hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 20:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,146 Commits 1,673 Branches 157 Tags
aba744029383c3fb3e705bcf157c96ffab1c59cd
Commit Graph

1486 Commits

Author SHA1 Message Date
github-actions[bot]
b0315119c6 Release preparation for version 2.12.3 2023-02-16 11:49:06 +00:00
Rasmus Wriedt Larsen
ee5382d8a6 Merge pull request #12193 from RasmusWL/import-resolution-fixup 
Python: Fix `from <pkg> import *` import resolution
 2023-02-15 20:13:24 +01:00
Rasmus Wriedt Larsen
c72dbc49fc Merge pull request #12165 from RasmusWL/crypto-updates 
Python/Ruby/JS Crypto: Add a few algorithms + block modes
 2023-02-15 14:35:40 +01:00
Rasmus Wriedt Larsen
7e16fa9cbe Python: Add change-note 2023-02-15 14:25:33 +01:00
Rasmus Wriedt Larsen
220f227707 Python: Add wrapper for isPreferredModuleForName 
We talked about how it's annoying that we in 4 places have the same fix
`isPreferredModuleForName(<module>.getFile(), <name> + ["", ".__init__"])`
, and that it would be nice to have a simple wrapper predicate that
ensures we never forget to do the `+ ["", ".__init__"]` dance...

I had trouble coming up with a name for this (ironically), but
I think `getModuleFromName` is good enough.
 2023-02-15 14:23:39 +01:00
Rasmus Wriedt Larsen
66c3529465 Python: Fix import * from __init__.py files 2023-02-15 14:10:37 +01:00
Taus
1b30043422 Python: Move change note to correct directory 2023-02-14 13:48:55 +00:00
Taus
4f7c598ffc Python: Add change note 2023-02-14 13:22:48 +00:00
Taus
39516862c1 Merge remote-tracking branch 'origin/main' into tausbn/python-clean-up-version-handling 2023-02-14 13:07:40 +00:00
Anders Schack-Mulligen
e877b161d8 Merge pull request #12124 from hvitved/dataflow/stage1-dispatch 
Data flow: Call context virtual dispatch pruning in stage 1
 2023-02-13 13:13:43 +01:00
Rasmus Wriedt Larsen
b2e79e2948 Python/Ruby/JS Crypto: Add a few algorithms + block modes 
I have tried to add a few links to support the claim that these
algorithms are strong/safe. It wasn't always super easy, so in some
cases I have ended up just linking to the documentation of the
`cryptography` Python package.

