hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 22:46:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,065 Commits 1,712 Branches 163 Tags
fb95c488e8854e816ef8da12450ad262b47867a7
Commit Graph

21065 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rasmus Lerchedahl Petersen
fb95c488e8 Python: format 2021-04-07 08:20:52 +02:00
Rasmus Lerchedahl Petersen
094d2f3b7d Python: clean up tests 2021-04-06 22:59:58 +02:00
Rasmus Lerchedahl Petersen
a44490b470 Python: remove unused file 2021-04-06 22:56:07 +02:00
Rasmus Lerchedahl Petersen
0626684442 Python: small cleanups enabled by review 2021-04-06 22:55:32 +02:00
yoff
acf8fd0f03 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-04-06 22:45:03 +02:00
Rasmus Lerchedahl Petersen
6d72b4fd39 Python: Limit pretty printing to relevant nodes 2021-03-27 03:10:43 +01:00
Rasmus Lerchedahl Petersen
16902c2f56 Python: handle default argument 2021-03-27 02:40:13 +01:00
Rasmus Lerchedahl Petersen
7a511c5682 Python: update naming 2021-03-27 02:20:59 +01:00
Rasmus Lerchedahl Petersen
bd86388447 Python: Add typetracker to constrain attribute. 2021-03-27 01:07:15 +01:00
Rasmus Lerchedahl Petersen
bf81122fc6 Python: fix typo and add linebreaks 2021-03-26 23:37:19 +01:00
Rasmus Lerchedahl Petersen
e0352fe763 Python: remove deprecated section of qhelp file 2021-03-26 23:26:24 +01:00
Rasmus Lerchedahl Petersen
44d62df3f7 Python: Fix model of TLS and add reference 2021-03-26 17:51:18 +01:00
Rasmus Lerchedahl Petersen
470b4d8658 Python: Add missing qldoc 2021-03-26 17:35:36 +01:00
Rasmus Lerchedahl Petersen
98dfe1a00a Python: Elaborate qldoc and renames to match 2021-03-26 17:27:43 +01:00
Rasmus Lerchedahl Petersen
8155334fa7 Python: More elaborate qldoc 
also refactor code to match
 2021-03-26 15:57:07 +01:00
Rasmus Lerchedahl Petersen
7d7cbc49db Fix comments. 
This induced fixing the code, since things were wired up wrongly.
Currently the only implementation of `insecure_connection_creation`
is `ssl.wrap_socket`,
which is also the sole target of  py/insecure-default-protocol`,
so perhaps this part should be turned off?
 2021-03-26 14:20:38 +01:00
Rasmus Lerchedahl Petersen
2e948da3b4 Python: suggested refactor 2021-03-26 13:08:45 +01:00
Rasmus Lerchedahl Petersen
1be2be843d Python: update test expectations 2021-03-26 13:08:23 +01:00
Rasmus Lerchedahl Petersen
e936540863 Python: remove internal import 2021-03-26 08:22:09 +01:00
Rasmus Lerchedahl Petersen
f1619f1ee8 Python: "source" -> "contextOrigin" 2021-03-26 08:18:11 +01:00
Rasmus Lerchedahl Petersen
f14fb3bf9e Merge branch 'python-port-insecure-protocol' of github.com:yoff/codeql into python-port-insecure-protocol 2021-03-26 08:06:51 +01:00
yoff
936757b4bf Update python/ql/src/Security/CWE-327/FluentApiModel.qll 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-26 08:05:51 +01:00
Rasmus Lerchedahl Petersen
9488b8bb18 Python: actually rename 2021-03-26 00:31:56 +01:00
Rasmus Lerchedahl Petersen
554404575d Python: fix typo and name. 2021-03-26 00:29:40 +01:00
Rasmus Lerchedahl Petersen
