[krishnprakash/codeql] fd7b12: Python: Add overlay annotations to AST classes
0 views
Skip to first unread message
Phileco
Feb 21, 2026, 10:07:45 PM (12 days ago) Feb 21
to philecodi...@googlegroups.com
Branch: refs/heads/main
Home: https://github.com/krishnprakash/codeql
Commit: fd7b123ee38957e99ac0cedf83fee8cd0e5cc2f7
https://github.com/krishnprakash/codeql/commit/fd7b123ee38957e99ac0cedf83fee8cd0e5cc2f7
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/AstExtended.qll
M python/ql/lib/semmle/python/AstGenerated.qll
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Comment.qll
M python/ql/lib/semmle/python/Comprehensions.qll
M python/ql/lib/semmle/python/Constants.qll
M python/ql/lib/semmle/python/Exprs.qll
M python/ql/lib/semmle/python/Files.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/Function.qll
M python/ql/lib/semmle/python/GuardedControlFlow.qll
M python/ql/lib/semmle/python/Import.qll
M python/ql/lib/semmle/python/Keywords.qll
M python/ql/lib/semmle/python/Module.qll
M python/ql/lib/semmle/python/Operations.qll
M python/ql/lib/semmle/python/Patterns.qll
M python/ql/lib/semmle/python/SSA.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/Stmts.qll
M python/ql/lib/semmle/python/Variables.qll
M python/ql/lib/semmle/python/essa/Definitions.qll
M python/ql/lib/semmle/python/essa/Essa.qll
M python/ql/lib/semmle/python/essa/SsaCompute.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/lib/semmle/python/types/Builtins.qll
M python/ql/lib/semmle/python/types/ImportTime.qll
Log Message:
-----------
Python: Add overlay annotations to AST classes
... and everything else that it depends on.
Commit: 51ebec91649184d0ca1c21d7d606405a7a464d38
https://github.com/krishnprakash/codeql/commit/51ebec91649184d0ca1c21d7d606405a7a464d38
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
M python/ql/src/Variables/LoopVariableCapture/LoopVariableCaptureQuery.qll
M python/ql/src/analysis/ImportFailure.ql
Log Message:
-----------
Python: Fix broken queries
Commit: df0f2f8ce4cc271e4b0c5b7e06d10c42a97ffe97
https://github.com/krishnprakash/codeql/commit/df0f2f8ce4cc271e4b0c5b7e06d10c42a97ffe97
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/ApiGraphs.qll
M python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Builtins.qll
M python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/ImportStar.qll
M python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/frameworks/Flask.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/ModelsAsData.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/lib/semmle/python/internal/Awaited.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/test/library-tests/dataflow/summaries/TestSummaries.qll
M python/ql/test/library-tests/dataflow/typetracking-summaries/TestSummaries.qll
Log Message:
-----------
Python: Simple dataflow annotations
None of these required any changes to the dataflow libraries, so it
seemed easiest to put them in their own commit.
