Data

Tools

Indexes

Applications

Experiments

Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / github/codeql issues and pull requests

Labelled with: Python

#14628 - Ruby: Summarized type-tracking stores should target post-update nodes

Pull Request - State: closed - Opened by hvitved over 2 years ago
Labels: Python, no-change-note-required, Ruby

#14617 - Python: module for import time flow

Pull Request - State: closed - Opened by yoff over 2 years ago
Labels: Python, no-change-note-required

#14603 - JavaScript/Python/Ruby: Improve alert message for `*/weak-cryptographic-algorithm`.

Pull Request - State: open - Opened by max-schaefer over 2 years ago
Labels: JS, Python, no-change-note-required, Ruby

#14591 - Python: Minor cleanup for string pool interaction

Pull Request - State: open - Opened by RasmusWL over 2 years ago
Labels: Python, no-change-note-required

#14590 - Python: Fix dataflow consistency error due to missing class scope

Pull Request - State: open - Opened by RasmusWL over 2 years ago
Labels: Python, no-change-note-required

#14573 - Move `FlowSummaryImpl.qll` to `dataflow` pack

Pull Request - State: open - Opened by hvitved over 2 years ago
Labels: C#, JS, documentation, Python, Ruby, DataFlow Library

#14531 - Post-release preparation for codeql-cli-2.15.1

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14519 - Release preparation for version 2.15.1

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14513 - Python: Improve `yield` modeling

Pull Request - State: closed - Opened by RasmusWL over 2 years ago - 1 comment
Labels: documentation, Python

#14499 - Release preparation for version 2.15.0

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14446 - Python: exclude loops from `varBlockStep`

Pull Request - State: closed - Opened by yoff over 2 years ago - 1 comment
Labels: Python

#14443 - Post-release preparation for codeql-cli-2.15.0

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14427 - Post-release preparation for codeql-cli-2.15.0

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14417 - Python: Add missing flow for `AssignmentExpr` nodes

Pull Request - State: open - Opened by tausbn over 2 years ago - 1 comment
Labels: Python, no-change-note-required

#14406 - Python: New FileSystem Access

Pull Request - State: open - Opened by amammad over 2 years ago
Labels: Python

#14403 - All: delete outdated deprecations

Pull Request - State: closed - Opened by erik-krogh over 2 years ago - 1 comment
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14389 - Release preparation for version 1.1.1

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14381 - Add skeleton bazel files for accessing the dbschemes.

Pull Request - State: closed - Opened by criemen over 2 years ago - 1 comment
Labels: C#, JS, C++, Java, Python

#14377 - Post-release preparation for codeql-cli-2.15.0

Pull Request - State: open - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14375 - Release preparation for version 2.15.0

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14367 - Merge `rc/3.11` into `main`

Pull Request - State: closed - Opened by henrymercer over 2 years ago - 1 comment
Labels: C#, JS, C++, documentation, Mergeback, Java, Python, Go, Ruby, QL-for-QL, Swift, DataFlow Library

#14353 - Python - Add Django RestFramework request handler args + kwargs

Pull Request - State: open - Opened by GeekMasher over 2 years ago
Labels: Python

#14352 - Python - Add Django Request attributes for RestFramework

Pull Request - State: closed - Opened by GeekMasher over 2 years ago - 1 comment
Labels: Python

#14341 - Python - Add support for RestFramework ModelViewSet functions

Pull Request - State: closed - Opened by GeekMasher over 2 years ago
Labels: documentation, Python

#14339 - JS/PY/RB/Java: escape unicode chars in overly-large-range

Pull Request - State: closed - Opened by erik-krogh over 2 years ago - 2 comments
Labels: JS, Java, Python, Ruby

#14321 - All languages: Use shared FileSystem library and minor regex performance improvement.

