hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

3367 Commits

Author SHA1 Message Date
Tom Hvitved
da66281fef Sync files 2024-03-11 13:02:04 +01:00
Tom Hvitved
7a39f077d9 Data flow: Add ConfigSig::accessPathLimit 2024-03-11 13:01:58 +01:00
Joe Farebrother
dbd33d1cf0 Model Argument[1] of ActiveRecord from 2024-03-08 14:04:01 +00:00
Tom Hvitved
85782ff1d4 Ruby: Exclude calls with arguments from OrmFieldAsSource 2024-03-07 17:34:01 +01:00
github-actions[bot]
dc9092c9ec Post-release preparation for codeql-cli-2.16.4 2024-03-06 22:19:33 +00:00
github-actions[bot]
2f058ffb4d Release preparation for version 2.16.4 2024-03-06 20:56:51 +00:00
Angela P Wen
ce31f8641a Revert "Release preparation for version 2.16.4" 2024-03-06 12:07:33 -08:00
Harry Maclean
350dab4621 Merge pull request #15722 from hmac/mad-sinks 2024-03-06 08:18:19 +00:00
github-actions[bot]
661e68dab5 Release preparation for version 2.16.4 2024-03-05 18:13:58 +00:00
Joe Farebrother
dcc6f83d3b Merge pull request #15782 from joefarebrother/ruby-typhoeus 
Ruby: Model `Typhoeus::Request.new`
 2024-03-05 16:55:38 +00:00
Angela P Wen
967963a653 Revert "Release preparation for version 2.16.4" 2024-03-05 08:53:33 -08:00
Joe Farebrother
7027b7fe82 Apply review suggestions: Use getInstance and clarify predicate name/qldoc. Also fix changenote formatting. 2024-03-05 16:34:48 +00:00
Harry Maclean
148241183a Ruby: update changenote 2024-03-05 10:20:25 +00:00
Harry Maclean
91cb2a37fd Ruby: Model Process.exec 2024-03-05 10:19:22 +00:00
Harry Maclean
179aaa1342 Ruby: model Open4.popen4ext 2024-03-05 09:35:18 +00:00
Harry Maclean
87f3b43576 Ruby: remove deprecated private class 2024-03-05 08:28:16 +00:00
github-actions[bot]
a67218a027 Release preparation for version 2.16.4 2024-03-04 17:42:08 +00:00
Angela P Wen
2b2ea597ce Fix formatting on changenotes 2024-03-04 16:42:38 +00:00
Joe Farebrother
31687afd5d Fix performance 2024-03-04 09:47:12 +00:00
Joe Farebrother
5a1c0f60e6 Fix qldoc typo 2024-03-01 15:12:16 +00:00
Joe Farebrother
4b1626c83a Add change note 2024-03-01 14:59:24 +00:00
Joe Farebrother
65b30c1dff Add tests and qldoc 2024-03-01 14:46:55 +00:00
Joe Farebrother
a08b292099 Add models for Typhoeus::Request 2024-03-01 14:23:24 +00:00
Peter Stöckli
a693c6d9b4 Ruby: sinks for code injection via calls to method 2024-03-01 14:42:22 +01:00
Joe Farebrother
abdae2c437 Apply reveiw suggestion - update change note 
Co-authored-by: Harry Maclean <hmac@github.com>
 2024-03-01 09:57:28 +00:00
Joe Farebrother
bf2174ffce Add change note 2024-03-01 09:57:28 +00:00
Joe Farebrother
0b7b7ea1b8 Add test cases and improve controller model 2024-03-01 09:57:24 +00:00
Joe Farebrother
ef0a1d2873 Implement models for translation methods 2024-03-01 09:52:53 +00:00
Tom Hvitved
914a605a87 Ruby: Rework hidden synthetic data-flow nodes 2024-02-27 15:33:58 +01:00
Joe Farebrother
3ab6f222d0 Merge pull request #15718 from joefarebrother/ruby-arel-sqlliteral 
Ruby: Model Arel::Nodes::SqlLiteral.new
 2024-02-27 12:43:47 +00:00
Harry Maclean
d0e7fbc871 Ruby: Add changenote 2024-02-27 09:47:51 +00:00
Tom Hvitved
bbeee8f38d Merge pull request #15717 from hvitved/csharp/view-cfg 
Shared `View CFG` implementation
 2024-02-27 09:13:18 +01:00
Joe Farebrother
cb733dcf85 Simplify model defenition 2024-02-26 14:59:03 +00:00
Harry Maclean
f7b8e8af41 Ruby: Include request forgery sinks from MaD 2024-02-26 11:34:11 +00:00
Harry Maclean
8bed3fbed4 Ruby: Add basic model for Terrapin library 2024-02-26 11:32:41 +00:00
Harry Maclean
9d13a1ff51 Ruby: Add model for Process.spawn 2024-02-26 11:26:38 +00:00
Harry Maclean
d1847566b6 Ruby: Ql4QL fix 2024-02-26 11:26:38 +00:00
Harry Maclean
beef9965cc Ruby: Model Open4 library 
Also remove duplicate modeling of Process.spawn.
 2024-02-26 11:26:38 +00:00
Harry Maclean
a03c06802e Ruby: Add some more command injection sinks 2024-02-26 11:26:38 +00:00
Cornelius Riemenschneider
fd85c44129 Ruby: Start building the language pack using bazel. 
This PR introduces a bazel and `rules_rust`-based build system
for the ruby extractor and language pack.
This replacese the existing, `cargo` and `cross`-based build system.

For local development, nothing changes, and the existing `cargo`-based
build still keeps working as-is.

We no longer need to use `cross` to compile our Linux binaries,
as we now can link against our hermetic C++ toolchain, which ships
with an old enough glibc, so that we don't run into symbol version issues
when deploying the binaries to older systems.
Besides the one change in dependency (explained in detail in `Cargo.toml`
and in https://github.com/github/codeql/pull/15595), nothing ought to
change in how we build the extractor.
 2024-02-26 11:21:22 +00:00
Joe Farebrother
fb06e9f6b2 Merge pull request #15719 from joefarebrother/ruby-changenote-formatting 
Ruby: Fix change note formatting
 2024-02-26 11:12:01 +00:00
Tom Hvitved
5b6e76c030 Move View CFG implementation from Ruby/Swift into shared library 2024-02-26 11:23:49 +01:00
Joe Farebrother
403a1ac483 Fix change note formatting 2024-02-26 10:21:26 +00:00
Joe Farebrother
2257df5c6f Model Arel::Nodes::SqlLiteral.new 2024-02-26 10:09:33 +00:00
Tom Hvitved
03a125de38 Merge pull request #15562 from Marcono1234/patch-2 
Ruby: Fix formatting in changelog
 2024-02-26 10:03:29 +01:00
Tom Hvitved
2683e40038 Merge pull request #15708 from hvitved/share-ide-contextual 
Share `getFileBySourceArchiveName` implementation
 2024-02-23 19:56:33 +01:00
Harry Maclean
f5be407989 Ruby: deprecate old ProtectFromForgeryCall class 2024-02-23 12:02:26 +00:00
Harry Maclean
7b3f1a0982 Ruby: fix comment 2024-02-23 11:14:52 +00:00
Harry Maclean
3ee425cc47 Ruby: Identify ActionController::API 
`ActionController::API < ActionController::Base` is a base controller
class, so we should recognise it as such.
 2024-02-23 11:13:17 +00:00
Harry Maclean
1fbf177b54 Ruby: QLDoc fix 2024-02-23 11:13:16 +00:00