codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	87a1ccd428	Merge branch 'main' into getRubyInSync	2021-11-23 20:20:37 +01:00
Nick Rolfe	1a90b388a9	Merge remote-tracking branch 'origin/main' into nickrolfe/regex_injection	2021-11-23 15:42:05 +00:00
Alex Ford	055641e684	Merge pull request #7062 from github/ruby/rails-csrf Ruby: Add `rb/csrf-protection-disabled` query	2021-11-23 13:46:42 +00:00
Erik Krogh Kristensen	b2e40ac603	fix typo in test Co-authored-by: Nick Rolfe <nickrolfe@github.com>	2021-11-23 13:09:22 +01:00
Nick Rolfe	e5f473052d	Ruby: add Regexp.{compile,quote} to regex injection test	2021-11-23 11:05:41 +00:00
Nick Rolfe	752b126862	Merge remote-tracking branch 'origin/main' into nickrolfe/regex_injection	2021-11-22 17:05:27 +00:00
Alex Ford	68c3c16ab3	Ruby: enable forgery protection checks for development environments	2021-11-22 15:00:32 +00:00
Harry Maclean	ac20eafecc	Add qhelp for Ruby SSRF	2021-11-19 11:28:08 +00:00
Harry Maclean	2bba31eb02	Update metadata of Ruby SSRF query	2021-11-19 11:28:08 +00:00
Harry Maclean	dc464879a2	Add a query for server-side request forgery	2021-11-19 11:28:08 +00:00
Erik Krogh Kristensen	ee858d840e	get ReDoSUtil in sync for ruby	2021-11-18 16:49:34 +01:00
Erik Krogh Kristensen	1cca377e7d	Merge pull request #6561 from erik-krogh/htmlReg JS/Py/Ruby: add a bad-tag-filter query	2021-11-18 09:39:13 +01:00
Tom Hvitved	34fdf11b4b	Ruby: Update expected test output	2021-11-10 15:11:13 +01:00
Alex Ford	25da904314	test cases for rb/csrf-protection-disabled	2021-11-04 19:56:56 +00:00
Nick Rolfe	11154a9409	Ruby: add regex injection query	2021-10-27 15:58:12 +01:00
Erik Krogh Kristensen	97264b5dda	add the bad tag filter query to ruby	2021-10-26 15:25:12 +02:00
Tom Hvitved	f020b2e437	Merge pull request #335 from github/hmac/self-flow	2021-10-22 19:14:20 +02:00
Harry Maclean	356828cd51	Update stored XSS fixture The change to `self` modelling finds more true positives in this query.	2021-10-20 13:30:51 +01:00
Nick Rolfe	86da3c2db3	Add rb/path-injection query	2021-10-20 12:31:16 +01:00
Arthur Baars	976daddd36	Move files to ruby subfolder	2021-10-15 11:47:28 +02:00

20 Commits