hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-14 19:29:28 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,291 Commits 1,758 Branches 167 Tags
b229066891bab3ecc52aa3bfe534c5886493bb41
Commit Graph

3237 Commits

Author SHA1 Message Date
Taus
b229066891 Python: Add with 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:41 +00:00
Taus
0acbb12fb9 Python: More simple statements 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:41 +00:00
Taus
542efce4a6 Python: assignments 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:41 +00:00
Taus
2db400aebd Python: Attributes 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:41 +00:00
Taus
66bbb60614 Python: Function calls 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:41 +00:00
Taus
971beb2d89 Python: Assert statements 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:41 +00:00
Taus
ea204ac75f Python: Support various literals 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:41 +00:00
Taus
dc0344e2fc Python: More AstNodeImpl improvements 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:41 +00:00
Taus
9974584102 Python: Instantiate CFG module fully 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:40 +00:00
Taus
6086b999f6 Python: Use fields everywhere in new AST classes 
Co-authored-by: yoff <yoff@github.com>
 2026-05-05 15:21:40 +00:00
Taus
d62e116fc2 Python: First stab at shared control-flow 2026-05-05 15:21:40 +00:00
Josef Svenningsson
68be006a29 Merge pull request #21641 from github/josefs/promptInjectionImprovements 
Improve prompt inject for Python
 2026-04-29 11:23:52 +01:00
Josef Svenningsson
bb18bb084c Improve prompt inject for Python 2026-04-28 18:24:16 +01:00
Owen Mansel-Chan
6efb21314a Merge pull request #21523 from owen-mc/docs/mad/barriers 
Document models-as-data barriers and barrier guards and add change notes
 2026-04-21 13:49:19 +01:00
Michael B. Gale
58e9bad0a0 Merge pull request #21737 from github/post-release-prep/codeql-cli-2.25.3 
Post-release preparation for codeql-cli-2.25.3
 2026-04-21 11:48:30 +02:00
Taus
b108e173a5 Merge pull request #21695 from github/tausbn/python-add-support-for-pep-798 
Python: Add support for PEP-798
 2026-04-20 15:01:01 +02:00
github-actions[bot]
a0bab539bb Post-release preparation for codeql-cli-2.25.3 2026-04-20 12:40:34 +00:00
github-actions[bot]
c861d99802 Release preparation for version 2.25.3 2026-04-20 09:27:23 +00:00
Owen Mansel-Chan
8f17b73796 Fix link formatting in change notes 2026-04-14 15:27:37 +01:00
Owen Mansel-Chan
c86ba38a4e Add change notes 2026-04-14 15:27:31 +01:00
Henry Mercer
43c9b95e6f Merge branch 'main' into post-release-prep/codeql-cli-2.25.2 2026-04-14 13:56:52 +01:00
Taus
15790aa00c Python: Add change note 2026-04-14 13:27:31 +02:00
Taus
c748fdf8ee Merge pull request #21694 from github/tausbn/python-add-support-for-pep-810 
Python: Add support for PEP 810
 2026-04-14 13:27:08 +02:00
Owen Mansel-Chan
7458674470 Merge pull request #21584 from owen-mc/shared/update-mad-comments 
Shared: update code comments explaining models-as-data format to include barriers and barrier guards
 2026-04-14 09:30:28 +01:00
Taus
86020d9eed Python: Add change note 2026-04-10 14:43:30 +00:00
Taus
1ddfed6b6b Python: Add QL support for lazy imports 
Adds a new `isLazy` predicate to the relevant classes, and adds the
relevant dbscheme (and up/downgrade) changes. On upgrades we do nothing,
and on downgrades we remove the `is_lazy` bits.
 2026-04-10 14:25:08 +00:00
Taus
16683aee0e Merge pull request #21590 from github/tausbn/python-improve-bind-all-interfaces-query 
Python: Improve "bind all interfaces" query
 2026-04-07 17:59:48 +02:00
github-actions[bot]
242090e0ac Post-release preparation for codeql-cli-2.25.2 2026-04-06 13:49:20 +00:00
github-actions[bot]
4fe2f6d2b4 Release preparation for version 2.25.2 2026-04-06 10:30:38 +00:00
Óscar San José
59eec7ffa2 Merge branch 'main' of https://github.com/github/codeql into post-release-prep/codeql-cli-2.25.1 2026-03-30 10:51:12 +02:00
github-actions[bot]
ce6e6d5db3 Post-release preparation for codeql-cli-2.25.1 2026-03-30 08:43:48 +00:00
Owen Mansel-Chan
37aac05964 Replace branch with acceptingValue 2026-03-27 22:39:10 +00:00
Owen Mansel-Chan
10fddc7b96 Add barriers and barrier guards to MaD format explanations 2026-03-27 09:47:24 +00:00
yoff
08e115056d Merge pull request #21519 from github/tausbn/python-port-no-alert-change 2026-03-27 08:44:28 +01:00
Taus
c439fc5d45 Python: Replace type tracking with global data-flow 
This takes care of most of the false negatives from the preceding
commit.

