hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,029 Commits 1,672 Branches 157 Tags
z80coder/query-pack-release-candidate-2
Commit Graph

225 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
3c59aa319e Merge pull request #7245 from erik-krogh/explicit-this-all-the-places 
All langs: apply the explicit-this patch to all remaining code
 2021-12-07 10:40:26 +01:00
Harry Maclean
6f42153eac Ruby: Include empty StmtSequences in CFG 
Empty StmtSequences appear, for example, in the `else` branch of `if`
statements like the following:

    foo

    if cond
      bar
    else
    end

    baz

Before this change, the CFG for this code would look like this:

        foo
         │
         │
         ▼
        cond
         │
    true │
         ▼
        bar
         │
         │
         ▼
         if
         │
         │
         ▼
        baz

i.e. there is linear flow through the condition, the `then` branch, and
out of the if. This doesn't account for the possibility that the
condition is false and `bar` is not executed. After this change, the CFG
looks like this:

          foo
           │
           │
           ▼
          cond
         │    │
    true │    │ false
         ▼    │
        bar   │
         │    │
         │    │
         ▼    ▼
           if
           │
           │
           ▼
          baz

i.e. we correctly account for the `false` condition.
 2021-12-07 16:01:50 +13:00
Tom Hvitved
5dbbb86d46 Ruby: Restructure ParameterNode(Impl) 2021-12-06 13:43:19 +01:00
Tom Hvitved
728e3abee5 Ruby: Tweak Method::isPrivate join-orders 2021-12-06 13:36:48 +01:00
Alex Ford
6adfea2365 Merge pull request #7163 from github/ruby/file-reader-extend 
Ruby: Extend `FileSystemReadAccess` to include more potential sources of input from the filesystem
 2021-12-05 23:32:43 +00:00
Arthur Baars
0805daaa56 Update ruby/ql/lib/codeql/ruby/ast/Pattern.qll 
Add missing backticks
 2021-12-03 18:44:21 +01:00
Arthur Baars
51998294ad Ruby: add AST classes for parenthesized patterns 2021-12-03 18:13:53 +01:00
Arthur Baars
205233b42f Add trivial upgrade 2021-12-03 17:04:00 +01:00
Arthur Baars
3e1ebb954f Ruby: update generated dbscheme and library 2021-12-03 17:02:08 +01:00
Nick Rolfe
5a2ef8321c Merge pull request #7120 from github/nickrolfe/regexp_g_anchor 
Ruby/Python: parse anchors in regexes as special characters
 2021-12-03 15:24:38 +00:00
Tom Hvitved
d9704d7b39 Ruby: Adapt to shared CFG changes 2021-12-03 09:37:41 +01:00
Tom Hvitved
42f6dfc197 Sync files 2021-12-03 09:37:41 +01:00
intrigus
2c4ccb79a1 Fix QL Doc typos. 2021-12-02 15:30:29 +01:00
Nick Rolfe
05415768c9 Merge remote-tracking branch 'origin/main' into nickrolfe/regexp_g_anchor 2021-12-02 12:07:13 +00:00
Michael Nebel
ad281c0365 C#: Sync FlowSummaryImpl files. 2021-12-02 09:03:00 +01:00
github-actions[bot]
87b968f337 Post-release preparation 2.7.3 2021-12-02 00:46:55 +00:00
Arthur Baars
e41cd810d3 Merge pull request #7154 from aibaars/ruby-pattern-matching 
Ruby: pattern matching
 2021-12-01 12:47:22 +01:00
Anders Schack-Mulligen
cde853c095 Merge pull request #7270 from aschackmull/dataflow/stage2-refactor 
Dataflow: Stage 2 refactor
 2021-12-01 11:09:08 +01:00
Tom Hvitved
bb8f4bb7c1 Ruby: Implement ParameterPosition et al 2021-12-01 08:51:22 +01:00
github-actions[bot]
337ce65fe5 Release preparation for version 2.7.3 2021-11-30 20:39:35 +00:00
