hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,672 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

4731 Commits

Author SHA1 Message Date
Harry Maclean
1b29ed2a81 Ruby: Address review comments 2023-12-07 14:31:27 +00:00
Harry Maclean
79a83ec74b Ruby: elaborate placeholder query 2023-12-07 14:26:15 +00:00
github-actions[bot]
92af5f5386 Post-release preparation for codeql-cli-2.15.4 2023-12-06 22:59:22 +00:00
github-actions[bot]
c04457e9e7 Release preparation for version 2.15.4 2023-12-06 21:11:50 +00:00
Tom Hvitved
dde83b6415 Merge pull request #14709 from hvitved/ruby/shared-type-tracking 
Ruby: Adopt shared type tracking library
 2023-12-05 20:12:06 +01:00
Tom Hvitved
c6e805faef Ruby: Add more deprecation comments 2023-12-05 14:57:15 +01:00
Harry Maclean
d630773575 Merge pull request #14627 from alexrford/rb/update_all_sink 
Ruby: refine `ActiveRecord` `update_all` as an SQL sink
 2023-12-04 13:02:14 +00:00
Anders Schack-Mulligen
67f0529cda Dataflow: Sync. 2023-12-04 12:36:57 +01:00
Harry Maclean
bd575db254 Ruby: Add test for FrameworkModeEndpoints query 2023-11-27 14:18:18 +00:00
Harry Maclean
f40f2db3ab Ruby: Fix name of url-redirection sink model 2023-11-27 11:25:37 +00:00
Harry Maclean
6a38223127 Ruby: QL4QL fix 2023-11-27 10:17:31 +00:00
Harry Maclean
e9277a56a9 Ruby: Add sinks from external models 2023-11-27 09:18:00 +00:00
Harry Maclean
ad608341ab Ruby: Handle alternative gemspec names 
Gemspecs are sometimes named via the first argument to
`Gem::Specification.new`:

```rb
Gem::Specification.new 'sinatra' do |s|
  # ...
end
```
 2023-11-27 09:18:00 +00:00
Harry Maclean
9b998a39b4 Ruby: Add tags to GenerateModel query 
This allows the model editor to find this query in a more robust way
than by file path.
 2023-11-27 09:18:00 +00:00
Harry Maclean
b9d15bacba Ruby: Don't classify our test files as test files 
For model editing purposes.
 2023-11-27 09:17:59 +00:00
Harry Maclean
064b10a5cb Ruby: Handle missing gemspec in model query 2023-11-27 09:17:59 +00:00
Harry Maclean
9dcc424f8c Ruby: Include keyword parameters endpoint query 2023-11-27 09:17:59 +00:00
Harry Maclean
5dcc3d43ca Ruby: Recognise modeled source/sink methods 2023-11-27 09:17:59 +00:00
Harry Maclean
766e68aa36 Ruby: Handle multiple gemspecs in endpoints query 2023-11-27 09:17:59 +00:00
Harry Maclean
c54743c3fd Ruby: Include class methods in model editor query 2023-11-27 09:17:59 +00:00
Harry Maclean
78125a701d Ruby: Model Editor support 
Add experimental support for the CodeQL Model Editor.
