hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,611 Commits 1,672 Branches 157 Tags
ea4c2e432100cb15e4ad5448d02c36153a6f9f95
Commit Graph

15 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
9195b73d84 Python: Model getpass.getpass as source of passwords 2022-11-22 14:11:52 +01:00
Rasmus Wriedt Larsen
80e71b202a Python: Cleartext queires: Remove flow from getpass.py 2022-11-22 14:08:00 +01:00
Rasmus Wriedt Larsen
9342e3ba76 Python: Enable new test 
But look at all those elements from getpass.py implementation :(
 2022-11-22 13:59:59 +01:00
Rasmus Wriedt Larsen
e01df3ea7c Python: Prepare for new test 
.expected line changes 😠
 2022-11-22 13:52:50 +01:00
erik-krogh
6fdfd40880 changes to address reviews 2022-10-07 22:31:00 +02:00
erik-krogh
944ca4a0da fix some more style-guide violations in the alert-messages 2022-10-07 11:23:34 +02:00
Rasmus Wriedt Larsen
5f6e3dcc2e Python: Revert changes to sensitive data query alert messages 
This partly reverts the changes from https://github.com/github/codeql/pull/10252

Although consistency is nice, the new messages didn't sound as natural.

New alert message would read

> Insecure hashing algorithm (md5) depends on sensitive data (password). (...)

I'm not sure what it means that a hashing algorithm depends on data. So
for me, the original text below is much easier to understand.

> Sensitive data (password) is used in a hashing algorithm (md5) that is insecure (...)

Same goes for the other sensitive data queries.
 2022-09-06 12:01:24 +02:00
erik-krogh
089ce5a8a4 change alert messages of path queries to use the same template 2022-09-02 14:45:40 +02:00
Rasmus Wriedt Larsen
f53dce3a83 Python: Apply suggestions from code review 
Co-authored-by: Taus <tausbn@github.com>
 2022-01-20 14:20:15 +01:00
Rasmus Wriedt Larsen
e82e648ca1 Python: Remove usernames as sensitive source for cleartext queries 
Closes #6363, #6927, #6726, #7497, #7116
 2022-01-19 15:25:21 +01:00
Rasmus Wriedt Larsen
f3daff4e5a Python: Add FP tests for cleartext logging 2022-01-19 15:13:06 +01:00
Anders Schack-Mulligen
f30dad7705 Dataflow: Update test expected outputs. 2021-09-07 13:02:20 +02:00
Rasmus Wriedt Larsen
9573048ee8 Python: Port py/clear-text-logging-sensitive-data 2021-06-25 14:35:31 +02:00
Rasmus Wriedt Larsen
e2facd0981 Python: Expand cleartext query tests 2021-06-23 10:50:04 +02:00
Rasmus Wriedt Larsen
5506365b0e Python: Split cleartext tests 2021-06-23 10:50:04 +02:00