hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-18 00:44:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
65,141 Commits 1,679 Branches 158 Tags
616015fddf347b208f79c8a3fa778a62b00a09cd
Commit Graph

55 Commits

Author SHA1 Message Date
Tom Hvitved
914a605a87 Ruby: Rework hidden synthetic data-flow nodes 2024-02-27 15:33:58 +01:00
Harry Maclean
8212f5de1b Ruby: Update test 2024-02-26 13:10:27 +00:00
amammad
32f5667bb6 revert YAML.qll and yaml sinks to previous PR, make a separate experimental query only for yaml 2024-02-26 12:12:03 +00:00
Anders Schack-Mulligen
35a3aa0a09 Ruby: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Maiky
35d390ad06 Add Insecure Randomness Query (CWE-338) 2023-10-21 17:23:41 +02:00
Alex Ford
22850b28df Ruby: update alert message test output 2023-10-16 13:08:49 +01:00
Alex Ford
3dd042c38a Merge remote-tracking branch 'origin/main' into maikypedia/ruby-jwt 2023-10-16 12:42:19 +01:00
Alex Ford
79c305c1a1 Merge pull request #14124 from alexrford/rb/dataflow-query-refactor 
Ruby: Use the new dataflow API for checked in queries
 2023-09-13 14:24:47 +01:00
Alex Ford
5b013dd5d2 Merge branch 'main' into rb/dataflow-query-refactor 2023-09-07 14:57:38 +01:00
Tom Hvitved
48e2dcfa35 Ruby: Reimplement flow through captured variables using field flow 2023-09-06 11:00:55 +02:00
Alex Ford
b6d12f8b1c Ruby: configsig rb/zip-slip 2023-09-03 17:20:05 +01:00
Maiky
17565cde75 Add JWT Security Queries 2023-08-25 21:28:53 +02:00
Maiky
ffd618d6cc Revert "Add "" and nil as sources" 
This reverts commit 664c1eba72.
 2023-08-25 15:23:55 +02:00
Maiky
664c1eba72 Add "" and nil as sources 2023-08-22 18:10:33 +02:00
Maiky
6f1b406b3a typo 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-03 17:08:10 +02:00
Maiky
0237f37842 typo 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-08-03 17:07:58 +02:00
Maiky
c54561e775 Merge branch 'main' into maikypedia/ldap-improper-auth 2023-08-03 16:49:30 +02:00
Alex Ford
af854749d7 Ruby: update Ldapinjection test output 2023-07-31 16:08:15 +01:00
Alex Ford
f437a6f729 Merge branch 'main' into maikypedia/ldap-injection 2023-07-31 16:00:41 +01:00
Maiky
2d88ac1846 Suggested Changes 2023-07-27 23:40:52 +02:00
Alex Ford
d89c10dd85 Merge pull request #13130 from maikypedia/maikypedia/xpath-injection 
Ruby :  XPath Injection Query (CWE-643)
 2023-07-14 14:10:09 +01:00
Alex Ford
a524735236 Merge branch 'main' into maikypedia/ldap-injection 2023-07-14 12:05:17 +01:00
Jeroen Ketema
4485560f43 Ruby: Rewrite inline expectation tests to use parameterized module 2023-06-09 10:43:05 +02:00
Maiky
62353122c0 Add Improper LDAP Authentication query (CWE-287) 2023-05-29 21:16:13 +02:00
Maiky
d45d046fa7 Add test file and .expected 2023-05-28 17:29:34 +02:00
Arthur Baars
e0466900ad Merge pull request #12992 from Sim4n6/ruby-UBV 
[Ruby] Add Unicode Bypass Validation query, test and help file
 2023-05-26 13:00:21 +02:00
Sim4n6
90c174de4e Updated the .expected file accordingly 2023-05-23 17:36:50 +01:00
Sim4n6
f7f0564e36 added one more test 2023-05-20 18:00:27 +01:00
Sim4n6
d11cb9195c Use of CGI.escapeHTML() in test samples 2023-05-20 12:57:50 +01:00
Maiky
071a77cedc Ruby : XPath Injection Query (CWE-643) 2023-05-11 15:29:54 +02:00
Sim4n6
1247403d43 Updated expected results file 2023-05-04 08:56:45 +01:00
Alex Ford
82c025020d Merge remote-tracking branch 'origin/main' into maikypedia/ruby-ssti 2023-05-02 16:18:41 +01:00
Alex Ford
a571bc64ac ruby: regenerate TemplateInjection.expected 2023-05-02 16:14:20 +01:00
Sim4n6
019b85beb6 Add Unicode Bypass Validation query, test and help file 2023-05-02 15:36:39 +01:00
Maiky
5d15ec99c8 Change expected file to new 2023-05-02 09:26:41 +02:00
Anders Schack-Mulligen
09d4fe21e8 Ruby: Update more expected output. 2023-04-26 13:37:07 +02:00
Maiky
820db43945 Add ERB Template Injection Sink 2023-04-13 17:21:31 +02:00
Tom Hvitved
b816c79248 Ruby: Include all assignments in data flow paths 2023-03-24 10:09:30 +01:00
Alex Ford
e84b08409c Ruby: test fixes 2023-03-17 12:08:38 +00:00
Grzegorz Niedziela
48007d14d5 move tests to experimental as well and fix .qlref reference 2023-02-24 10:38:21 +00:00
Tom Hvitved
e9bce9f8cd Ruby: Update test expectations 2023-02-17 13:22:28 +01:00
Rasmus Wriedt Larsen
6d43db43dd Ruby: Fix tag missing from getARelevantTag 2022-10-27 09:12:06 +02:00
Josh Soref
8078f91b28 spelling: mapping 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Tom Hvitved
007ab2b7ce Ruby: Do not expose AST layer through ruby.qll 2022-09-13 19:59:56 +02:00
Harry Maclean
cb3ebeedf9 Merge pull request #9696 from thiggy1342/experimental-strong-params 
RB: Experimental strong params query
 2022-07-25 12:08:55 +12:00
thiggy1342
8fabc06d37 fix test assertion 2022-07-21 21:25:44 +00:00
thiggy1342
304203ad2f fix path problem output 2022-07-19 00:25:50 +00:00
thiggy1342
2cc703387b use taint config for data flow 2022-07-14 00:11:52 +00:00
thiggy1342
7129002573 tweak tests more 2022-07-13 00:33:58 +00:00
thiggy1342
b3f1a513d1 Update tests 2022-07-13 00:25:43 +00:00