Tom Hvitved
540ecf3c21 Data flow: Sync files 2021-11-30 15:20:20 +01:00
Arthur Baars
830908b5c8 Address comments 2021-11-30 13:57:18 +01:00
Anders Schack-Mulligen
3e914ef2ff Dataflow: Sync. 2021-11-30 13:52:52 +01:00
Dave Bartolomeo
d0dac03bad Manually bump versions 2021-11-29 14:21:08 -05:00
Dave Bartolomeo
2dfcd1dd9c Add groups property 
Also removed versions from test packs
 2021-11-29 14:15:53 -05:00
Arthur Baars
1e026ef45e AST: merge Case and CaseMatch classes 2021-11-29 16:00:17 +01:00
Arthur Baars
f8a62c4c82 Address comments 2021-11-29 15:06:16 +01:00
Tom Hvitved
fdc94365b4 Merge pull request #7178 from michaelnebel/csharp-flowsummary-pp-csv 
C#: Initial implementation of csv printing in FlowSummaries test
 2021-11-29 09:59:33 +01:00
Erik Krogh Kristensen
6ff8d4de5c add all remaining explicit this 2021-11-26 13:50:10 +01:00
Anders Schack-Mulligen
00ee34c0a0 Merge pull request #7237 from hvitved/dataflow/consistency-config 
Data flow: Introduce `ConsistencyConfiguration` class
 2021-11-26 12:49:25 +01:00
Anders Schack-Mulligen
a06642944f Merge pull request #7232 from aschackmull/dataflow/perf 
Data flow: Performance tuning
 2021-11-25 15:01:01 +01:00
Arthur Baars
8b0bc677f4 Remove PatternGuard class 2021-11-25 13:50:19 +01:00
Arthur Baars
078a2aa03b Update AST library 2021-11-25 13:24:51 +01:00
Arthur Baars
5b560b12e9 Create upgrade script 2021-11-25 12:55:43 +01:00
Tom Hvitved
6cb00992e8 Data flow: Introduce ConsistencyConfiguration class 2021-11-25 10:01:47 +01:00
Arthur Baars
5d0dfe8c04 Re-generate library and dbscheme 2021-11-24 17:18:04 +01:00
Anders Schack-Mulligen
7ca3407c86 Dataflow: Sync. 2021-11-24 14:43:00 +01:00
Michael Nebel
b9d0a60ce7 C#: Addressed review comments from hvitved 2021-11-24 14:35:52 +01:00
Michael Nebel
a3ca9ad27d C#: Sync flow summary implementation files and implement specific parts for ruby and java 2021-11-24 12:09:20 +01:00
Erik Krogh Kristensen
87a1ccd428 Merge branch 'main' into getRubyInSync 2021-11-23 20:20:37 +01:00
Nick Rolfe
1a90b388a9 Merge remote-tracking branch 'origin/main' into nickrolfe/regex_injection 2021-11-23 15:42:05 +00:00
Tom Hvitved
83d204d7a8 Merge pull request #7218 from hvitved/ssa/fix-consistency-tests 
Ruby: Fix SSA consistency tests + CFG bug
 2021-11-23 16:24:41 +01:00
Tom Hvitved
4d918b5e5f Ruby: Fix CFG splitting logic for ensure blocks with loops 2021-11-23 15:21:43 +01:00
Alex Ford
055641e684 Merge pull request #7062 from github/ruby/rails-csrf 
Ruby: Add `rb/csrf-protection-disabled` query
 2021-11-23 13:46:42 +00:00
Tom Hvitved
e185e9080c Shared SSA: Fix consistency tests 2021-11-23 13:30:23 +01:00
Tom Hvitved
9d072a12ed Merge pull request #7098 from github/ruby/desugar-for-1 
Ruby: Desugar `for` loops as calls to `each`
 2021-11-23 11:35:49 +01:00
Tom Hvitved
dcca5d28bb Merge pull request #7172 from hvitved/ruby/ensure-split-cp 
Ruby: Remove CP in `EnsureSplitImpl::exit/3`
 2021-11-23 11:02:23 +01:00
Anders Schack-Mulligen
a68b55b099 Merge pull request #7208 from hvitved/ruby/restrict-use-use 
Ruby: Restrict use-use flow
 2021-11-23 09:33:43 +01:00
Nick Rolfe
13459c8afc Ruby: add Regexp.compile as sink for regexp injection query 2021-11-22 17:43:55 +00:00
Nick Rolfe
4b42c4447b Ruby: handle Regexp.quote wherever we handle Regexp.escape 2021-11-22 17:12:01 +00:00