hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,868 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.4
Commit Graph

1088 Commits

Author SHA1 Message Date
Tom Hvitved
5260d9815a Merge pull request #12582 from hvitved/ruby/element-of-type-content-set 
Ruby: Introduce `ContentSet::isElementOfType[OrUnknown]/1`
 2023-03-21 13:41:15 +01:00
Alex Ford
4b1171ce64 Merge branch 'main' into maikypedia/ruby-ssti 2023-03-20 09:55:53 +00:00
Tom Hvitved
a9ef3f95a2 Ruby: Introduce ContentSet::isElementOfType[OrUnknown]/1 2023-03-20 10:03:15 +01:00
Erik Krogh Kristensen
af98ceb3c3 Merge pull request #11478 from erik-krogh/more-shell-taint 
Rb: more taint-steps for shell-command-construction
 2023-03-20 08:41:22 +01:00
Alex Ford
e84b08409c Ruby: test fixes 2023-03-17 12:08:38 +00:00
Tom Hvitved
d146d816a9 Ruby: Fix semantic merge conflict 2023-03-17 09:59:44 +01:00
Tom Hvitved
75746cbacc Merge pull request #12549 from hvitved/ruby/ssa-write-access 
Ruby: `Ssa::WriteDefinition::getWriteAccess` should return a CFG node
 2023-03-17 09:31:14 +01:00
Harry Maclean
2c63dbad67 Merge pull request #11954 from hmac/sinatra 
Ruby: Model Sinatra
 2023-03-17 10:46:52 +13:00
Tom Hvitved
1d0b3d4112 Ruby: Ssa::WriteDefinition::getWriteAccess should return a CFG node 2023-03-16 11:28:24 +01:00
erik-krogh
2133d1a5ab Merge branch 'main' into more-shell-taint 2023-03-15 10:54:30 +01:00
erik-krogh
25a6d496d9 Merge branch 'main' into HEAD 2023-03-13 17:33:06 +01:00
Tom Hvitved
714b61b63e Ruby: Add missing flow through self.new constructor calls 2023-03-13 12:45:46 +01:00
Tom Hvitved
6ee231fac5 Ruby: Add more tests for flow through constructors 2023-03-13 10:52:01 +01:00
Harry Maclean
e80ff4efba Ruby: Fix tests and qldoc 2023-03-13 20:32:37 +13:00
Harry Maclean
071517c74b Ruby: Clean up Sinatra modeling 2023-03-13 19:25:56 +13:00
Harry Maclean
384e7c7a80 Jump step for sinatra callbacks 2023-03-13 19:03:32 +13:00
Harry Maclean
e65d7224db Ruby: tests, patterns, fix erb flow 2023-03-13 19:03:32 +13:00
erik-krogh
b0797a2559 Merge branch 'main' into more-shell-taint 2023-02-27 18:27:09 +01:00
Harry Maclean
ba4d0a81d5 Ruby: Simplify filter dataflow 
This introduces some false flow (the `ThreeController` and
`FourController` examples in `filter_flow.rb`) but is simpler and
in line with how we model flow for normal method calls.
 2023-02-21 19:28:53 +13:00
Harry Maclean
0a02b45ad7 Ruby: More filter flow steps 
Add a jump step from the last self post-update node in a method to the self parameter of the
next method.
 2023-02-21 19:28:26 +13:00
Harry Maclean
fae5320c3a Ruby: Add filter flow tests 2023-02-21 19:27:53 +13:00
Harry Maclean
ae3d91b546 Ruby: First draft of rails callback flow 2023-02-21 19:26:36 +13:00
Alex Ford
774030a8db Merge pull request #12083 from pwntester/ruby_twirp_support 
[Ruby] Add support for Twirp framework
 2023-02-20 13:16:52 +00:00
Tom Hvitved
658cc33bb8 Merge pull request #12212 from hvitved/util/inline-expect-test-use-end-line 
Util: Use end line instead of start line for actual results
 2023-02-20 11:41:02 +01:00
Harry Maclean
4e07fd3eb1 Ruby: Model ApplicationController.renderer 2023-02-19 13:37:27 +13:00
Tom Hvitved
e9bce9f8cd Ruby: Update test expectations 2023-02-17 13:22:28 +01:00
Alex Ford
74782bf6a2 Merge branch 'main' into ruby_twirp_support 2023-02-15 17:15:08 +00:00
Alex Ford
801ed1ce7c Ruby: add Twirp.expected 2023-02-15 17:05:33 +00:00
Rasmus Wriedt Larsen
c72dbc49fc Merge pull request #12165 from RasmusWL/crypto-updates 
Python/Ruby/JS Crypto: Add a few algorithms + block modes
 2023-02-15 14:35:40 +01:00
erik-krogh
17f7ba2a8f rewrite the taint-step for join() to a flowsummary 2023-02-15 12:34:59 +01:00
Harry Maclean
fb14920281 Merge pull request #12056 from hmac/test-refactor 2023-02-15 17:34:25 +13:00
Alvaro Muñoz
4644a88b89 address code review comments 2023-02-14 14:27:17 +01:00
Rasmus Wriedt Larsen
39e50f745d Ruby: Fix .expected for CryptoAlgorithms 2023-02-13 14:21:12 +01:00
Anders Schack-Mulligen
e877b161d8 Merge pull request #12124 from hvitved/dataflow/stage1-dispatch 
Data flow: Call context virtual dispatch pruning in stage 1
 2023-02-13 13:13:43 +01:00
Tom Hvitved
0b8173e2e7 Ruby: Add another data flow test 2023-02-13 09:50:50 +01:00
Harry Maclean
43ce26e4d0 Ruby: re-add Eval.rb 2023-02-07 09:37:26 +13:00
Arthur Baars
f391948b53 Ruby: update expected output 2023-02-06 10:17:19 +01:00
Arthur Baars
3c15fd266d Ruby: add one-line pattern match test 2023-02-06 10:17:19 +01:00
Harry Maclean
02b09ca9f7 Ruby: Remove unused test files 2023-02-04 14:42:59 +13:00
Harry Maclean
cfb3bc9dce Ruby: Remove unused test file 2023-02-04 14:30:56 +13:00
Harry Maclean
0711326619 Ruby: Move PosixSpawn tests to their own directory 2023-02-04 14:30:23 +13:00
Harry Maclean
dbbef0534b Ruby: Move Core tests into core directory 2023-02-04 14:28:25 +13:00
Harry Maclean
b5d98d9011 Ruby: Move GraphQL test to their own directory 2023-02-04 14:25:38 +13:00
Harry Maclean
6c816d5602 Ruby: Move ActionDispatch tests to own directory 2023-02-04 14:19:08 +13:00
Harry Maclean
58d7af4018 Ruby: Move ActionView tests into their own dir 
This ensures that changes to unrelated test files don't affect these
tests.
 2023-02-04 14:19:08 +13:00
Alvaro Muñoz
dd31be43e0 Support for Twirp framework 2023-02-03 09:35:22 +01:00
Harry Maclean
da45d3aa7f Ruby: Fix string comparison barrier guard 
`strNode` was not properly restricted for some cases.
 2023-02-01 14:40:53 +13:00
Harry Maclean
c99a096c9b Ruby: Update test fixtures 2023-01-31 11:27:19 +13:00
Harry Maclean
708e303c01 Ruby: Model except: with a const argument 2023-01-30 21:17:31 +13:00
Harry Maclean
246ad46eb1 Ruby: Account for filter skip ordering 
A `skip_*_filter :foo` call only has an effect if there was an earlier
call that registered `:foo` as a filter.
 2023-01-30 18:50:30 +13:00