Commit: c46c662b726dc65e9740b0b0972d07145ffd919b
https://github.com/krishnprakash/codeql/commit/c46c662b726dc65e9740b0b0972d07145ffd919b
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
Log Message:
-----------
Python: `LocalSources.qll` annotations
Commit: bd71db87be090782b3bd67694117bc1ccf818ba0
https://github.com/krishnprakash/codeql/commit/bd71db87be090782b3bd67694117bc1ccf818ba0
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll
Log Message:
-----------
Python: `DataFlowPublic.qll` annotations
Commit: 7ea96c43ec44a97cb6d10cc9294a675e140c2ee3
https://github.com/krishnprakash/codeql/commit/7ea96c43ec44a97cb6d10cc9294a675e140c2ee3
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
Log Message:
-----------
Python: `DataFlowPrivate.qll` annotations
Commit: 306d7d1b5db7871e666bac18fa8deb286c71f5c8
https://github.com/krishnprakash/codeql/commit/306d7d1b5db7871e666bac18fa8deb286c71f5c8
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
Log Message:
-----------
Python: `DataFlowDispatch.qll` annotations
Commit: 248932db7a5abea60d4330670fa05d2a6531e3bb
https://github.com/krishnprakash/codeql/commit/248932db7a5abea60d4330670fa05d2a6531e3bb
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/test/library-tests/frameworks/data/warnings.ql
Log Message:
-----------
Python: Fix `frameworks/data/warnings.ql`
Commit: 72f5109ec23ff34589c16fc9563a4066967792cb
https://github.com/krishnprakash/codeql/commit/72f5109ec23ff34589c16fc9563a4066967792cb
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/Flow.qll
Log Message:
-----------
Python: Add more `overlay[caller]` to `Flow.qll`
These were causing the repo `gufolabs/noc` to spend ~30 seconds
evaluating `ControlFlowNode.strictlyDominates`. Just in case, I added
`overlay[caller] to the other instances of `pragma[inline]` as well.
Commit: 987b10ab3e7c731e1d3f709d997ef0c156770e3b
https://github.com/krishnprakash/codeql/commit/987b10ab3e7c731e1d3f709d997ef0c156770e3b
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/frameworks/Requests.qll
Log Message:
-----------
Python: Fix bad join in `OutgoingRequestCall`
On `keras-team/keras`, this was producing ~200 million intermediate
tuples in order to produce a total of ... 2 tuples.
After the refactor, max intermediate tuple count is ~80k for the
charpred (and 4 for the new helper predicate).
Commit: 304cd12fff6627723b5bf7a013f1f3156e6255a3
https://github.com/krishnprakash/codeql/commit/304cd12fff6627723b5bf7a013f1f3156e6255a3
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/objects/TObject.qll
Log Message:
-----------
Python: Fix bad join in `missing_imported_module`
This caused a ~30x blowup in intermediate tuples, now back to baseline.
Commit: cd62cdadff1ce9c14f521a06660954774a76cf77
https://github.com/krishnprakash/codeql/commit/cd62cdadff1ce9c14f521a06660954774a76cf77
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
Log Message:
-----------
Python: Fix bad join in `returnStep`
Commit: 3d4785f29f9794c5e8610daf448092de3bcd861d
https://github.com/krishnprakash/codeql/commit/3d4785f29f9794c5e8610daf448092de3bcd861d
Author: Taus <tau...@github.com>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
A python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md
Log Message:
-----------
Python: Add change note
Commit: 480ae619e6e499dfe9da2bbdc512a30d3f481b00
https://github.com/krishnprakash/codeql/commit/480ae619e6e499dfe9da2bbdc512a30d3f481b00
Author: Taus <tau...@github.com>
Date: 2026-02-21 (Sat, 21 Feb 2026)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
A python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md
M python/ql/lib/semmle/python/ApiGraphs.qll
M python/ql/lib/semmle/python/AstExtended.qll
M python/ql/lib/semmle/python/AstGenerated.qll
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Comment.qll
M python/ql/lib/semmle/python/Comprehensions.qll
M python/ql/lib/semmle/python/Constants.qll
M python/ql/lib/semmle/python/Exprs.qll
M python/ql/lib/semmle/python/Files.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/Function.qll
M python/ql/lib/semmle/python/GuardedControlFlow.qll
M python/ql/lib/semmle/python/Import.qll
M python/ql/lib/semmle/python/Keywords.qll
M python/ql/lib/semmle/python/Module.qll
M python/ql/lib/semmle/python/Operations.qll
M python/ql/lib/semmle/python/Patterns.qll
M python/ql/lib/semmle/python/SSA.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/Stmts.qll
M python/ql/lib/semmle/python/Variables.qll
M python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Builtins.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll
M python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/ImportStar.qll
M python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
M python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/essa/Definitions.qll
M python/ql/lib/semmle/python/essa/Essa.qll
