hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,057 Commits 1,673 Branches 157 Tags
58a6f5a783904dcade804503f730ddaabb69721c
Commit Graph

1057 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arthur Baars
58a6f5a783 Address comments 2021-08-02 16:12:50 +02:00
Arthur Baars
730b6d8e6c Add makefile 2021-08-02 16:12:50 +02:00
Arthur Baars
2f491a1924 Merge pull request #230 from github/redos-enable-tounicode 
enable unicode parsing in the ReDoS query
 2021-08-02 10:42:09 +02:00
Erik Krogh Kristensen
632ad518f0 enable unicode parsing in the ruby ReDoS query 2021-08-02 07:13:41 +00:00
Arthur Baars
d986bea317 Merge pull request #238 from github/aibaars/extract-erb 
Extract ERB tags
 2021-07-29 19:21:32 +02:00
Arthur Baars
00a0b93172 Add erb file 2021-07-29 19:09:56 +02:00
Nick Rolfe
e757d2e654 Merge pull request #241 from github/fix_yml 
Fix invalid file-type identifier
 2021-07-29 12:05:10 +01:00
Arthur Baars
c568162256 Use a single TrapWriter 
The output of two distinct TrapWriters should not be written to the
same TRAP file because this causes name clashes between TRAP labels.
 2021-07-29 12:50:27 +02:00
Nick Rolfe
4aacdafb38 Fix invalid file-type identifier 
Upper-case characters are not allowed.
 2021-07-29 11:49:22 +01:00
Arthur Baars
cc1bdf1fc3 Add charpred to RubyFile class 2021-07-29 11:48:35 +02:00
Arthur Baars
fcf2d4cbd2 Apply suggestions from code review 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2021-07-29 09:02:57 +02:00
Arthur Baars
1d245b8d2e Merge pull request #237 from github/aibaars/rules-sarif 
Build/Release: create rules.sarif file
 2021-07-27 18:49:50 +02:00
Arthur Baars
dacd3f3d19 Update dbscheme stats 2021-07-27 18:43:51 +02:00
Arthur Baars
4d18ec226a Fix dataset_measure.yml 2021-07-27 18:43:51 +02:00
Arthur Baars
38eb6c112f Add ERB extraction 2021-07-27 18:43:51 +02:00
Arthur Baars
768a751271 Add upgrade script 2021-07-27 18:43:51 +02:00
Arthur Baars
866ff7b1f6 Replace Generated module with Ruby 2021-07-27 18:43:44 +02:00
Arthur Baars
02bf895a4a Update dbscheme type references 2021-07-27 18:42:21 +02:00
Arthur Baars
2e10f8f054 Prefix dbscheme entries with language name 2021-07-27 18:17:19 +02:00
Arthur Baars
fe868e4c05 Ruby-Generator: add --dbscheme and --library flags 2021-07-27 18:17:19 +02:00
Arthur Baars
fc8f5919f3 Remove Ruby specific parts from FileSystem.qll 2021-07-27 18:17:15 +02:00
Arthur Baars
58c93bfdca Build/Release: create rules.sarif file 2021-07-27 12:29:27 +02:00
Arthur Baars
3790611ca1 Merge pull request #233 from github/tausbn/bump-typetrackingnode-changes 
Bump `codeql` submodule
 2021-07-20 13:24:30 +02:00
Nick Rolfe
8d21f95ffc Merge pull request #235 from github/comment_fix 
Move comment so it's not treated as part of the precision metadata
 2021-07-19 12:39:13 +01:00
Nick Rolfe
ce35d74447 Move comment so it's not treated as part of the precision metadata 2021-07-19 12:29:16 +01:00
Calum Grant
8d71d09b94 Merge pull request #234 from github/calumgrant/security-severities 
Add security-severity metadata
 2021-07-16 15:40:03 +01:00
Calum Grant
46a03795c2 Add security-severity metadata 2021-07-16 14:05:54 +01:00
Taus
258f85d6d0 Add defaultImplicitTaintRead 2021-07-15 15:52:59 +00:00
Taus
dc4d353a01 Bump shared dataflow library 2021-07-15 15:08:59 +00:00
Taus
ec645725f0 Bump codeql submodule 
Syncs up the shared type tracking implementation with Python.
 2021-07-15 14:35:33 +00:00
Tom Hvitved
42c06bfde4 Merge pull request #226 from github/hvitved/const-flow 
Data flow through constants
 2021-07-14 13:21:07 +02:00
Tom Hvitved
9463927409 Address review comments 2021-07-14 11:05:55 +02:00
Arthur Baars
64a55ba6cf Merge pull request #232 from github/regexp_test_order 
Stabilise node ordering for regexp parsing test
 2021-07-13 17:36:21 +02:00
Nick Rolfe
1fe5162b67 Stabilise node ordering for regexp parsing test 2021-07-13 16:18:21 +01:00
Tom Hvitved
23447e6d58 Reduce size of lookupMethodOrConst 2021-07-02 14:02:26 +02:00
Tom Hvitved
bf696df788 Data flow through constants 2021-07-02 14:02:26 +02:00
Tom Hvitved
3b6e5881c8 Update constants.rb test 2021-07-02 14:02:26 +02:00
Arthur Baars
0eae89a41b Merge pull request #228 from github/qhelp 
QHelp preview
 2021-07-02 14:00:51 +02:00
Arthur Baars
5afd3c7846 Merge pull request #213 from github/aibaars/api-graphs2 
First version of ApiGraphs
 2021-07-02 13:58:00 +02:00
Arthur Baars
48ad0aa1ee Escape file paths 2021-07-02 13:51:22 +02:00
Arthur Baars
b2ba8e664c Handle .inc.qhelp files 2021-07-02 13:32:43 +02:00
Arthur Baars
20570eb1d1 QHelp preview 2021-07-02 13:10:51 +02:00
Tom Hvitved
703e9e726d Merge pull request #225 from github/hvitved/private-methods 
Model private methods and "main objects"
 2021-07-02 11:02:41 +02:00
Tom Hvitved
330b33638e Address review comments 2021-07-02 10:41:10 +02:00
Tom Hvitved
52529d590b Model private methods and "main objects" 2021-07-02 10:41:06 +02:00
Tom Hvitved
9de4ed4d4d Add tests for private methods 2021-07-02 10:39:49 +02:00
Tom Hvitved
8de1eedb41 Merge pull request #227 from github/hvitved/expose-call-graph 2021-07-01 18:29:14 +02:00
Tom Hvitved
c3cff3e113 Expose call graph through Call::getATarget() 2021-07-01 16:40:45 +02:00
Nick Rolfe
d99b5510e5 Merge pull request #219 from github/regex 
Add regexp parser and exponential ReDoS query
 2021-06-30 17:23:29 +01:00
Alex Ford
7cc6b3a7b0 Merge pull request #224 from github/sqli-override-fp 
rb/sql-injection: fix FPs stemming from not accounting for overridden methods
 2021-06-30 17:20:14 +01:00