hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 20:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,205 Commits 1,673 Branches 157 Tags
720cf0ab7a5bb024fecdb200c6d46ffc6123b273
Commit Graph

3060 Commits

Author SHA1 Message Date
Tom Hvitved
08557974ae Merge pull request #12499 from hvitved/ruby/more-constructor-flow 
Ruby: Add missing flow through `self.new` constructor calls
 2023-03-14 09:14:42 +01:00
Tony Torralba
705691b096 Merge pull request #12446 from github/java/update-mad-decls-after-triage-2023-03-08T14-51-59 
Java: Update MaD Declarations after Triage
 2023-03-13 14:07:59 +01:00
Anders Schack-Mulligen
0c95ab2cdc Merge pull request #12474 from hvitved/dataflow/call-back-post-update 
Data flow: Synthesize post-update nodes for callback arguments inside summarized callables
 2023-03-13 13:21:52 +01:00
dependabot[bot]
6e75df4088 Merge pull request #12494 from github/dependabot/cargo/ruby/serde-1.0.155 2023-03-13 11:49:00 +00:00
Erik Krogh Kristensen
060c37b6a2 Merge pull request #12345 from erik-krogh/delOldDeps 
delete old deprecations
 2023-03-13 12:48:24 +01:00
Tom Hvitved
163bb2b94d Add change note 2023-03-13 12:45:46 +01:00
Tom Hvitved
714b61b63e Ruby: Add missing flow through self.new constructor calls 2023-03-13 12:45:46 +01:00
dependabot[bot]
219bac74bf Bump serde from 1.0.154 to 1.0.155 in /ruby 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.154 to 1.0.155.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.154...v1.0.155)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 11:36:09 +00:00
Arthur Baars
e0a49e2999 Merge pull request #12486 from aibaars/windows-long-paths 
Ruby: support long paths on Windows
 2023-03-13 12:18:50 +01:00
Arthur Baars
41a53ec109 Address comments 2023-03-13 11:50:03 +01:00
Anders Schack-Mulligen
c380ecbbbc Data flow: Add change notes. 2023-03-13 11:09:13 +01:00
erik-krogh
6c1ebd999e Merge branch 'main' into delOldDeps 2023-03-13 11:00:29 +01:00
Tom Hvitved
6ee231fac5 Ruby: Add more tests for flow through constructors 2023-03-13 10:52:01 +01:00
Arthur Baars
c67bfff33b Ruby: strip \\?\ from display paths 2023-03-10 22:32:11 +01:00
Arthur Baars
4bfcc31ef0 Ruby: support long paths on Windows 2023-03-10 22:32:11 +01:00
Anders Schack-Mulligen
1e64748ffe Dataflow: Autoformat. 2023-03-10 15:12:19 +01:00
Anders Schack-Mulligen
289f921171 Dataflow: Sync. 2023-03-10 14:56:54 +01:00
Anders Schack-Mulligen
00f0879ff5 Dataflow: Sync. 2023-03-10 14:56:54 +01:00
Tom Hvitved
6eea906bbf Data flow: Synthesize post-update nodes for callback arguments inside summarized callables 2023-03-10 12:43:21 +01:00
Tony Torralba
8aa80882ea Sync files 2023-03-10 12:35:13 +01:00
Anders Schack-Mulligen
83569911ae Merge pull request #12230 from aschackmull/all/autoformat 
Mass autoformat with class and module declarations format fix
 2023-03-10 12:29:34 +01:00
Anders Schack-Mulligen
159d8e978c Dataflow: one more autoformat post rebase 2023-03-10 10:04:35 +01:00
Anders Schack-Mulligen
a5d229903d Ruby: Autoformat 2023-03-10 09:41:20 +01:00
Harry Maclean
9cf2acface Ruby: Make trap option title consistent with C# 2023-03-10 21:11:58 +13:00
Harry Maclean
cf64e0e85f Ruby: trap_compression -> trap.compression 
Change the trap_compression extractor option to be an object `trap` with
a nested option `compression`. This means that on the command line you
would supply the option as follows:

    codeql database create --extractor-option trap.compression=gzip

This is a little less jarring than the previous design, which would use
underscores amonst the hyphens:

