hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

ruby: Add query for hoisting Rails ActiveRecord calls

Browse Source 
This does not take assicoations into account.
It uses ActiveRecordModelFinderCall to identify relevant calls.
This class has therefor been made public.
This commit is contained in:
Rasmus Lerchedahl Petersen
2024-11-27 23:49:46 +01:00
committed by yoff
parent d7117ef3e5
commit 5feb401607
5 changed files with 136 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll
View File

@@ -254,9 +254,8 @@ private Expr getUltimateReceiver(MethodCall call) {
)
}
// A call to `find`, `where`, etc. that may return active record model object(s)
private class ActiveRecordModelFinderCall extends ActiveRecordModelInstantiation, DataFlow::CallNode
{
/** A call to `find`, `where`, etc. that may return active record model object(s) */
class ActiveRecordModelFinderCall extends ActiveRecordModelInstantiation, DataFlow::CallNode {
private ActiveRecordModelClass cls;
ActiveRecordModelFinderCall() {