hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
52,099 Commits 1,673 Branches 157 Tags
77f1539e713028cfceddb94fc92594d9194fc336
Commit Graph

3081 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
7b3f710e91 Python: Model aiosqlite 2023-03-22 15:51:47 +01:00
Rasmus Wriedt Larsen
2b4ebf7377 Python: Add support for .executescript 2023-03-22 15:20:06 +01:00
Rasmus Wriedt Larsen
5930499f1d Python: Add test for missing .executescript SQL method 2023-03-22 14:57:08 +01:00
Rasmus Wriedt Larsen
170a93cc4f Python: Model cassandra-driver PyPI package 2023-03-22 10:28:04 +01:00
Rasmus Wriedt Larsen
e4db5f9a64 Python: Model asyncpg.connection.connect() 2023-03-22 10:28:04 +01:00
Rasmus Wriedt Larsen
4f9117963d Python: Model sqlite3.dbapi2 2023-03-22 10:28:04 +01:00
yoff
e21e630316 Merge branch 'main' into python/add-test-to-valid 2023-03-21 14:47:17 +01:00
Rasmus Wriedt Larsen
346086524b Python: Accept dataflow-consistency test changes 
To PRs must have had a conflict when merged separately
 2023-03-21 10:09:01 +01:00
Erik Krogh Kristensen
0f813ce2e8 Merge pull request #12543 from erik-krogh/reg-perf 
ReDoS: restrict the edges considered in polynomial-redos for complex regular expressions
 2023-03-20 15:48:35 +01:00
yoff
6639e5a97b Merge pull request #12590 from yoff/python/patch-uninitialized-local 
Python: Patch uninitialized local query
 2023-03-20 15:11:14 +01:00
Rasmus Lerchedahl Petersen
6a5db750c4 python: add test to validation (and fix it) 2023-03-20 15:07:46 +01:00
yoff
17c9ba9872 Merge pull request #12464 from yoff/python/add-test-captured-in-collection 
python: add test for captured variables in lists
 2023-03-20 15:01:58 +01:00
Rasmus Lerchedahl Petersen
b042c60ca3 python: remove outdated comment 2023-03-20 14:13:48 +01:00
Rasmus Lerchedahl Petersen
5f438e433d python: exclude nonlocals from query 2023-03-20 13:34:39 +01:00
Rasmus Lerchedahl Petersen
9b7a20f4ad python: add example showing FP 2023-03-20 13:03:26 +01:00
erik-krogh
b208988675 Py: add test for problematic regex 2023-03-16 12:21:00 +01:00
Tom Hvitved
a13b6ed230 Merge pull request #12536 from hvitved/dataflow/call-enclosing-callable-consistency-check 
Data flow: Add consistency check for `DataFlowCall::getEnclosingCallable`
 2023-03-16 10:19:42 +01:00
Rasmus Wriedt Larsen
b3a49ab143 Merge pull request #12467 from RasmusWL/kwargs-parameter-position-fixup 
Python/Ruby: Use new parameter position for synthetic hash-splat instead
 2023-03-16 09:52:46 +01:00
Tom Hvitved
404ead8a18 Python: Update expected test output 2023-03-16 08:40:53 +01:00
erik-krogh
d001cc40d3 Merge branch 'main' into py-shell 2023-03-13 14:56:04 +01:00
Rasmus Wriedt Larsen
293f791611 Python: Remove solved consistency work-around 
This has not been needed for some time now, but hadn't been removed
before now.
 2023-03-09 15:45:20 +01:00
Rasmus Lerchedahl Petersen
bbb43a53e5 python: add test for captured variables 
this illustrates that the function implementing
the comprehension does not capture `mod_local`.

We could handle this case specially, by having
a different implementation for `for`, but the
wider issue would remain.
 2023-03-09 11:44:58 +01:00
Rasmus Lerchedahl Petersen
32d95834d1 python: add test documenting effect of scopes 2023-03-09 10:19:44 +01:00
Rasmus Wriedt Larsen
dda29e99b2 Python: Add test of keyword argument with same name as positional-only parameter 
This is a bit of an edge case, but allowed. Since we currently don't
provide information on positional only arguments, we can't do much to
solve it right now.
