hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-30 02:51:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,708 Commits 1,763 Branches 168 Tags
4c318669100bd073ed34d41c387dd26f79e27015
Commit Graph

4766 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
4c31866910 Merge pull request #21867 from aschackmull/ruby/callable-body 
Ruby: Split callable and its body into two AST nodes.
 2026-05-29 10:16:19 +02:00
Anders Schack-Mulligen
780591d42a Ruby: Remove spurious parent-child edges for Ruby::SimpleSymbol. 
These treesitter nodes translate to multiple AstNodes, but we only want
those that are Stmts.
 2026-05-27 10:06:15 +02:00
Anders Schack-Mulligen
3aa69823af Ruby: Skip BodyStmt in ErbDirective.getAChildStmt. 2026-05-27 10:06:14 +02:00
Óscar San José
996e79131e Merge branch 'main' into post-release-prep/codeql-cli-2.25.5 2026-05-22 16:32:30 +02:00
Anders Schack-Mulligen
e07f45fff4 Ruby: Accept test changes. 2026-05-22 13:36:59 +02:00
Anders Schack-Mulligen
3adb7043e8 Ruby: Fix pre-existing bug. 2026-05-22 13:29:45 +02:00
Anders Schack-Mulligen
7dcd2d6ab6 Ruby: Adjust CFG to updated AST. 2026-05-22 11:06:15 +02:00
Anders Schack-Mulligen
b6c2915f24 Ruby: Split callable and its body into two AST nodes. 2026-05-22 11:06:14 +02:00
github-actions[bot]
9f64000962 Post-release preparation for codeql-cli-2.25.5 2026-05-18 15:20:31 +00:00
github-actions[bot]
e38616a2ef Release preparation for version 2.25.5 2026-05-18 12:05:32 +00:00
Anders Schack-Mulligen
cb0fc786c7 Ruby: Minor cleanup, Callable is a StmtSequence. 2026-05-18 13:05:14 +02:00
Paolo Tranquilli
d16bc36e83 Use relative paths in tree-sitter extractor diagnostics 
Diagnostic `location.file` entries were using absolute paths (e.g.
`/home/runner/work/...`), causing broken links in the GitHub UI.
Now relativize against CWD (the source root during extraction), falling
back to a properly percent-encoded `file:` URI for paths outside it.

