept from experimental to main 2024-04-24 14:05:37 +01:00
Nick Rolfe
af72c0848e Merge pull request #16306 from github/nickrolfe/js-sensitive 
JS: do fewer regexp matches in SensitiveActions
 2024-04-24 09:49:44 +01:00
Nick Rolfe
003d208574 JS: do fewer regexp matches in SensitiveActions 2024-04-23 15:31:38 +01:00
Anders Schack-Mulligen
b2f09949df Merge pull request #15599 from aschackmull/dataflow/fieldflowbranchlimit-v2 
Dataflow: update fieldFlowBranchLimit semantics
 2024-04-23 10:08:05 +02:00
Rasmus Wriedt Larsen
e0e405bb31 Python: replace dataflow-test location in files 2024-04-23 09:40:59 +02:00
Joe Farebrother
f85ee38e04 Add instance taint steps for requests 2024-04-22 16:03:39 +01:00