hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

72 Commits

Author SHA1 Message Date
Arthur Baars
5d3ec35e29 Remove non-breaking spaces from code 2025-09-05 09:41:15 +02:00
Jeroen Ketema
52bbfa30d2 Ruby: update expected test results 2025-07-04 15:32:07 +02:00
Tom Hvitved
978a816f11 Ruby: Track types in data flow 2025-01-06 13:26:10 +01:00
Michael Nebel
138e294dae Ruby: Update all test util paths to point to the new location. 2024-12-12 13:54:37 +01:00
Jeroen Ketema
ca40b60e62 Ruby: update expected test results 2024-12-03 19:18:46 +01:00
Tom Hvitved
f287216060 Update expected test output 2024-09-24 14:21:38 +02:00
Arthur Baars
4ee80653e2 Merge pull request #16471 from Sim4n6/ruby-UBV 
Ruby: Add some method calls as a Source
 2024-06-12 12:42:08 +02:00
Sim4n6
7c0ce6486b Rerun the test learn 2024-06-10 12:21:10 +01:00
Anders Schack-Mulligen
012b861ffb Ruby: Accept qltest .expected file changes. 2024-05-22 10:08:59 +02:00
am0o0
dcadda23cd update expected file 2024-05-16 15:15:27 +02:00
Alex Ford
78dc6502f5 Merge branch 'main' into amammad-ruby-bombs 2024-05-16 13:53:31 +01:00
Anders Schack-Mulligen
7cc8fd00aa Ruby: Update expected output (uninteresting). 2024-04-12 09:20:35 +02:00
Tom Hvitved
914a605a87 Ruby: Rework hidden synthetic data-flow nodes 2024-02-27 15:33:58 +01:00
Harry Maclean
8212f5de1b Ruby: Update test 2024-02-26 13:10:27 +00:00
amammad
32f5667bb6 revert YAML.qll and yaml sinks to previous PR, make a separate experimental query only for yaml 2024-02-26 12:12:03 +00:00
Anders Schack-Mulligen
35a3aa0a09 Ruby: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Maiky
35d390ad06 Add Insecure Randomness Query (CWE-338) 2023-10-21 17:23:41 +02:00
Alex Ford
22850b28df Ruby: update alert message test output 2023-10-16 13:08:49 +01:00
Alex Ford
3dd042c38a Merge remote-tracking branch 'origin/main' into maikypedia/ruby-jwt 2023-10-16 12:42:19 +01:00
amammad
609bb762fe fix a bug,modularize 2023-10-11 12:04:11 +02:00
amammad
90017712a6 Merge remote-tracking branch 'origin/main' into amammad-ruby-bombs 2023-10-11 10:45:16 +02:00
Alex Ford
79c305c1a1 Merge pull request #14124 from alexrford/rb/dataflow-query-refactor 
Ruby: Use the new dataflow API for checked in queries
 2023-09-13 14:24:47 +01:00
Alex Ford
5b013dd5d2 Merge branch 'main' into rb/dataflow-query-refactor 2023-09-07 14:57:38 +01:00
amammad
4191b07b1f Merge branch 'github:main' into amammad-ruby-bombs 2023-09-06 20:17:49 +10:00
Tom Hvitved
48e2dcfa35 Ruby: Reimplement flow through captured variables using field flow 2023-09-06 11:00:55 +02:00
Alex Ford
b6d12f8b1c Ruby: configsig rb/zip-slip 2023-09-03 17:20:05 +01:00
Maiky
17565cde75 Add JWT Security Queries 2023-08-25 21:28:53 +02:00
Maiky
ffd618d6cc Revert "Add "" and nil as sources" 
This reverts commit 664c1eba72.
 2023-08-25 15:23:55 +02:00
Maiky
664c1eba72 Add "" and nil as sources 2023-08-22 18:10:33 +02:00
Maiky
6f1b406b3a typo 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-03 17:08:10 +02:00
Maiky
0237f37842 typo 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-03 17:07:58 +02:00
Maiky
c54561e775 Merge branch 'main' into maikypedia/ldap-improper-auth 2023-08-03 16:49:30 +02:00
Alex Ford
af854749d7 Ruby: update Ldapinjection test output 2023-07-31 16:08:15 +01:00
Alex Ford
f437a6f729 Merge branch 'main' into maikypedia/ldap-injection 2023-07-31 16:00:41 +01:00
Maiky
2d88ac1846 Suggested Changes 2023-07-27 23:40:52 +02:00
Alex Ford
d89c10dd85 Merge pull request #13130 from maikypedia/maikypedia/xpath-injection 
Ruby :  XPath Injection Query (CWE-643)
 2023-07-14 14:10:09 +01:00
Alex Ford
a524735236 Merge branch 'main' into maikypedia/ldap-injection 2023-07-14 12:05:17 +01:00
amammad
9540c58c4a make one ql file 2023-06-26 20:55:11 +10:00
amammad
796075f9dc V1 Bombs 2023-06-25 00:59:21 +10:00
Jeroen Ketema
4485560f43 Ruby: Rewrite inline expectation tests to use parameterized module 2023-06-09 10:43:05 +02:00
Maiky
62353122c0 Add Improper LDAP Authentication query (CWE-287) 2023-05-29 21:16:13 +02:00
Maiky
d45d046fa7 Add test file and .expected 2023-05-28 17:29:34 +02:00
Arthur Baars
e0466900ad Merge pull request #12992 from Sim4n6/ruby-UBV 
[Ruby] Add Unicode Bypass Validation query, test and help file
 2023-05-26 13:00:21 +02:00
Sim4n6
90c174de4e Updated the .expected file accordingly 2023-05-23 17:36:50 +01:00
Sim4n6
f7f0564e36 added one more test 2023-05-20 18:00:27 +01:00
Sim4n6
d11cb9195c Use of CGI.escapeHTML() in test samples 2023-05-20 12:57:50 +01:00
Maiky
071a77cedc Ruby : XPath Injection Query (CWE-643) 2023-05-11 15:29:54 +02:00
Sim4n6
1247403d43 Updated expected results file 2023-05-04 08:56:45 +01:00
Alex Ford
82c025020d Merge remote-tracking branch 'origin/main' into maikypedia/ruby-ssti 2023-05-02 16:18:41 +01:00
Alex Ford
a571bc64ac ruby: regenerate TemplateInjection.expected 2023-05-02 16:14:20 +01:00