hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-06 10:11:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,387 Commits 1,690 Branches 160 Tags
7437de2909ebdea6dd2265218cab1906b9d716eb
Commit Graph

2927 Commits

Author SHA1 Message Date
Tom Hvitved
2113c3c3d9 Ruby: Remove NumberUtils.qll 2023-02-13 15:59:50 +01:00
Anders Schack-Mulligen
e877b161d8 Merge pull request #12124 from hvitved/dataflow/stage1-dispatch 
Data flow: Call context virtual dispatch pruning in stage 1
 2023-02-13 13:13:43 +01:00
Arthur Baars
457a2bb2a2 Merge pull request #12093 from aibaars/oneline-match 
Ruby: add support for one-line pattern matches
 2023-02-13 12:38:28 +01:00
Erik Krogh Kristensen
2f404df17c Merge pull request #10782 from erik-krogh/rbPoly 
Ruby: add library input as a source for `rb/polynomial-redos`
 2023-02-13 12:26:07 +01:00
Erik Krogh Kristensen
26d5fb2412 Merge pull request #11824 from erik-krogh/secondMissAnchor 
RB: add query detecting validators that use badly anchored regular expressions on library/remote input
 2023-02-13 11:26:05 +01:00
erik-krogh
634087b417 Merge branch 'main' into rbPoly 2023-02-13 10:46:00 +01:00
Tom Hvitved
0b8173e2e7 Ruby: Add another data flow test 2023-02-13 09:50:50 +01:00
Tom Hvitved
f7a5a33474 Address review comment 2023-02-13 09:01:15 +01:00
Arthur Baars
679f02c274 Address comments 2023-02-10 18:08:30 +01:00
Arthur Baars
07947e6528 Address comments 2023-02-09 12:02:14 +01:00
dependabot[bot]
bd98ae0dcc build(deps): bump serde_json from 1.0.91 to 1.0.93 in /ruby 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.91 to 1.0.93.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.91...v1.0.93)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-09 08:13:18 +00:00
Erik Krogh Kristensen
3ebac65167 apply change-note suggestions from doc review 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
 2023-02-08 14:55:54 +01:00
Arthur Baars
78ad9d67b4 Address comments 2023-02-08 13:40:46 +01:00
erik-krogh
eb564760be improve qhelp based on doc review 2023-02-08 11:00:54 +01:00
Mathias Vorreiter Pedersen
334c41c3e1 Merge pull request #12122 from github/post-release-prep/codeql-cli-2.12.2 
Post-release preparation for codeql-cli-2.12.2
 2023-02-07 16:17:57 +00:00
Tom Hvitved
8e8897b08b Data flow: Sync files 2023-02-07 15:15:04 +01:00
Tom Hvitved
10534b62c9 Data flow: Call context virtual dispatch pruning in stage 1 2023-02-07 15:14:27 +01:00
github-actions[bot]
522a892d32 Post-release preparation for codeql-cli-2.12.2 2023-02-07 13:19:06 +00:00
Tom Hvitved
984729f9b0 Merge pull request #12117 from hvitved/ruby/delay-location-to-string 
Ruby: Avoid computing `Location::toString` in full
 2023-02-07 12:42:03 +01:00
Tom Hvitved
c0e3186607 Ruby: Avoid computing Location::toString in full 2023-02-07 10:06:47 +01:00
Arthur Baars
12f5732782 Ruby: downgrade tree-sitter to 0.20.7 
The 0.20.9 version caused a stack overflow error on
the mongo-ruby-driver repository.
 2023-02-06 16:27:51 +01:00
Mathias Vorreiter Pedersen
00fe448e3a Merge pull request #12072 from aschackmull/dataflow/stage3-perf 
Dataflow: Fix join in `fwdFlowRead` (take 2)
 2023-02-06 10:43:11 +00:00
Arthur Baars
e382d6d000 Ruby: update stats 2023-02-06 10:28:19 +01:00
Arthur Baars
ec46f33a01 Ruby: add change note 2023-02-06 10:17:19 +01:00
Arthur Baars
f391948b53 Ruby: update expected output 2023-02-06 10:17:19 +01:00
Arthur Baars
4af0c4bb03 Ruby: desugar one-line pattern matches 2023-02-06 10:17:19 +01:00
Arthur Baars
3c15fd266d Ruby: add one-line pattern match test 2023-02-06 10:17:19 +01:00
Arthur Baars
edbba85b96 Ruby: add one-line pattern matches to AST 2023-02-06 10:17:18 +01:00
Arthur Baars
e390ca50b0 Ruby: upgrade/downgrade scripts 2023-02-06 10:17:18 +01:00
Arthur Baars
90c51ef404 Ruby: re-generate dbscheme and library 2023-02-06 10:17:18 +01:00
Arthur Baars
c554a10e06 Ruby: update tree-sitter-ruby 2023-02-06 10:17:18 +01:00
erik-krogh
3545bb0819 adjust qhelp based on review 2023-02-03 10:50:18 +01:00
Mathias Vorreiter Pedersen
4e7ca1a175 Merge pull request #12082 from github/post-release-prep/codeql-cli-2.12.2 
Post-release preparation for codeql-cli-2.12.2
 2023-02-03 09:40:57 +00:00
Arthur Baars
9a4cec7691 Merge pull request #11956 from aibaars/json-log 
Ruby: structured logging
 2023-02-03 09:54:49 +01:00
github-actions[bot]
faf21f3edb Post-release preparation for codeql-cli-2.12.2 2023-02-02 23:01:04 +00:00
Anders Schack-Mulligen
67d4ed53b9 Dataflow: Sync. 2023-02-02 16:33:00 +01:00
Jeroen Ketema
3cf5107b45 Apply suggestions from code review 2023-02-02 15:48:29 +01:00
github-actions[bot]
a4fa984792 Release preparation for version 2.12.2 2023-02-02 14:34:55 +00:00
Arthur Baars
a46061541b Ruby: address review comment 2023-02-01 09:59:05 +01:00
Arthur Baars
fa81d9da18 Apply suggestions from code review 
Co-authored-by: Harry Maclean <hmac@github.com>
 2023-02-01 09:47:39 +01:00
Harry Maclean
da45d3aa7f Ruby: Fix string comparison barrier guard 
`strNode` was not properly restricted for some cases.
 2023-02-01 14:40:53 +13:00
Harry Maclean
0d68d88741 Merge pull request #11934 from hmac/actioncontroller-filters 2023-02-01 09:10:30 +13:00
Arthur Baars
57012714d6 Ruby: serialize timestamps as ISO8601 2023-01-31 14:32:29 +01:00
dependabot[bot]
7f22c4c474 Bump clap from 3.0.12 to 3.0.14 in /ruby 
Bumps [clap](https://github.com/clap-rs/clap) from 3.0.12 to 3.0.14.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.0.12...v3.0.14)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 12:49:34 +00:00
Arthur Baars
d944c2bd79 Ruby: address comments 2023-01-31 10:22:12 +01:00
Harry Maclean
c99a096c9b Ruby: Update test fixtures 2023-01-31 11:27:19 +13:00
Harry Maclean
69ed00cdf1 Ruby: QL4QL fix 2023-01-31 11:06:32 +13:00
erik-krogh
31743afa87 add change-note 2023-01-30 16:34:23 +01:00
erik-krogh
e01002368f add query detecting validators that use badly anchored regular expressions on library/remote input 2023-01-30 16:34:20 +01:00
erik-krogh
f04a9cb523 Merge branch 'main' into rbRegConcept 2023-01-30 11:05:40 +01:00