hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

3367 Commits

Author SHA1 Message Date
github-actions[bot]
d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
Alex Ford
5b013dd5d2 Merge branch 'main' into rb/dataflow-query-refactor 2023-09-07 14:57:38 +01:00
Alex Ford
947fa0de62 Ruby: fix qldoc warnings 2023-09-07 14:57:04 +01:00
Alex Ford
4a01de13ef Ruby: avoid toString in query warning 2023-09-07 14:54:50 +01:00
Alex Ford
0aee7f6ac6 Ruby: qlformat 2023-09-07 14:47:02 +01:00
Alex Ford
a893911dba Ruby: Use a newtype instead of DataFlow::FlowState for insecure-download 2023-09-07 14:22:18 +01:00
Alex Ford
75fdde543f Ruby: Use a newtype instead of DataFlow::FlowState for hardcoded-data 2023-09-07 14:13:26 +01:00
Alex Ford
0d7d5a35c9 Ruby: Use a newtype instead of DataFlow::FlowState for code-injection 2023-09-07 13:39:10 +01:00
Alex Ford
dfc3b33910 Ruby: Use a newtype instead of DataFlow::FlowState for unicode-bypass-validation 2023-09-07 12:09:47 +01:00
Tom Hvitved
a06a9ffa29 Address review comments 2023-09-06 11:01:54 +02:00
Tom Hvitved
6de315d086 Add change note 2023-09-06 11:01:54 +02:00
Tom Hvitved
48e2dcfa35 Ruby: Reimplement flow through captured variables using field flow 2023-09-06 11:00:55 +02:00
github-actions[bot]
abf2b12b1c Release preparation for version 2.14.4 2023-09-05 16:56:14 +00:00
Tom Hvitved
4a1163b38c Merge pull request #14109 from hvitved/ruby/hide-desugared-assignments-in-dataflow 2023-09-04 19:59:33 +02:00
Alex Ford
98851736d6 Revert "Ruby: configsig rb/tainted-format-string" 
This reverts commit f5860cb4818dc3c07eeb6731e75bf5df203dd48f.
 2023-09-03 17:20:06 +01:00
Alex Ford
bf6837cca0 Revert "Ruby: configsig rb/http-to-file-access" 
This reverts commit e77ba1589663905c952cdb643ab66885760b27bd.
 2023-09-03 17:20:06 +01:00
Alex Ford
b6d12f8b1c Ruby: configsig rb/zip-slip 2023-09-03 17:20:05 +01:00
Alex Ford
ebf2a2e1f5 Ruby: configsig rb/unicode-bypass-validation 2023-09-03 17:20:05 +01:00
Alex Ford
7445fc43f9 Ruby: configsig rb/regexp-injection 2023-09-03 17:20:05 +01:00
Alex Ford
494b7b3fdf Ruby: configsig rb/polynomial-redos 2023-09-03 17:20:05 +01:00
Alex Ford
04d3d04317 Ruby: configsig rb/regex/badly-anchored-regexp 2023-09-03 17:20:05 +01:00
Alex Ford
77f3a70376 Ruby: renames for rb/xpath-injection 2023-09-03 17:20:05 +01:00
Alex Ford
42cd58695d Ruby: configsig rb/url-redirection 2023-09-03 17:20:05 +01:00
Alex Ford
f79796a644 Ruby: configsig rb/shell-command-constructed-from-input 2023-09-03 17:20:05 +01:00
Alex Ford
f03f670312 Ruby: configsig rb/html-constructed-from-input 2023-09-03 17:20:05 +01:00
Alex Ford
8ad6c72ba2 Ruby: configsig rb/unsafe-deserialization 2023-09-03 17:20:05 +01:00
Alex Ford
461bc0d359 Ruby: configsig rb/unsafe-code-construction 2023-09-03 17:20:05 +01:00
Alex Ford
3e23a6e021 Ruby: configsig rb/server-side-template-injection 2023-09-03 17:20:05 +01:00
Alex Ford
0a73ebdbee Ruby: configsig rb/tainted-format-string 2023-09-03 17:20:05 +01:00
Alex Ford
f5e433940f Ruby: renames for rb/stored-xss 2023-09-03 17:20:05 +01:00
Alex Ford
030aae5693 Ruby: configsig rb/stack-trace-exposure 2023-09-03 17:20:05 +01:00
Alex Ford
bf1cb33be3 Ruby: configsig rb/sql-injection 2023-09-03 17:20:05 +01:00
Alex Ford
ba8ff0710d Ruby: configsig rb/request-forgery 2023-09-03 17:20:05 +01:00
Alex Ford
df9173502e Ruby: configsig rb/sensitive-get-query 2023-09-03 17:20:05 +01:00
Alex Ford
593d9a48d4 Ruby: configsig rb/reflected-xss 2023-09-03 17:20:05 +01:00
Alex Ford
ad2bbfb265 Ruby: configsig rb/path-injection 2023-09-03 17:20:05 +01:00
Alex Ford
867e47bcdd Ruby: renames for rb/log-injection 2023-09-03 17:20:04 +01:00
Alex Ford
eb34bbbfd2 Ruby: renames for rb/ldap-injection 2023-09-03 17:20:04 +01:00
Alex Ford
d46eceb5f4 Ruby: configsig rb/kernel-open 2023-09-03 17:20:04 +01:00
Alex Ford
a8ad0d8ff5 Ruby: renames for rb/insecure-download 2023-09-03 17:20:04 +01:00
Alex Ford
c973fc1274 Ruby: configsig rb/http-to-file-access 2023-09-03 17:20:04 +01:00
Alex Ford
2536f1a0cd Ruby: configsig rb/user-controlled-bypass 2023-09-03 17:20:04 +01:00
Alex Ford
377570f361 Ruby: configsig rb/command-line-injection 2023-09-03 17:20:04 +01:00
Alex Ford
b1a49ddb0d Ruby: configsig rb/code-injection 2023-09-03 17:20:04 +01:00
Alex Ford
6fa267a820 Ruby: configsig rb/clear-text-storage-sensitive-data 2023-09-03 17:20:04 +01:00
Alex Ford
2a2f21d3a9 Ruby: configsig rb/clear-text-logging-sensitive-data 2023-09-03 17:20:04 +01:00
Alex Ford
ce35d6921f Ruby: configsig rb/hardcoded-data-interpreted-as-code 2023-08-31 16:20:18 +01:00
Tom Hvitved
89e9d25f02 Ruby: Hide desugared assignments from data flow path graph 2023-08-31 14:04:57 +02:00
Tom Hvitved
50db6916c8 Ruby: Get rid of unused EmptinessSuccessor 2023-08-31 13:17:05 +02:00
Tom Hvitved
c4b626a416 Ruby: Use data flow consistency checks from shared pack 2023-08-30 15:29:41 +02:00