hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 20:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,589 Commits 1,673 Branches 157 Tags
b782e5bf448ec217e70ffd0f3db34dca80e331bb
Commit Graph

725 Commits

Author SHA1 Message Date
Geoffrey White
e8a466a02c Update dead link. 2023-11-07 09:26:07 +00:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Alex Ford
cb1cd5ed2a Merge pull request #14560 from alexrford/rb/modgen 
Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries
 2023-10-27 16:43:42 +01:00
Alex Ford
f6ac63b259 Ruby: modgen - use FeatureEqualSourceSinkCallContext feature rather than late filtering for method context 2023-10-27 14:48:50 +01:00
Alex Ford
0818354ad7 Ruby: modgen - fix unbound variable 2023-10-27 11:46:09 +01:00
Alex Ford
5a1a3f0727 Ruby: modgen - deduplicate getAnyParameter logic 2023-10-26 17:45:47 +01:00
Alex Ford
86ba75cadf Ruby: modgen - support self arguments 2023-10-26 17:42:46 +01:00
Alex Ford
6203887645 fixup 2023-10-26 17:38:43 +01:00
Alex Ford
24946c0dfd Ruby: modgen - restrict flow summaries to public methods 2023-10-26 17:05:31 +01:00
Alex Ford
fef2932f56 Apply suggestions from code review 
Co-authored-by: Harry Maclean <hmac@github.com>
 2023-10-26 17:04:51 +01:00
Alex Ford
16c5edd3ca Ruby: add a query and script for autogenerating typeModel and summaryModel data extensions entries 2023-10-25 15:52:02 +01:00
github-actions[bot]
8dcd8b9e5b Post-release preparation for codeql-cli-2.15.1 2023-10-17 20:24:00 +00:00
github-actions[bot]
3b3c036626 Release preparation for version 2.15.1 2023-10-16 17:49:39 +00:00
Alex Ford
3dd042c38a Merge remote-tracking branch 'origin/main' into maikypedia/ruby-jwt 2023-10-16 12:42:19 +01:00
Maiky
17210c76a5 change-note edition 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-10-15 10:25:58 +02:00
Henry Mercer
1a370bfbbe Merge pull request #14443 from github/post-release-prep/codeql-cli-2.15.0 
Post-release preparation for codeql-cli-2.15.0
 2023-10-11 17:39:04 +01:00
github-actions[bot]
ae6af17c74 Post-release preparation for codeql-cli-2.15.0 2023-10-11 14:19:20 +00:00
Asger F
89bd00a4ec Ruby: port queries to ConfigSig-style 2023-10-11 10:06:19 +02:00
github-actions[bot]
9fe993bec3 Release preparation for version 2.15.0 2023-10-04 14:15:27 +00:00
Henry Mercer
da92da2204 Bump minor versions of packs we regularly release 2023-10-03 16:31:23 +01:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Alex Ford
9d421ffa8d Ruby: configsig rb/improper-ldap-auth 2023-09-21 12:24:15 +01:00
github-actions[bot]
3acf5244b0 Post-release preparation for codeql-cli-2.14.6 2023-09-20 10:25:10 +00:00
github-actions[bot]
0a3670727f Release preparation for version 2.14.6 2023-09-19 11:40:30 +00:00
Maiky
97c20b181a Add change note 2023-09-16 14:01:53 +02:00
Maiky
f08eb3cdf4 Doc change 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-09-15 11:51:53 +02:00
Maiky
15b965bb3b rename verifies() to verifiesSignature() 2023-09-15 11:45:19 +02:00
Maiky
c43d0866f6 Update ruby/ql/src/experimental/cwe-347/EmptyJWTSecret.ql 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-09-15 11:42:43 +02:00
Maiky
d4f6111621 Naming change 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2023-09-15 11:40:51 +02:00
Erik Krogh Kristensen
7e7852eff6 Merge pull request #13641 from erik-krogh/multi-char 
JS/RB: write qhelp for `incomplete-multi-character-sanitization`
 2023-09-14 14:48:30 +02:00
github-actions[bot]
d699880c86 Post-release preparation for codeql-cli-2.14.4 2023-09-08 21:17:52 +00:00
Alex Ford
5b013dd5d2 Merge branch 'main' into rb/dataflow-query-refactor 2023-09-07 14:57:38 +01:00
Alex Ford
4a01de13ef Ruby: avoid toString in query warning 2023-09-07 14:54:50 +01:00
Alex Ford
13300a2e2f Ruby: un-private PathGraph imports 2023-09-07 14:24:46 +01:00
Alex Ford
0d7d5a35c9 Ruby: Use a newtype instead of DataFlow::FlowState for code-injection 2023-09-07 13:39:10 +01:00
github-actions[bot]
abf2b12b1c Release preparation for version 2.14.4 2023-09-05 16:56:14 +00:00
Alex Ford
98851736d6 Revert "Ruby: configsig rb/tainted-format-string" 
This reverts commit f5860cb4818dc3c07eeb6731e75bf5df203dd48f.
 2023-09-03 17:20:06 +01:00
Alex Ford
bf6837cca0 Revert "Ruby: configsig rb/http-to-file-access" 
This reverts commit e77ba1589663905c952cdb643ab66885760b27bd.
 2023-09-03 17:20:06 +01:00
Alex Ford
e399eac2b3 Ruby: changenote for using new dataflow api 2023-09-03 17:20:06 +01:00
Alex Ford
73ed5696f3 Ruby: configsig rb/xxe 2023-09-03 17:20:06 +01:00
Alex Ford
956207b7d9 Ruby: configsig rb/meta/tainted-nodes 2023-09-03 17:20:06 +01:00
Alex Ford
f24102e0e7 Ruby: configsig rb/weak-params 2023-09-03 17:20:06 +01:00
Alex Ford
6c06def5d7 Ruby: configsig rb/manually-checking-http-verb 2023-09-03 17:20:06 +01:00
Alex Ford
39af2d2870 Ruby: configsig rb/user-controlled-file-decompression 2023-09-03 17:20:06 +01:00
Alex Ford
cdc788b162 Ruby: configsig rb/hardcoded-credentials 2023-09-03 17:20:06 +01:00
Alex Ford
4d1684e37b Ruby: configsig rb/overly-permissive-file 2023-09-03 17:20:06 +01:00
Alex Ford
b6d12f8b1c Ruby: configsig rb/zip-slip 2023-09-03 17:20:05 +01:00
Alex Ford
ebf2a2e1f5 Ruby: configsig rb/unicode-bypass-validation 2023-09-03 17:20:05 +01:00
Alex Ford
7445fc43f9 Ruby: configsig rb/regexp-injection 2023-09-03 17:20:05 +01:00