hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-20 01:44:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,830 Commits 1,683 Branches 158 Tags
c36142f129e075dde82c4d82cc8a68d95f546ee9
Commit Graph

1010 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
5a51d2cc4c Merge pull request #3245 from BekaValentine/python-objectapi-to-valueapi-wrongnameforargumentinclassinstantiation 
Python: ObjectAPI to ValueAPI: WrongNameForArgumentInClassInstantiation
 2020-04-15 16:48:26 +02:00
Rasmus Wriedt Larsen
390959713a Merge pull request #3246 from BekaValentine/python-objectapi-to-valueapi-uselessclass 
Python: ObjectAPI to ValueAPI: UselessClass
 2020-04-15 16:45:02 +02:00
Taus
8402e6a2e1 Merge pull request #3243 from BekaValentine/python-objectapi-to-valueapi-incorrectlyspecifiedoverriddenmethod 
Python: ObjectAPI to ValueAPI: IncorrectlySpecifiedOverriddenMethod
 2020-04-14 18:55:42 +02:00
Taus
3e46604fa5 Merge pull request #3223 from BekaValentine/python-objectapi-to-valueapi-iterreturnsnoniterator 
Python: ObjectAPI to ValueAPI: IterReturnsNonIterator
 2020-04-14 12:55:21 +02:00
Taus
d9a2429de8 Merge pull request #3244 from BekaValentine/python-objectapi-to-valueapi-wrongnumberargumentsinclassinstantiation 
Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInClassInstantiation
 2020-04-14 12:46:29 +02:00
semmle-qlci
52b76b1373 Merge pull request #3233 from RasmusWL/python-use-getAbsolutePath 
Approved by BekaValentine
 2020-04-14 10:43:24 +01:00
semmle-qlci
2e95cab970 Merge pull request #3234 from RasmusWL/python-modenise-files 
Approved by BekaValentine
 2020-04-14 10:38:26 +01:00
Rebecca Valentine
8e91f10030 Python: ObjectAPI to ValueAPI: UselessClass: Adds preliminary modernization 2020-04-09 15:25:38 -07:00
Rebecca Valentine
339758fa70 Python: ObjectAPI to ValueAPI: WrongNameForArgumentInClassInstantiation: Adds preliminary modernization 2020-04-09 15:04:44 -07:00
Rebecca Valentine
8dc1933a02 Python: ObjectAPI to ValueAPI: WrongNumberArgumentsInClassInstantiation: Adds preliminary modernization 2020-04-09 14:58:30 -07:00
Rebecca Valentine
336e48c5c6 Python: ObjectAPI to ValueAPI: IncorrectlySpecifiedOverriddenMethod: Adds preliminary modernization 2020-04-09 14:50:26 -07:00
Rebecca Valentine
7a586c97a4 Python: ObjectAPI to ValueAPI: IterReturnsNonIterature: Replaces custom return_type predicate with call to getAnInferredReturnType 2020-04-09 14:30:40 -07:00
Pavel Avgustinov
6737e99d65 Merge pull request #3209 from hmakholm/baselib-extractor 
Add extractor field in base language QL packs
 2020-04-09 15:24:49 +01:00
Rasmus Wriedt Larsen
a2440f0fcd Python: Modernise semmle/python/dataflow/Files.qll 2020-04-08 16:53:19 +02:00
Rasmus Wriedt Larsen
32c04ad765 Python: Use getAbsolutePath() instead of deprecated getName() 2020-04-08 16:46:33 +02:00
Rebecca Valentine
c2443f2342 Python: ObjectAPI to ValueAPI: OverlyComplexDelMethod: Adds preliminary modernization 2020-04-07 21:31:35 -07:00
Rebecca Valentine
0d65db148f Python: ObjectAPI to ValueAPI: IterReturnsNonIterator: Adds preliminary modernization 2020-04-07 21:14:25 -07:00
Henning Makholm
bf579dedd4 Add extractor field in base language QL packs 2020-04-06 18:48:01 +02:00
Robert
1096e5d947 Merge pull request #3163 from robertbrignull/code_scanning_suites 
Add code-scanning suites
 2020-04-06 08:45:40 +01:00
Rebecca Valentine
be86c9c066 Python: ObjectAPI to ValueAPI: IterReturnsNonSelf: ObjectAPI.qll: Explains why getAnInferredReturnType is weird for builtins 2020-04-03 15:16:16 -07:00
Rebecca Valentine
64b17888e5 Python: ObjectAPI to ValueAPI: IterReturnsNonSelf: ObjectAPI.qll: Reorganizes getAnInferredReturnType() 2020-04-03 15:14:25 -07:00
Rebecca Valentine
712fb8badc Python: ObjectAPI to ValueAPI: IterReturnsNonSelf: Autoformats 2020-04-02 09:19:41 -07:00