c93e0c08fd Merge branch 'python-port-insecure-protocol' of github.com:yoff/codeql into python-port-insecure-protocol 2021-03-26 00:26:33 +01:00
yoff
54dad57cf4 Update python/ql/test/query-tests/Security/CWE-327/pyOpenSSL_fluent.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-26 00:25:40 +01:00
Rasmus Lerchedahl Petersen
2b257318f1 Python: more precise comment 2021-03-25 23:22:24 +01:00
yoff
62a0775cf6 Update python/ql/src/Security/CWE-327/examples/secure_protocol.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-25 23:09:11 +01:00
yoff
164b383fda Update python/ql/test/query-tests/Security/CWE-327/pyOpenSSL_fluent.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-03-19 19:12:13 +01:00
Rasmus Lerchedahl Petersen
e0e6d5724e Merge branch 'main' of github.com:github/codeql into python-port-insecure-protocol 2021-03-18 23:34:53 +01:00
yoff
746e9948b0 Merge pull request #5075 from RasmusWL/crypto 
Python: Port py/weak-crypto-key to use type-tracking
 2021-03-18 20:53:28 +01:00
Aditya Sharad
f4dc5b963b Merge pull request #5335 from Marcono1234/patch-1 
Add name to check-change-note.yml workflow
 2021-03-18 10:44:53 -07:00
Erik Krogh Kristensen
6bab41ce8b Merge pull request #5350 from JarLob/actions 
github actions queries
 2021-03-18 14:46:25 +01:00
Mathias Vorreiter Pedersen
c0e1df47a6 Merge pull request #5431 from MathiasVP/av-rule-79-use-gvn 
C++: Use GVN in AV Rule 79
 2021-03-18 12:35:26 +01:00
CodeQL CI
3b34bfd1c6 Merge pull request #5432 from asgerf/js/more-string-steps 
Approved by erik-krogh
 2021-03-18 04:16:07 -07:00
Asger Feldthaus
e30fa89405 JS: Update more test expectations 2021-03-18 10:04:39 +00:00
Rasmus Wriedt Larsen
7b92012edf Python: Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-03-18 10:58:49 +01:00
Jaroslav Lobačevski
a9ed3317bf Fix regex per suggestion 2021-03-18 11:54:55 +02:00
Mathias Vorreiter Pedersen
2abf4c068f C++: Use getAnExpr. Also extend the other recursive case similarly. 2021-03-18 08:42:10 +01:00
Jaroslav Lobačevski
7b6773c96a Update javascript/ql/src/experimental/semmle/javascript/Actions.qll 
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
 2021-03-17 19:49:03 +02:00
CodeQL CI
1d9f8c2d37 Merge pull request #5427 from RasmusWL/use-new-builtin-modeling 
Approved by yoff
 2021-03-17 09:07:36 -07:00
Jaroslav Lobačevski
e3bf308952 Removed positive lookbehind 2021-03-17 17:32:10 +02:00
Mathias Vorreiter Pedersen
834e35f192 C++: Add change-note. 2021-03-17 16:26:15 +01:00
Asger Feldthaus
ae410aabd6 JS: Add change note 2021-03-17 15:24:10 +00:00
Asger Feldthaus
e4d891cab5 JS: Add tests for flow through replace 2021-03-17 15:20:40 +00:00
Asger Feldthaus
9cfbb90591 JS: Add test case for insufficient replace-sanitizer 2021-03-17 15:20:40 +00:00
Asger Feldthaus
198bdcab26 JS: Make XSS MetacharEscapeSanitizer more precise 2021-03-17 15:20:40 +00:00
Asger Feldthaus
effa52f9e1 JS: Step through string replace callbacks 2021-03-17 15:15:49 +00:00
CodeQL CI
7c20c4a664 Merge pull request #5396 from asgerf/js/shared-taint-step 
Approved by erik-krogh, esbena
 2021-03-17 08:07:20 -07:00
Mathias Vorreiter Pedersen
a3f806bb1d Use GVN in AV rule 79. 2021-03-17 16:01:49 +01:00