hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,369 Commits 1,671 Branches 157 Tags
efda63d37ac274ea84d2acba34c88a8f75b30efd
Commit Graph

8480 Commits

Author SHA1 Message Date
Joe Farebrother
efda63d37a Update test output 2024-05-07 10:49:55 +01:00
Joe Farebrother
0f7325ec68 Rename test directory and add comment to clarity on the purpose of splitting them. 2024-05-07 09:40:55 +01:00
Joe Farebrother
53f69d9966 Reduce query tests with cases covered by concept tests 2024-04-24 14:05:42 +01:00
Joe Farebrother
8fb2faa89b Add additional info to concept tests 2024-04-24 14:05:41 +01:00
Joe Farebrother
2b935e575a Add concept tests + fix typo 2024-04-24 14:05:41 +01:00
Joe Farebrother
ec4c820391 Fix deprecation 2024-04-24 14:05:41 +01:00
Joe Farebrother
1dce2eb325 Rename to response splitting 2024-04-24 14:05:40 +01:00
Joe Farebrother
49e5f8a1a5 Add tests for instances of the header write concept 2024-04-24 14:05:40 +01:00
Joe Farebrother
f3b27d611a Add test case for validated wsgiref servers + fix typo 2024-04-24 14:05:40 +01:00
Joe Farebrother
f57ba3e642 Add change note 2024-04-24 14:05:40 +01:00
Joe Farebrother
d4a072818f Add more tests 2024-04-24 14:05:40 +01:00
Joe Farebrother
eeef062f7c Implement sinks for wsgiref + allow lists in bulk header updates + local flow 2024-04-24 14:05:39 +01:00
Joe Farebrother
9d56f3eb68 Fix qldoc formatting 2024-04-24 14:05:39 +01:00
Joe Farebrother
cf8db4e425 Update instances of experimental concept to the main one, and anotate missing experimental test results. 2024-04-24 14:05:39 +01:00
Joe Farebrother
daa31b5bb7 Add documentation 2024-04-24 14:05:38 +01:00
Joe Farebrother
8636a50190 Fix qldoc + remove deprecation from experimental concepts (as they are still used in another experimental query) 2024-04-24 14:05:38 +01:00
Joe Farebrother
fa28d94363 Added a sanitizer for replacing newlines. 2024-04-24 14:05:38 +01:00
Joe Farebrother
dbbc944f32 Correct spelling 2024-04-24 14:05:38 +01:00
Joe Farebrother
a88ad62c00 Implemented sinks for bulk header updates, and added corresponding tests. 2024-04-24 14:05:38 +01:00
Joe Farebrother
3e9341ff8a Model class instantiation for werkzueg headers 2024-04-24 14:05:37 +01:00
Joe Farebrother
b9984beb16 Add test cases 2024-04-24 14:05:37 +01:00
Joe Farebrother
68d90918cf Add to header write concept a specification of whether the name or value arg allows newlines. 
Ported sink defenitions from Flask and Werzeug from experimental to main.
Removed experimental sink definitions for Django, as neither name nor value are vulnerable.
 2024-04-24 14:05:37 +01:00
Joe Farebrother
25ffcb2fde Split into customizations file 2024-04-24 14:05:37 +01:00
Joe Farebrother
6021d9238c Move headers injection query and concept from experimental to main 2024-04-24 14:05:37 +01:00
Nick Rolfe
af72c0848e Merge pull request #16306 from github/nickrolfe/js-sensitive 
JS: do fewer regexp matches in SensitiveActions
 2024-04-24 09:49:44 +01:00
Nick Rolfe
003d208574 JS: do fewer regexp matches in SensitiveActions 2024-04-23 15:31:38 +01:00
Anders Schack-Mulligen
b2f09949df Merge pull request #15599 from aschackmull/dataflow/fieldflowbranchlimit-v2 
Dataflow: update fieldFlowBranchLimit semantics
 2024-04-23 10:08:05 +02:00
Taus
81246cd41a Python: Add missing QLDoc for isUnicode 2024-04-22 12:08:53 +00:00
Taus
bab461ffd1 Python: Add change note 2024-04-22 12:00:09 +00:00
Taus
58eaddf627 Python: Update all .expected files 
I'm beginning to realise why I didn't do the `toString` overriding way
back when. Thankfully, now that all of our tests are in the same place,
this is actually not a terrible ordeal.
 2024-04-22 12:00:09 +00:00
Taus
d51fcd4f2a Python: Change Str to StringLiteral 
As far as I can tell, this was the only occurrence of `Str` as a type
throughout the entire library.
 2024-04-22 12:00:09 +00:00
Taus
b484aee39e Python: Autoformat everything 
Of course, `StringLiteral` being much longer than `StrConst` meant a
bunch of files changed formatting.
 2024-04-22 12:00:09 +00:00
Taus
1c68c987b0 Python: Change all remaining occurrences of StrConst 
Done using
```
git grep StrConst | xargs sed -i 's/StrConst/StringLiteral/g'
```
 2024-04-22 12:00:09 +00:00
Taus
f6487d7b13 Python: Rename StrConst to StringLiteral 
Does a few things:
- Renames `StrConst` to `StringLiteral`, and deprecates the former.
- Also deprecates `Str`.
- Adds an override of `StringLiteral::toString` making it output
`"StringLiteral"` rather than the inherited `"Str"`. This ensures that
the AST viewer shows these nodes as the former type, not the latter.

