codeql

mirror of https://github.com/github/codeql.git synced 2026-04-15 12:04:07 +02:00

Author	SHA1	Message	Date
Alex Ford	6adfea2365	Merge pull request #7163 from github/ruby/file-reader-extend Ruby: Extend `FileSystemReadAccess` to include more potential sources of input from the filesystem	2021-12-05 23:32:43 +00:00
Arthur Baars	0805daaa56	Update ruby/ql/lib/codeql/ruby/ast/Pattern.qll Add missing backticks	2021-12-03 18:44:21 +01:00
Arthur Baars	51998294ad	Ruby: add AST classes for parenthesized patterns	2021-12-03 18:13:53 +01:00
Arthur Baars	205233b42f	Add trivial upgrade	2021-12-03 17:04:00 +01:00
Arthur Baars	3e1ebb954f	Ruby: update generated dbscheme and library	2021-12-03 17:02:08 +01:00
Nick Rolfe	5a2ef8321c	Merge pull request #7120 from github/nickrolfe/regexp_g_anchor Ruby/Python: parse anchors in regexes as special characters	2021-12-03 15:24:38 +00:00
intrigus	2c4ccb79a1	Fix QL Doc typos.	2021-12-02 15:30:29 +01:00
Nick Rolfe	05415768c9	Merge remote-tracking branch 'origin/main' into nickrolfe/regexp_g_anchor	2021-12-02 12:07:13 +00:00
Michael Nebel	ad281c0365	C#: Sync FlowSummaryImpl files.	2021-12-02 09:03:00 +01:00
Arthur Baars	e41cd810d3	Merge pull request #7154 from aibaars/ruby-pattern-matching Ruby: pattern matching	2021-12-01 12:47:22 +01:00
Anders Schack-Mulligen	cde853c095	Merge pull request #7270 from aschackmull/dataflow/stage2-refactor Dataflow: Stage 2 refactor	2021-12-01 11:09:08 +01:00
Arthur Baars	830908b5c8	Address comments	2021-11-30 13:57:18 +01:00
Anders Schack-Mulligen	3e914ef2ff	Dataflow: Sync.	2021-11-30 13:52:52 +01:00
Arthur Baars	1e026ef45e	AST: merge Case and CaseMatch classes	2021-11-29 16:00:17 +01:00
Arthur Baars	f8a62c4c82	Address comments	2021-11-29 15:06:16 +01:00
Tom Hvitved	fdc94365b4	Merge pull request #7178 from michaelnebel/csharp-flowsummary-pp-csv C#: Initial implementation of csv printing in FlowSummaries test	2021-11-29 09:59:33 +01:00
Anders Schack-Mulligen	00ee34c0a0	Merge pull request #7237 from hvitved/dataflow/consistency-config Data flow: Introduce `ConsistencyConfiguration` class	2021-11-26 12:49:25 +01:00
Anders Schack-Mulligen	a06642944f	Merge pull request #7232 from aschackmull/dataflow/perf Data flow: Performance tuning	2021-11-25 15:01:01 +01:00
Arthur Baars	8b0bc677f4	Remove PatternGuard class	2021-11-25 13:50:19 +01:00
Arthur Baars	078a2aa03b	Update AST library	2021-11-25 13:24:51 +01:00
Arthur Baars	5b560b12e9	Create upgrade script	2021-11-25 12:55:43 +01:00
Tom Hvitved	6cb00992e8	Data flow: Introduce `ConsistencyConfiguration` class	2021-11-25 10:01:47 +01:00
Arthur Baars	5d0dfe8c04	Re-generate library and dbscheme	2021-11-24 17:18:04 +01:00
Anders Schack-Mulligen	7ca3407c86	Dataflow: Sync.	2021-11-24 14:43:00 +01:00
Michael Nebel	b9d0a60ce7	C#: Addressed review comments from hvitved	2021-11-24 14:35:52 +01:00
Michael Nebel	a3ca9ad27d	C#: Sync flow summary implementation files and implement specific parts for ruby and java	2021-11-24 12:09:20 +01:00
Erik Krogh Kristensen	87a1ccd428	Merge branch 'main' into getRubyInSync	2021-11-23 20:20:37 +01:00