Pull Request - State: closed - Opened by aschackmull over 2 years ago - 11 comments
Labels: C#, JS, C++, depends on internal PR, Java, Python, no-change-note-required, Go, Ruby, QL-for-QL

#14317 - Python: Improve computation of regex fragments inside string parts

Pull Request - State: closed - Opened by yoff over 2 years ago - 1 comment
Labels: documentation, Python, Awaiting evaluation

#14307 - Python: switch regex location tests to inline expectations

Pull Request - State: closed - Opened by yoff over 2 years ago
Labels: Python, no-change-note-required

#14305 - Shared: add in/out barriers with flow state

Pull Request - State: closed - Opened by asgerf over 2 years ago - 2 comments
Labels: C#, C++, documentation, Java, Python, Go, Ruby, Swift, DataFlow Library

#14299 - Dataflow: Make use of defaults for language-specific hooks.

Pull Request - State: closed - Opened by aschackmull over 2 years ago
Labels: C#, C++, Java, Python, no-change-note-required, Go, Ruby, Swift, DataFlow Library

#14292 - Python: Improve source-location information for RegExpTerms.

Pull Request - State: closed - Opened by max-schaefer over 2 years ago - 1 comment
Labels: documentation, Python

#14289 - 16 cryptography models libraries and queries migration

Pull Request - State: closed - Opened by ropwareJB over 2 years ago - 7 comments
Labels: C++, documentation, Python

#14271 - Post-release preparation for codeql-cli-2.14.6

Pull Request - State: closed - Opened by codeql-ci over 2 years ago - 1 comment
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14256 - Release preparation for version 2.14.6

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14248 - Python: Add debug queries

Pull Request - State: closed - Opened by RasmusWL over 2 years ago
Labels: Python, no-change-note-required

#14245 - Python: Modernize modeling of `BaseHTTPRequestHandler`

Pull Request - State: closed - Opened by RasmusWL over 2 years ago
Labels: Python, no-change-note-required

#14187 - Use Specific Python Virtual Environment Dependency

Issue - State: open - Opened by MattePalte over 2 years ago - 4 comments
Labels: question, Python

#14178 - Python: import all frameworks in SQL-injection query

Pull Request - State: closed - Opened by yoff over 2 years ago
Labels: Python, no-change-note-required

#14177 - C#: Quoting hotfix.

Pull Request - State: closed - Opened by michaelnebel over 2 years ago - 2 comments
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14174 - Post-release preparation for codeql-cli-2.14.4

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14160 - Py: add new qhelp for clear-text-logging

Pull Request - State: closed - Opened by erik-krogh over 2 years ago - 1 comment
Labels: documentation, Python

#14158 - Python: Fix typo in SSRF example

Pull Request - State: closed - Opened by RasmusWL over 2 years ago
Labels: Python

#14152 - Post-release preparation for codeql-cli-2.14.4

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14147 - Release preparation for version 2.14.4

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14145 - Python: Support for command injection sinks found in the `asyncio` module

Pull Request - State: closed - Opened by p- over 2 years ago - 1 comment
Labels: documentation, Python

#14139 - Revert "Python: Use new dataflow API"

Pull Request - State: closed - Opened by RasmusWL over 2 years ago - 2 comments
Labels: documentation, Python, no-change-note-required

#14120 - Dynamic: add TypeModel.isTypeUsed

Pull Request - State: open - Opened by asgerf over 2 years ago
Labels: JS, Python, Ruby

#14114 - Python: Allow namespace packages

Pull Request - State: closed - Opened by yoff over 2 years ago - 1 comment
Labels: documentation, Python

#14100 - Data flow: Add consistency checks to shared ql pack

Pull Request - State: closed - Opened by hvitved over 2 years ago
Labels: C#, C++, Java, Python, no-change-note-required, Ruby, Swift, DataFlow Library

#14091 - Release preparation for version 2.14.4

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14084 - Python: Remove XSS FP from use of `flask.jsonify`

Pull Request - State: closed - Opened by RasmusWL over 2 years ago - 1 comment
Labels: documentation, Python

#14080 - Add Jsonify (Flask) As Sanitizer for XSS

Pull Request - State: closed - Opened by Kwstubbs over 2 years ago - 1 comment
Labels: Python

#14074 - Post-release preparation for codeql-cli-2.14.3

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#14070 - Python: promote nosql query

Pull Request - State: closed - Opened by yoff over 2 years ago - 7 comments
Labels: documentation, Python

