codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00

Author	SHA1	Message	Date
Harry Maclean	75b13da4e4	Ruby: Block flow from LHS of && expressions The only values that can flow from the LHS of an && expression are `false` and `nil`, neither of which seem relevant for any of our queries.	2024-01-30 08:53:32 +00:00
github-actions[bot]	d0b74c00fe	Post-release preparation for codeql-cli-2.16.1	2024-01-23 23:02:29 +00:00
github-actions[bot]	7ef611e6dc	Release preparation for version 2.16.1	2024-01-23 19:45:16 +00:00
erik-krogh	865df920f9	add change-notes	2024-01-22 19:30:57 +01:00
erik-krogh	8be7eadace	delete outdated deprecations	2024-01-22 09:11:35 +01:00
Sid Shankar	2c683c910f	Merge branch 'change/adjust-extracted-files-diagnostics' of https://github.com/sidshank/codeql into change/adjust-extracted-files-diagnostics	2024-01-17 14:32:36 +00:00
Sid Shankar	0824ab77e9	Adds change notes	2024-01-17 14:31:40 +00:00
Sid Shankar	59098be8c4	Merge branch 'main' into change/adjust-extracted-files-diagnostics	2024-01-16 21:51:41 -05:00
Alexander Eyers-Taylor	934474681d	Merge pull request #15254 from github/post-release-prep/codeql-cli-2.16.0 Post-release preparation for codeql-cli-2.16.0	2024-01-16 14:50:40 +00:00
github-actions[bot]	57df8b92df	Post-release preparation for codeql-cli-2.16.0	2024-01-15 15:00:50 +00:00
Tom Hvitved	295198744b	Ruby: Handle captured `yield` calls	2024-01-10 14:25:15 +01:00
Tom Hvitved	55be4c39ef	Ruby: Add data flow call sensitivity test	2024-01-10 14:25:12 +01:00
Tom Hvitved	c9cf2a899c	Merge pull request #15260 from hvitved/dataflow/may-benefit-from-cctx-simplify Data flow: Remove column from `mayBenefitFromCallContext`	2024-01-10 11:43:15 +01:00
Tom Hvitved	f90201eb56	Data flow: Remove column from `mayBenefitFromCallContext`	2024-01-09 11:34:43 +01:00
Sid Shankar	b26fef816a	Rb: Report any extracted file as successfully extracted	2024-01-08 22:21:30 +00:00
Alex Ford	ef8ca55d92	Merge pull request #15203 from pwntester/patch-3 Ruby: Update Kernel.qll to include `Object.send` aliases	2024-01-08 15:32:57 +00:00
Chuan-kai Lin	a743fca3a5	Merge pull request #15243 from github/cklin/upgrade-delete-fixes-ruby Ruby: Fix upgrade delete directives	2024-01-08 07:27:59 -08:00
github-actions[bot]	a6c8cc9551	Release preparation for version 2.16.0	2024-01-08 13:11:26 +00:00
Arthur Baars	f4df5c9556	Merge pull request #15224 from aibaars/ruby-update-grammar Ruby: update tree-sitter-ruby	2024-01-08 11:01:42 +01:00
Alvaro Muñoz	dbefc132de	Apply suggestions from code review Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2024-01-07 10:31:50 +01:00
Chuan-kai Lin	66d2b9b7d2	Ruby: Fix upgrade delete directives	2024-01-05 14:21:52 -08:00
Alvaro Muñoz	9146407f23	Add `[]` to the list of methods returning an `ActionController::Parameters"	2024-01-05 15:14:11 +01:00
Arthur Baars	20022b6f3a	Add test case	2024-01-05 14:39:30 +01:00
Arthur Baars	aad42b1b0d	Add change note	2024-01-05 14:36:52 +01:00
Arthur Baars	6ed7223167	Ruby: update tree-sitter-ruby	2024-01-05 14:33:14 +01:00