Additionally, we add models for some known wrappers of `socket.socket`
from the `gevent` and `eventlet` packages.
 2026-03-26 15:35:33 +00:00
github-actions[bot]
fb011842c9 Release preparation for version 2.25.1 2026-03-25 23:43:06 +00:00
github-actions[bot]
8cf0954796 Release preparation for version 2.25.1 2026-03-25 08:28:30 +00:00
Taus
ac48eca916 Python: Use cls.getMethod instead of getName 2026-03-23 15:26:00 +00:00
Taus
93e35661e6 Python: Make isNewType more precise 
For module-level metaclass declarations, we now also check that the
right hand side in a `__metaclass__ = type` assignment is in fact the
built-in `type`.
 2026-03-23 15:22:24 +00:00
Taus
a276f721f7 Python: Add ternary overridesMethod 
This one also allows easy access to the method being overridden and the
class on which it resides. This let's us simplify DocStrings.ql
accordingly.
 2026-03-23 15:21:27 +00:00
Taus
56c83e250e Python: Make comment more precise 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-23 15:09:27 +01:00
Taus
50b3b7ee1f Python: Add DuckTyping::hasUnreliableMro 
Primarily used to filter out false positives in cases where our MRO
approximation may be wrong.
 2026-03-20 13:30:29 +00:00
Taus
c04b615a07 Python: Extend DuckTyping module 
Adds `overridesMethod` and `isPropertyAccessor`.
 2026-03-20 13:28:45 +00:00
Taus
b57e92164c Python: Add declares/getAttribute API 
These could arguably be moved to `Class` itself, but for now I'm
choosing to limit the changes to the `DuckTyping` module (until we
decide on a proper API).
 2026-03-20 13:28:45 +00:00
Taus
cd92162920 Python: Add DuckTyping::isNewStyle 
Approximates the behaviour of `Types::isNewStyle` but without depending
on points-to
 2026-03-20 13:28:45 +00:00
Taus
33ed6034f6 Python: Introduce DuckTyping module 
This module (which for convenience currently resides inside
`DataFlowDispatch`, but this may change later) contains convenience
predicates for bridging the gap between the data-flow layer and the old
points-to analysis.
 2026-03-20 13:28:44 +00:00
Taus
f4841e1f39 Python: Use API graphs instead of points-to for simple built-ins 
Also extends the list of known built-ins slightly, to add some that were
missing.
 2026-03-20 13:28:44 +00:00
Óscar San José
2139b97628 Merge branch 'main' into post-release-prep/codeql-cli-2.25.0 2026-03-19 13:07:00 +01:00
github-actions[bot]
e3dbf5b022 Post-release preparation for codeql-cli-2.25.0 2026-03-16 16:03:22 +00:00
Taus
a99b3f2c3b Merge pull request #21459 from github/tausbn/python-fix-missing-relative-imports 
Python: Fix resolution of relative imports from namespace packages
 2026-03-16 14:59:44 +01:00