#14068 - Python: Use new dataflow API

Pull Request - State: closed - Opened by RasmusWL over 2 years ago - 2 comments
Labels: documentation, Python, no-change-note-required

#14067 - Python: Adopt tests to new `DataflowQueryTest`

Pull Request - State: closed - Opened by RasmusWL over 2 years ago
Labels: Python, no-change-note-required

#14059 - Python: Fix stdlib sinks in LogInjection query

Pull Request - State: closed - Opened by RasmusWL over 2 years ago
Labels: Python, no-change-note-required

#14037 - Python: Fix tests

Pull Request - State: closed - Opened by RasmusWL over 2 years ago
Labels: Python

#14027 - ReDoS: limit concretize to strings of at most length 100

Pull Request - State: closed - Opened by erik-krogh over 2 years ago - 4 comments
Labels: JS, Java, Python, Ruby, Swift

#14009 - python: allow namespace packages as packages

Pull Request - State: open - Opened by yoff over 2 years ago
Labels: Python

#14004 - Question: Extending Query (UnsafeDeserialization.ql) for CWE-502

Issue - State: open - Opened by krasnopg over 2 years ago - 1 comment
Labels: question, Python

#13998 - Release preparation for version 2.14.3

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#13990 - Python: Port old experimental points-to based queries

Pull Request - State: closed - Opened by RasmusWL over 2 years ago - 2 comments
Labels: documentation, Python

#13975 - Python: parse mode chars should not be considered chars

Pull Request - State: closed - Opened by yoff over 2 years ago - 1 comment
Labels: Python, no-change-note-required

#13941 - Python: fix nice locations for import aliases

Pull Request - State: closed - Opened by yoff over 2 years ago - 4 comments
Labels: documentation, Python

#13918 - Post-release preparation for codeql-cli-2.14.2

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#13901 - Data flow: Refactor shared library

Pull Request - State: closed - Opened by hvitved over 2 years ago
Labels: C#, C++, Java, Python, no-change-note-required, Go, Ruby, Swift, DataFlow Library

#13881 - Introduce shared taint tracking library

Pull Request - State: closed - Opened by jketema over 2 years ago - 7 comments
Labels: C#, C++, documentation, Java, Python, Go, Ruby, Swift

#13866 - False positive: Cyclic import in Python

Issue - State: open - Opened by abadger over 2 years ago - 1 comment
Labels: Python, false-positive

#13851 - DataFlow: Support stateless `isSink` in `StateConfigSig`s

Pull Request - State: closed - Opened by MathiasVP over 2 years ago - 7 comments
Labels: C#, C++, documentation, Java, Python, Go, Ruby, Swift

#13819 - Python: Relax module resolution

Pull Request - State: closed - Opened by yoff over 2 years ago - 3 comments
Labels: documentation, Python

#13782 - Python: Add `shlex.quote` as `py/shell-command-constructed-from-input` sanitizer

Pull Request - State: closed - Opened by jorgectf over 2 years ago - 6 comments
Labels: documentation, Python

#13779 - Python: Understand multiple parse mode flags specified in a regular expression string

Pull Request - State: closed - Opened by geoffw0 over 2 years ago - 6 comments
Labels: documentation, Python

#13738 - Python: Include all assignments in data flow paths

Pull Request - State: closed - Opened by RasmusWL over 2 years ago - 2 comments
Labels: documentation, Python

#13729 - Python/JavaScript: Shared module for serverless functions

Pull Request - State: closed - Opened by yoff over 2 years ago - 1 comment
Labels: JS, documentation, Python

#13727 - JS: Add 'vulnerableCallModel' extension point

Pull Request - State: open - Opened by asgerf over 2 years ago
Labels: JS, Python, Ruby

#13695 - DataFlow: Remove unnecessary/redundant implementations of `isBarrier/2` and `isAdditionalFlowStep/4`

Pull Request - State: open - Opened by egregius313 over 2 years ago
Labels: C#, C++, Java, Python, no-change-note-required, Go, Ruby, Swift

#13694 - DataFlow: Add default implementations of isBarrier/2 and isAddiitonalFlowStep/4

