hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

4863 Commits

Author SHA1 Message Date
Alex Ford
d994959720 Ruby: add tests for rb/weak-sensitive-data-hashing 2024-06-18 17:47:32 +01:00
Alex Ford
81ec6861f9 Ruby: fix some SensitiveDataSource definitions 2024-06-18 17:46:52 +01:00
Alex Ford
f217de9623 Ruby: Move SensitiveDataSource logic into a private module 2024-06-18 16:58:30 +01:00
Alex Ford
6a46fb54c5 Ruby: Add SensitiveDataSource abstract class 2024-06-18 12:11:28 +01:00
Alex Ford
6c3d90e8a0 Merge pull request #16650 from alexrford/rb/routing-improvements 
Ruby: ActionDispatch - support `path => target` route format
 2024-06-18 11:17:05 +01:00
Joe Farebrother
eee7f5a896 Use a combined regex for performance 2024-06-17 22:21:33 +01:00
Alex Ford
f017821062 Ruby: rb/weak-sensitive-data-hashing qhelp 2024-06-17 15:29:53 +01:00
Alex Ford
d4203d9286 Ruby: minimal port of py/weak-sensitive-data-hashing 2024-06-17 15:27:00 +01:00
Joe Farebrother
90d6f2ece3 Factor out nameIndicatesRelevantSensitiveData 2024-06-12 15:11:47 +01:00
Tom Hvitved
605fe54a06 Ruby: Remove two Cartesian products 2024-06-12 15:11:43 +01:00
Joe Farebrother
5f08371f19 Add change note 2024-06-12 15:11:39 +01:00
Joe Farebrother
07f03be8cc Add unit tests 2024-06-12 15:11:35 +01:00
Joe Farebrother
b0c03f6d68 Allow implicit read steps on sinks 2024-06-12 15:11:32 +01:00
Joe Farebrother
8b51ee8fe8 Use additional sensitive data heuristics in CleartextSources 2024-06-12 15:11:27 +01:00
Arthur Baars
4ee80653e2 Merge pull request #16471 from Sim4n6/ruby-UBV 
Ruby: Add some method calls as a Source
 2024-06-12 12:42:08 +02:00
Mathias Vorreiter Pedersen
3351b9547d Merge branch 'rc/3.14' into rc-3.14-mergeback 2024-06-11 16:21:08 +01:00
github-actions[bot]
8a25081a0e Post-release preparation for codeql-cli-2.17.5 2024-06-10 15:33:08 +00:00
Cornelius Riemenschneider
092bc6445d Rust/bazel: Port to bzlmod. 
This gets rid of our last workspace dependency.
In particular, this change also gets rid of the checked-in extra
lock files that took forever to generate.
 2024-06-10 17:03:58 +02:00
github-actions[bot]
877bfa2468 Release preparation for version 2.17.5 2024-06-10 13:40:39 +00:00
Sim4n6
7c0ce6486b Rerun the test learn 2024-06-10 12:21:10 +01:00
Anders Schack-Mulligen
5d51b5b97b Ruby: Add support for pretty-printed provenace in tests. Convert one test. 2024-06-07 11:47:48 +02:00
Tom Hvitved
eae6406629 Merge pull request #16687 from hvitved/ruby/bump-ts-grammar 
Ruby: Bump tree-sitter grammar
 2024-06-06 17:44:18 +02:00
Asger F
6e0f3df573 Merge pull request #14120 from asgerf/dynamic/typemodel-istypeused 
Dynamic: add TypeModel.isTypeUsed
 2024-06-06 15:31:16 +02:00
Tom Hvitved
523139259a Ruby: Update cargo-bazel-lock.json 2024-06-06 10:46:01 +02:00
Tom Hvitved
7122db0c45 Ruby: Bump tree-sitter grammar 2024-06-06 10:31:16 +02:00
Tom Hvitved
421c68a263 Merge pull request #16663 from hvitved/ruby/extraction-error-consistency 
Ruby: Add consistency query for extraction errors
 2024-06-06 10:29:56 +02:00
Sim4n6
dabc33bf66 simplify UnicodeBypassValidationQuery code 2024-06-05 22:45:49 +01:00
Sim4n6
7dcbbbac91 Refactor UnicodeBypassValidationQuery to remove unnecessary code 2024-06-05 13:05:34 +01:00
Tom Hvitved
e42de3de6f Ruby: Fix extraction errors 2024-06-04 14:54:02 +02:00
Tom Hvitved
ad99158838 Ruby: Fix/accept extraction errors 2024-06-04 12:55:44 +02:00
Tom Hvitved
858c7cead2 Ruby: Add consistency query for extraction errors 2024-06-04 12:55:42 +02:00
Cornelius Riemenschneider
63116d2779 Merge pull request #16656 from github/criemen/pkg-javascript 
Javascript: use `codeql_pack` for javascript extractor
 2024-06-04 11:58:45 +02:00
Tom Hvitved
e6dc36b2c4 Merge pull request #16636 from hvitved/tree-sitter/verbosity-fix 
Tree-sitter: Verbosity fixes
 2024-06-04 08:33:28 +02:00
Paolo Tranquilli
7b8c11379d Javascript: use codeql_pack for javascript extractor 2024-06-03 23:14:44 +02:00
Cornelius Riemenschneider
1bd7aef1b2 Fix search paths. 
It turns out we still need to supply this option, so `codeql` goes looking
for the extractor paths specified in the `codeql-workspace.yml` file.
 2024-06-03 16:33:17 +02:00
Cornelius Riemenschneider
5c77b8708c Ruby: Unified handling of in-tree extractor packs. 2024-06-03 16:06:24 +02:00
Cornelius Riemenschneider
b9da01a384 Merge remote-tracking branch 'origin/main' into criemen/new-pkg 2024-06-03 15:47:15 +02:00
Tom Hvitved
beeae69845 Tree-sitter: Verbosity fixes 2024-05-31 20:10:19 +02:00
Alex Ford
1100b75a3c Ruby: handle routes with path/action pairs 2024-05-31 15:54:57 +01:00
Alex Ford
0473655752 Ruby: actiondispatch add hash arg testcase 2024-05-31 15:08:35 +01:00
Alex Ford
22858249f9 Ruby: actiondispatch test whitespace changes 2024-05-31 15:07:39 +01:00
Paolo Tranquilli
096a31dbef Mark all integration tests as legacy 
This is in preparation for the new integration test framework. Tests
marked thus will be run by the current framework and ignored by the new
one.
 2024-05-31 16:04:50 +02:00
Alex Ford
4644f08195 Ruby: Routing.qll - rename call as methodCall 2024-05-31 14:45:32 +01:00
Alex Ford
25f9449f53 Ruby: Routing.qll - rename method as httpMethod 2024-05-31 14:45:26 +01:00
Alex Ford
af9ed21c36 Ruby: Routing.qll - rename method as methodCall 2024-05-31 14:45:20 +01:00
Cornelius Riemenschneider
60cb8e7e8e Ruby: Move to new packaging rules. 2024-05-30 14:25:20 +02:00
github-actions[bot]
906b65d09c Post-release preparation for codeql-cli-2.17.4 2024-05-28 18:02:25 +00:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Tom Hvitved
69fb2bb97c Merge pull request #16597 from hvitved/tree-sitter/empty-location 
Tree-sitter: Emit `empty_location` relation to avoid scan
 2024-05-27 15:19:15 +02:00
Anders Schack-Mulligen
1432519cc2 Dataflow: Add totalorder predicates to all languages. 2024-05-27 11:01:52 +02:00