hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,531 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.7
Commit Graph

3493 Commits

Author SHA1 Message Date
Tom Hvitved
1e27ddf7c7 Ruby: Data flow for keyword arguments/parameters 2021-12-17 15:42:29 +01:00
Arthur Baars
46144fe0a3 Ruby: InClause and WhenClause are no longer Expr 2021-12-17 14:04:25 +01:00
Arthur Baars
974ad070d1 Revert "Ruby: CFG make in-clause post-order" 
This reverts commit 1343ed58a21eec2954876d8d42e877a382ba89c8.
 2021-12-17 14:04:25 +01:00
Arthur Baars
560413f94a Address comments 2021-12-17 14:04:25 +01:00
Tom Hvitved
e4d9f5f29e Fix QL doc 2021-12-17 13:14:11 +01:00
Tom Hvitved
ab2e0fdb18 Data flow: Sync files 2021-12-17 13:13:36 +01:00
Arthur Baars
ba89653dff Ruby: CFG: make RescueClause post-order 2021-12-17 12:21:18 +01:00
Arthur Baars
db4b781fef Ruby: CFG: make RescueModifier post-order 2021-12-17 12:21:18 +01:00
Arthur Baars
cff63fa7d7 Ruby: CFG: make WhenExpr post-order 2021-12-17 12:21:18 +01:00
Arthur Baars
a9286e897b Ruby: CFG make in-clause post-order 2021-12-17 12:21:18 +01:00
Arthur Baars
f49605569b Ruby: CFG make more expressions post-order 2021-12-17 12:21:18 +01:00
Arthur Baars
a4ea7129c2 Ruby: CFG: make 'case' a PostOrder node 2021-12-17 12:21:18 +01:00
Nick Rolfe
dba26a92e9 Merge remote-tracking branch 'origin/main' into nickrolfe/user-controlled-bypass 2021-12-16 15:05:01 +00:00
Arthur Baars
3ef707e358 Address comment 2021-12-16 15:38:41 +01:00
Arthur Baars
cdbd8b27d3 Ruby: SimpleParameter is not an Expr 2021-12-16 15:38:40 +01:00
Tom Hvitved
e9ef53c31b Merge pull request #7390 from hvitved/ruby/deprecate-pattern-classes 
Ruby: Deprecate `Pattern` classes
 2021-12-16 14:36:13 +01:00
Tom Hvitved
4ccf9bf67c Address review comments 2021-12-15 19:57:27 +01:00
Tom Hvitved
2187994f5c Ruby: Prevent infinite recursion in module resolution library 2021-12-15 15:15:19 +01:00
Harry Maclean
062f7fe390 Merge pull request #7340 from github/hmac/private-methods 
Ruby: handle private module methods
 2021-12-15 21:07:49 +13:00
Harry Maclean
a32711245f Ruby: Further speed up private method modelling 2021-12-15 17:38:52 +13:00
github-actions[bot]
59da2cdf69 Release preparation for version 2.7.4 2021-12-14 21:35:09 +00:00
Alex Ford
5fa6ecc5f1 Ruby: Model what is written to the log from stdlib Logger methods 2021-12-14 17:39:12 +00:00
Dave Bartolomeo
a62f181d42 Move new change notes to appropriate packs 2021-12-14 12:05:15 -05:00
Tom Hvitved
e882cdaca4 Ruby: Add missing getCallable() for nested destructured parameters 2021-12-14 15:04:40 +01:00
Tom Hvitved
9ea8b20e77 Ruby: Deprecate Pattern classes 2021-12-14 15:04:40 +01:00
Alex Ford
3262a14f22 Ruby: use DataFlow::CallNode#getBlock to remove a cast 2021-12-14 13:23:38 +00:00
Alex Ford
f3dcccb64b Ruby: Add getBlock and getNumberOfArguments predicates to DataFlow::CallNode 2021-12-14 12:58:15 +00:00
Harry Maclean
f21948d0ca Ruby: Speed up private method modelling 2021-12-14 11:10:38 +13:00
Alex Ford
4ae92667e1 Ruby: use Ruby object instantiation syntax in a comment 2021-12-13 12:54:45 +00:00
Harry Maclean
e1d290d4c0 Ruby: Don't count private methods as Rails actions 
Private instance methods on ActionController classes aren't valid
request handlers. Routing to them will raise an exception.
 2021-12-13 15:36:55 +13:00
Nick Rolfe
b80a84c156 Merge pull request #7341 from github/nickrolfe/cookies 2021-12-10 19:52:23 +00:00
Andrew Eisenberg
66c1629974 Merge pull request #7285 from github/post-release-prep-2.7.3-ddd4ccbb 
Post-release preparation 2.7.3
 2021-12-10 09:59:45 -08:00
Nick Rolfe
b6c5b4d213 Ruby: define ActionViewCookiesCall 2021-12-10 16:36:26 +00:00
Nick Rolfe
a4da528812 Ruby: query to find user-controlled bypass of sensitive actions 2021-12-10 11:41:09 +00:00
Anders Schack-Mulligen
464b9c3991 Dataflow: Sync. 2021-12-10 11:20:01 +01:00
Tom Hvitved
657cd89286 Merge pull request #7347 from hvitved/cfg/more-consistency-tests 
Shared CFG: Add two more consistency queries
 2021-12-10 10:50:39 +01:00
Arthur Baars
13f7fd88f1 Merge pull request #7283 from aibaars/ruby-pattern-matching-cfg 
Ruby: pattern matching: CFG
 2021-12-10 10:24:38 +01:00
Tom Hvitved
70f76d06c7 Shared CFG: Add two more consistency queries 2021-12-10 09:56:50 +01:00
Arthur Baars
fd4915a564 Ruby: CFG: add default implementation for getAnInnerCompatibleCompletion 2021-12-09 15:23:26 +01:00
Arthur Baars
9d288c90a5 Ruby: CFG: better return type for getAMatchingSuccessorType 2021-12-09 15:23:26 +01:00
Arthur Baars
d0aa307bd3 Ruby: CFG: fix multiple successors failure for default parameters 2021-12-09 15:23:26 +01:00
Tom Hvitved
b887165005 Ruby: Code review suggestions 2021-12-09 15:23:26 +01:00
Arthur Baars
3689481c18 Ruby: CFG: make Completion.isValidFor work for getSugared AST nodes 2021-12-09 15:23:26 +01:00
Arthur Baars
660e52f2bf Ruby: CFG: make VariableReferencePattern a PreOrder node 2021-12-09 15:23:26 +01:00
Arthur Baars
e9e3ef3ea2 Ruby: 'self' is not really a local variable 2021-12-09 15:23:26 +01:00
Arthur Baars
799c945299 Ruby: fix CFG for AsPattern 2021-12-09 15:23:26 +01:00
Arthur Baars
95f8f85aa2 Ruby: fix allowed completions for desugared CasePatterns 2021-12-09 15:23:26 +01:00
Arthur Baars
513fe09dbb Treat class names in array/find/hash patterns as sub-patterns 2021-12-09 15:23:26 +01:00
Arthur Baars
d17c055139 CFG 2021-12-09 15:23:25 +01:00
Tom Hvitved
cbc96dba8a Shared CFG: Add another consistency test 
Finds nodes with multiple normal successors, where one is the special simple
successor. For example, this would flag a node that has both a "simple" and
a "true" successor.
 2021-12-09 15:08:19 +01:00