M python/ql/lib/semmle/python/essa/SsaCompute.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/frameworks/Flask.qll
M python/ql/lib/semmle/python/frameworks/Requests.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/ModelsAsData.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/lib/semmle/python/internal/Awaited.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/lib/semmle/python/objects/TObject.qll
M python/ql/lib/semmle/python/types/Builtins.qll
M python/ql/lib/semmle/python/types/ImportTime.qll
M python/ql/src/Variables/LoopVariableCapture/LoopVariableCaptureQuery.qll
M python/ql/src/analysis/ImportFailure.ql
M python/ql/test/library-tests/dataflow/summaries/TestSummaries.qll
M python/ql/test/library-tests/dataflow/typetracking-summaries/TestSummaries.qll
M python/ql/test/library-tests/frameworks/data/warnings.ql
Log Message:
-----------
Merge pull request #21116 from github/tausbn/python-add-dataflow-overlay-annotations
Add `overlay[local]` annotations
Commit: 33044af7f3e7ff3141d7111192a81514b7a9df9d
https://github.com/krishnprakash/codeql/commit/33044af7f3e7ff3141d7111192a81514b7a9df9d
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-02-22 (Sun, 22 Feb 2026)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
A python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md
M python/ql/lib/semmle/python/ApiGraphs.qll
M python/ql/lib/semmle/python/AstExtended.qll
M python/ql/lib/semmle/python/AstGenerated.qll
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Comment.qll
M python/ql/lib/semmle/python/Comprehensions.qll
M python/ql/lib/semmle/python/Constants.qll
M python/ql/lib/semmle/python/Exprs.qll
M python/ql/lib/semmle/python/Files.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/Function.qll
M python/ql/lib/semmle/python/GuardedControlFlow.qll
M python/ql/lib/semmle/python/Import.qll
M python/ql/lib/semmle/python/Keywords.qll
M python/ql/lib/semmle/python/Module.qll
M python/ql/lib/semmle/python/Operations.qll
M python/ql/lib/semmle/python/Patterns.qll
M python/ql/lib/semmle/python/SSA.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/Stmts.qll
M python/ql/lib/semmle/python/Variables.qll
M python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Builtins.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll
M python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/ImportStar.qll
M python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
M python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/essa/Definitions.qll
M python/ql/lib/semmle/python/essa/Essa.qll
M python/ql/lib/semmle/python/essa/SsaCompute.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/frameworks/Flask.qll
M python/ql/lib/semmle/python/frameworks/Requests.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/ModelsAsData.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/lib/semmle/python/internal/Awaited.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/lib/semmle/python/objects/TObject.qll
M python/ql/lib/semmle/python/types/Builtins.qll
M python/ql/lib/semmle/python/types/ImportTime.qll
M python/ql/src/Variables/LoopVariableCapture/LoopVariableCaptureQuery.qll
M python/ql/src/analysis/ImportFailure.ql
M python/ql/test/library-tests/dataflow/summaries/TestSummaries.qll
M python/ql/test/library-tests/dataflow/typetracking-summaries/TestSummaries.qll
M python/ql/test/library-tests/frameworks/data/warnings.ql
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/25e4ee80588a...33044af7f3e7
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Home: https://github.com/krishnprakash/codeql
Commit: fd7b123ee38957e99ac0cedf83fee8cd0e5cc2f7
https://github.com/krishnprakash/codeql/commit/fd7b123ee38957e99ac0cedf83fee8cd0e5cc2f7
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/AstExtended.qll
M python/ql/lib/semmle/python/AstGenerated.qll
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Comment.qll
M python/ql/lib/semmle/python/Comprehensions.qll
M python/ql/lib/semmle/python/Constants.qll
M python/ql/lib/semmle/python/Exprs.qll
M python/ql/lib/semmle/python/Files.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/Function.qll
M python/ql/lib/semmle/python/GuardedControlFlow.qll
M python/ql/lib/semmle/python/Import.qll
M python/ql/lib/semmle/python/Keywords.qll
M python/ql/lib/semmle/python/Module.qll
M python/ql/lib/semmle/python/Operations.qll
M python/ql/lib/semmle/python/Patterns.qll
M python/ql/lib/semmle/python/SSA.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/Stmts.qll
M python/ql/lib/semmle/python/Variables.qll
M python/ql/lib/semmle/python/essa/Definitions.qll
M python/ql/lib/semmle/python/essa/Essa.qll
M python/ql/lib/semmle/python/essa/SsaCompute.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/lib/semmle/python/types/Builtins.qll
M python/ql/lib/semmle/python/types/ImportTime.qll
Log Message:
-----------
Python: Add overlay annotations to AST classes
... and everything else that it depends on.