Nick Rolfe	1a90b388a9	Merge remote-tracking branch 'origin/main' into nickrolfe/regex_injection	2021-11-23 15:42:05 +00:00
Tom Hvitved	83d204d7a8	Merge pull request #7218 from hvitved/ssa/fix-consistency-tests Ruby: Fix SSA consistency tests + CFG bug	2021-11-23 16:24:41 +01:00
Tom Hvitved	4d918b5e5f	Ruby: Fix CFG splitting logic for `ensure` blocks with loops	2021-11-23 15:21:43 +01:00
Alex Ford	055641e684	Merge pull request #7062 from github/ruby/rails-csrf Ruby: Add `rb/csrf-protection-disabled` query	2021-11-23 13:46:42 +00:00
Tom Hvitved	e185e9080c	Shared SSA: Fix consistency tests	2021-11-23 13:30:23 +01:00
Tom Hvitved	9d072a12ed	Merge pull request #7098 from github/ruby/desugar-for-1 Ruby: Desugar `for` loops as calls to `each`	2021-11-23 11:35:49 +01:00
Tom Hvitved	dcca5d28bb	Merge pull request #7172 from hvitved/ruby/ensure-split-cp Ruby: Remove CP in `EnsureSplitImpl::exit/3`	2021-11-23 11:02:23 +01:00
Anders Schack-Mulligen	a68b55b099	Merge pull request #7208 from hvitved/ruby/restrict-use-use Ruby: Restrict use-use flow	2021-11-23 09:33:43 +01:00
Nick Rolfe	13459c8afc	Ruby: add Regexp.compile as sink for regexp injection query	2021-11-22 17:43:55 +00:00
Nick Rolfe	4b42c4447b	Ruby: handle Regexp.quote wherever we handle Regexp.escape	2021-11-22 17:12:01 +00:00
Nick Rolfe	752b126862	Merge remote-tracking branch 'origin/main' into nickrolfe/regex_injection	2021-11-22 17:05:27 +00:00
Alex Ford	68c3c16ab3	Ruby: enable forgery protection checks for development environments	2021-11-22 15:00:32 +00:00
Tom Hvitved	da39f15a9d	Ruby: Move `localFlowStepCommon` into `LocalFlow` and make `localSsaFlowStep` private	2021-11-22 15:24:24 +01:00
Harry Maclean	6f22867af9	Merge pull request #7015 from github/hmac/ssrf Ruby: Add Server-Side Request Forgery query	2021-11-22 12:41:39 +00:00
Tom Hvitved	fc64faefcf	Ruby: Restrict use-use flow	2021-11-22 13:05:17 +01:00
Erik Krogh Kristensen	9f08acab7e	Merge pull request #7170 from erik-krogh/qldocStyle Ruby: use A/An/The to start qlDoc for classes	2021-11-19 17:34:35 +01:00
Harry Maclean	06000781e9	Ruby: Document PairCfgNode::getKey/getValue	2021-11-19 14:54:06 +00:00
Nick Rolfe	f63c768d9f	Ruby: parse \G, \b, and \B anchors as special characters, not escapes	2021-11-19 14:20:51 +00:00
Tom Hvitved	47fd64fc44	Merge pull request #7130 from hvitved/cfg/dead-end-consistency Shared CFG: Add "dead end" consistency query	2021-11-19 13:49:53 +01:00
Erik Krogh Kristensen	75586b0cf6	Apply suggestions from code review Co-authored-by: Nick Rolfe <nickrolfe@github.com>	2021-11-19 13:23:01 +01:00
Harry Maclean	c297a68acf	Model more of the `RestClient` API We now handle this form: RestClient::Request.execute(url: "http://example.com")	2021-11-19 11:28:09 +00:00
Harry Maclean	e2ef780c55	Add `base_uri` note to `HTTParty` modelling	2021-11-19 11:28:09 +00:00
Harry Maclean	38ff584307	Model more Faraday behaviour You can instantiate a Faraday connection by passing a URL as an keyword argument: conn = Faraday.new(url: "http://example.com")	2021-11-19 11:28:09 +00:00

1 2 3 4

162 Commits