hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

1619 Commits

Author SHA1 Message Date
Tom Hvitved
35938067fe Merge pull request #11517 from aibaars/phi-reads-in-data-flow-graph 
Ruby: Include SSA "phi reads" in DataFlow::Node
 2022-12-07 18:58:44 +01:00
Arthur Baars
898a4006b0 Merge pull request #10747 from aibaars/ruby-more-flow 
Ruby: also treat included/prepended modules as subclasses
 2022-12-07 15:49:00 +01:00
Arthur Baars
d862972d5e Ruby: Add use-use stress test 2022-12-07 15:28:51 +01:00
Arthur Baars
f11f2cb1a0 Ruby: Update tests 2022-12-07 15:28:50 +01:00
erik-krogh
8ab31bbe1c have getMethodName return the method being called for super-calls 2022-12-07 14:09:36 +01:00
erik-krogh
8f0c0f3c17 add support for super calls to Kernel 2022-12-06 14:25:51 +01:00
erik-krogh
66946ebf6a add Kernel methods as sinks to path-injection 2022-12-06 14:09:15 +01:00
Tom Hvitved
b171dc9b7b Merge pull request #11477 from hvitved/ruby/call-ctx-rewrite 
Ruby: Rework call-context sensitivity logic
 2022-12-06 07:39:29 +01:00
Arthur Baars
889eea92c2 Merge branch 'main' into ruby-more-flow 2022-12-05 11:13:46 +01:00
Arthur Baars
83423854d2 Merge pull request #11339 from aibaars/active_support_enumerable 
Ruby: Active support enumerable
 2022-12-05 11:02:19 +01:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
Harry Maclean
91421528df Ruby: Update test 2022-12-01 09:01:03 +13:00
Alex Ford
e321657f59 Ruby: model rails/globalid 2022-11-30 12:50:26 +00:00
Arthur Baars
0f2cb440b0 Ruby: add flow summary for Enumerable#sole 2022-11-30 11:57:35 +01:00
Arthur Baars
5517cfa6c0 Ruby: add flow summary for Enumerable#pluck 2022-11-30 11:57:35 +01:00
Arthur Baars
207ba86d51 Ruby: add flow summary for Enumerable#pick 2022-11-30 11:57:29 +01:00
Tom Hvitved
bfbe5bdfb8 Ruby: Add data flow test that illustrates spurious flow 2022-11-30 11:01:32 +01:00
Harry Maclean
dab7970087 Ruby: Model JSON.pretty_generate 2022-11-30 13:18:45 +13:00
Harry Maclean
14a19d23a6 Ruby: Fix typo in documentation 
This import isn't needed.
 2022-11-30 13:18:45 +13:00
Harry Maclean
67257671ea Ruby: Remove redundant dataflow test 2022-11-30 13:18:44 +13:00
Harry Maclean
1bd2dd0a6e Ruby: update test fixture 2022-11-30 13:17:46 +13:00
Harry Maclean
eff763d127 Ruby: Model to_json ActiveSupport extension 2022-11-30 13:17:44 +13:00
Harry Maclean
5259d4af63 Ruby: Model various JSON methods 2022-11-30 13:15:18 +13:00
Harry Maclean
0a98559fcb Ruby: Add flow summaries for ActiveSupport::JSON 2022-11-30 13:15:16 +13:00
Harry Maclean
aed4325ee3 Ruby: Remove unused class 2022-11-30 11:50:35 +13:00
Harry Maclean
b66ea6ed72 Ruby: Simplify ActionMailbox modeling 2022-11-30 11:46:21 +13:00
Harry Maclean
71f2d8f6d8 Ruby: Model ActionMailbox#inbound_mail 2022-11-30 11:46:21 +13:00
Harry Maclean
eac5aa26ee Ruby: Model remote input for ActionMailbox 2022-11-30 11:46:21 +13:00
Harry Maclean
375403fb9d Merge pull request #11114 from hmac/case-barrier-guard-3 
Ruby: Add case string comparison barrier guard
 2022-11-30 11:21:07 +13:00
erik-krogh
7dcb813ff3 remove two more claseses of FPs in rb/non-constant-kernel-open 2022-11-29 12:49:23 +01:00
Peter Stöckli
6b1865d2ca Merge branch 'main' into p--ruby-kernel-open-addition 2022-11-29 10:19:36 +01:00
Peter Stöckli
5b6dd786c3 Add changes for NonConstantKernelOpenQuery 2022-11-29 10:00:57 +01:00
Peter Stöckli
d8752a0b12 Add additional sinks to the rb/kernel-open query 2022-11-29 10:00:56 +01:00
Erik Krogh Kristensen
0cd50aac40 Merge pull request #11398 from erik-krogh/splat-stuff 
Rb: add some more flow through splat parameters
 2022-11-28 22:31:25 +01:00
Nick Rolfe
8a94cabdbf Merge pull request #11250 from github/nickrolfe/stack-trace-exposure 
Ruby: add stack-trace exposure query
 2022-11-28 10:45:59 +00:00
erik-krogh
0c2ff98dc2 add flow from the first splat argument to the first splat parameter 2022-11-28 09:54:05 +01:00
erik-krogh
d5725255fe add failing test for splat parameter flow 2022-11-28 09:53:03 +01:00
erik-krogh
378cc1aed2 add support for string-like-literals 2022-11-25 10:32:06 +01:00
erik-krogh
80c92dc3e6 add support for array pushes 2022-11-25 10:32:05 +01:00
erik-krogh
3461404bbb add basic support for arrays 2022-11-25 10:31:35 +01:00
erik-krogh
2033dd2dcc remove parameters named "code" as source 2022-11-25 10:25:31 +01:00
erik-krogh
e7c6571f52 remove the "send(..)" and similar from unsafe-code-construction 2022-11-25 10:25:31 +01:00
erik-krogh
f1668801d3 add a rb/unsafe-code-construction query 
rebase
 2022-11-25 10:25:30 +01:00
Harry Maclean
f49507e59a Ruby: Add note about WithElement usage 2022-11-25 16:55:37 +13:00
Harry Maclean
df398fb9a0 Ruby: Add more flow summary tests 2022-11-25 16:55:37 +13:00
Harry Maclean
fe13ac188f Ruby: US spelling 2022-11-25 16:55:37 +13:00
Harry Maclean
0b065001a8 Ruby: Add tests for flow summary behaviour 
These test cases are a companion to the flow summary docs, and ensure
that the documentated behaviour matches reality.
 2022-11-25 16:55:37 +13:00
Harry Maclean
43f2713925 Ruby: Update test fixture 2022-11-25 16:55:37 +13:00
Harry Maclean
0a4a8516eb Ruby: simplify Hash#transform_keys! flow summary 2022-11-25 16:55:36 +13:00
erik-krogh
5f6cb1684b move the code-injection tests into a subfolder 2022-11-24 17:23:25 +01:00