hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,267 Commits 1,672 Branches 157 Tags
codeql-cli-2.21.1
Commit Graph

4730 Commits

Author SHA1 Message Date
Asger F
f1c82b650f Ruby: Implement Fuzzy for Ruby 2023-07-13 15:42:34 +02:00
Asger F
919cb07c1e Sync ApiGraphModels.qll 2023-07-13 15:42:33 +02:00
Erik Krogh Kristensen
4f1c12e9dc apply suggestion from review 
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2023-07-13 14:49:25 +02:00
erik-krogh
1fe66232c6 suggestions based on review: add a popular library example for HTML-sanitization, and use the old text about ../ replacements 2023-07-13 14:28:11 +02:00
Asger F
18762db0fb Ruby: factor out isProcCreationCall 2023-07-13 11:53:16 +02:00
Asger F
8d2dba18c0 Ruby: change note 2023-07-13 11:53:16 +02:00
Asger F
f232669ea5 Ruby: support Proc.new alongside 'proc' and 'lambda' 2023-07-13 11:53:16 +02:00
Asger F
194fe85442 Ruby: Use asCallable() to generate epsilon edges 2023-07-13 11:53:16 +02:00
Asger F
452fbe7e8f Ruby: add test showing lack of lambda handling 2023-07-13 11:53:16 +02:00
Anders Schack-Mulligen
91de43f918 C#/Java/Ruby: Remove superfluous module members. 2023-07-13 11:38:35 +02:00
Anders Schack-Mulligen
837df2ad37 Dataflow: Sync. 2023-07-13 10:55:39 +02:00
Maiky
119a32fe0e fix naming error 2023-07-12 23:54:58 +02:00
Maiky
db0f38fe06 Update XpathInjectionQuery.qll 2023-07-12 23:46:47 +02:00
Ed Minnix
63299688d5 Add change notes for default implementations of isBarrier and isAdditionalFlowStep 2023-07-12 15:21:16 -04:00
Ed Minnix
94638c9997 Ruby: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:25 -04:00
Ed Minnix
8a7081753d Ruby: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:25 -04:00
Maiky
1559b7da3c Update Frameworks.qll 2023-07-12 17:45:45 +02:00
Maiky
c255f8717d Change hasFlowPath to flowPath 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-07-11 19:20:54 +02:00
Maiky
c4f72dd2f2 Change make to global 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-07-11 19:20:34 +02:00
Mathias Vorreiter Pedersen
a4c0063ab1 Merge pull request #13679 from MathiasVP/speedup-big-step 
DataFlow: Speed up the big step relation
 2023-07-11 09:44:17 +01:00
Asger F
d88f557dbe Merge pull request #13683 from asgerf/rb/api-graph-noobject 
Ruby: exclude Object class from API graph
 2023-07-10 12:51:15 +02:00
Mathias Vorreiter Pedersen
44f23bfa59 Merge pull request #13690 from github/post-release-prep/codeql-cli-2.14.0 
Post-release preparation for codeql-cli-2.14.0
 2023-07-07 23:39:38 +01:00
github-actions[bot]
13cf054a9d Post-release preparation for codeql-cli-2.14.0 2023-07-07 14:55:41 +00:00
Asger F
b14cac6b28 Merge pull request #12689 from asgerf/rb/perf-diagnostics 
Ruby: performance diagnostics query
 2023-07-07 14:25:56 +02:00
github-actions[bot]
6484ee106e Release preparation for version 2.14.0 2023-07-07 08:22:14 +00:00
Asger F
d8604ff390 Ruby: exclude Object class from API graph 2023-07-07 09:49:21 +02:00
Asger F
86b5f0adc7 Revert "Merge pull request #13620 from github/revert-13496-rb/tracking-on-demand" 
This reverts commit 133de56ac2, reversing
changes made to 28a8e48351.
 2023-07-07 09:42:34 +02:00
Dave Bartolomeo
9631e9f2f1 Bump minor version numbers post-GHES 2023-07-06 10:10:01 -04:00
Dave Bartolomeo
2bb9adfbf1 Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10 2023-07-06 10:00:46 -04:00
Erik Krogh Kristensen
b2a60bf3d1 Merge pull request #13642 from erik-krogh/san-script 
JS/RB: Fix FP in incomplete-multi-character-sanitization
 2023-07-06 15:38:39 +02:00
Mathias Vorreiter Pedersen
83d0dec0fb DataFlow: Sync identical files. 2023-07-06 14:00:00 +01:00
Asger F
59c72836d3 Ruby: fix typo 2023-07-06 14:57:24 +02:00
Asger F
db58d32f7a Ruby: Add a query ID 2023-07-06 14:57:24 +02:00
Asger F
d123e5ba63 Ruby: add performance diagnostic query 2023-07-06 14:57:24 +02:00
Maiky
a3c58c66e9 Using DataFlow::ConfigSig instead of TaintTracking::Configuration 2023-07-06 03:14:49 +02:00
Maiky
25814f76b9 Apply suggested changes 2023-07-06 02:20:42 +02:00
Alex Ford
08784d24b4 Ruby: rack - add tests for env['QUERY_STRING'] 2023-07-05 15:49:00 +01:00
Alex Ford
ec2c9f20f6 Ruby: rack - env['QUERY_STRING'] changenote 2023-07-05 15:46:56 +01:00
Alex Ford
2b0b2855e1 Ruby: rack - Rack::Response changenote 2023-07-05 15:15:34 +01:00
Alex Ford
df62cf8a5a qlformat 2023-07-05 12:19:57 +01:00
Alex Ford
082f26bcb1 Ruby: update TaintStep.ql output 2023-07-05 12:19:55 +01:00
Alex Ford
9a263e12ec Ruby: rack - add some qldoc 2023-07-05 12:18:52 +01:00
Alex Ford
bf25b07c17 Ruby: rack - request input tests 2023-07-05 12:18:52 +01:00
Alex Ford
175d524146 Ruby: rack - add Rack#Utils.parse_query summary 2023-07-05 12:18:52 +01:00
Alex Ford
cc6f6418f5 Ruby: rack - start modelling request inputs 2023-07-05 12:18:52 +01:00
Alex Ford
9b2cd768e1 Ruby: rack - add env['QUERY_STRING'] as an http request input 2023-07-05 11:59:18 +01:00
Alex Ford
5fafd9ecc1 Merge branch 'main' into rb/rack-extend-app-and-resp 2023-07-04 11:43:30 +01:00
Michael Nebel
238f390738 Merge pull request #13452 from michaelnebel/refactorstackprinting 
Re-factor printing of summary component stacks.
 2023-07-04 08:29:10 +02:00
Michael Nebel
243c592447 Address review comments. 2023-07-03 17:01:08 +02:00
Michael Nebel
e06bc8fd8d Ruby: Use serialize to for the string representation of ConstantValue. 2023-07-03 14:36:07 +02:00