Python: Autoformat

Author: RasmusWL

python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidationQuery.qll

@@ -36,8 +36,7 @@ private module UnicodeBypassValidationConfig implements DataFlow::StateConfigSig
   }
 
   predicate isAdditionalFlowStep(
-    DataFlow::Node nodeFrom, FlowState stateFrom, DataFlow::Node nodeTo,
-    FlowState stateTo
+    DataFlow::Node nodeFrom, FlowState stateFrom, DataFlow::Node nodeTo, FlowState stateTo
   ) {
     (
       exists(Escaping escaping | nodeFrom = escaping.getAnInput() and nodeTo = escaping.getOutput())

python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.ql

@@ -32,7 +32,9 @@ module PossibleTimingAttackAgainstHashFlow = TaintTracking::Global<PossibleTimin
 
 import PossibleTimingAttackAgainstHashFlow::PathGraph
 
-from PossibleTimingAttackAgainstHashFlow::PathNode source, PossibleTimingAttackAgainstHashFlow::PathNode sink
+from
+  PossibleTimingAttackAgainstHashFlow::PathNode source,
+  PossibleTimingAttackAgainstHashFlow::PathNode sink
 where PossibleTimingAttackAgainstHashFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "Possible Timing attack against $@ validation.",
   source.getNode().(ProduceCryptoCall).getResultType(), "message"

python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo/PossibleTimingAttackAgainstSensitiveInfo.ql

@@ -26,11 +26,13 @@ private module PossibleTimingAttackAgainstSensitiveInfoConfig implements DataFlo
 }
 
 module PossibleTimingAttackAgainstSensitiveInfoFlow =
-TaintTracking::Global<PossibleTimingAttackAgainstSensitiveInfoConfig>;
+  TaintTracking::Global<PossibleTimingAttackAgainstSensitiveInfoConfig>;
 
 import PossibleTimingAttackAgainstSensitiveInfoFlow::PathGraph
 
-from PossibleTimingAttackAgainstSensitiveInfoFlow::PathNode source, PossibleTimingAttackAgainstSensitiveInfoFlow::PathNode sink
+from
+  PossibleTimingAttackAgainstSensitiveInfoFlow::PathNode source,
+  PossibleTimingAttackAgainstSensitiveInfoFlow::PathNode sink
 where PossibleTimingAttackAgainstSensitiveInfoFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "Timing attack against $@ validation.", source.getNode(),
   "client-supplied token"

python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql

@@ -16,7 +16,6 @@
 import python
 import experimental.semmle.python.security.InsecureRandomness
 import semmle.python.dataflow.new.DataFlow
-
 import InsecureRandomness::Flow::PathGraph
 
 from InsecureRandomness::Flow::PathNode source, InsecureRandomness::Flow::PathNode sink

python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql

@@ -47,9 +47,9 @@ private module ClientSuppliedIpUsedInSecurityCheckConfig implements DataFlow::Co
   }
 }
 
-
 /** Global taint-tracking for detecting "client ip used in security check" vulnerabilities. */
-module ClientSuppliedIpUsedInSecurityCheckFlow = TaintTracking::Global<ClientSuppliedIpUsedInSecurityCheckConfig>;
+module ClientSuppliedIpUsedInSecurityCheckFlow =
+  TaintTracking::Global<ClientSuppliedIpUsedInSecurityCheckConfig>;
 
 from
   ClientSuppliedIpUsedInSecurityCheckFlow::PathNode source,

python/ql/src/experimental/Security/CWE-614/CookieInjection.ql

@@ -17,9 +17,7 @@ import experimental.semmle.python.CookieHeader
 import experimental.semmle.python.security.injection.CookieInjection
 import CookieInjectionFlow::PathGraph
 
-from
-  CookieInjectionFlow::PathNode source, CookieInjectionFlow::PathNode sink,
-  string insecure
+from CookieInjectionFlow::PathNode source, CookieInjectionFlow::PathNode sink, string insecure
 where
   CookieInjectionFlow::flowPath(source, sink) and
   if exists(sink.getNode().(CookieSink))

python/ql/src/experimental/semmle/python/security/TimingAttack.qll

@@ -263,7 +263,7 @@ private string sensitiveheaders() {
 /**
  * A config that tracks data flow from remote user input to Variable that hold sensitive info
  */
-module UserInputSecretConfig  implements DataFlow::ConfigSig {
+module UserInputSecretConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
   predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof CredentialExpr }