hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,722 Commits 1,672 Branches 157 Tags
ef139f2ee9e5e63d53a80651b127ddec31926e3d
Commit Graph

7533 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
ef139f2ee9 Python: Delete XsltSinks.ql test 2023-08-17 15:45:07 +02:00
Rasmus Wriedt Larsen
779fe6498c Python: Rename to XsltInjection.ql 2023-08-17 15:45:07 +02:00
Rasmus Wriedt Larsen
0336c76871 Python: Rename template injection tests 2023-08-17 15:45:04 +02:00
Rasmus Wriedt Larsen
91edde72c4 Python: Port py/template-injection to new data-flow 
I kept all the modeling in _one_ file, since that makes it easy to work
with such an external contribution... and I would certainly propose this
file setup for the future 👍
 2023-08-17 15:44:26 +02:00
yoff
7f2f6f14e7 Merge pull request #13729 from yoff/python/model-aws-lambdas 
Python/JavaScript: Shared module for serverless functions
 2023-08-16 15:14:08 +02:00
yoff
b2988e5516 Update python/ql/lib/change-notes/2023-08-07-serverless-sources.md 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-08-16 12:56:39 +02:00
Rasmus Wriedt Larsen
c55b0982f7 Merge pull request #13819 from yoff/python/relax-module-resolution 
Python: Relax module resolution
 2023-08-16 12:04:49 +02:00
Rasmus Lerchedahl Petersen
6614e037ae Python: format 2023-08-15 21:40:20 +02:00
yoff
7eb41140ab Update python/ql/lib/semmle/python/Module.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-08-15 15:47:00 +02:00
Rasmus Lerchedahl Petersen
e6943ce98e Python: use standard test format 2023-08-15 15:26:18 +02:00
Rasmus Lerchedahl Petersen
8f70c9f950 Python: add comment about namespace packages 2023-08-15 12:02:02 +02:00
Erik Krogh Kristensen
6a3b9e10eb Merge pull request #13914 from erik-krogh/escape-unicode 
ReDoS: escape unicode chars in the output for the ReDoS queries
 2023-08-15 11:21:21 +02:00
Rasmus Wriedt Larsen
d12743d7c3 Merge pull request #13941 from yoff/python/test-nice-location 
Python: fix nice locations for import aliases
 2023-08-14 21:37:23 +02:00
yoff
d2a0b9a66c Update python/ql/lib/change-notes/2023-08-10-fix-alias-locations.md 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-08-14 10:55:00 +02:00
yoff
307f44339c Update python/ql/lib/change-notes/2023-08-08-relax-module-resolution.md 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2023-08-14 10:23:47 +02:00
Henry Mercer
1213eba630 Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
Rasmus Lerchedahl Petersen
3457f23db5 Python: Add change note 2023-08-10 20:53:43 +02:00
Rasmus Lerchedahl Petersen
e5cd3e8f64 Python: nice locations for import aliases 
These were computed wrongly before.
 2023-08-10 20:27:06 +02:00
Rasmus Lerchedahl Petersen
eac44e89d9 Python: test nice locations 
there are errors both on lines 2 and 3 due to
locations being computed wrongly.
 2023-08-10 14:21:16 +02:00
github-actions[bot]
432c21d4fb Post-release preparation for codeql-cli-2.14.2 2023-08-09 18:45:18 +00:00
Rasmus Wriedt Larsen
51a05286fa Merge pull request #13731 from pwntester/py/aiohttp_improvements 
Python: Aiohttp improvements
 2023-08-09 16:37:20 +02:00
Rasmus Lerchedahl Petersen
e47e77c438 Python: add change note 2023-08-08 12:17:23 +02:00
Rasmus Lerchedahl Petersen
f33aff42ad Python: missing result was fixed 2023-08-08 12:14:57 +02:00
Rasmus Lerchedahl Petersen
f865fa3050 Python: simplify using getSubscript 2023-08-08 11:16:35 +02:00
Rasmus Wriedt Larsen
4f47461f60 Python: Add requested test 2023-08-08 10:44:48 +02:00
erik-krogh
92db7b047c escape unicode chars in the output for the ReDoS queries 2023-08-08 00:15:54 +02:00
github-actions[bot]
79c90fa36a Release preparation for version 2.14.2 2023-08-07 18:08:52 +00:00
Rasmus Lerchedahl Petersen
957c0d6387 Python: move change note 2023-08-07 14:28:53 +02:00
Rasmus Lerchedahl Petersen
2f9172046b Python: change-note 2023-08-07 11:50:13 +02:00
Tom Hvitved
6c989b9c6b Python: Adjust to data flow refactor 2023-08-07 11:35:23 +02:00
Rasmus Lerchedahl Petersen
4dbaed9ec2 Python: add qldoc 2023-08-07 11:31:22 +02:00
Mathias Vorreiter Pedersen
abe3a816ce Merge pull request #13851 from MathiasVP/sink-without-states 
DataFlow: Support stateless `isSink` in `StateConfigSig`s
 2023-08-04 18:01:42 +02:00
Asger F
c38cbe859d Merge pull request #13737 from asgerf/dynamic/fuzzy-models 
Dynamic: add Fuzzy token
 2023-08-03 09:58:24 +02:00
Mathias Vorreiter Pedersen
3007fdab5e Sync identical files. 2023-08-02 14:33:33 +02:00
Anders Schack-Mulligen
b27a3a81bc Python: Adjust to use the qlpack data-flow api. 2023-08-01 14:02:33 +02:00
Owen Mansel-Chan
9b2b58a823 Sync files 2023-07-26 21:48:10 +01:00
Rasmus Lerchedahl Petersen
b2688bba7d Python: Relax module resolution 
Do not require modules to reside in a package
 2023-07-25 17:24:04 +02:00
github-actions[bot]
f91b7a9342 Post-release preparation for codeql-cli-2.14.1 2023-07-21 16:16:25 +00:00
github-actions[bot]
c936a920b0 Release preparation for version 2.14.1 2023-07-20 16:32:27 +00:00
Anders Schack-Mulligen
e72a0b2f8c Dataflow: Add change notes. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
ae24d68b5d C/C++/C#/Java/Python/Ruby/Swift: Adjust expected output. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
95d17045c9 Dataflow: Sync. 2023-07-19 11:41:15 +02:00
yoff
a1aa16f901 Merge pull request #13745 from GeekMasher/py-mad-xss 
Python - Add Models as Data support for Reflected XSS Query
 2023-07-18 13:39:17 +02:00
Mathew Payne
6ef55aa14f Update python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2023-07-17 15:44:38 +01:00
yoff
d032bf5c0e Merge pull request #13685 from RasmusWL/captured-variables-default-param-value 
Python: Model parameter with default value as `DefinitionNode`
 2023-07-17 14:25:13 +02:00
Mathew Payne
e3d75c488e Merge branch 'main' into py-mad-xss 2023-07-17 11:08:09 +01:00
Mathew Payne
cf65ab834d fix: formatting issue 2023-07-14 12:31:40 +01:00
Mathew Payne
4c1612f2dd feat: add change log notes 2023-07-14 12:28:51 +01:00
Mathew Payne
c292984338 feat: add MaD to XSS query 2023-07-14 12:25:54 +01:00
Rasmus Wriedt Larsen
0db535bdd7 Python: Minor naming update 2023-07-14 12:54:54 +02:00