hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,734 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.0
Commit Graph

3360 Commits

Author SHA1 Message Date
Arthur Baars
b12b33c8f9 Merge remote-tracking branch 'upstream/main' into 'rc/3.14' 2024-06-28 19:50:35 +02:00
Tom Hvitved
25daaf9d47 Ruby: Add change note 2024-06-25 10:00:01 +02:00
github-actions[bot]
fd385736e6 Post-release preparation for codeql-cli-2.17.6 2024-06-25 06:39:45 +00:00
github-actions[bot]
e32a587078 Release preparation for version 2.17.6 2024-06-24 14:33:10 +00:00
Anders Schack-Mulligen
8c23e21073 Dataflow: Cache compatibleTypes. 2024-06-24 13:35:48 +02:00
Tom Hvitved
a8758c0160 Ruby: Handle element references with blocks 2024-06-21 12:04:55 +02:00
Tom Hvitved
d7ce2be040 Ruby: Up/downgrade scripts 2024-06-21 12:04:53 +02:00
Tom Hvitved
21c9f33419 Ruby: Bump tree-sitter-ruby 2024-06-21 10:17:59 +02:00
Tom Hvitved
8ea4f85de3 Ruby: Rework Sinatra.FilterJumpStep 2024-06-21 08:57:59 +02:00
Alex Ford
d79a253c20 Ruby: remove unused import 2024-06-18 17:49:14 +01:00
Alex Ford
81ec6861f9 Ruby: fix some SensitiveDataSource definitions 2024-06-18 17:46:52 +01:00
Alex Ford
f217de9623 Ruby: Move SensitiveDataSource logic into a private module 2024-06-18 16:58:30 +01:00
Alex Ford
6a46fb54c5 Ruby: Add SensitiveDataSource abstract class 2024-06-18 12:11:28 +01:00
Alex Ford
6c3d90e8a0 Merge pull request #16650 from alexrford/rb/routing-improvements 
Ruby: ActionDispatch - support `path => target` route format
 2024-06-18 11:17:05 +01:00
Joe Farebrother
eee7f5a896 Use a combined regex for performance 2024-06-17 22:21:33 +01:00
Alex Ford
d4203d9286 Ruby: minimal port of py/weak-sensitive-data-hashing 2024-06-17 15:27:00 +01:00
Joe Farebrother
90d6f2ece3 Factor out nameIndicatesRelevantSensitiveData 2024-06-12 15:11:47 +01:00
Tom Hvitved
605fe54a06 Ruby: Remove two Cartesian products 2024-06-12 15:11:43 +01:00
Joe Farebrother
5f08371f19 Add change note 2024-06-12 15:11:39 +01:00
Joe Farebrother
b0c03f6d68 Allow implicit read steps on sinks 2024-06-12 15:11:32 +01:00
Joe Farebrother
8b51ee8fe8 Use additional sensitive data heuristics in CleartextSources 2024-06-12 15:11:27 +01:00
Arthur Baars
4ee80653e2 Merge pull request #16471 from Sim4n6/ruby-UBV 
Ruby: Add some method calls as a Source
 2024-06-12 12:42:08 +02:00
github-actions[bot]
8a25081a0e Post-release preparation for codeql-cli-2.17.5 2024-06-10 15:33:08 +00:00
github-actions[bot]
877bfa2468 Release preparation for version 2.17.5 2024-06-10 13:40:39 +00:00
Anders Schack-Mulligen
5d51b5b97b Ruby: Add support for pretty-printed provenace in tests. Convert one test. 2024-06-07 11:47:48 +02:00
Asger F
6e0f3df573 Merge pull request #14120 from asgerf/dynamic/typemodel-istypeused 
Dynamic: add TypeModel.isTypeUsed
 2024-06-06 15:31:16 +02:00
Sim4n6
dabc33bf66 simplify UnicodeBypassValidationQuery code 2024-06-05 22:45:49 +01:00
Sim4n6
7dcbbbac91 Refactor UnicodeBypassValidationQuery to remove unnecessary code 2024-06-05 13:05:34 +01:00
Alex Ford
1100b75a3c Ruby: handle routes with path/action pairs 2024-05-31 15:54:57 +01:00
Alex Ford
4644f08195 Ruby: Routing.qll - rename call as methodCall 2024-05-31 14:45:32 +01:00
Alex Ford
25f9449f53 Ruby: Routing.qll - rename method as httpMethod 2024-05-31 14:45:26 +01:00
Alex Ford
af9ed21c36 Ruby: Routing.qll - rename method as methodCall 2024-05-31 14:45:20 +01:00
github-actions[bot]
906b65d09c Post-release preparation for codeql-cli-2.17.4 2024-05-28 18:02:25 +00:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Tom Hvitved
69fb2bb97c Merge pull request #16597 from hvitved/tree-sitter/empty-location 
Tree-sitter: Emit `empty_location` relation to avoid scan
 2024-05-27 15:19:15 +02:00
Anders Schack-Mulligen
1432519cc2 Dataflow: Add totalorder predicates to all languages. 2024-05-27 11:01:52 +02:00
Anders Schack-Mulligen
bc8ca1af86 Dataflow: Introduce NodeRegions for use in isUnreachableInCall. 2024-05-27 11:01:51 +02:00
Tom Hvitved
686879a2a3 Ruby: Add up/downgrade scripts 2024-05-27 10:39:22 +02:00
Tom Hvitved
94d2e9591d Tree-sitter: Emit empty_location relation to avoid scan 2024-05-27 10:39:21 +02:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Alex Ford
8119a27540 Merge pull request #16185 from alexrford/rb/conditions-arr0 
Ruby: ActiveRecord - refine `conditions` argument as an SQLi sink
 2024-05-22 12:19:10 +01:00
Chuan-kai Lin
8a22e2283c Merge pull request #16424 from github/cklin/ruby-entities-reorder 
Ruby: Use entities in reorder directives
 2024-05-21 07:32:28 -07:00
Asger F
13d01f1ec4 Ruby/Python: add recursion guard 2024-05-21 14:40:15 +02:00
Asger F
14c71a351e Sync shared files 2024-05-21 14:38:55 +02:00
Joe Farebrother
01a6c5e82f Merge pull request #16446 from joefarebrother/shared-sensitive-heuristics 
Ruby/Python/JS/Swift: Add category of Private information to shared sensitive data heuristics
 2024-05-21 09:07:13 +01:00
github-actions[bot]
32e8b5c667 Post-release preparation for codeql-cli-2.17.3 2024-05-14 21:14:08 +00:00
github-actions[bot]
100166fa53 Release preparation for version 2.17.3 2024-05-14 19:23:18 +00:00
Sim4n6
7f153ed07b Add some method calls as a Source 2024-05-12 09:46:36 +01:00
Joe Farebrother
da93a08639 Add change notes 
No change note is needed for Swift, as the new heuristics are unused and thus should not affect any queries.
 2024-05-09 10:03:20 +01:00