hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,868 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.4
Commit Graph

1088 Commits

Author SHA1 Message Date
Alex Ford
977ceb89fd Ruby: rack - remove PotentialResponseNode#getAStatusCode 2023-06-13 12:42:46 +01:00
Jeroen Ketema
c3ba206b6a Merge pull request #13346 from jketema/inline-2 
Update inline expectation tests to use parameterized module
 2023-06-13 10:10:55 +02:00
Anders Schack-Mulligen
0c62901a67 Ruby: Fix tests. 2023-06-09 15:39:18 +02:00
Asger F
d47477bd3b Ruby: update line numbers in expectation file 2023-06-09 14:52:21 +02:00
Asger F
a50d91ea48 Ruby: fix bug in filter_map summary 2023-06-09 14:31:10 +02:00
Jeroen Ketema
4485560f43 Ruby: Rewrite inline expectation tests to use parameterized module 2023-06-09 10:43:05 +02:00
Alex Ford
397a809426 Merge remote-tracking branch 'origin/main' into rb/rack-redirect 2023-06-08 12:07:57 +01:00
Alex Ford
22b9ab43c6 Merge pull request #13259 from alexrford/rb/actiondispatch-refactor 
Ruby: Refactor and slightly expand `ActionDispatch` modelling
 2023-06-08 11:08:36 +01:00
Tom Hvitved
cee70883f0 Merge pull request #12964 from hvitved/ruby/remove-synth-returns 
Ruby: Remove canonical return nodes
 2023-06-08 10:07:48 +02:00
Alex Ford
6fa9e13a2e Ruby: update TaintStep output 2023-06-01 16:27:20 +01:00
Alex Ford
d09f6d318c Merge branch 'main' into maikypedia/sqli-sink 2023-06-01 15:02:44 +01:00
Alex Ford
4905a70e21 Ruby: update rack test output 2023-06-01 14:01:40 +01:00
Alex Ford
a5a15f3804 Ruby: restructure rack model 2023-06-01 14:01:40 +01:00
Alex Ford
b2958f87b2 ruby: rack - add redirect responses 2023-06-01 14:01:40 +01:00
Alex Ford
c3ab867595 ruby: start restructuring rack 2023-06-01 14:01:40 +01:00
Alex Ford
f8d2cbbe79 ruby: rack responses implement are HTTP responses 2023-06-01 14:01:39 +01:00
Alex Ford
c87c266871 ruby: add Rack::ResponseNode#getAStatusCode 2023-06-01 14:01:39 +01:00
Alex Ford
7d943c7621 Ruby: update test output 2023-06-01 13:50:32 +01:00
Alex Ford
4794066d3c Merge branch 'main' into maikypedia/sqli-sink-2 2023-06-01 13:04:54 +01:00
Alex Ford
baabd2d1fa Merge pull request #12832 from maikypedia/maikypedia/pg-sqli 
Ruby: Add SQL Injection Sinks
 2023-05-26 11:36:17 +01:00
Alex Ford
609319da20 ruby: update TaintStep.ql test output 2023-05-25 17:53:01 +01:00
Tom Hvitved
13ada1e6ad Ruby: Remove canonical return nodes 2023-05-24 11:11:50 +02:00
Asger F
6d1a4451fb Ruby: update a test expectation 2023-05-24 10:15:51 +02:00
Alex Ford
9f5c73cf63 Ruby: add a test case for instantiating ActionDispatch::Request directly 2023-05-23 15:18:32 +01:00
Alex Ford
1c9e4c0f0b Ruby: test for RequestInputAccess instances in ActionDispatch 2023-05-23 15:17:38 +01:00
Tom Hvitved
826b6219a0 Ruby: Include self parameters in type tracking flow-through logic 2023-05-15 16:02:33 +02:00
Tom Hvitved
3cdb27725a Ruby: Add more call graph tests 2023-05-15 16:02:33 +02:00
Kasper Svendsen
6b8a7c2f6f Ruby: Make implicit this receivers explicit 2023-05-10 13:03:39 +02:00
Tom Hvitved
2f95af8ef2 Ruby: Remove self edges 2023-05-08 10:26:01 +02:00
Maiky
3960853af0 CWE-089 Add Sequel SQL Injection Sink 2023-05-07 23:56:56 +02:00
Maiky
6a3d995b35 Add Mysql2 as SQL Injection Sink 2023-05-06 12:25:25 +02:00
Mathias Vorreiter Pedersen
09ba9a74ce Merge pull request #12959 from MathiasVP/identity-consistency-check 
DataFlow: Add an "identity-step" consistency check
 2023-05-05 10:03:20 +01:00
Mathias Vorreiter Pedersen
924854c6dc Ruby: Accept consistency changes. 2023-05-03 20:32:33 +01:00
Alex Ford
e7213e92cf Merge remote-tracking branch 'origin/main' into rb/sqlite3 2023-05-03 15:18:07 +01:00
Alex Ford
6e6eee2dab Ruby: add test case for instance variable flow with sqlite3 2023-05-03 15:16:16 +01:00
Anders Schack-Mulligen
09d4fe21e8 Ruby: Update more expected output. 2023-04-26 13:37:07 +02:00
Anders Schack-Mulligen
90f84bb516 Ruby: Update expected output. 2023-04-26 13:08:16 +02:00
Alex Ford
9dc04f30ac Ruby: model sqlite3 2023-04-20 15:47:14 +01:00
Asger F
8c0c335daf Ruby: update test output 2023-04-17 12:47:23 +02:00
Asger F
c699afd07f Ruby: instantiate NetHttpRequest even if body is not accessed 2023-03-31 12:56:09 +02:00
Asger F
504a0f8112 Ruby: Add test where response body is not referenced 2023-03-31 12:55:49 +02:00
Asger F
209aebad61 Ruby: Update HttpClients.ql not assume all predicates have results 2023-03-31 11:12:45 +02:00
Asger F
32bab0b8b2 Merge pull request #12654 from asgerf/rb/always-resolve-toplevel-namespace 
RB: always resolve toplevel namespaces to their locally qualified name
 2023-03-28 09:54:59 +02:00
Tom Hvitved
f8c28bee6a Ruby: Order synthetic children in PrintAST based on their index instead of location 2023-03-27 11:38:30 +02:00
Arthur Baars
9a8e138684 Ruby: also change evaluation order for scoped constants 2023-03-24 16:57:55 +01:00
Arthur Baars
a819797508 Ruby: add test case of destructured assignment with contants 2023-03-24 16:57:39 +01:00
Arthur Baars
8b90d021fa Ruby: change evaluation order of destructured assignments 2023-03-24 16:57:25 +01:00
Asger F
179d0b36cf Ruby: make up qnames for top-level namespaces 2023-03-24 13:42:51 +01:00
Tom Hvitved
b816c79248 Ruby: Include all assignments in data flow paths 2023-03-24 10:09:30 +01:00
Asger F
1f70c59bbc Ruby: add test with deep unresolved classes 2023-03-23 13:36:14 +01:00