Pull Request - State: open - Opened by egregius313 over 2 years ago
Labels: C#, C++, Java, Python, no-change-note-required, Go, Ruby, Swift, DataFlow Library

#13690 - Post-release preparation for codeql-cli-2.14.0

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#13685 - Python: Model parameter with default value as `DefinitionNode`

Pull Request - State: closed - Opened by RasmusWL over 2 years ago - 6 comments
Labels: documentation, Python

#13684 - Release preparation for version 2.14.0

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#13683 - Ruby: exclude Object class from API graph

Pull Request - State: closed - Opened by asgerf over 2 years ago
Labels: documentation, Python, Ruby

#13681 - Mergeback `rc/3.10` -> `main`

Pull Request - State: closed - Opened by dbartol over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#13679 - DataFlow: Speed up the big step relation

Pull Request - State: open - Opened by MathiasVP over 2 years ago
Labels: C#, C++, Java, Python, no-change-note-required, Go, Ruby, Swift, DataFlow Library

#13677 - Release preparation for version 2.14.0

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#13676 - Python: Relax restriction of flow through `async with`

Pull Request - State: closed - Opened by RasmusWL over 2 years ago - 1 comment
Labels: documentation, Python

#13670 - Python: Add `markupsafe` as XXE sanitizer

Pull Request - State: closed - Opened by jorgectf over 2 years ago
Labels: Python, no-change-note-required

#13643 - Rework the remaining inline expectation tests to use the parameterized module

Pull Request - State: open - Opened by jketema over 2 years ago
Labels: documentation, Python

#13640 - [Python] Configuration Injection query

Pull Request - State: closed - Opened by Sim4n6 over 2 years ago - 2 comments
Labels: documentation, Python, external-contribution

#13638 - Remove pragma[assume_small_delta]

Pull Request - State: closed - Opened by cklin over 2 years ago - 3 comments
Labels: C#, JS, C++, Java, Python, no-change-note-required, Go, Ruby, QL-for-QL, Swift, DataFlow Library

#13630 - Post-release preparation for codeql-cli-2.13.5

Pull Request - State: closed - Opened by codeql-ci over 2 years ago
Labels: C#, JS, C++, documentation, Java, Python, Go, Ruby, Swift

#13561 - Python: Flask & Django Constant Secret Key initialization

Pull Request - State: closed - Opened by amammad over 2 years ago - 18 comments
Labels: documentation, Python, no-change-note-required, external-contribution

#13557 - Python: Decompression Bombs

Pull Request - State: open - Opened by amammad over 2 years ago - 4 comments
Labels: documentation, Python, external-contribution

#13557 - Python: Decompression Bombs

Pull Request - State: closed - Opened by am0o0 over 2 years ago - 9 comments
Labels: documentation, Python, external-contribution

#13469 - ReDoS: stop spuriously matching everything when encountering an unsupported charclass

Pull Request - State: open - Opened by erik-krogh over 2 years ago
Labels: JS, Java, Python, Ruby

#13468 - ReDoS: stop spuriously matching everything when encountering an unsupported charclass

Pull Request - State: open - Opened by erik-krogh over 2 years ago - 2 comments
Labels: JS, Java, Python, Ruby

#13461 - Go: show FunctionModel steps in path summaries

Pull Request - State: open - Opened by owen-mc over 2 years ago
Labels: C#, C++, Java, Python, Go, Ruby, Swift, DataFlow Library

#13455 - Dataflow: add language-specific hook for breaking up big step relation

Pull Request - State: open - Opened by owen-mc over 2 years ago - 3 comments
Labels: C#, C++, Java, Python, no-change-note-required, Go, Ruby, Swift, DataFlow Library

#13452 - Re-factor printing of summary component stacks.

Pull Request - State: closed - Opened by michaelnebel over 2 years ago - 2 comments
Labels: C#, Java, Python, no-change-note-required, Go, Ruby, Swift, DataFlow Library

#13441 - Shared: support quoted operands in access path components

Pull Request - State: open - Opened by asgerf over 2 years ago
Labels: C#, JS, Java, Python, Go, Ruby, Swift