    codeql database create --extractor-option trap_compression=gzip
 2023-03-10 19:18:49 +13:00
Nick Rolfe
7649772935 Expose TRAP compression option via the new extractor options feature. 2023-03-10 19:09:51 +13:00
Arthur Baars
348165205c Merge pull request #12442 from aibaars/diagnostics-tests 
Ruby: add some integration tests for diagnostic messages
 2023-03-09 21:58:42 +01:00
Mathias Vorreiter Pedersen
59402eb754 Merge pull request #12462 from MathiasVP/disable-std-order-in-fwd-flow-stage-1 
DataFlow: Disable standard order in `Stage1::fwdFlow`
 2023-03-09 15:30:05 +00:00
Alex Ford
5ef71f9d28 Merge pull request #12306 from alexrford/rb/more-expr-nodes 
Ruby: ensure that all Ast `Expr`s have a dataflow node type more precise than `ExprNode`
 2023-03-09 14:54:34 +00:00
Asger F
6e744093e2 Merge pull request #12398 from github/post-release-prep/codeql-cli-2.12.4 
Post-release preparation for codeql-cli-2.12.4
 2023-03-09 15:38:21 +01:00
Arthur Baars
c98e0fa0b4 Ruby: fix comment 2023-03-09 13:14:57 +01:00
Arthur Baars
8096f86224 Ruby: lower severity of parse error to warning 2023-03-09 13:14:57 +01:00
Mathias Vorreiter Pedersen
1f77f77153 DataFlow: Sync identical files. 2023-03-09 10:41:15 +00:00
dependabot[bot]
060cd9fada Bump serde from 1.0.152 to 1.0.154 in /ruby 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.152 to 1.0.154.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.152...v1.0.154)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-09 04:06:43 +00:00
Arthur Baars
ebf0bb889b Ruby: add some integration tests for diagnostic messages 2023-03-08 16:35:43 +01:00
Arthur Baars
2d6f3ed6c2 Address comments 2023-03-08 13:10:03 +01:00
Arthur Baars
858aa9ae63 Ruby: add some links to diagnostic messages 2023-03-07 17:55:13 +01:00
Arthur Baars
78a802359e Remove references to 'ruby' in generic extractor code 2023-03-07 13:38:48 +01:00
Tom Hvitved
b6a709df50 Ruby: Rewrite Stored XSS query to use new data flow interface 2023-03-07 07:23:27 +01:00
Mathias Vorreiter Pedersen
92ad099c1b DataFlow: Remove bindingsets, remove the call column, and swap parameter and argument columns. 2023-03-06 13:47:59 +00:00
Mathias Vorreiter Pedersen
3bf28cc752 DataFlow: Sync identical files. 2023-03-06 13:46:21 +00:00
Mathias Vorreiter Pedersen
e6b6369a21 Ruby: Add stub. 2023-03-06 13:44:59 +00:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
Arthur Baars
d2ab40c184 Merge pull request #12208 from gregxsunday/main 
Add ZipSlip and TarSlip query to ruby
 2023-03-06 10:40:06 +01:00
Anders Schack-Mulligen
557cb17f4d Dataflow: Minor perf fix for single config wrapper. 2023-03-06 10:24:33 +01:00
dependabot[bot]
f93b304578 Bump serde_json from 1.0.93 to 1.0.94 in /ruby 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.93 to 1.0.94.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.93...v1.0.94)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 04:15:01 +00:00
Dave Bartolomeo
e169702165 Merge branch 'main' into post-release-prep/codeql-cli-2.12.4 2023-03-04 09:20:44 -05:00
github-actions[bot]
af61b45785 Post-release preparation for codeql-cli-2.12.4 2023-03-04 14:16:55 +00:00
github-actions[bot]
462da63970 Release preparation for version 2.12.4 2023-03-03 14:11:51 +00:00
Kasper Svendsen
fe65fb8743 Merge pull request #12360 from kaspersv/kaspersv/actioncontroller-prevent-bad-join 
ActionController: Prevent bad join
 2023-03-03 13:38:33 +01:00