Fixes https://github.com/github/codeql/issues/21802

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-05-13 09:45:37 +02:00
Owen Mansel-Chan
0b808e1170 Merge pull request #21807 from owen-mc/java/improve-qhelp-unsafe-deserialization 
Shared: improve qhelp for unsafe deserialization queries
 2026-05-12 22:22:49 +01:00
Owen Mansel-Chan
a5ef036465 Note that common standard library types can be vulnerable to gadget-chain attacks 2026-05-08 14:18:54 +01:00
Owen Mansel-Chan
ed9477aac9 Ruby: Clarify that deserialization following a schema is safe 2026-05-08 14:06:16 +01:00
github-actions[bot]
7610277199 Post-release preparation for codeql-cli-2.25.4 2026-05-05 10:10:06 +00:00
github-actions[bot]
88e1d86c27 Release preparation for version 2.25.4 2026-05-05 09:34:30 +00:00
Tom Hvitved
18da5f61cd Ruby: Remove deprecated references to deprecated shared code 2026-04-23 11:29:04 +02:00
Owen Mansel-Chan
6efb21314a Merge pull request #21523 from owen-mc/docs/mad/barriers 
Document models-as-data barriers and barrier guards and add change notes
 2026-04-21 13:49:19 +01:00
github-actions[bot]
a0bab539bb Post-release preparation for codeql-cli-2.25.3 2026-04-20 12:40:34 +00:00
github-actions[bot]
c861d99802 Release preparation for version 2.25.3 2026-04-20 09:27:23 +00:00
Owen Mansel-Chan
76d165e71e "modelling" -> "modeling" in docs 2026-04-14 15:27:39 +01:00
Owen Mansel-Chan
8f17b73796 Fix link formatting in change notes 2026-04-14 15:27:37 +01:00
Owen Mansel-Chan
c86ba38a4e Add change notes 2026-04-14 15:27:31 +01:00
Henry Mercer
43c9b95e6f Merge branch 'main' into post-release-prep/codeql-cli-2.25.2 2026-04-14 13:56:52 +01:00
Owen Mansel-Chan
7458674470 Merge pull request #21584 from owen-mc/shared/update-mad-comments 
Shared: update code comments explaining models-as-data format to include barriers and barrier guards
 2026-04-14 09:30:28 +01:00
github-actions[bot]
242090e0ac Post-release preparation for codeql-cli-2.25.2 2026-04-06 13:49:20 +00:00
github-actions[bot]
4fe2f6d2b4 Release preparation for version 2.25.2 2026-04-06 10:30:38 +00:00
Óscar San José
59eec7ffa2 Merge branch 'main' of https://github.com/github/codeql into post-release-prep/codeql-cli-2.25.1 2026-03-30 10:51:12 +02:00
github-actions[bot]
ce6e6d5db3 Post-release preparation for codeql-cli-2.25.1 2026-03-30 08:43:48 +00:00
Owen Mansel-Chan
37aac05964 Replace branch with acceptingValue 2026-03-27 22:39:10 +00:00
Owen Mansel-Chan
10fddc7b96 Add barriers and barrier guards to MaD format explanations 2026-03-27 09:47:24 +00:00
github-actions[bot]
fb011842c9 Release preparation for version 2.25.1 2026-03-25 23:43:06 +00:00
github-actions[bot]
8cf0954796 Release preparation for version 2.25.1 2026-03-25 08:28:30 +00:00
Tom Hvitved
cc99867969 Merge pull request #21511 from hvitved/ruby/empty-stats 
Ruby: Use empty DB stats
 2026-03-24 08:25:43 +01:00
Tom Hvitved
4b364639a2 Ruby: Fix join orders following DB stats removal 2026-03-20 13:13:38 +01:00
Óscar San José
2139b97628 Merge branch 'main' into post-release-prep/codeql-cli-2.25.0 2026-03-19 13:07:00 +01:00
Tom Hvitved
750f1ae8e9 Ruby: Use empty DB stats 2026-03-19 10:18:42 +01:00
github-actions[bot]
e3dbf5b022 Post-release preparation for codeql-cli-2.25.0 2026-03-16 16:03:22 +00:00
github-actions[bot]
d6055754b6 Release preparation for version 2.25.0 2026-03-16 12:15:34 +00:00
Owen Mansel-Chan
52809133f5 Add change notes 2026-03-13 11:10:43 +00:00
Owen Mansel-Chan
056aa342fe Change @security-severity for log injection queries from 7.8 to 6.1 2026-03-13 10:02:01 +00:00
Owen Mansel-Chan
f58a6e5d3a Change @security-severity for XSS queries from 6.1 to 7.8 2026-03-13 10:01:02 +00:00
Óscar San José
3b9eba2afc Merge branch 'main' of https://github.com/github/codeql into oscarsj/merge-back-rc-3.21 2026-03-06 16:20:36 +01:00
Owen Mansel-Chan
c82f75604a Add change notes 2026-03-05 10:34:30 +00:00
Owen Mansel-Chan
1950fd33db Ruby: Inline expectation should have space before $ 2026-03-04 13:11:41 +00:00
Owen Mansel-Chan
6001c735ff Ruby: Inline expectation should have space after $ 
This was a regex-find-replace from `# \$(?! )` (using a negative lookahead) to `# $ `.
 2026-03-04 12:45:06 +00:00
github-actions[bot]
e152f08468 Post-release preparation for codeql-cli-2.24.3 2026-03-02 22:51:27 +00:00
github-actions[bot]
7795badd18 Release preparation for version 2.24.3 2026-03-02 13:23:40 +00:00
Owen Mansel-Chan
12bd709219 Merge pull request #21341 from owen-mc/rb/accept-mad-sanitizers 
Ruby: Accept MaD sanitizers for queries with MaD sinks and convert some existing sanitizers
 2026-02-23 11:44:05 +00:00