-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Python: No longer use models-as-data CSV interface
- Loading branch information
Showing
4 changed files
with
29 additions
and
54 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
extensions: | ||
- addsTo: | ||
pack: codeql/python-all | ||
extensible: sinkModel | ||
data: | ||
# `Connection`s and `ConnectionPool`s provide some methods that execute SQL. | ||
- ['asyncpg.~Connection', 'Member[copy_from_query,execute,fetch,fetchrow,fetchval].Argument[0,query:]', 'sql-injection'] | ||
- ['asyncpg.~Connection', 'Member[executemany].Argument[0,command:]', 'sql-injection'] | ||
# A model of `Connection` and `ConnectionPool`, which provide some methods that access the file system. | ||
- ['asyncpg.~Connection', 'Member[copy_from_query,copy_from_table].Argument[output:]', 'path-injection'] | ||
- ['asyncpg.~Connection', 'Member[copy_to_table].Argument[source:]', 'path-injection'] | ||
# the `PreparedStatement` class in `asyncpg`. | ||
- ['asyncpg.Connection', 'Member[prepare].Argument[0,query:]', 'sql-injection'] | ||
|
||
- addsTo: | ||
pack: codeql/python-all | ||
extensible: typeModel | ||
data: | ||
# a `ConnectionPool` that is created when the result of `asyncpg.create_pool()` is awaited. | ||
- ['asyncpg.Connection', 'asyncpg.ConnectionPool', 'Member[acquire].ReturnValue.Awaited'] | ||
# a `Connection` that is created when | ||
# * - the result of `asyncpg.connect()` is awaited. | ||
# * - the result of calling `acquire` on a `ConnectionPool` is awaited. | ||
- ['asyncpg.Connection', 'asyncpg', 'Member[connect].ReturnValue.Awaited'] | ||
- ['asyncpg.Connection', 'asyncpg', 'Member[connection].Member[connect].ReturnValue.Awaited'] | ||
- ['asyncpg.ConnectionPool', 'asyncpg', 'Member[create_pool].ReturnValue.Awaited'] | ||
# Creating an internal `~Connection` type that contains both `Connection` and `ConnectionPool`. | ||
- ['asyncpg.~Connection', 'asyncpg.Connection', ''] | ||
- ['asyncpg.~Connection', 'asyncpg.ConnectionPool', ''] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 0 additions & 2 deletions
2
python/ql/test/library-tests/frameworks/data/warnings.expected
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters