hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,643 Commits 1,672 Branches 157 Tags
alexet/avoid-path-node-java
Commit Graph

4873 Commits

Author SHA1 Message Date
Max Schaefer
f42bd28ca9 Port changes to Ruby. 2023-10-26 15:06:45 +01:00
Alex Ford
16c5edd3ca Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries 2023-10-25 15:52:02 +01:00
Maiky
d8aa0e2d7e Remove unnecessary import 2023-10-21 17:29:08 +02:00
Maiky
35d390ad06 Add Insecure Randomness Query (CWE-338) 2023-10-21 17:23:41 +02:00
Peter Stöckli
09cf76a880 Ruby: additional unsafe deserialization sinks for ox, oj 2023-10-19 14:04:48 +02:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
amammad
2e4e5ef480 fix a comment 2023-10-17 10:42:40 +02:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Alex Ford
22850b28df Ruby: update alert message test output 2023-10-16 13:08:49 +01:00
Alex Ford
66d230a207 ruby: qlformat 2023-10-16 12:45:46 +01:00
Alex Ford
3dd042c38a Merge remote-tracking branch 'origin/main' into maikypedia/ruby-jwt 2023-10-16 12:42:19 +01:00
Maiky
e204100701 Resolve conflict in Concepts.qll 2023-10-15 10:37:10 +02:00
Maiky
17210c76a5 change-note edition 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-10-15 10:25:58 +02:00
Harry Maclean
1297acf5b1 Merge pull request #14216 from hmac/hmac-graphql-enum 
Ruby: Restrict GraphQL remote flow sources
 2023-10-13 11:31:50 +01:00
Henry Mercer
1a370bfbbe Merge pull request #14443 from github/post-release-prep/codeql-cli-2.15.0 
Post-release preparation for codeql-cli-2.15.0
 2023-10-11 17:39:04 +01:00
github-actions[bot]
ae6af17c74 Post-release preparation for codeql-cli-2.15.0 2023-10-11 14:19:20 +00:00
amammad
609bb762fe fix a bug,modularize 2023-10-11 12:04:11 +02:00
amammad
90017712a6 Merge remote-tracking branch 'origin/main' into amammad-ruby-bombs 2023-10-11 10:45:16 +02:00
Asger F
89bd00a4ec Ruby: port queries to ConfigSig-style 2023-10-11 10:06:19 +02:00
erik-krogh
a7ab9fd93b add change-notes 2023-10-09 09:43:06 +02:00
erik-krogh
57c757c0a6 Ruby: delete outdated deprecation in test code 2023-10-09 09:14:55 +02:00
erik-krogh
e0fefce2a3 Ruby: delete various deprecated predicates 2023-10-09 09:14:54 +02:00
erik-krogh
0d992a3d1f delete old deprecated aliases of various regex libraries 2023-10-09 09:14:54 +02:00
erik-krogh
4bc4e0845d delete the deprecated isBarrierGuard predicate from the shared dataflow library, and its uses 2023-10-07 21:48:49 +02:00
github-actions[bot]
9fe993bec3 Release preparation for version 2.15.0 2023-10-04 14:15:27 +00:00
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Asger F
0d96ed8aee Merge pull request #14305 from asgerf/shared/flow-state-inout-barriers 
Shared: add in/out barriers with flow state
 2023-09-28 11:07:23 +02:00
Anders Schack-Mulligen
68d05eb342 Ruby: Minor simplification. 2023-09-28 08:58:55 +02:00
Tom Hvitved
c570083163 Ruby: Improve performance of flow through (hash) splats 2023-09-27 11:49:31 +02:00
Harry Maclean
dc2acf5a39 Merge pull request #14090 from hmac/splat-flow-4 
Ruby: More splat flow (alternative)
 2023-09-27 10:22:57 +01:00
Anders Schack-Mulligen
06cb277eb0 Merge pull request #14299 from aschackmull/dataflow/more-defaults 
Dataflow: Make use of defaults for language-specific hooks.
 2023-09-25 11:19:44 +02:00
Asger F
d501856519 Update DataFlowImpl.qll copies 2023-09-25 10:05:29 +02:00
Harry Maclean
2214caef4b Ruby: Identify named graphql params as sources 2023-09-22 17:54:55 +01:00
Anders Schack-Mulligen
66da997b7b Dataflow: Make use of defaults for language-specific hooks. 2023-09-22 14:54:22 +02:00
Tom Hvitved
e417e862a2 Merge pull request #14283 from hvitved/ruby/collapse-stages 
Ruby: Collapse DIL stages
 2023-09-22 10:58:06 +02:00
Alex Ford
67019c6784 Merge pull request #14274 from alexrford/rb/dataflow-tidy 
Ruby: Minor fixes for dataflow queries
 2023-09-21 16:33:34 +01:00
Alex Ford
840b1e0a73 Ruby: delete DataFlowImplForHttpClientLibraries 2023-09-21 14:11:46 +01:00
Alex Ford
a64d37211d Ruby: use new dataflow api in Typhoeus.qll 2023-09-21 14:11:09 +01:00
Alex Ford
699f752ded Ruby: use new dataflow api in RestClient.qll 2023-09-21 14:09:41 +01:00
Alex Ford
25203d98c3 Ruby: use new dataflow api in OpenURI.qll 2023-09-21 14:08:22 +01:00
Alex Ford
09782296df Ruby: use new dataflow api in NetHttp.qll 2023-09-21 14:06:40 +01:00
Alex Ford
fc7e753035 Ruby: use new dataflow api in Httparty.qll 2023-09-21 14:04:46 +01:00
Alex Ford
92941a45f9 Ruby: use new dataflow api in HttpClient.qll 2023-09-21 14:03:09 +01:00
Tom Hvitved
c2306e6713 Ruby: Collapse DIL stages 2023-09-21 14:33:04 +02:00
Alex Ford
1ffcf4b9c4 Ruby: use new dataflow api in Faraday.qll 2023-09-21 13:07:06 +01:00
Alex Ford
1dbba19238 Ruby: use new dataflow api in Excon.qll 2023-09-21 13:00:17 +01:00
Alex Ford
489f598551 Ruby: delete DataFlowImplForPathname 2023-09-21 12:50:12 +01:00
Anders Schack-Mulligen
13f7daf71e Merge pull request #13982 from aschackmull/dataflow/typeflow-calledge-pruning 
Dataflow: Add type-based call-edge pruning.
 2023-09-21 13:33:08 +02:00
Alex Ford
4cb91e022f Ruby: deprecate some flow states 2023-09-21 12:24:15 +01:00