hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,824 Commits 1,671 Branches 157 Tags
ginsbach/EnableJavaOverlayCompilation
Commit Graph

4804 Commits

Author SHA1 Message Date
Tom Hvitved
12359ba733 Add change note 2023-11-21 11:46:15 +01:00
Tom Hvitved
6ce8e0510f Ruby: Adopt shared type tracking library 2023-11-20 16:03:24 +01:00
Tom Hvitved
620e8dcb37 Merge pull request #14787 from hvitved/ruby/prune-dataflow-nodes 
Ruby: Prune irrelevant data flow nodes and edges
 2023-11-20 16:03:00 +01:00
github-actions[bot]
bad499e360 Post-release preparation for codeql-cli-2.15.3 2023-11-17 14:35:41 +00:00
github-actions[bot]
6ec9b95072 Release preparation for version 2.15.3 2023-11-16 13:07:16 +00:00
Tom Hvitved
b2f1022e5c Ruby: Prune irrelevant data flow nodes and edges 2023-11-16 13:52:07 +01:00
Tom Hvitved
75f42f4614 Merge pull request #14783 from hvitved/ruby/hash-array-literal 
Ruby: Include more nodes in `{Hash,Array}LiteralCfgNode`
 2023-11-16 13:51:35 +01:00
Tom Hvitved
2c23dacca1 Ruby: Add more hash/array literal tests 2023-11-16 12:58:53 +01:00
Tom Hvitved
475d8da342 Ruby: Include more nodes in {Hash,Array}LiteralCfgNode 2023-11-14 13:50:46 +01:00
Tom Hvitved
f1b67ade9b Ruby: Include name of variable in UninitializedDefinition.toString 2023-11-14 11:33:59 +01:00
Rasmus Wriedt Larsen
43d9d2ceb7 Merge pull request #14603 from github/max-schaefer/broken-crypto-algorithm-link 
JavaScript/Python/Ruby: Improve alert message for `*/weak-cryptographic-algorithm`.
 2023-11-08 14:29:24 +01:00
Geoffrey White
e8a466a02c Update dead link. 2023-11-07 09:26:07 +00:00
Tom Hvitved
3c86aad16d Merge pull request #14628 from hvitved/ruby/type-tracking-store-post-update 
Ruby: Summarized type-tracking stores should target post-update nodes
 2023-11-01 13:54:21 +01:00
Tom Hvitved
0c5b528d54 Address review comments 2023-11-01 11:32:57 +01:00
Chris Smowton
79e1aa0498 Merge pull request #14634 from github/post-release-prep/codeql-cli-2.15.2 
Post-release preparation for codeql-cli-2.15.2
 2023-10-31 10:24:53 +00:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
Harry Maclean
083be305e1 Shared: Add neutralModel extensible predicate 
The neutralModel extensible predicate already exists in Java and C#, so
this change brings the dynamic languages more in line with static
languages. The Model Editor uses this predicate to mark endpoints as
"not interesting" from a data flow perspective.
 2023-10-30 11:31:57 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Tom Hvitved
14cfb82a8c Ruby: Summarized type-tracking stores should target post-update nodes 2023-10-30 10:47:29 +01:00
Alex Ford
8db23dc775 Ruby: refine ActiveRecord update_all as an SQL sink 2023-10-30 09:47:16 +00:00
Alex Ford
013e7aae97 Ruby: test whitespace changes 2023-10-30 09:32:44 +00:00
Alex Ford
cb1cd5ed2a Merge pull request #14560 from alexrford/rb/modgen 
Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries
 2023-10-27 16:43:42 +01:00
Alex Ford
f6ac63b259 Ruby: modgen - use FeatureEqualSourceSinkCallContext feature rather than late filtering for method context 2023-10-27 14:48:50 +01:00
Alex Ford
0818354ad7 Ruby: modgen - fix unbound variable 2023-10-27 11:46:09 +01:00
Max Schaefer
104700f6d3 Address review comment. 2023-10-27 10:19:28 +01:00
Alex Ford
5a1a3f0727 Ruby: modgen - deduplicate getAnyParameter logic 2023-10-26 17:45:47 +01:00
Alex Ford
86ba75cadf Ruby: modgen - support self arguments 2023-10-26 17:42:46 +01:00
Alex Ford
6203887645 fixup 2023-10-26 17:38:43 +01:00
Alex Ford
24946c0dfd Ruby: modgen - restrict flow summaries to public methods 2023-10-26 17:05:31 +01:00
Alex Ford
fef2932f56 Apply suggestions from code review 
Co-authored-by: Harry Maclean <hmac@github.com>
 2023-10-26 17:04:51 +01:00
Max Schaefer
08cc8b8e80 Autoformat. 2023-10-26 15:36:06 +01:00
Max Schaefer
f42bd28ca9 Port changes to Ruby. 2023-10-26 15:06:45 +01:00
Alex Ford
16c5edd3ca Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries 2023-10-25 15:52:02 +01:00
Maiky
d8aa0e2d7e Remove unnecessary import 2023-10-21 17:29:08 +02:00
Maiky
35d390ad06 Add Insecure Randomness Query (CWE-338) 2023-10-21 17:23:41 +02:00
Peter Stöckli
09cf76a880 Ruby: additional unsafe deserialization sinks for ox, oj 2023-10-19 14:04:48 +02:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
amammad
2e4e5ef480 fix a comment 2023-10-17 10:42:40 +02:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Alex Ford
22850b28df Ruby: update alert message test output 2023-10-16 13:08:49 +01:00
Alex Ford
66d230a207 ruby: qlformat 2023-10-16 12:45:46 +01:00
Alex Ford
3dd042c38a Merge remote-tracking branch 'origin/main' into maikypedia/ruby-jwt 2023-10-16 12:42:19 +01:00
Maiky
e204100701 Resolve conflict in Concepts.qll 2023-10-15 10:37:10 +02:00
Maiky
17210c76a5 change-note edition 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-10-15 10:25:58 +02:00
Harry Maclean
1297acf5b1 Merge pull request #14216 from hmac/hmac-graphql-enum 
Ruby: Restrict GraphQL remote flow sources
 2023-10-13 11:31:50 +01:00
Henry Mercer
1a370bfbbe Merge pull request #14443 from github/post-release-prep/codeql-cli-2.15.0 
Post-release preparation for codeql-cli-2.15.0
 2023-10-11 17:39:04 +01:00
github-actions[bot]
ae6af17c74 Post-release preparation for codeql-cli-2.15.0 2023-10-11 14:19:20 +00:00
amammad
609bb762fe fix a bug,modularize 2023-10-11 12:04:11 +02:00
amammad
90017712a6 Merge remote-tracking branch 'origin/main' into amammad-ruby-bombs 2023-10-11 10:45:16 +02:00
Asger F
89bd00a4ec Ruby: port queries to ConfigSig-style 2023-10-11 10:06:19 +02:00