Rebecca Valentine
cdda80623d Merge branch 'master' into python-objectapi-to-valueapi-iterreturnsnonself 2020-04-02 09:16:23 -07:00
semmle-qlci
6757924183 Merge pull request #3157 from tausbn/python-fix-analysis-qhelp-link 
Approved by felicitymay
 2020-04-02 11:43:15 +01:00
Taus
d540bf6ce5 Merge pull request #3039 from BekaValentine/python-objectapi-to-valueapi-returnvalueignored 
Python: ObjectAPI to ValueAPI: ReturnValueIgnored
 2020-04-02 11:42:01 +02:00
Rebecca Valentine
cc53b15a5d Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Reorganizes predicates 2020-04-01 14:41:49 -07:00
Rebecca Valentine
09349f1957 Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Autoformats 2020-04-01 12:54:42 -07:00
Rebecca Valentine
28319ee0f7 Python: ObjectAPI to ValueAPI: SignatureOverriddenMethod: Autoformats 2020-04-01 12:32:21 -07:00
Rebecca Valentine
838e37ca98 Python: ObjectAPI to ValueAPI: ReturnValueIgnore: Moves getAnInferredType to CallableObjectInternal 2020-04-01 08:45:27 -07:00
Rebecca Valentine
97b4077162 Merge branch 'master' into python-objectapi-to-valueapi-signatureoverriddenmethod 2020-04-01 07:42:10 -07:00
Rebecca Valentine
12377badf9 Merge branch 'master' into python-objectapi-to-valueapi-returnvalueignored 2020-04-01 07:37:17 -07:00
Rasmus Wriedt Larsen
f8f51109d0 Python: Add missing ` in qldoc 2020-04-01 12:07:19 +02:00
Rebecca Valentine
093eb71433 Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Adds getAReturnType 2020-04-01 00:17:12 -07:00
Rebecca Valentine
eb4a567a34 Merge branch 'master' into python-objectapi-to-valueapi-signatureoverriddenmethod 2020-03-31 23:36:15 -07:00
Rebecca Valentine
0b2db56051 Python: ObjectAPI to ValueAPI: ObjectAPI.qll: Fixes error in isIterator 2020-03-31 22:15:21 -07:00
Rebecca Valentine
42388b0d97 Python: ObjectAPI to ValueAPI: ReturnValueIgnored: Adds prototype version of getAnInferredReturnType 2020-03-31 22:11:58 -07:00
Rasmus Wriedt Larsen
0b4bfed726 Merge pull request #3156 from tausbn/python-autoformat-all-ql-files 
Python: Autoformat all `.ql` files.
 2020-03-30 16:24:18 +02:00
Taus Brock-Nannestad
2229e34466 Python: Fix outdated link in ImportFailure.qhelp. 2020-03-30 13:14:37 +02:00
Taus Brock-Nannestad
ab4cef53c2 Python: Autoformat one final straggler. 2020-03-30 12:36:43 +02:00
Taus Brock-Nannestad
727cde31c9 Python: Autoformat a few final stragglers. 2020-03-30 12:30:14 +02:00
Taus Brock-Nannestad
6eb9c6f84d Merge branch 'master' into python-autoformat-almost-everything 2020-03-30 12:24:01 +02:00
Taus Brock-Nannestad
87a9f51c78 Python: Autoformat all .ql files. 2020-03-30 11:59:10 +02:00
Robert Brignull
90fad6f762 add code scanning suites 2020-03-27 17:03:23 +00:00
Rasmus Wriedt Larsen
d55acc38df Python: Constrain execution paths for taint_at_depth 
Thanks Taus!
 2020-03-27 16:20:08 +01:00
Rasmus Wriedt Larsen
96d1fc8c0b Python: Fix iterable-unpacking taint CP 
When running ql/python/ql/src/Security/CWE-079/ReflectedXss.ql against the
database for flask.

Iitially there were 10 million result-tuples for iterable_unpacking_descent.

With this change, we're down to roughly 2100,
 2020-03-26 16:42:48 +01:00
semmle-qlci
ac7c74dcee Merge pull request #3111 from RasmusWL/python-fabric-command-injection 
Approved by BekaValentine
 2020-03-25 10:07:33 +00:00
Taus
fe00d1cbf4 Merge pull request #2888 from RasmusWL/python-tarslip-sanitizer 
Python: Improve tarslip sanitizer
 2020-03-24 12:59:20 +01:00
Rasmus Wriedt Larsen
4b8020b98d Python: Autoformat Command.qll 2020-03-24 10:11:57 +01:00
Rasmus Wriedt Larsen
b567205579 Python: Model fabric v1.x command injection sinks 2020-03-23 17:49:56 +01:00
Rasmus Wriedt Larsen
a57eadaeb6 Python: Model fabric/invoke command injection sinks 2020-03-23 17:33:41 +01:00