hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,128 Commits 1,672 Branches 157 Tags
712900257342ffbfbb788c6491e955c7f10c3dc1
Commit Graph

1429 Commits

Author SHA1 Message Date
thiggy1342
7129002573 tweak tests more 2022-07-13 00:33:58 +00:00
thiggy1342
b3f1a513d1 Update tests 2022-07-13 00:25:43 +00:00
thiggy1342
74d6061082 Merge branch 'main' into experimental-manually-check-request-verb 2022-07-12 17:15:54 -04:00
Nick Rolfe
217c9a8aaf Fix typo in changenote 
Co-authored-by: intrigus-lgtm <60750685+intrigus-lgtm@users.noreply.github.com>
 2022-07-12 08:50:58 +01:00
Nick Rolfe
a3628b06f1 Ruby: fix markup in changenote 2022-07-11 17:23:45 +01:00
Nick Rolfe
032aa56dc3 Ruby: add change note for system command execution sink bug 2022-07-11 17:00:07 +01:00
Nick Rolfe
6632dfaf88 Ruby: fix another SystemCommandExecution::isShellInterpreted implementation 2022-07-11 16:53:30 +01:00
thiggy1342
ad7c3e7217 Merge branch 'main' into experimental-manually-check-request-verb 2022-07-11 10:20:07 -04:00
Nick Rolfe
348ad95fc0 Ruby: fix defining every dataflow node as a command execution sink 2022-07-11 15:06:27 +01:00
thiggy1342
6aab970a9e refactor query to use cfg and dataflow 2022-07-08 18:32:54 +00:00
Andrew Eisenberg
fbeecd6c08 Merge pull request #9744 from github/aeisenberg/move-contextual-queries 2022-06-29 11:44:33 -07:00
Andrew Eisenberg
ddf06f8617 Add change notes and qldoc for moved files 2022-06-29 10:03:12 -07:00
Andrew Eisenberg
a3f4d1bf66 Move contextual queries from src to lib 
With this change, users are now able to run View AST command in
vscode within vscode workspaces that do not include the core libraries.
The relevant core library only needs to be installed in the package
cache.
 2022-06-29 07:51:26 -07:00
Brandon Stewart
5888325549 Merge branch 'main' into patch-1 2022-06-29 08:42:24 -04:00
Jeroen Ketema
55e052af26 Merge pull request #9686 from aschackmull/dataflow/no-node-scan 
Dataflow performance: Avoid node scans
 2022-06-29 10:38:56 +02:00
Brandon Stewart
c7b4133fbe Merge branch 'main' into patch-1 2022-06-28 09:46:46 -04:00
Brandon Stewart
33d1aae92a Update ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-06-28 08:51:01 -04:00
Brandon Stewart
1dc26a0ca3 Update ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-06-28 08:50:54 -04:00
Arthur Baars
6e836c7eb8 Merge pull request #9706 from aibaars/update-tree-sitter-ruby-2 
Ruby: update tree-sitter-ruby
 2022-06-28 14:14:15 +02:00
Asger F
cc57cb8af5 Merge branch 'main' into post-release-prep/codeql-cli-2.10.0 2022-06-27 20:37:25 +02:00
Brandon Stewart
99ae1b3f0d Merge branch 'main' into patch-1 2022-06-27 10:12:26 -04:00
Brandon Stewart
52290fd4ae run codeql query format 2022-06-27 10:01:40 -04:00
Arthur Baars
051b865230 Ruby: update tree-sitter-ruby 2022-06-27 13:03:04 +02:00
Asger F
09476d1c13 Ruby: fix deprecation warning 2022-06-27 10:01:37 +02:00
Harry Maclean
101111bd2f Merge pull request #9574 from hmac/hmac/action-cable-logger 
Ruby: More Rails modeling
 2022-06-27 19:56:54 +12:00
Asger F
d6fd43fe12 Merge pull request #9364 from asgerf/ruby/api-graph-api 
Ruby: API graph renaming an documentation
 2022-06-27 08:54:24 +02:00
Brandon Stewart
29e73e1a04 Update ActiveRecord.qll 2022-06-24 15:35:36 -04:00
Brandon Stewart
463c096d4c Update ActiveRecord.qll 2022-06-24 15:33:02 -04:00
Brandon Stewart
2047954013 Merge branch 'main' into patch-1 2022-06-24 15:30:11 -04:00
Brandon Stewart
ff9a7244c2 Update ActiveRecord.qll 2022-06-24 15:28:09 -04:00
github-actions[bot]
d506f448ef Post-release preparation for codeql-cli-2.10.0 2022-06-24 07:36:33 +00:00
Brandon Stewart
caeef68bde Update ActiveRecord.qll 2022-06-23 12:31:05 -04:00
Brandon Stewart
173bea2579 Update ActiveRecord.qll 2022-06-23 12:18:26 -04:00
Brandon Stewart
fa622f551a Update ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2022-06-23 12:16:50 -04:00
Anders Schack-Mulligen
dc517a758e Autoformat 2022-06-23 14:44:40 +02:00
Anders Schack-Mulligen
4a317a25d3 Dataflow: Sync. 2022-06-23 14:34:52 +02:00
Asger F
d94010c244 Grammar: report -> reports 2022-06-23 14:17:52 +02:00
github-actions[bot]
a74051c658 Release preparation for version 2.10.0 2022-06-23 11:17:46 +00:00
Rasmus Wriedt Larsen
3248f7b423 Merge pull request #9649 from RasmusWL/certificate-modeling 
Python/JS/Ruby: Ignore common words (like certain) as sensitive data source
 2022-06-23 12:04:58 +02:00
Rasmus Wriedt Larsen
876ba71d9b Python/JS/Ruby: Add change-note 2022-06-22 11:14:05 +02:00
Rasmus Wriedt Larsen
2ce4b7b9fc SensitiveDataHeuristics: sync 2022-06-22 11:05:14 +02:00
Anders Schack-Mulligen
df6d68b215 Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class 
Dataflow: Deprecate BarrierGuard class
 2022-06-22 10:44:08 +02:00
Michael Nebel
24ba5cc06e Merge pull request #9025 from michaelnebel/csharp/generatedrefactor 
C#: Provenance column in Models as Data CSV format.
 2022-06-22 10:34:31 +02:00
thiggy1342
995f365568 just check string literal 2022-06-22 02:17:01 +00:00
thiggy1342
c767f241ad narrow query scope 2022-06-22 02:12:23 +00:00
thiggy1342
f6c4b5c44b Merge branch 'experimental-manually-check-request-verb' of https://github.com/thiggy1342/codeql into experimental-manually-check-request-verb 2022-06-21 21:27:39 +00:00
thiggy1342
990747cd22 Limit findings to just those called in Controllers 2022-06-21 21:27:18 +00:00
Brandon Stewart
a2e2dcdfd5 Make ActiveRecordInstanceMethodCall Public 2022-06-21 14:44:52 -04:00
Anders Schack-Mulligen
f8f9b7d3b4 Apply suggestions from code review 2022-06-21 14:11:36 +02:00
Asger F
a1af9c3d7d Ruby: update predicate docs 2022-06-21 12:44:16 +02:00