hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,275 Commits 1,671 Branches 157 Tags
tausbn/python-refine-location-of-flask-request-sources
Commit Graph

1012 Commits

Author SHA1 Message Date
yoff
6a76a40cf4 ruby: adjust change notes 2025-04-11 16:18:03 +02:00
yoff
2477233508 ruby: only report on method calls 
Interviewing a Ruby developer, I learned that
dealing with nil is common practice.
So alerts are mostly useful, if we can point to a place where this has gone wrong.
 2025-04-11 15:01:57 +02:00
yoff
b641d5f177 ruby: fix FP 2025-04-11 13:22:42 +02:00
yoff
4167e96058 ruby: more complete impleemntation of isInBooleanContext 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2025-04-11 11:00:22 +02:00
yoff
f675a143d6 ruby: remove redundant cases 
The CFG handles the negation
 2025-04-11 10:48:41 +02:00
yoff
8555e8c8c8 ruby: add change notes 2025-04-11 03:07:19 +02:00
yoff
53c88da91b ruby: refine query for uninitialised local variables 
- there are places where uninitialised reads are intentional
- there are also some places where they are impossible
 2025-04-11 03:07:19 +02:00
Tom Hvitved
35f9157e42 Ruby: Fix bad join in DeadStoreOfLocal.ql 2025-04-09 09:28:55 +02:00
yoff
ba225013e7 ruby: add rb/useless-assignment-to-local to the code-quality suite 2025-04-07 14:08:53 +02:00
yoff
6a8484f843 ruby: adjust precision of rb/useless-assignment-to-local to medium 2025-04-07 13:28:05 +02:00
yoff
eb8cbfa287 ruby: add change note 2025-04-07 13:28:05 +02:00
yoff
385598d46d ruby: remove some FPs from rb/useless-assignment-to-local 2025-04-07 13:28:05 +02:00
yoff
e5fc1b0b00 ruby: add qhelp to rb/useless-assignment-to-local 2025-04-07 13:27:27 +02:00
github-actions[bot]
10205cb990 Post-release preparation for codeql-cli-2.21.0 2025-04-01 11:30:43 +00:00
github-actions[bot]
84f6564cc0 Release preparation for version 2.21.0 2025-03-31 17:35:15 +00:00
Tamas Vajk
34e8318797 Rename the CCR query suite to code-quality 2025-03-27 08:36:53 +01:00
github-actions[bot]
51cdeefafb Post-release preparation for codeql-cli-2.20.7 2025-03-17 13:00:41 +00:00
github-actions[bot]
2d64a618e6 Release preparation for version 2.20.7 2025-03-17 12:15:54 +00:00
github-actions[bot]
58f355ae5a Post-release preparation for codeql-cli-2.20.6 2025-03-03 18:18:15 +00:00
github-actions[bot]
fa850cccb1 Release preparation for version 2.20.6 2025-03-03 17:13:19 +00:00
yoff
75d320401b Merge branch 'main' into ruby/add-DBCallInLoop-to-CCR-suite 2025-02-19 16:08:38 +01:00
github-actions[bot]
ad24f94a77 Post-release preparation for codeql-cli-2.20.5 2025-02-17 17:58:24 +00:00
github-actions[bot]
6f4562f3bd Release preparation for version 2.20.5 2025-02-17 16:55:54 +00:00
yoff
4b53e1c034 Merge pull request #18304 from yoff/ruby/performance-queries 
Ruby: Query for database calls in a loop
 2025-02-17 13:16:07 +01:00
yoff
9f9dde6655 ruby: include rb/database-query-in-loop in the CCR suite 2025-02-10 17:17:33 +01:00
yoff
921104306a ruby: clean up logic and add test 
use the CFG more than the AST
 2025-02-07 23:43:27 +01:00
yoff
9d810130e1 ruby: simplify and document 2025-02-07 16:33:28 +01:00
yoff
b3eaac0ab7 ruby: remove superflous logic 2025-02-07 14:03:57 +01:00
yoff
d7ffc3fc77 Ruby: remove test code filtering 2025-02-06 18:10:06 +01:00
yoff
74155a0214 ruby: start adding comments 
I apuse here, because the code may be simplified
 2025-02-06 18:09:38 +01:00
yoff
51a2d8c72f ruby: rename query 2025-02-06 17:07:12 +01:00
yoff
d9d0d3c18b ruby: add code block 2025-02-06 16:59:23 +01:00
yoff
8aa195d838 ruby: remove comment (we can create issues) 2025-02-06 16:59:08 +01:00
yoff
7af8fa75e6 Apply suggestions from code review 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2025-02-06 15:45:28 +01:00
Rasmus Lerchedahl Petersen
5feb401607 ruby: Add query for hoisting Rails ActiveRecord calls 
This does not take assicoations into account.
It uses ActiveRecordModelFinderCall to identify relevant calls.
This class has therefor been made public.
 2025-02-05 16:47:48 +01:00
Remco Vermeulen
9894e9ef9f Add CCR suites 2025-02-05 01:58:34 +00:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00
github-actions[bot]
573e53e454 Release preparation for version 2.20.4 2025-02-03 15:19:35 +00:00
Asger F
fcb8cac930 Ruby: resolve inserted TODOs 2025-01-23 11:48:46 +01:00
Asger F
1c136e3cd0 Ruby: rerun patch query after bugfix 2025-01-23 10:33:58 +01:00
github-actions[bot]
fbb7f0a0c6 Post-release preparation for codeql-cli-2.20.2 2025-01-20 21:11:14 +00:00
github-actions[bot]
a0512a50f2 Release preparation for version 2.20.2 2025-01-20 21:11:12 +00:00
Asger F
4dc632f742 Ruby: mass enable diff-informed data flow 2025-01-17 13:21:52 +01:00
github-actions[bot]
fb20f6ca63 Post-release preparation for codeql-cli-2.20.1 2025-01-07 22:07:40 +00:00
github-actions[bot]
88b6f1e79a Release preparation for version 2.20.1 2025-01-07 20:50:36 +00:00
Dave Bartolomeo
72a53c4b23 Revert "Release preparation for version 2.20.1" 2025-01-07 13:32:23 -05:00
github-actions[bot]
fbf9f2fff8 Release preparation for version 2.20.1 2025-01-07 17:20:13 +00:00
Dave Bartolomeo
22e030584c Revert "Release preparation for version 2.20.1" 2025-01-07 12:14:27 -05:00
github-actions[bot]
a121c5a5d0 Release preparation for version 2.20.1 2025-01-06 18:20:22 +00:00
Asger F
f9c0ba3826 Ruby: use DeduplicatePathGraph in CodeInjection query 2024-12-11 11:48:15 +01:00