hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-19 09:24:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
45,096 Commits 1,679 Branches 158 Tags
8e032ac8c1da9ba8ea2c340c424b2793f9cd5182
Commit Graph

2173 Commits

Author SHA1 Message Date
Arthur Baars
a327802e43 Merge pull request #10801 from jsoref/spelling-ruby 
Spelling ruby
 2022-10-13 21:05:56 +02:00
Josh Soref
d94ebe9a4e spelling: unknown 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
e1b4476399 spelling: the 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
0999ec3c70 spelling: specifies 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
45d1e3f9b2 spelling: representation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
9be162a119 spelling: recursion 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
124c5544cf spelling: predicates 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
eab3e18962 spelling: possibility 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
a37af45f86 spelling: overridable 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
be38e6eddc spelling: navigation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
e62dda9c7b spelling: mutation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
8078f91b28 spelling: mapping 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
f26b380767 spelling: keyword 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
2648cb0322 spelling: injection 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
52a3e3c2fd spelling: heuristic 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
d0866c150f spelling: for 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
f4b32a3042 spelling: excluding 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:41 -04:00
Josh Soref
893c5457a8 spelling: disambiguation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:56:40 -04:00
Josh Soref
8483c79aef spelling: continuing 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:52:02 -04:00
Josh Soref
b986c30454 spelling: connection 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:52:01 -04:00
Josh Soref
939dc49a88 spelling: compound 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:52:01 -04:00
Josh Soref
fe7bd81c9a spelling: captured 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:52:01 -04:00
Josh Soref
72f91c1d29 spelling: ancestors 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:51:27 -04:00
Josh Soref
5d94733078 spelling: ambiguously 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-13 10:51:25 -04:00
Alex Ford
594812640e Merge pull request #10746 from alexrford/ruby/activejob-deserialize 
Ruby: Add `ActiveJob::Serializers.deserialize` as a code execution sink
 2022-10-13 15:36:45 +01:00
Erik Krogh Kristensen
3a1a94b8af Merge pull request #10798 from erik-krogh/matchCaseReg 
Rb: add case-when expressions as a sink to rb/polynomial-redos
 2022-10-13 13:55:42 +02:00
Arthur Baars
6ea2b87224 Merge pull request #10811 from aibaars/silence-warning 
Ruby: remove warning
 2022-10-13 13:38:25 +02:00
Anders Schack-Mulligen
d79a7e863a Merge pull request #10806 from aschackmull/dataflow/additional 
Dataflow:  Add additional annotation.
 2022-10-13 13:02:48 +02:00
Arthur Baars
16b035600e Ruby: remove warning 2022-10-13 13:01:06 +02:00
Alex Ford
a65850e922 Merge pull request #10784 from alexrford/ruby/pathname-existence 
Ruby: model `Pathname#existence` extension from `ActiveSupport`
 2022-10-13 11:38:22 +01:00
erik-krogh
3a3a5aa17c add case-in as a sink for polynomial-redos 2022-10-13 12:36:07 +02:00
Anders Schack-Mulligen
036724ce8d Dataflow: Sync. 2022-10-13 11:03:30 +02:00
Erik Krogh Kristensen
10aab81f42 Merge pull request #10799 from jsoref/spelling-nfautils 
ReDoS: Spelling nfautils
 2022-10-12 23:09:06 +02:00
Josh Soref
09c8a98761 spelling: representation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 15:20:26 -04:00
Josh Soref
bb1ce8973a spelling: repeatable 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 15:20:24 -04:00
Josh Soref
adb8860b9b spelling: pattern 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 15:20:24 -04:00
Asger F
d28b9af8bd Merge pull request #10791 from asgerf/rb/rails-render-file 
Ruby: treat render 'file:' argument as a file system access
 2022-10-12 21:18:32 +02:00
Josh Soref
98b317d1a5 spelling: escape 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 15:02:00 -04:00
Josh Soref
370da943dc spelling: abcdefghijklmnopqrstuvwxyz 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-10-12 15:02:00 -04:00
erik-krogh
66b3fe3425 add case-when expressions as a sink to rb/polynomial-redos 2022-10-12 19:57:01 +02:00
Alex Ford
0536d4b540 Merge branch 'main' into ruby/activejob-deserialize 2022-10-12 15:04:12 +01:00
Asger F
7bfb3497eb Ruby: change note 2022-10-12 14:29:34 +02:00
Asger F
83464d48a9 Merge pull request #10773 from asgerf/rb/bugfix-singleton-class-resolution 
Ruby: bugfix in type-tracking singleton class resolution
 2022-10-12 13:45:16 +02:00
Jeroen Ketema
d389a183f0 Merge pull request #10743 from jsoref/spelling 
Spelling
 2022-10-12 12:48:22 +02:00
Tom Hvitved
9bd25220d4 Merge pull request #10760 from hvitved/ruby/regex-taint-flow-restrict 
Ruby: Restrict regexp taint flow to `String` summaries
 2022-10-12 11:59:08 +02:00
Nick Rolfe
39107047bf Merge pull request #10735 from github/nickrolfe/actionmailer 
Ruby: add `ActionMailer#params` as a `RemoteFlowSource`
 2022-10-12 10:21:11 +01:00
Asger F
e55be83645 Ruby: add 'render file:' as file system access 2022-10-12 09:47:04 +02:00
Alex Ford
bf4dac78c5 Ruby: remove some singleton set literals 2022-10-11 21:44:52 +01:00
Alex Ford
d3c8ce3f48 Ruby: ActiveSupport extends Pathname with an existence method that may return itself 2022-10-11 21:35:58 +01:00
Asger F
ed165c6194 Ruby: bugfix in self-resolution in type-tracking 2022-10-11 18:53:20 +02:00