hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,232 Commits 1,671 Branches 157 Tags
2f22acdd062fd00ad3cbcf24a9008dbeeb547817
Commit Graph

4913 Commits

Author SHA1 Message Date
Owen Mansel-Chan
2f22acdd06 Remove hashing example when not covered by query 2025-10-08 16:48:57 +01:00
Owen Mansel-Chan
0bcdb91639 Improve qhelp for broken crypto algo queries 
Previously it focussed too much on the risk of data being decrypted,
and didn't explain why using weak algorithms is a problem in other
contexts.
 2025-10-08 14:10:54 +01:00
Owen Mansel-Chan
2a1c9d8ec1 Remove erroneous comma 2025-10-08 14:08:36 +01:00
Owen Mansel-Chan
90db349f4b State that ruby broken crypto algo doesn't deal with hashing 2025-10-08 14:05:00 +01:00
Simon Friis Vindum
402d58bc3a Merge pull request #20553 from paldepind/rust-ruby/update-cargo-deps 
Rust, ruby: Update cargo dependencies
 2025-10-03 14:50:55 +02:00
Simon Friis Vindum
4846cf4791 Cargo: upgrade dependencies 2025-09-30 10:21:17 +02:00
github-actions[bot]
a7a4e43991 Post-release preparation for codeql-cli-2.23.2 2025-09-29 15:10:19 +00:00
github-actions[bot]
d2130a589b Release preparation for version 2.23.2 2025-09-29 10:28:45 +00:00
Tom Hvitved
1a4cfba93a Merge pull request #20427 from felickz/ruby-framework-grape 
Ruby: Add support for Grape Framework
 2025-09-25 16:12:34 +02:00
Chad Bentz
46d330cb21 Merge branch 'ruby-framework-grape' of github.com:felickz/codeql into ruby-framework-grape 2025-09-23 10:40:46 -04:00
Chad Bentz
37e0c30842 Add expected output for VariablesConsistency test case 2025-09-23 10:40:30 -04:00
Chad Bentz
7a9a259c03 Merge branch 'main' into ruby-framework-grape 2025-09-22 19:29:36 -04:00
Chad Bentz
89fd9694ce codeql query format 2025-09-22 19:25:05 -04:00
Chad Bentz
6e56c549b2 Refactor Grape method call classes to simplify handling of API instance calls for headers, request, route_param, and cookies 2025-09-22 19:21:23 -04:00
Chad Bentz
0665c39a07 Refactor GrapeHelperMethod constructor to reuse getHelperSelf to traverse dataflow instead of AST 
- add tests to check for nested helpers
 2025-09-22 19:08:34 -04:00
Chad Bentz
ecd0ce65fe Refactor GrapeHeadersBlockCall and GrapeCookiesBlockCall to simplify method call checks 2025-09-22 12:52:30 -04:00
Chad Bentz
b837c56bec Refactor RootApi and GrapeApiClass constructors for improved readability; add getHelperSelf method to retrieve self parameter in helpers block. 2025-09-22 10:13:33 -04:00
Simon Friis Vindum
7d6e2060e5 Adapt all languages to changes in shared library 2025-09-22 14:18:58 +02:00
Chad Bentz
1bf6101967 Remove redundant exclusion of base Grape::API module from GrapeApiClass 
- should not impact extracted application code
 2025-09-21 20:52:28 -04:00
Chad Bentz
50bf9ae756 Refactor RootApi class to use getAnImmediateDescendent for clarity 2025-09-21 20:44:46 -04:00
Chad Bentz
f4bbbc346f Refactor Grape framework to be encapsulated properly in Module 2025-09-19 19:06:50 -04:00
Chad Bentz
89e9ee43c0 Convert from GrapeHelperMethodTaintStep extends AdditionalTaintStep to a simplified GrapeHelperMethodTarget extends AdditionalCallTarget 2025-09-19 18:28:45 -04:00
Anders Schack-Mulligen
d93b2edc0d Ruby: Accept test changes. 2025-09-18 08:13:43 +02:00