There are a large number of uses of `StrConst` in the codebase. These
will be fixed in a later commit.
 2024-04-22 12:00:09 +00:00
Asger F
decd576a6b Merge pull request #15386 from asgerf/js/graph-export 
JS: Add library for exporting graphs as type models
 2024-04-18 11:56:17 +02:00
Alexander Eyers-Taylor
da3fa22cbd Merge pull request #16228 from github/post-release-prep/codeql-cli-2.17.1 
Post-release preparation for codeql-cli-2.17.1
 2024-04-17 11:24:34 +01:00
Asger F
93a9c62e29 Merge branch 'main' into js/graph-export 2024-04-17 09:19:59 +02:00
Taus
bf8307f78d Python: Fix flags test 
In 25cb52aa52 I accidentally introduced an extra `not` where none existed before. Whoops!
 2024-04-16 21:17:34 +02:00
Asger F
3335d48154 Sync files 2024-04-16 20:26:41 +02:00
Asger F
be64daf265 Merge branch 'main' into js/graph-export 2024-04-16 20:23:33 +02:00
Taus
48e367cb11 Python: Remove test with CRLF line endings 
These were causing `git` to behave strangely, leaving files that were
impossible to reset. In the future we should probably generate these
problematic test files on the fly, so that they don't have to exist in
the repo, but in the short run, it's easier to just remove them so as to
not block other users of the repo.
 2024-04-16 17:18:20 +00:00
Cornelius Riemenschneider
4cb0695646 Merge pull request #16229 from github/criemen/rules-pkg 
Upgrade rules_pkg to 0.10.1.
 2024-04-16 18:03:00 +02:00
Taus
c647f30576 Merge pull request #16212 from github/tausbn/python-add-copy-of-internal-tests 
Python: Add copy of internal tests
 2024-04-16 16:32:31 +02:00
Cornelius Riemenschneider
6ba27dc863 Upgrade rules_pkg to 0.10.1. 2024-04-16 16:29:56 +02:00
github-actions[bot]
622e176a16 Post-release preparation for codeql-cli-2.17.1 2024-04-16 14:21:32 +00:00
github-actions[bot]
9bfe4ea90a Release preparation for version 2.17.1 2024-04-15 17:34:47 +00:00
Taus
82057e2e46 Python: Autoformat tests 
I guess these were never considered back when we switched to
autoformatting everything.
 2024-04-15 15:27:21 +00:00
Taus
25cb52aa52 Python: Fix inefficient string comparison 2024-04-15 15:23:07 +00:00
Anders Schack-Mulligen
2f0987e980 Dataflow: Add dummy DataFlowSecondLevelScope implementations. 
These could be an empty type, but Unit was available and it probably
doesn't matter.
 2024-04-15 15:16:30 +02:00
Taus
8ec414d454 Python: Add copy of internal Python 3 tests 
Again, mostly extractor tests, and a single library test.
 2024-04-15 12:30:01 +00:00