 2023-03-07 13:28:48 +01:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
Anders Schack-Mulligen
34cc93846b Python: Adjust InsecureProtocol query. 2023-03-01 13:36:10 +01:00
Anders Schack-Mulligen
5469a82efb Go,Java,Python: Fix some tests. 2023-02-28 14:31:00 +01:00
Rasmus Wriedt Larsen
d198b91c82 Python: Fix expected of call-graph after merge 
Since the import resolution was fixed, but tests not rerun, these
expectations were not updated to reflect that we now handle them
properly 💪
 2023-02-27 17:38:28 +01:00
Taus
25043f51a4 Merge pull request #11376 from RasmusWL/call-graph-code 
Python: New type-tracking based call-graph
 2023-02-27 14:51:21 +01:00
Tom Hvitved
879eff41ea Merge branch 'main' into util/inline-expect-test-use-end-line 2023-02-20 10:03:38 +01:00
Rasmus Wriedt Larsen
efc75e02cc Merge pull request #12168 from RasmusWL/crypto-stdlib-modeling 
Python: Add modeling of `hmac`
 2023-02-20 09:26:53 +01:00
Tom Hvitved
59efcd593a Python: Update test expectations 2023-02-17 15:20:21 +01:00
Rasmus Wriedt Larsen
39e7bba563 Merge pull request #12203 from RasmusWL/import-resolution-phi 
Python: Handle if-then-else definitions in import resolution
 2023-02-17 10:10:42 +01:00
yoff
2f8dddabb6 Merge pull request #11570 from Sim4n6/UnsafeUnpack 
Python: Unsafe unpacking using `shutil.unpack_archive()` query and tests
 2023-02-17 09:48:05 +01:00
Rasmus Wriedt Larsen
9ed021ad66 Python: Accept change to WeakFilePermissions.expected 
💪
 2023-02-16 13:27:16 +01:00
Rasmus Wriedt Larsen
766e6c400e Python: Handle if-then-else definitions in import resolution 2023-02-16 11:18:30 +01:00
Rasmus Wriedt Larsen
80f5342a6d Python: Add import regression for if-then-else definitions 2023-02-16 11:12:08 +01:00
Rasmus Wriedt Larsen
c4fbfb0d07 Merge branch 'main' into call-graph-code 2023-02-15 20:15:04 +01:00
Rasmus Wriedt Larsen
66c3529465 Python: Fix import * from __init__.py files 2023-02-15 14:10:37 +01:00
Rasmus Wriedt Larsen
df6039d6cf Python: Add import resolution regression 2023-02-15 13:50:27 +01:00
Rasmus Wriedt Larsen
e1ae3c3cfb Python: sys.exit if import resolution tests fail 2023-02-15 13:44:45 +01:00
erik-krogh
759854991a fix various nits based on feedback 2023-02-15 11:10:43 +01:00
Rasmus Wriedt Larsen
9e2eb56032 Python: Remove support for late *args arguments 
I found this to cause bad performance, so the implementation of this has
to be thought out more carefully.
 2023-02-15 09:42:11 +01:00
Rasmus Wriedt Larsen
1c7fe97427 Python: Add modeling of hmac 2023-02-13 15:39:43 +01:00
Rasmus Wriedt Larsen
df22181963 Python: Add tests of hmac 2023-02-13 15:38:14 +01:00
Sim4n6
d7af80136e Fail tests when missing annotation on sink orfail 2023-02-12 21:27:20 +01:00
Sim4n6
518684b736 Put back the annotation result=BAD 2023-02-12 21:26:12 +01:00
Sim4n6
80d4fb5e33 Organisation TarSlip/UnsafeUnpack into two folders 2023-02-12 10:51:53 +01:00
Sim4n6
b04d5684fb add a blank line at the end of the file 2023-02-09 15:23:58 +01:00
Rasmus Wriedt Larsen
23144f584a Merge branch 'main' into call-graph-code 2023-02-08 16:17:34 +01:00