copilot-swe-agent[bot] 88b36c44df Add shutil.unpack_archive and subprocess tar extraction as TarSlip sources and sinks ...

- Add test cases for shutil.unpack_archive and subprocess.run(["tar", ...]) to tarslip.py
- Add ShutilUnpackArchiveSource/Sink for shutil.unpack_archive calls with non-literal filenames
- Add SubprocessTarExtractionSource/Sink for subprocess calls invoking tar with extraction flags
- Update TarSlip.expected with expected test output for new cases

Agent-Logs-Url: https://github.com/github/codeql/sessions/f31a3622-9b18-415f-85f1-62ec14a8319f

Co-authored-by: hvitved <3667920+hvitved@users.noreply.github.com>

2026-04-16 08:34:36 +00:00

..

.vscode

Python: add debug based on location snippet

2022-10-20 21:20:24 +02:00

config/suites/lgtm

Python: move AlertSuppression.ql

2022-12-19 12:39:01 +01:00

downgrades

Python: Add QL support for lazy imports

2026-04-10 14:25:08 +00:00

extractor

Python: Add QL support for lazy imports

2026-04-10 14:25:08 +00:00

old-change-notes

python: modern change note

2022-01-31 11:27:55 +01:00

PoCs

spelling: retrieval

2022-10-13 11:21:09 -04:00

ql

Add shutil.unpack_archive and subprocess tar extraction as TarSlip sources and sinks

2026-04-16 08:34:36 +00:00

scripts

Python: Add create-extractor-pack.sh for Python

2026-04-09 13:06:45 +00:00

tools

All languages: account for paths and paths-ignore in XML and other ancillary extraction

2026-01-06 12:48:01 +00:00

BUILD.bazel

Autoformat

2025-02-20 19:31:00 +00:00

codeql-extractor.yml

Turn on overlay support in codeql-extractor.yml

2025-10-06 11:36:54 +02:00