 2023-11-27 09:17:59 +00:00
Tom Hvitved
9eaebfcf60 Merge pull request #14859 from hvitved/ruby/missing-flow-tests 
Ruby: Add tests illustrating missing flow
 2023-11-24 14:57:15 +01:00
Harry Maclean
d239a30866 Merge pull request #14874 from hmac/hmac-missing-flow-test 
Ruby: Add test for missing block flow
 2023-11-24 13:44:55 +00:00
Tom Hvitved
8ccce5891d Ruby: Add tests illustrating missing flow 2023-11-24 14:28:04 +01:00
Harry Maclean
288fbfd2ec Ruby: Add test for missing block flow 2023-11-22 09:59:55 +00:00
amammad
2097a001b9 apply code review suggestions, fix qldoc, add experimental additional taint steps that can improve performance 2023-11-22 10:01:51 +01:00
Tom Hvitved
1a6886cf99 SSA: Add locations to ease debugging 2023-11-22 08:37:02 +01:00
Tom Hvitved
12359ba733 Add change note 2023-11-21 11:46:15 +01:00
Tom Hvitved
6ce8e0510f Ruby: Adopt shared type tracking library 2023-11-20 16:03:24 +01:00
Tom Hvitved
620e8dcb37 Merge pull request #14787 from hvitved/ruby/prune-dataflow-nodes 
Ruby: Prune irrelevant data flow nodes and edges
 2023-11-20 16:03:00 +01:00
github-actions[bot]
bad499e360 Post-release preparation for codeql-cli-2.15.3 2023-11-17 14:35:41 +00:00
github-actions[bot]
6ec9b95072 Release preparation for version 2.15.3 2023-11-16 13:07:16 +00:00
Tom Hvitved
b2f1022e5c Ruby: Prune irrelevant data flow nodes and edges 2023-11-16 13:52:07 +01:00
Tom Hvitved
75f42f4614 Merge pull request #14783 from hvitved/ruby/hash-array-literal 
Ruby: Include more nodes in `{Hash,Array}LiteralCfgNode`
 2023-11-16 13:51:35 +01:00
Tom Hvitved
2c23dacca1 Ruby: Add more hash/array literal tests 2023-11-16 12:58:53 +01:00
Tom Hvitved
475d8da342 Ruby: Include more nodes in {Hash,Array}LiteralCfgNode 2023-11-14 13:50:46 +01:00
Tom Hvitved
f1b67ade9b Ruby: Include name of variable in UninitializedDefinition.toString 2023-11-14 11:33:59 +01:00
Rasmus Wriedt Larsen
43d9d2ceb7 Merge pull request #14603 from github/max-schaefer/broken-crypto-algorithm-link 
JavaScript/Python/Ruby: Improve alert message for `*/weak-cryptographic-algorithm`.
 2023-11-08 14:29:24 +01:00
Geoffrey White
e8a466a02c Update dead link. 2023-11-07 09:26:07 +00:00
Tom Hvitved
3c86aad16d Merge pull request #14628 from hvitved/ruby/type-tracking-store-post-update 
Ruby: Summarized type-tracking stores should target post-update nodes
 2023-11-01 13:54:21 +01:00
Tom Hvitved
0c5b528d54 Address review comments 2023-11-01 11:32:57 +01:00
Chris Smowton
79e1aa0498 Merge pull request #14634 from github/post-release-prep/codeql-cli-2.15.2 
Post-release preparation for codeql-cli-2.15.2
 2023-10-31 10:24:53 +00:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
Harry Maclean
083be305e1 Shared: Add neutralModel extensible predicate 
The neutralModel extensible predicate already exists in Java and C#, so
this change brings the dynamic languages more in line with static
languages. The Model Editor uses this predicate to mark endpoints as
"not interesting" from a data flow perspective.
 2023-10-30 11:31:57 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Tom Hvitved
14cfb82a8c Ruby: Summarized type-tracking stores should target post-update nodes 2023-10-30 10:47:29 +01:00
Alex Ford
8db23dc775 Ruby: refine ActiveRecord update_all as an SQL sink 2023-10-30 09:47:16 +00:00
Alex Ford
013e7aae97 Ruby: test whitespace changes 2023-10-30 09:32:44 +00:00
Alex Ford
cb1cd5ed2a Merge pull request #14560 from alexrford/rb/modgen 
Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries
 2023-10-27 16:43:42 +01:00
Alex Ford
f6ac63b259 Ruby: modgen - use FeatureEqualSourceSinkCallContext feature rather than late filtering for method context 2023-10-27 14:48:50 +01:00