Commit: 51ebec91649184d0ca1c21d7d606405a7a464d38
https://github.com/krishnprakash/codeql/commit/51ebec91649184d0ca1c21d7d606405a7a464d38
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
M python/ql/src/Variables/LoopVariableCapture/LoopVariableCaptureQuery.qll
M python/ql/src/analysis/ImportFailure.ql
Log Message:
-----------
Python: Fix broken queries
Commit: df0f2f8ce4cc271e4b0c5b7e06d10c42a97ffe97
https://github.com/krishnprakash/codeql/commit/df0f2f8ce4cc271e4b0c5b7e06d10c42a97ffe97
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/ApiGraphs.qll
M python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Builtins.qll
M python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/ImportStar.qll
M python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/frameworks/Flask.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/ModelsAsData.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/lib/semmle/python/internal/Awaited.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/test/library-tests/dataflow/summaries/TestSummaries.qll
M python/ql/test/library-tests/dataflow/typetracking-summaries/TestSummaries.qll
Log Message:
-----------
Python: Simple dataflow annotations
None of these required any changes to the dataflow libraries, so it
seemed easiest to put them in their own commit.
Commit: c46c662b726dc65e9740b0b0972d07145ffd919b
https://github.com/krishnprakash/codeql/commit/c46c662b726dc65e9740b0b0972d07145ffd919b
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
Log Message:
-----------
Python: `LocalSources.qll` annotations
Commit: bd71db87be090782b3bd67694117bc1ccf818ba0
https://github.com/krishnprakash/codeql/commit/bd71db87be090782b3bd67694117bc1ccf818ba0
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll
Log Message:
-----------
Python: `DataFlowPublic.qll` annotations
Commit: 7ea96c43ec44a97cb6d10cc9294a675e140c2ee3
https://github.com/krishnprakash/codeql/commit/7ea96c43ec44a97cb6d10cc9294a675e140c2ee3
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
Log Message:
-----------
Python: `DataFlowPrivate.qll` annotations
Commit: 306d7d1b5db7871e666bac18fa8deb286c71f5c8
https://github.com/krishnprakash/codeql/commit/306d7d1b5db7871e666bac18fa8deb286c71f5c8
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
Log Message:
-----------
Python: `DataFlowDispatch.qll` annotations
Commit: 248932db7a5abea60d4330670fa05d2a6531e3bb
https://github.com/krishnprakash/codeql/commit/248932db7a5abea60d4330670fa05d2a6531e3bb
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/test/library-tests/frameworks/data/warnings.ql
Log Message:
-----------
Python: Fix `frameworks/data/warnings.ql`
Commit: 72f5109ec23ff34589c16fc9563a4066967792cb
https://github.com/krishnprakash/codeql/commit/72f5109ec23ff34589c16fc9563a4066967792cb
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/Flow.qll
Log Message:
-----------
Python: Add more `overlay[caller]` to `Flow.qll`
These were causing the repo `gufolabs/noc` to spend ~30 seconds
evaluating `ControlFlowNode.strictlyDominates`. Just in case, I added
`overlay[caller] to the other instances of `pragma[inline]` as well.
