hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-30 23:58:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,330 Commits 1,673 Branches 157 Tags
c7d30087d11ff203b8af00a9cacb8331f1d34fe0
Commit Graph

763 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
fb0133d276 Python: Fix Flask request.files modeling 2022-05-02 14:14:58 +02:00
Rasmus Wriedt Larsen
0c62916af5 Python: Highlight problem with Flask request.files modeling 2022-05-02 14:14:53 +02:00
Erik Krogh Kristensen
d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00
Erik Krogh Kristensen
acac8919b3 PY: update expected output for deprecation warning in test file 2022-04-22 15:28:31 +02:00
Erik Krogh Kristensen
ff73dbc35c delete redundant imports 2022-04-22 12:55:28 +02:00
Erik Krogh Kristensen
a96489b23d delete duplicate imports 2022-04-22 12:41:30 +02:00
Rasmus Wriedt Larsen
650d57083b Python: Recognize path arguments to pathlib methods 2022-04-22 11:01:59 +02:00
Rasmus Wriedt Larsen
bcaba45202 Python: Expand pathlib tests 2022-04-22 11:01:59 +02:00
Rasmus Wriedt Larsen
059dea713d Python: Fix os.path.samefile modeling 2022-04-22 11:01:59 +02:00
Sebastian Bauersfeld
a3c3a7fe0d Python: Identify alternative body argument in invocations of Response constructor. 2022-03-30 19:34:54 +07:00
yoff
5efc19c39d Merge pull request #7806 from erik-krogh/pyDef 
Python: Add def nodes to API graphs
 2022-03-28 08:09:14 +02:00
Rasmus Wriedt Larsen
ae1ba11d57 Merge branch 'main' into orm 2022-03-16 11:23:14 +01:00
Rasmus Wriedt Larsen
461e2f3663 Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-03-16 10:43:20 +01:00
Erik Krogh Kristensen
3bf5e06d53 delete all dead code 2022-03-14 13:03:31 +01:00
Erik Krogh Kristensen
755b0bbcb9 PY: update tests to not use deleted deprecations 2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
61e282da84 PY: delete test that mostly used deleted deprecated features 2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
309e376c6d PY: convert test to not use deleted deprecations 2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
d5a76e8c98 Python: delete test that only used deprecated classes 2022-03-09 18:28:12 +01:00
Erik Krogh Kristensen
a1769f8036 Python: add default implementation of getName() and deprecate it 2022-03-09 18:28:12 +01:00
Taus
7b877fb317 Merge pull request #8336 from tausbn/python-fix-a-bunch-of-ql-warnings 
Python: Fix a bunch of QL warnings
 2022-03-09 16:31:28 +01:00
Taus
d2603884ca Python: Fix a bunch of class QLDoc 2022-03-07 18:59:49 +00:00
Taus
af7f532212 Python: Fix up a bunch of function QLDoc 2022-03-07 18:59:49 +00:00
haby0
7e6666bc63 Merge branch 'main' into py/add-ssrf-sinks 2022-03-07 12:09:14 +08:00
Rasmus Wriedt Larsen
f620e2599d Merge branch 'main' into py/add-ssrf-sinks 2022-03-04 11:50:12 +01:00
Rasmus Wriedt Larsen
02a97b08bb Python: Move urllib and urllib2 to be part of stdlib modeling 2022-03-04 11:31:47 +01:00
Rasmus Wriedt Larsen
c65839bb77 Python: improve urllib3 modeling 2022-03-04 11:25:14 +01:00
Rasmus Wriedt Larsen
7d6d8be179 Python: Fix httpx modeling 2022-03-04 11:07:51 +01:00
Rasmus Wriedt Larsen
40feb1fb8d Python: SPURIOUS results for httpx 2022-03-04 11:03:32 +01:00
yoff
d0a393e8d1 Update python/ql/test/library-tests/frameworks/stdlib/XPathExecution.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2022-03-04 10:56:53 +01:00
Rasmus Lerchedahl Petersen
143e9ee954 Merge branch 'main' of github.com:github/codeql into python/promote-xpath-injection 2022-03-02 13:14:08 +01:00
Rasmus Lerchedahl Petersen
80be767a7a python: implement stdlib xpath support 2022-03-02 12:59:34 +01:00
Rasmus Lerchedahl Petersen
06e0f140c5 python: add tests for stdlib xpath 2022-03-02 12:58:37 +01:00
Rasmus Wriedt Larsen
27d5349a74 Python: ORM: Remove imports from test code 
These are no longer needed, as data-flow now has this import by default
 2022-03-01 15:39:52 +01:00
Rasmus Lerchedahl Petersen
f55d7d627e python: model XPathEvaluator 2022-03-01 14:40:13 +01:00
Rasmus Lerchedahl Petersen
3bb17be389 python: add concept and library tests 2022-03-01 14:39:28 +01:00
Rasmus Wriedt Larsen
cd58c12bbe Merge branch 'main' into orm 2022-03-01 12:01:54 +01:00
Arthur Baars
5ce6b847d1 Merge pull request #8166 from aibaars/regex-char-sequence-1 
Ruby/Python: regex parser: group sequences of 'normal' characters
 2022-02-28 17:47:53 +01:00
Rasmus Wriedt Larsen
8afd560c64 Python: ORM: Handle load of PolymorphicModels 2022-02-28 16:38:41 +01:00
Rasmus Wriedt Larsen
48fba87273 Python: ORM: add flow to base-class 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
6b9dd49499 Python: ORM: Model polymorphic.models.PolymorphicModel as Django ORM class 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
e1191cf63c Python: ORM: Add tests for inheritance 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
092cfceb18 Python: Add dataflow consistency checks to ORM tests 
Luckily they passed :phew:
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
ed36ff1570 Python: ORM: Handle <Model>.objects.[<QuerySet>].update() 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
fea46b642d Python: ORM: Handle <Model>.objects.create and friends 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
9b458b54aa Python: ORM: Add flow to collection/dict queries 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
9cff4cbd1c Python: ORM: Add a few more tests 
There were a few methods I had overlooked
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
ae057c74cc Python: ORM: Store step for constructor 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
f8a51bb994 Python: ORM: Add data-flow steps for Django ORM 
Added dummy-whitespace to `orm_security_tests.py` so it would be
possible to see what the reflected XSS results are in the diff
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
d3f07cdc10 Python: ORM: Add qltests 
Which shows that there is no flow yet, which is not really a surprise :D
 2022-02-28 16:38:40 +01:00
Rasmus Wriedt Larsen
c78fed6594 Python: ORM: Add raw python test files 
no ql test files yet though, will come in next commit.
 2022-02-28 16:38:40 +01:00