hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

55 Commits

Author SHA1 Message Date
Tom Hvitved
978a816f11 Ruby: Track types in data flow 2025-01-06 13:26:10 +01:00
Michael Nebel
138e294dae Ruby: Update all test util paths to point to the new location. 2024-12-12 13:54:37 +01:00
Jeroen Ketema
ca40b60e62 Ruby: update expected test results 2024-12-03 19:18:46 +01:00
Tom Hvitved
7c4d5981dd Shared: Add missing spaces in inline test expectation output 2024-10-25 13:23:03 +02:00
Tom Hvitved
cb1b1da422 Ruby: Add another array flow test 2024-08-21 19:06:53 +02:00
Tom Hvitved
c9aaba677d Ruby: Update expected test output 2024-08-13 13:34:46 +02:00
Tom Hvitved
e53357d376 Update expected test output 2024-03-18 14:49:32 +01:00
Tom Hvitved
914a605a87 Ruby: Rework hidden synthetic data-flow nodes 2024-02-27 15:33:58 +01:00
Tom Hvitved
994d990f37 Ruby: Add another data flow test 2024-02-27 15:33:58 +01:00
Anders Schack-Mulligen
35a3aa0a09 Ruby: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Tom Hvitved
6ce8e0510f Ruby: Adopt shared type tracking library 2023-11-20 16:03:24 +01:00
Tom Hvitved
2c23dacca1 Ruby: Add more hash/array literal tests 2023-11-16 12:58:53 +01:00
Tom Hvitved
14cfb82a8c Ruby: Summarized type-tracking stores should target post-update nodes 2023-10-30 10:47:29 +01:00
Tom Hvitved
e258324960 Ruby: Allow for implicit array reads at all sinks during taint tracking 2023-09-14 09:40:05 +02:00
Tom Hvitved
48e2dcfa35 Ruby: Reimplement flow through captured variables using field flow 2023-09-06 11:00:55 +02:00
Tom Hvitved
a2912cd72b Ruby: Use proper PathGraph module in inline flow tests 
Gets rid of
```
PathNode is incompatible with PathNode (the type of the edge relation).
```
warnings.
 2023-09-04 20:27:34 +02:00
Tom Hvitved
89e9d25f02 Ruby: Hide desugared assignments from data flow path graph 2023-08-31 14:04:57 +02:00
Jeroen Ketema
9d573e5544 Consolidate all InlineFlowTest libraries in the dataflow qlpack 2023-08-24 21:38:46 +02:00
Tom Hvitved
c084a9b27a Ruby: Make type tracking flow-insensitive for captured variables 2023-08-14 13:44:37 +02:00
Jeroen Ketema
c53e529bac Ruby: Update remaining inline expectation tests to use the paramterized module 2023-06-20 10:16:01 +02:00
Jeroen Ketema
d82c3ce11a Ruby: Rewrite InlineFlowTest as a parameterized module 2023-06-15 10:52:23 +02:00
Asger F
d47477bd3b Ruby: update line numbers in expectation file 2023-06-09 14:52:21 +02:00
Asger F
a50d91ea48 Ruby: fix bug in filter_map summary 2023-06-09 14:31:10 +02:00
Anders Schack-Mulligen
90f84bb516 Ruby: Update expected output. 2023-04-26 13:08:16 +02:00
Arthur Baars
8b90d021fa Ruby: change evaluation order of destructured assignments 2023-03-24 16:57:25 +01:00
Tom Hvitved
b816c79248 Ruby: Include all assignments in data flow paths 2023-03-24 10:09:30 +01:00
Asger F
859dc7beb7 Merge pull request #11024 from asgerf/rb/data-flow-layer-capture2 
Ruby: expand DataFlow API
 2022-11-09 15:06:03 +01:00
Asger F
9f59b6b439 Update type-tracking test 2022-10-31 13:33:41 +01:00
Harry Maclean
4ec527a9ea Ruby: Explain difference between flow tests 
The type-tracking flow tests document the difference in sensitivity
between type-tracking and dataflow, so failures in that test are
expected.
 2022-10-28 11:31:55 +13:00
Asger F
d55925d8d4 Ruby: support splat type-tracking step 2022-10-11 09:03:51 +02:00
Tom Hvitved
0e6735b804 Merge pull request #10691 from hvitved/dataflow/conjunctive-clears 
Data flow: Take conjunctive `With(out)Contents` into account in `prohibitsUseUseFlow`
 2022-10-06 09:03:30 +02:00
Tom Hvitved
e51c20bfc7 Data flow: Take conjunctive With(out)Contents into account in prohibitsUseUseFlow 2022-10-05 12:58:29 +02:00
Asger F
948594043d Ruby: share type-tracking test with array test 2022-10-04 11:15:13 +02:00
Tom Hvitved
3ec43dbd16 Ruby: Do not attempt to track precise hash indices for floats and complex numbers 2022-09-30 14:57:50 +02:00
Tom Hvitved
2351c0288a Ruby: Fix spurious flow through reverse stores 2022-09-27 20:16:31 +02:00
Tom Hvitved
fea1e47daa Ruby: Add data-flow test for spurious flow through a reverse store 2022-09-27 20:05:35 +02:00
Tom Hvitved
007ab2b7ce Ruby: Do not expose AST layer through ruby.qll 2022-09-13 19:59:56 +02:00
Tom Hvitved
faf24a4f18 Ruby: Data-flow through hashes 2022-05-24 14:27:55 +02:00
Tom Hvitved
884d3b2ff4 Ruby: Introduce With(out)Element MaD input tokens 2022-05-11 15:17:27 +02:00
Tom Hvitved
d1c9d68e14 Ruby: Generalize ArrayElementContent to ElementContent 2022-04-27 11:53:21 +02:00
Tom Hvitved
3b7fe06858 Ruby: Simplify flow summary for fetch 2022-04-27 08:26:24 +02:00
Tom Hvitved
b033f107df Merge remote-tracking branch 'upstream/main' into dataflow/interpret-read-store 2022-04-22 14:35:02 +02:00
Tom Hvitved
c20ce62767 Ruby: Exclude SplatExpr from taint tracking 
`SplatExpr`s are modelled using flow summaries, so there is no need to include them
explicitly in `defaultAdditionalTaintStep`.
 2022-04-21 20:27:04 +02:00
Tom Hvitved
725d76e934 Ruby: Implement ContentSet 2022-04-04 13:51:44 +02:00
Tom Hvitved
a5040fd0ce Ruby: Add data-flow test for reverse array stores 2022-04-04 13:51:43 +02:00
Tom Hvitved
0bd8411cb6 Ruby: Hide more SSA nodes from data-flow path explanations 2022-02-09 15:31:10 +01:00
Nick Rolfe
45962f1cad Ruby: make this unique for each method 
Even when summaries are shared in a single class.
 2022-02-04 17:03:55 +00:00
Nick Rolfe
7a9ddc28bf Ruby: address some more feedback on array flow summaries 2022-02-04 16:33:27 +00:00
Nick Rolfe
ed00f2b0d2 Ruby: address some feedback on array flow summaries 2022-02-04 13:40:39 +00:00
Nick Rolfe
161d766ba9 Ruby: address review comments on array_flow.rb 2022-02-04 11:59:59 +00:00