hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-21 06:57:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,776 Commits 1,712 Branches 163 Tags
2d509eb345b69bbafe5244aa46bc14acfcc5bd2f
Commit Graph

32776 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asger Feldthaus
2d509eb345 JS: Make Impl.qll determine the location of AccessPathSyntax.qll 2022-02-22 09:51:52 +01:00
Asger Feldthaus
42a3d8c689 JS: Treat Member[x] as a language-specific token 
In Ruby it is ambiguous whether Member[foo] means x.foo or x::foo
 2022-02-22 09:51:52 +01:00
Asger Feldthaus
acf95d6178 JS: Move summary resolution into JS-specific code 2022-02-22 09:51:52 +01:00
Asger Feldthaus
ab1642dd3f JS: Rename {Shared,Impl} -> ApiGraphModels{,Specific} 2022-02-22 09:51:48 +01:00
Asger F
02c4966109 Merge pull request #7878 from asgerf/dot-separated-access-paths 
Shared: Switch to dot-separated access paths in summary specs
 2022-02-21 13:29:09 +01:00
Alex Ford
9196b64d6e Merge pull request #8138 from github/ruby/file-write 
Ruby: Implement `FileSystemWriteAccess` concept
 2022-02-21 10:13:27 +00:00
Alex Ford
746290d903 Merge pull request #7713 from github/ruby/clear-text-logging 
Ruby: Add `rb/clear-text-logging-sensitive-data` query
 2022-02-21 10:12:33 +00:00
Esben Sparre Andreasen
1d437dd722 Merge pull request #8043 from github/esbena/sharpen-hardcoded-credentials 
JS: Sharpen hardcoded credentials
 2022-02-21 10:02:58 +01:00
Erik Krogh Kristensen
5f9bd7a4a1 Merge pull request #7984 from erik-krogh/fix-ql-for-ql-js 
JS: fix most ql-for-ql warnings
 2022-02-21 09:15:06 +01:00
Asger Feldthaus
7848fcec80 Shared: sync AccessPathSyntax.qll 2022-02-21 08:21:53 +01:00
Asger Feldthaus
d7f07167ac Shared: Remove getLastToken again 2022-02-21 08:21:53 +01:00
Asger Feldthaus
2c2a82a070 Shared: allow spaces between arguments in a token 2022-02-21 08:21:53 +01:00
Asger Feldthaus
55ac5cb012 Shared: auto format 2022-02-21 08:21:53 +01:00
Asger Feldthaus
4985fbb526 Shared: update getSummaryCsv and related test output 2022-02-21 08:21:53 +01:00
Asger Feldthaus
dcc523a2b7 Shared: auto format 2022-02-21 08:21:53 +01:00
Asger Feldthaus
7fcbdbeada Shared: sync AccessPathSyntax.qll and FlowSummaryImpl.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
d911e0abf8 Shared: use getToken instead of getLastToken 2022-02-21 08:21:52 +01:00
Asger Feldthaus
c4304a980d Shared: add explicit this 2022-02-21 08:21:52 +01:00
Asger Feldthaus
dc6a13242b Shared: update comment in AccessPathSyntax.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
2907d53e17 Shared: sync AccessPathSyntax.qll and FlowSummaryImpl.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
be63cf7049 Shared: fix qldoc and move getRawToken to top-level 2022-02-21 08:21:52 +01:00
Asger Feldthaus
c189df2341 Revert "JS: Add support for " of " syntax to help during transition" 
This reverts commit 9bf522b3048c3b11f7e6d734ed797a613614a095.
 2022-02-21 08:21:51 +01:00
Asger Feldthaus
57bf0b1432 Ruby: remove support for legacy syntax 2022-02-21 08:21:51 +01:00
Asger Feldthaus
e3605eed44 Ruby: update CSV rows to dot-separated syntax 2022-02-21 08:21:50 +01:00
Asger Feldthaus
7005d53a67 Ruby: manually rewrite DigSummary access path 2022-02-21 08:16:55 +01:00
Asger Feldthaus
6dbeb81f36 Ruby: use AccessPathSyntax.qll to parse input/output summary specs 2022-02-21 08:16:55 +01:00
Asger Feldthaus
0af9e8aa58 C#: remove support for legacy syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
6bb15dcc27 C#: update CSV rows to dot-separated syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
dffa1d1558 C#: use AccessPathSyntax.qll to parse input/output summary specs 2022-02-21 08:16:55 +01:00
Asger Feldthaus
affdbe9955 Java: remove support for legacy syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
a121b73181 Java: update CSV rows to dot-separated syntax 2022-02-21 08:16:55 +01:00
Asger Feldthaus
7f808710ec Java: update model generator 2022-02-21 08:16:54 +01:00
Asger Feldthaus
753c557dbe Java: use AccessPathSyntax.qll to parse input/output summary specs 2022-02-21 08:16:54 +01:00
Asger Feldthaus
53935db6c6 JS: Add support for " of " syntax to help during transition 2022-02-21 08:16:54 +01:00
Asger Feldthaus
30254686d8 JS: Move ".."-parsing trick into AccessPathSyntax.qll 2022-02-21 08:16:54 +01:00
Asger Feldthaus
7c2cff3227 JS: Factor out AccessPathSyntax.qll 2022-02-21 08:16:54 +01:00
Asger Feldthaus
e2cbf47b16 JS: Fix accidental recursion 2022-02-21 08:16:53 +01:00
Harry Maclean
e4f801bea8 Merge pull request #7886 from github/hmac/split-ruby-std-library 
Ruby: split standard library models into multiple files
 2022-02-21 13:39:43 +13:00
Harry Maclean
9a60c7e4ac Ruby: Update filename in test fixture 2022-02-21 09:43:36 +13:00
Alex Ford
6b8537c4e0 Ruby: FileSystemWriteAccess changenote 2022-02-20 20:14:01 +00:00
Alex Ford
baabe66551 Ruby: update Files.ql tests for write accesses 2022-02-20 19:28:12 +00:00
Alex Ford
12ce3d4784 Ruby: Implement FileSystemWriteAccess for IO/File API 2022-02-20 19:27:11 +00:00
Alex Ford
4f0174e89a Ruby: add FileSystemWriteAccess concept 2022-02-20 19:26:54 +00:00
Alex Ford
dd383f942f Merge remote-tracking branch 'origin/main' into ruby/clear-text-logging 2022-02-17 15:32:31 +00:00
Alex Ford
33f4fffe16 Ruby: Simplify sub!/gsub! sanitizers for cleartext logging query 2022-02-17 13:10:44 +00:00
Harry Maclean
bfd2c14555 Ruby: Add shim StandardLibrary.qll 
This file re-exports everything it used to define, marking each as
deprecated to warn users that they should import `Core` or `Stdlib`
instead.
 2022-02-17 20:44:04 +13:00
Harry Maclean
459f949c24 Ruby: fix old import in ActiveSupport 
codeql.ruby.frameworks.StandardLibrary is deprecated
 2022-02-17 20:44:04 +13:00
Harry Maclean
9fff2cfcff Ruby: Add missing documentation 2022-02-17 20:44:04 +13:00
Harry Maclean
546bfcb8ea Ruby: split tests to match stdlib changes 2022-02-17 20:44:04 +13:00
Harry Maclean
eb4f333c25 Ruby: Move UnknownMethodCall to ast/Call.qll 2022-02-17 20:44:04 +13:00