Commit: 987b10ab3e7c731e1d3f709d997ef0c156770e3b
https://github.com/krishnprakash/codeql/commit/987b10ab3e7c731e1d3f709d997ef0c156770e3b
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/frameworks/Requests.qll
Log Message:
-----------
Python: Fix bad join in `OutgoingRequestCall`
On `keras-team/keras`, this was producing ~200 million intermediate
tuples in order to produce a total of ... 2 tuples.
After the refactor, max intermediate tuple count is ~80k for the
charpred (and 4 for the new helper predicate).
Commit: 304cd12fff6627723b5bf7a013f1f3156e6255a3
https://github.com/krishnprakash/codeql/commit/304cd12fff6627723b5bf7a013f1f3156e6255a3
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/objects/TObject.qll
Log Message:
-----------
Python: Fix bad join in `missing_imported_module`
This caused a ~30x blowup in intermediate tuples, now back to baseline.
Commit: cd62cdadff1ce9c14f521a06660954774a76cf77
https://github.com/krishnprakash/codeql/commit/cd62cdadff1ce9c14f521a06660954774a76cf77
Author: Taus <tau...@github.com>
Date: 2026-02-16 (Mon, 16 Feb 2026)
Changed paths:
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
Log Message:
-----------
Python: Fix bad join in `returnStep`
Commit: 3d4785f29f9794c5e8610daf448092de3bcd861d
https://github.com/krishnprakash/codeql/commit/3d4785f29f9794c5e8610daf448092de3bcd861d
Author: Taus <tau...@github.com>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
A python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md
Log Message:
-----------
Python: Add change note
Commit: 480ae619e6e499dfe9da2bbdc512a30d3f481b00
https://github.com/krishnprakash/codeql/commit/480ae619e6e499dfe9da2bbdc512a30d3f481b00
Author: Taus <tau...@github.com>
Date: 2026-02-21 (Sat, 21 Feb 2026)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
A python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md
M python/ql/lib/semmle/python/ApiGraphs.qll
M python/ql/lib/semmle/python/AstExtended.qll
M python/ql/lib/semmle/python/AstGenerated.qll
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Comment.qll
M python/ql/lib/semmle/python/Comprehensions.qll
M python/ql/lib/semmle/python/Constants.qll
M python/ql/lib/semmle/python/Exprs.qll
M python/ql/lib/semmle/python/Files.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/Function.qll
M python/ql/lib/semmle/python/GuardedControlFlow.qll
M python/ql/lib/semmle/python/Import.qll
M python/ql/lib/semmle/python/Keywords.qll
M python/ql/lib/semmle/python/Module.qll
M python/ql/lib/semmle/python/Operations.qll
M python/ql/lib/semmle/python/Patterns.qll
M python/ql/lib/semmle/python/SSA.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/Stmts.qll
M python/ql/lib/semmle/python/Variables.qll
M python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Builtins.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll
M python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/ImportStar.qll
M python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
M python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/essa/Definitions.qll
M python/ql/lib/semmle/python/essa/Essa.qll
M python/ql/lib/semmle/python/essa/SsaCompute.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/frameworks/Flask.qll
M python/ql/lib/semmle/python/frameworks/Requests.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/ModelsAsData.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/lib/semmle/python/internal/Awaited.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/lib/semmle/python/objects/TObject.qll
M python/ql/lib/semmle/python/types/Builtins.qll
M python/ql/lib/semmle/python/types/ImportTime.qll
M python/ql/src/Variables/LoopVariableCapture/LoopVariableCaptureQuery.qll