Chad Bentz
141b470002 Merge branch 'main' into ruby-framework-grape 2025-09-17 12:12:13 -04:00
Simon Friis Vindum
203788d4f1 Merge pull request #20408 from paldepind/rust/update-rust-analyzer 
Rust: Upgrade to rust-analyzer 0.0.301
 2025-09-17 16:04:35 +02:00
github-actions[bot]
4e8343664f Post-release preparation for codeql-cli-2.23.1 2025-09-17 10:13:40 +00:00
Chad Bentz
c5e3be2c4c Grape - detect params calls inside helper methods 
- added unit tests for flow using inline format
- removed grape from Arel tests (temporary)
 2025-09-16 17:09:18 -04:00
github-actions[bot]
02a1b1efcb Release preparation for version 2.23.1 2025-09-16 14:14:42 +00:00
Chad Bentz
ffd32efba2 codeql query format 2025-09-16 09:08:07 -04:00
Chad Bentz
0d0ce32ef2 Merge branch 'ruby-framework-grape' of github.com:felickz/codeql into ruby-framework-grape 2025-09-15 22:11:38 -04:00
Chad Bentz
fc98cd8d08 Fix naming standards 2025-09-15 22:11:33 -04:00
Chad Bentz
19cb187436 Update ruby/ql/lib/codeql/ruby/frameworks/Grape.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-15 22:03:27 -04:00
Chad Bentz
a8d4d6b563 Apply naming standards + changenote 2025-09-15 22:02:03 -04:00
Chad Bentz
5cfa6e83b3 Add support for route parameters(+ blocks), headers, and cookies in Grape API 2025-09-12 22:51:47 -04:00
Chad Bentz
3252bd39d2 Enhance Grape framework with additional data flow modeling and helper method support 2025-09-12 22:13:21 -04:00
Chad Bentz
738ab6fba7 Refactor Grape framework code for improved readability and consistency 2025-09-12 19:23:15 -04:00
Chad Bentz
d295acc3c3 Add initial support for Ruby Grape 2025-09-12 19:22:05 -04:00
Simon Friis Vindum
3cf1a16a13 Cargo: upgrade dependencies 2025-09-12 15:45:37 +02:00
Simon Friis Vindum
50b3571124 Cargo: Revert changes to the Ruby extractors Cargo file 2025-09-11 11:35:33 +02:00
Simon Friis Vindum
55d022f6eb Cargo: upgrade dependencies 2025-09-11 10:47:26 +02:00
Arthur Baars
5d3ec35e29 Remove non-breaking spaces from code 2025-09-05 09:41:15 +02:00
Michael Nebel
31852985e5 Merge pull request #20335 from michaelnebel/shared/ql4ql 
Shared and Sync: Fix some Ql4Ql violations.
 2025-09-02 14:37:34 +02:00
Arthur Baars
0bb7fdccf6 Merge pull request #20347 from github/post-release-prep/codeql-cli-2.23.0 
Post-release preparation for codeql-cli-2.23.0
 2025-09-02 14:14:03 +02:00
Anders Schack-Mulligen
f833fe0e6e Merge pull request #20300 from aschackmull/cfg/successortype 
Shared: Add a shared SuccessorType implementation
 2025-09-02 14:09:35 +02:00
Michael Nebel
7490d8ddd2 Shared and Sync: Fix some Ql4Ql violations. 2025-09-02 13:54:22 +02:00
github-actions[bot]
e8a2600a0c Post-release preparation for codeql-cli-2.23.0 2025-09-02 11:46:23 +00:00
github-actions[bot]
0bfa93828b Release preparation for version 2.23.0 2025-09-02 11:09:32 +00:00
Michael Nebel
7ae5d405fc Merge pull request #20332 from michaelnebel/ruby/ql4ql 
Ruby: Fix some Ql4Ql violations.
 2025-09-02 12:04:03 +02:00
Anders Schack-Mulligen
3d4d347150 SuccessorType: Address review comments. 2025-09-02 11:10:00 +02:00
Henry Mercer
d71991fdc0 Merge pull request #20320 from github/henrymercer/default-queries 
Specify default queries in `codeql-extractor.yml`
 2025-09-01 15:52:47 +01:00