hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,672 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

4944 Commits

Author SHA1 Message Date
Alex Ford
2c5129e720 Merge pull request #10369 from alexrford/rb/sensitive-get-query 
Ruby: add `rb/sensitive-get-query` query
 2022-10-14 22:34:47 +01:00
Arthur Baars
a8fdda65fb Ruby: fix self variables in blocks 2022-10-14 16:02:39 +02:00
Asger F
8cb4f230d8 Merge branch 'main' into rb/fix-spurious-singleton-calls 2022-10-14 15:52:38 +02:00
Tom Hvitved
407f7072e4 Merge pull request #10829 from hvitved/ruby/call-graph-perf 
Ruby: Call graph performance improvements
 2022-10-14 15:24:27 +02:00
Asger F
1bd3d29409 Ruby: workaround issue with 'def self.method' in a block 2022-10-14 15:07:33 +02:00
erik-krogh
5f826d0eef fix typo 2022-10-14 14:43:51 +02:00
Asger F
17a246b321 Ruby: more uninteresting test updates 2022-10-14 13:59:52 +02:00
erik-krogh
dfdf8c7869 add change-note 2022-10-14 13:28:36 +02:00
erik-krogh
7c76645157 add model for the core OpenSSL::Digest module 2022-10-14 13:25:34 +02:00
erik-krogh
e2476949b9 add model for the core Digest module 2022-10-14 12:49:37 +02:00
Arthur Baars
9ccf5a7798 Merge pull request #10749 from aibaars/run_request 
Ruby: treat Faraday#run_request as remote source
 2022-10-14 12:24:39 +02:00
Asger F
8228730634 Ruby: fix regression for methods in singleton classes 2022-10-14 11:57:35 +02:00
Alex Ford
b29bf82e05 Ruby: fix merge error 2022-10-14 10:51:12 +01:00
Alex Ford
3baad89e57 Merge remote-tracking branch 'origin/main' into rb/sensitive-get-query 2022-10-14 10:50:09 +01:00
Asger F
30f7380f74 Ruby: Add regression test for lost calls 2022-10-14 11:49:55 +02:00
Alex Ford
24dad5599a Ruby: fix SensitiveNode detection relating to class/instance variables 2022-10-14 10:41:46 +01:00
Harry Maclean
7d23170fb2 Merge pull request #10602 from hmac/hmac/actiondispatch-request 
Ruby: Model ActionDispatch::Request
 2022-10-14 22:17:20 +13:00
Alex Ford
36a1b18f5b Ruby: revert SensitiveDataHeuristics changes 2022-10-14 09:19:41 +01:00
Asger F
a06cc30f05 Ruby: fix some more spurious call edges 2022-10-14 10:11:22 +02:00
Asger F
b1dadc224c Ruby: uninteresting test output update 2022-10-14 10:10:39 +02:00
Asger F
ae71828fc4 Ruby: add more tests for singleton up/down calls 2022-10-14 10:09:59 +02:00
Asger F
789f591de4 Ruby: add another spurious call edge test 2022-10-14 10:09:57 +02:00
Asger F
1476efbe2c Ruby: restrict to a use of 'self' in singleton methods 2022-10-14 10:09:11 +02:00
Asger F
329ab9156a Ruby: add test showing spurious call 2022-10-14 10:07:34 +02:00
Tom Hvitved
81bc6c2d49 Ruby: Call graph performance improvements 2022-10-14 09:47:27 +02:00
Erik Krogh Kristensen
332bc35ff1 Merge pull request #10708 from erik-krogh/kernelSink 
RB: add a query flagging uses of `Kernel.open()` that are not with a constant string
 2022-10-14 09:13:26 +02:00
Harry Maclean
e6dc27a7b5 Add content_mime_type, fix env/filtered_env 2022-10-14 19:49:22 +13:00
Harry Maclean
0130e4ba7f Re-add path methods that are user-controlled 2022-10-14 16:49:15 +13:00
Alex Ford
cda7d84633 Ruby: update rb/sensitive-get-query tests 2022-10-13 22:41:34 +01:00
Alex Ford
3d478a3951 Ruby: clarify qhelp 2022-10-13 22:39:54 +01:00
Alex Ford
9fbd293944 Ruby: avoid making notSensitiveRegexp always flag instance/class variables as not sensitive 2022-10-13 22:38:42 +01:00
Alex Ford
15cab6eed5 Update ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.qhelp 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2022-10-13 21:43:59 +01:00
Arthur Baars
a327802e43 Merge pull request #10801 from jsoref/spelling-ruby 
Spelling ruby
 2022-10-13 21:05:56 +02:00
Josh Soref
d94ebe9a4e spelling: unknown 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
e1b4476399 spelling: the 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
0999ec3c70 spelling: specifies 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
45d1e3f9b2 spelling: representation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
9be162a119 spelling: recursion 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
124c5544cf spelling: predicates 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
eab3e18962 spelling: possibility 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
a37af45f86 spelling: overridable 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
be38e6eddc spelling: navigation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
e62dda9c7b spelling: mutation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
8078f91b28 spelling: mapping 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
f26b380767 spelling: keyword 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
2648cb0322 spelling: injection 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
52a3e3c2fd spelling: heuristic 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
d0866c150f spelling: for 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
f4b32a3042 spelling: excluding 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
893c5457a8 spelling: disambiguation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:40 -04:00