M python/ql/src/analysis/ImportFailure.ql
M python/ql/test/library-tests/dataflow/summaries/TestSummaries.qll
M python/ql/test/library-tests/dataflow/typetracking-summaries/TestSummaries.qll
M python/ql/test/library-tests/frameworks/data/warnings.ql
Log Message:
-----------
Merge pull request #21116 from github/tausbn/python-add-dataflow-overlay-annotations
Add `overlay[local]` annotations
Commit: 33044af7f3e7ff3141d7111192a81514b7a9df9d
https://github.com/krishnprakash/codeql/commit/33044af7f3e7ff3141d7111192a81514b7a9df9d
Author: Phileco <132178579+k...@users.noreply.github.com>
Date: 2026-02-22 (Sun, 22 Feb 2026)
Changed paths:
M python/ql/lib/analysis/DefinitionTracking.qll
A python/ql/lib/change-notes/2026-02-18-add-overlay-annotations.md
M python/ql/lib/semmle/python/ApiGraphs.qll
M python/ql/lib/semmle/python/AstExtended.qll
M python/ql/lib/semmle/python/AstGenerated.qll
M python/ql/lib/semmle/python/Class.qll
M python/ql/lib/semmle/python/Comment.qll
M python/ql/lib/semmle/python/Comprehensions.qll
M python/ql/lib/semmle/python/Constants.qll
M python/ql/lib/semmle/python/Exprs.qll
M python/ql/lib/semmle/python/Files.qll
M python/ql/lib/semmle/python/Flow.qll
M python/ql/lib/semmle/python/Function.qll
M python/ql/lib/semmle/python/GuardedControlFlow.qll
M python/ql/lib/semmle/python/Import.qll
M python/ql/lib/semmle/python/Keywords.qll
M python/ql/lib/semmle/python/Module.qll
M python/ql/lib/semmle/python/Operations.qll
M python/ql/lib/semmle/python/Patterns.qll
M python/ql/lib/semmle/python/SSA.qll
M python/ql/lib/semmle/python/Scope.qll
M python/ql/lib/semmle/python/Stmts.qll
M python/ql/lib/semmle/python/Variables.qll
M python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
M python/ql/lib/semmle/python/dataflow/new/internal/Builtins.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
M python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll
M python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/ImportStar.qll
M python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
M python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll
M python/ql/lib/semmle/python/dataflow/new/internal/TypeTrackingImpl.qll
M python/ql/lib/semmle/python/dataflow/new/internal/VariableCapture.qll
M python/ql/lib/semmle/python/essa/Definitions.qll
M python/ql/lib/semmle/python/essa/Essa.qll
M python/ql/lib/semmle/python/essa/SsaCompute.qll
M python/ql/lib/semmle/python/essa/SsaDefinitions.qll
M python/ql/lib/semmle/python/frameworks/Flask.qll
M python/ql/lib/semmle/python/frameworks/Requests.qll
M python/ql/lib/semmle/python/frameworks/Stdlib.qll
M python/ql/lib/semmle/python/frameworks/data/ModelsAsData.qll
M python/ql/lib/semmle/python/frameworks/data/internal/ApiGraphModelsSpecific.qll
M python/ql/lib/semmle/python/internal/Awaited.qll
M python/ql/lib/semmle/python/internal/CachedStages.qll
M python/ql/lib/semmle/python/objects/TObject.qll
M python/ql/lib/semmle/python/types/Builtins.qll
M python/ql/lib/semmle/python/types/ImportTime.qll
M python/ql/src/Variables/LoopVariableCapture/LoopVariableCaptureQuery.qll
M python/ql/src/analysis/ImportFailure.ql
M python/ql/test/library-tests/dataflow/summaries/TestSummaries.qll
M python/ql/test/library-tests/dataflow/typetracking-summaries/TestSummaries.qll
M python/ql/test/library-tests/frameworks/data/warnings.ql
Log Message:
-----------
Merge branch 'github:main' into main
Compare: https://github.com/krishnprakash/codeql/compare/25e4ee80588a...33044af7f3e7
To unsubscribe from these emails, change your notification settings at https://github.com/krishnprakash/codeql/settings/notifications
Reply all
Reply to author
Forward
0 new messages