Harry Maclean	c96be39474	Merge pull request #15048 from hmac/hmac-model-editor-ruby-modules Ruby: Model editor improvements	2024-01-03 12:53:43 +00:00
Harry Maclean	22830c7311	Ruby: Address review comments	2024-01-02 14:39:53 +00:00
Harry Maclean	4c6855ed93	Ruby: Address review comments	2024-01-02 13:51:12 +00:00
Alvaro Muñoz	2964aef083	Update Kernel.qll to include `send` aliases Add `public_send` and `__send__` as Code Injection sinks as proposed by @vcsjones	2023-12-28 19:08:03 +01:00
Aditya Sharad	b1803d0ac2	Merge rc/3.12 into main	2023-12-21 16:40:51 -08:00
github-actions[bot]	8f72b0e4f7	Post-release preparation for codeql-cli-2.15.5	2023-12-19 10:32:57 +00:00
github-actions[bot]	19af35b29a	Release preparation for version 2.15.5	2023-12-18 21:22:44 +00:00
yoff	e0c027f13c	Merge pull request #14848 from hvitved/python/shared-type-tracking Python: Adopt shared type tracking library	2023-12-18 21:14:42 +01:00
Tom Hvitved	020a049d30	Merge pull request #15103 from hvitved/ruby/simple-pattern-flow Ruby: Model simple pattern matching as value steps instead of taint steps	2023-12-18 08:49:11 +01:00
Tom Hvitved	25a676ac6a	Ruby: Model simple pattern matching as value steps instead of taint steps	2023-12-14 20:18:24 +01:00
Anders Schack-Mulligen	a1068ce2f9	Dataflow: deprecate references	2023-12-14 15:05:33 +01:00
Tom Hvitved	84aa9f17a0	Python/Ruby: Use `SummaryTypeTracker` from `typetracking` pack	2023-12-14 13:25:18 +01:00
Tom Hvitved	c8b4a215bc	Merge pull request #14573 from hvitved/flow-summary-impl-param Move `FlowSummaryImpl.qll` to `dataflow` pack	2023-12-14 12:24:15 +01:00
Tom Hvitved	8f0e0b6559	Merge pull request #15090 from hvitved/inline-flow-test-get-arg-string InlineFlowTest: Allow for custom `getArgString`	2023-12-14 10:53:55 +01:00
Jeroen Ketema	99e65df6ce	Merge remote-tracking branch 'upstream/rc/3.12' into mb12	2023-12-13 15:43:39 +01:00
Tom Hvitved	28a2d05cf8	InlineFlowTest: Allow for custom `getArgString`	2023-12-13 13:58:44 +01:00
Tom Hvitved	a46964dfe8	Address review comments	2023-12-12 13:55:52 +01:00
Harry Maclean	f877f7dc64	Ruby: Stick to dataflow layer in endpoints query	2023-12-11 09:46:09 +00:00
Tom Hvitved	cdf59e1e1d	Ruby: Cache more predicates	2023-12-11 10:15:17 +01:00
Tom Hvitved	0e81577269	Ruby: Use `FlowSummaryImpl` from `dataflow` pack	2023-12-10 11:25:43 +01:00
Harry Maclean	944fbeb34c	Ruby: Update comment We don't actually generate type models for `extend` relationships yet, because they are more complex than `include`.	2023-12-08 14:54:21 +00:00
Harry Maclean	ece196cb25	Ruby: Update model editor tests	2023-12-08 14:52:51 +00:00
Harry Maclean	ec24b25c8b	Ruby: fix location in model editor query	2023-12-08 14:16:50 +00:00
Harry Maclean	e6df264865	Ruby: Report module declarations to model editor This allows us to render type relations between modules/classes, not just methods.	2023-12-08 14:16:49 +00:00
Harry Maclean	c1c258f567	Ruby: Include ancestors in type model generation	2023-12-08 14:16:49 +00:00

1 2 3 4 5 ...

4070 Commits