hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-24 03:42:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,444 Commits 1,686 Branches 158 Tags
01577dac3221a205ec4e82084fc25c4ec20f4de7
Commit Graph

3513 Commits

Author SHA1 Message Date
Brandon Stewart
01577dac32 format document 2023-08-10 13:59:47 +00:00
Brandon Stewart
b899b648e5 Update ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-10 09:21:16 -04:00
Brandon Stewart
7882cf0bf0 Update ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-10 09:21:02 -04:00
Brandon Stewart
74567041a7 remove pathgraph 2023-08-09 19:51:07 +00:00
Brandon Stewart
cca4c35cf8 add pathgraph 2023-08-09 19:23:21 +00:00
Brandon Stewart
7f07422a5d Merge branch 'main' into add-cwe-208 2023-08-09 14:52:51 -04:00
Brandon Stewart
07d5beca34 run format document 2023-08-09 18:51:55 +00:00
Brandon Stewart
26401fec70 address PR comments 2023-08-09 18:44:42 +00:00
Brandon Stewart
93dd9d0aa4 Update ruby/ql/src/experimental/cwe-208/UnsafeHmacComparison.ql 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-08 12:54:54 -04:00
Tom Hvitved
db88b7da88 Ruby: Adjust to data flow refactor 2023-08-07 11:35:21 +02:00
Mathias Vorreiter Pedersen
abe3a816ce Merge pull request #13851 from MathiasVP/sink-without-states 
DataFlow: Support stateless `isSink` in `StateConfigSig`s
 2023-08-04 18:01:42 +02:00
Tom Hvitved
e011480114 Merge pull request #13509 from hvitved/cfg-pack 
Convert shared CFG construction library to a parameterized module
 2023-08-03 14:11:56 +02:00
Tom Hvitved
2ac646770e Merge ControlFlowTreeBase and AstNode 2023-08-03 10:59:26 +02:00
Tom Hvitved
525ed65b0b Rename getNode to getAstNode 2023-08-03 10:56:50 +02:00
Asger F
c38cbe859d Merge pull request #13737 from asgerf/dynamic/fuzzy-models 
Dynamic: add Fuzzy token
 2023-08-03 09:58:24 +02:00
Tom Hvitved
2f3e52646c Add class wrappers around newtype in Cfg.qll 2023-08-03 09:39:30 +02:00
Tom Hvitved
5d69e14cc1 Rename ControlFlowElement to AstNode 2023-08-03 09:39:30 +02:00
Tom Hvitved
1988397f93 Make shared CFG construction library a parameterized module 2023-08-03 09:39:30 +02:00
Mathias Vorreiter Pedersen
3007fdab5e Sync identical files. 2023-08-02 14:33:33 +02:00
Anders Schack-Mulligen
7bc8bf616f Merge pull request #13863 from aschackmull/dataflow/pack4 
Dataflow: Move the shared library to a properly shared qlpack.
 2023-08-02 14:19:49 +02:00
Anders Schack-Mulligen
73d4b126cf Ruby: Adjust to use the qlpack data-flow api. 2023-08-01 14:02:33 +02:00
Alex Ford
af854749d7 Ruby: update Ldapinjection test output 2023-07-31 16:08:15 +01:00
Alex Ford
f437a6f729 Merge branch 'main' into maikypedia/ldap-injection 2023-07-31 16:00:41 +01:00
Alex Ford
558238a9be Ruby: update TaintStep test output 2023-07-31 16:00:27 +01:00
Alex Ford
f272b0786a Ruby: fix qldoc typo 2023-07-31 14:58:05 +01:00
Alex Ford
7f82aba7d4 qlformat 2023-07-31 14:57:14 +01:00
Alex Ford
2240e4bffb Ruby: fix changenote date format 2023-07-31 14:56:53 +01:00
Maiky
2d88ac1846 Suggested Changes 2023-07-27 23:40:52 +02:00
Maiky
f5e17d7d39 Add additional Filter Methods 2023-07-27 23:04:55 +02:00
Owen Mansel-Chan
9b2b58a823 Sync files 2023-07-26 21:48:10 +01:00
Brandon Stewart
f241498cab correct additional pascalcase issue 2023-07-26 17:55:56 +00:00
Brandon Stewart
1a83554b0c correct typo 2023-07-26 17:54:42 +00:00
Brandon Stewart
346a2f269e Update UnsafeHmacComparison.ql 2023-07-26 13:48:42 -04:00
Brandon Stewart
42adbe0cd4 address linter 2023-07-26 17:43:34 +00:00
Brandon Stewart
adddc58b61 address linter 2023-07-26 17:38:06 +00:00
Brandon Stewart
494e7d9a3f add unsafe HMAC comparison query and qlhelp file 2023-07-26 17:28:22 +00:00
github-actions[bot]
f91b7a9342 Post-release preparation for codeql-cli-2.14.1 2023-07-21 16:16:25 +00:00
github-actions[bot]
c936a920b0 Release preparation for version 2.14.1 2023-07-20 16:32:27 +00:00
Anders Schack-Mulligen
e72a0b2f8c Dataflow: Add change notes. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
ae24d68b5d C/C++/C#/Java/Python/Ruby/Swift: Adjust expected output. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
95d17045c9 Dataflow: Sync. 2023-07-19 11:41:15 +02:00
Alex Ford
27ee72c265 Merge remote-tracking branch 'origin/main' into rb/rack-env-query-string 2023-07-17 14:11:25 +01:00
Alex Ford
06aefe01b8 Update ruby/ql/lib/codeql/ruby/frameworks/rack/internal/App.qll 
Co-authored-by: Asger F <asgerf@github.com>
 2023-07-17 14:08:44 +01:00
Alex Ford
ab1f341aa6 Merge pull request #13566 from alexrford/rb/rack-params 
Ruby: add `Rack::Request` params and cookies as remote input sources
 2023-07-17 14:07:20 +01:00
Maiky
3f36d3244b Fix singleton set literal 2023-07-15 00:18:21 +02:00
Alex Ford
bdf1aa0807 Merge pull request #13746 from asgerf/rb/fix-rack-todo 
Ruby: Use API graphs asCallable() instead of Proc.new workaround
 2023-07-14 16:29:00 +01:00
Alex Ford
d89c10dd85 Merge pull request #13130 from maikypedia/maikypedia/xpath-injection 
Ruby :  XPath Injection Query (CWE-643)
 2023-07-14 14:10:09 +01:00
Asger F
2962727f0f Ruby: Use API graphs asCallable() instead of Proc.new workaround 2023-07-14 13:50:07 +02:00
Alex Ford
dbb55ff2b4 Ruby: fix xpathinjection deprecation warnings 2023-07-14 12:45:27 +01:00
Alex Ford
a524735236 Merge branch 'main' into maikypedia/ldap-injection 2023-07-14 12:05:17 +01:00