Co-authored-by: REDMOND\brodes <brodes@microsoft.com>
 2023-02-13 10:40:47 +01:00
Tom Hvitved
f7a5a33474 Address review comment 2023-02-13 09:01:15 +01:00
Taus
49a3dd6131 Python: Clean up version handling 
Depends on an internal PR.
 2023-02-07 16:21:15 +00:00
Tom Hvitved
8e8897b08b Data flow: Sync files 2023-02-07 15:15:04 +01:00
Erik Krogh Kristensen
9360ae9638 Merge pull request #12076 from erik-krogh/poly-sink-track 
PY: add tracking of strings to compile-sites for poly-redos
 2023-02-06 14:21:04 +01:00
Mathias Vorreiter Pedersen
00fe448e3a Merge pull request #12072 from aschackmull/dataflow/stage3-perf 
Dataflow: Fix join in `fwdFlowRead` (take 2)
 2023-02-06 10:43:11 +00:00
github-actions[bot]
faf21f3edb Post-release preparation for codeql-cli-2.12.2 2023-02-02 23:01:04 +00:00
erik-krogh
6e712b293a add tracking of strings to compile-sites for poly-redos, in the style of Ruby 2023-02-02 22:56:20 +01:00
Anders Schack-Mulligen
67d4ed53b9 Dataflow: Sync. 2023-02-02 16:33:00 +01:00
github-actions[bot]
a4fa984792 Release preparation for version 2.12.2 2023-02-02 14:34:55 +00:00
erik-krogh
77e014c5a4 sync added dataflow config 2023-02-01 11:46:57 +01:00
Erik Krogh Kristensen
01f6862965 Merge pull request #11833 from erik-krogh/trackPyReg 
PY: track string-constants to regular expression uses
 2023-02-01 11:40:42 +01:00
Mathias Vorreiter Pedersen
95b15825f9 DataFlow: Sync identical files. 2023-01-27 16:24:31 +00:00
Alex Ford
55550e7980 Merge pull request #11941 from alexrford/summary-component-tostring-syntheticglobal 
Add missing toString case for synthetic globals
 2023-01-23 10:00:00 +00:00
Michael Nebel
69a42d8b1f Merge pull request #11931 from michaelnebel/csharp/refactor 
Remove the Csv postfix of some predicate names.
 2023-01-23 09:09:48 +01:00
github-actions[bot]
b62cb6ba84 Post-release preparation for codeql-cli-2.12.1 2023-01-20 19:49:56 +00:00
Alex Ford
e4df1f5a6f Ruby: add missing toString case for synthetic globals 2023-01-20 13:31:43 +00:00
github-actions[bot]
005b3e4a47 Release preparation for version 2.12.1 2023-01-20 12:03:19 +00:00
Michael Nebel
dc223cb82e Sync files and make corresponding changes for other languages. 2023-01-19 15:14:06 +01:00
Rasmus Wriedt Larsen
a0b1c2ea79 DataFlow: Add uniqueParameterNodePositionExclude 2023-01-17 14:05:22 +01:00
Rasmus Wriedt Larsen
2b0a5fd5d1 DataFlow: Add uniqueParameterNodeAtPositionExclude 2023-01-17 14:05:17 +01:00
Michael Nebel
7e4f7a0c17 C#: Address review comments and sync files. 2023-01-11 16:29:24 +01:00
Michael Nebel
67cbe38255 Sync files. 2023-01-11 16:20:55 +01:00
Michael Nebel
59a9e255c7 Python: Re-factor provenance related predicates for summarized callable. 2023-01-11 16:20:55 +01:00
Michael Nebel
ea173f9516 Sync files. 2023-01-11 16:20:55 +01:00
Tony Torralba
d87c8c75d6 Python: Remove omittable exists variables 2023-01-10 13:37:35 +01:00
erik-krogh
10308f5875 track string-constants to regular expression uses 2023-01-06 13:17:31 +01:00
github-actions[bot]
cdb8f67601 Post-release preparation for codeql-cli-2.12.0 2023-01-06 10:36:34 +00:00
Jeroen Ketema
170242f79c Apply suggestions from code review 2023-01-05 17:57:19 +01:00
github-actions[bot]
b6a8193785 Release preparation for version 2.12.0 2023-01-05 16:32:14 +00:00
Aditya Sharad
9988c19a42 Merge branch 'main' into tutorial/library-pack 2023-01-03 14:08:37 -08:00
yoff
4480262bd1 Merge pull request #11244 from github/python/support-grouped-exceptions 
Python: support grouped exceptions
 2022-12-21 10:10:37 +01:00
Jami
c9258effb6 Merge pull request #11572 from jcogs33/jcogs33/model-top-jdk-apis 
Java: model top 100 JDK APIs
 2022-12-20 09:13:53 -05:00
Aditya Sharad
ed29b3e4d6 Shared packs: Depend on codeql/tutorial from all language libraries 
This allows `import tutorial` from queries targeting
any language, just like before, while removing the
duplicate copies of `tutorial.qll`.
 2022-12-19 15:52:11 -08:00
yoff
5f0cde5be7 Merge branch 'main' into python/support-grouped-exceptions 2022-12-19 13:38:25 +01:00
erik-krogh
6c8b1cf4be changes based on Python review 2022-12-19 11:20:31 +01:00
erik-krogh
ba7321ac5c add qldoc to RegExpCharEscape 2022-12-18 17:23:45 +01:00
erik-krogh
26c5480ee6 share {js,rb}/regex/missing-regexp-anchor 2022-12-18 17:23:41 +01:00
erik-krogh
355499ea52 move getACommonTld to the shared pack 2022-12-17 17:26:18 +01:00
erik-krogh
f67d0bc8c0 put the shared HostnameRegexp code in the shared regex pack 2022-12-17 17:26:18 +01:00