hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

3455 Commits

Author SHA1 Message Date
erik-krogh
e2caf3e8c0 put a limit on the length of the equivalent range 2022-08-30 09:29:22 +02:00
erik-krogh
f47b097d7c put a limit on the length of the equivalent range 2022-08-29 21:03:52 +02:00
erik-krogh
77949cbeb3 add context to the rankState predicate in ExponentialBackTracking.qll 2022-08-29 13:42:05 +02:00
Harry Maclean
5d356df300 QLDoc fixes 2022-08-29 14:24:37 +12:00
Harry Maclean
9651fa1573 Ruby: Add ActiveResource change note 2022-08-29 14:24:37 +12:00
Harry Maclean
ec58107439 QlDoc fix 2022-08-29 14:24:37 +12:00
Harry Maclean
dcc0123023 Fix QL4QL alert 2022-08-29 14:24:37 +12:00
Harry Maclean
06c95ba457 Ruby: QLDoc 2022-08-29 14:24:37 +12:00
Harry Maclean
75e1497fbf Ruby: Import ActiveResource by default 2022-08-29 14:24:37 +12:00
Harry Maclean
aa6edb0edb Ruby: Model ActiveResource 2022-08-29 14:24:37 +12:00
Harry Maclean
09ad1c29bd Ruby: Add SelfVariableAccessCfgNode 2022-08-29 14:24:37 +12:00
Nick Rolfe
898689f550 Merge pull request #9896 from github/nickrolfe/hardcoded_code 
Ruby: port js/hardcoded-data-interpreted-as-code
 2022-08-26 13:49:25 +01:00
github-actions[bot]
3b4ad3c4f1 Post-release preparation for codeql-cli-2.10.4 2022-08-26 09:32:11 +00:00
Nick Rolfe
52d46552af Ruby: fix 'inefficient string comparison' alert 2022-08-26 09:58:22 +01:00
Nick Rolfe
95bf18fdc9 Ruby: make hex-escaped strings ("\xCD\xEF" etc.) sources of hardcoded data 2022-08-26 09:33:03 +01:00
erik-krogh
cc7a9ef97a rename more acronyms 2022-08-25 20:52:27 +02:00
Arthur Baars
24526108d3 Ruby: update dbscheme stats 2022-08-25 17:48:28 +02:00
Arthur Baars
ed005077fa Ruby: upgrade/downgrade scripts 2022-08-25 17:40:52 +02:00
Arthur Baars
59773eb743 Ruby: update tree-sitter grammar 2022-08-25 17:21:29 +02:00
Ian Lynagh
a904438828 Update ruby/ql/lib/CHANGELOG.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:24:44 +01:00
Ian Lynagh
5cd4e0d3b1 Update ruby/ql/lib/change-notes/released/0.3.4.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-08-25 14:24:38 +01:00
github-actions[bot]
0f63bc077f Release preparation for version 2.10.4 2022-08-25 12:52:26 +00:00
Erik Krogh Kristensen
ba1ad00d2a Merge pull request #10062 from erik-krogh/redosPrefix 
JS: use the shared regular expression libraries in `js/case-sensitive-middleware-path`
 2022-08-25 12:57:16 +02:00
Nick Rolfe
acf5b11139 Merge remote-tracking branch 'origin/main' into nickrolfe/hardcoded_code 2022-08-25 11:44:55 +01:00
Ian Lynagh
bf6d9f8c23 Merge pull request #10161 from igfoo/igfoo/exec 
Make a load of files non-executable
 2022-08-25 10:05:39 +01:00
Anders Schack-Mulligen
c6f89aac0a Merge pull request #10141 from aschackmull/ruby/perf-apigraph 
Ruby: Perf fix for trackUseNode.
 2022-08-25 10:22:07 +02:00
Ian Lynagh
501a9b3c6b Make *.qll non-executable 2022-08-24 16:36:15 +01:00
Michael Nebel
761ed283b6 C#/Java/Ruby/Swift: Address review comments. 2022-08-24 09:58:54 +02:00
Michael Nebel
30d554503a C#/Java: Fix some QL doc spelling typos. 2022-08-24 09:58:53 +02:00
Michael Nebel
160ae934af C#/Java/Ruby/Swift: Fix typo in QL doc. 2022-08-24 09:58:53 +02:00
Michael Nebel
581824a9b4 C#/Java/Ruby/Swift: Fix various typos. 2022-08-24 09:58:53 +02:00
Michael Nebel
fbc0e6a1ec Ruby: Sync files and make dummy negative summary implementation. 2022-08-24 09:58:52 +02:00
Anders Schack-Mulligen
b83e851ac6 Ruby: one more pragma 2022-08-23 16:04:29 +02:00
Anders Schack-Mulligen
0ea55a9581 Ruby: autoformat 2022-08-23 15:58:29 +02:00
Anders Schack-Mulligen
844e0129b6 Ruby: Perf fix for trackUseNode. 2022-08-23 15:50:54 +02:00
Rasmus Wriedt Larsen
eccc7d6d6f Ruby: Remove redundant .getExpr() 2022-08-23 15:42:21 +02:00
Rasmus Wriedt Larsen
717a355913 Ruby: Accept grammar fix 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-08-23 15:36:45 +02:00
Rasmus Wriedt Larsen
d832298e40 Ruby: Accept grammar fix 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-08-23 15:36:37 +02:00
erik-krogh
5e3cb08ed2 rename stateInPumpableRegexp to stateInRelevantRegexp 2022-08-23 12:40:45 +02:00
erik-krogh
e89e0eb7fb make some acronyms camelCase 2022-08-22 21:22:35 +02:00
Rasmus Wriedt Larsen
61bf2154cd Merge branch 'main' into shared-http-client-request 2022-08-22 12:05:37 +02:00
erik-krogh
049af68bc2 restrict suffix-construction to relevant regexps 2022-08-21 20:35:39 +02:00
erik-krogh
bcf4c57060 Merge branch 'main' into redosPrefix 2022-08-19 19:22:49 +02:00
erik-krogh
d052b1e3c9 also support regular expressions without repetitions 2022-08-19 19:21:44 +02:00
Rasmus Wriedt Larsen
9790594984 Ruby: Bugfix after HTTP::Client::Request change 
I guess this is not 100% accurate any longer since the base class is
only a `DataFlow::Node` now... I guess we could make it a
`DataFlow::CallNode` in the Concept definition.
 2022-08-19 16:25:47 +02:00
Rasmus Wriedt Larsen
9eda630965 Ruby: Add CallNode.getKeywordArgumentIncludeHashArgument 2022-08-19 15:54:15 +02:00
Rasmus Wriedt Larsen
0ac3624342 Ruby: Implement new disablesCertificateValidation for all HTTP client models 
Sadly most alert text changed, but the two important changes are:

1. The request on RestClient.rb:19 now has an expanded alert text,
   highlighting where the origin of the value that disables certificate
   validation comes from. (in this case, it's trivial since it's the
   line right above)
2. We handle passing `false`/`OpenSSL::SSL::VERIFY_NONE` the same in the
   argument passing examples in Faraday.rb
 2022-08-19 15:46:22 +02:00
Rasmus Wriedt Larsen
1f028ac206 Ruby: Implement new disablesCertificateValidation for RestClient 2022-08-19 15:43:19 +02:00
Tom Hvitved
663096fe3a Remove redundant overrides 2022-08-19 13:57:41 +02:00
Rasmus Wriedt Larsen
4a82025087 Ruby: Base HTTP::Client::Request on shared concept 
Fixing up deprecation errors in next commit
 2022-08-18 13:42:53 +02:00