codeql

mirror of https://github.com/github/codeql.git synced 2026-04-27 09:45:15 +02:00

Author	SHA1	Message	Date
erik-krogh	19d2b49562	drive-by: make Base64.decode64(..) into a flowsummary that is shared with all queries	2023-01-06 09:04:37 +01:00
erik-krogh	1a27441cfb	drive-by: delete code-execution sinks from unsafe-deserialization, we risked duplicate alerts	2023-01-06 09:04:36 +01:00
erik-krogh	0e6028a7f3	add stdin as source for unsafe-deserialization	2023-01-06 09:04:36 +01:00
Alex Ford	3d08a2954d	Ruby: add rb/unsafe-deserialization sinks for const_get args	2022-10-11 15:45:51 +01:00
Alex Ford	a3f096a6bc	Ruby: rb/unsafe-deserialization test realignment	2022-10-11 15:44:00 +01:00
Alex Ford	b018706afd	Ruby: update rb/unsafe-deserialization tests	2022-09-26 11:28:24 +01:00
Alex Ford	364bc883ba	Ruby: add YAML.load_file as an unsafe deserialization sink	2022-09-23 15:54:15 +01:00
Nick Rolfe	2edbc16829	Ruby: add Hash.from_trusted_xml as an unsafe deserialization sink	2022-09-21 13:01:21 +01:00
erik-krogh	063c76b6d1	apply suggestions from review	2022-09-13 10:52:23 +02:00
erik-krogh	79a048968e	make the alert messages of taint-tracking queries more consistent	2022-09-07 12:22:50 +02:00
Tom Hvitved	400802c5ce	Ruby: Add flow summaries for `Array`/`Enumerable` methods	2021-12-22 15:56:20 +01:00
Arthur Baars	976daddd36	Move files to ruby subfolder	2021-10-15 11:47:28 +02:00