hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-26 12:52:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,531 Commits 1,686 Branches 158 Tags
bc6a74b4ddeb077a44a73b134ef6ea0bc59d9d87
Commit Graph

981 Commits

Author SHA1 Message Date
Arthur Baars
35f7fdf24b Update ruby/ql/lib/codeql/ruby/printAst.qll 
Co-authored-by: Tom Hvitved <hvitved@github.com>
 2022-08-03 12:06:47 +02:00
Arthur Baars
d8592a2b05 Ruby: PrintAST: more stable order for synthesized nodes 2022-08-03 09:02:38 +02:00
Paolo Tranquilli
9b26921cb6 Control flow: add order disambuigation customization 2022-07-28 09:11:42 +02:00
Paolo Tranquilli
ebf650c0c0 Control Flow: add more ordering for edges 2022-07-27 15:01:17 +02:00
Harry Maclean
681e58c8e0 Merge pull request #9850 from hmac/hmac/arel 
Ruby: Model Arel.sql
 2022-07-25 12:09:18 +12:00
thiggy1342
6bc2fe513d Merge branch 'main' into add-activerecord-annotate 2022-07-19 10:29:24 -04:00
Harry Maclean
7b8603c89b Ruby: Model Arel.sql 2022-07-19 11:27:15 +12:00
Nick Rolfe
eebba36b18 Merge pull request #9708 from github/nickrolfe/pathname 
Ruby: model the standard library's `Pathname` class
 2022-07-18 11:29:30 +01:00
Nick Rolfe
dbd6607875 Ruby: use ASCII dash in comment 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-07-18 08:54:58 +01:00
Harry Maclean
49aab51893 Ruby: Make helper predicate private 2022-07-13 18:20:27 +12:00
Harry Maclean
ea95e2e1d0 Ruby: Use InclusionTests library in barrier guards 2022-07-13 18:20:27 +12:00
Harry Maclean
b9fc82a741 Ruby: Test both old and new-style barrier guards 2022-07-13 18:20:25 +12:00
Harry Maclean
4cfaa86d5d Ruby: Update new-style barrier-guard 2022-07-13 18:20:14 +12:00
Harry Maclean
5f17d8370c Ruby: Small change to isArrayExpr 2022-07-13 18:20:14 +12:00
Harry Maclean
63dcce9a31 Ruby: Refactor isArrayConstant 2022-07-13 18:20:14 +12:00
Harry Maclean
b5a3d3c488 Ruby: Extract isArrayConstant 
This predicate might be useful elsewhere.
 2022-07-13 18:20:14 +12:00
Harry Maclean
706d1d2eee Ruby: Make StringArrayInclusion more sensitive 
We now recognise the following pattern as a barrier guard for `x`:

    values = ["foo", "bar"]

    if values.include? x
      sink x
    end
 2022-07-13 18:20:12 +12:00
thiggy1342
9a0a9491da Merge branch 'main' into add-activerecord-annotate 2022-07-12 20:13:56 -04:00
Nick Rolfe
6632dfaf88 Ruby: fix another SystemCommandExecution::isShellInterpreted implementation 2022-07-11 16:53:30 +01:00
Nick Rolfe
348ad95fc0 Ruby: fix defining every dataflow node as a command execution sink 2022-07-11 15:06:27 +01:00
thiggy1342
bd50fd7f1e format fix 2022-07-08 17:20:41 +00:00
thiggy1342
b4869158f2 expand query tests for cwe-089 2022-07-07 19:23:57 +00:00
Nick Rolfe
02dd933e5f Ruby: move Pathname from core to stdlib 2022-06-30 10:08:25 +01:00
Brandon Stewart
5888325549 Merge branch 'main' into patch-1 2022-06-29 08:42:24 -04:00
Nick Rolfe
5db2f9a768 Merge remote-tracking branch 'origin/main' into nickrolfe/pathname 2022-06-29 13:16:49 +01:00
Nick Rolfe
c1302a90e0 Ruby: use MaD for more precise Pathname flow summaries 2022-06-29 13:16:18 +01:00
Jeroen Ketema
55e052af26 Merge pull request #9686 from aschackmull/dataflow/no-node-scan 
Dataflow performance: Avoid node scans
 2022-06-29 10:38:56 +02:00
Brandon Stewart
33d1aae92a Update ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-06-28 08:51:01 -04:00
Brandon Stewart
1dc26a0ca3 Update ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-06-28 08:50:54 -04:00
Brandon Stewart
99ae1b3f0d Merge branch 'main' into patch-1 2022-06-27 10:12:26 -04:00
Brandon Stewart
52290fd4ae run codeql query format 2022-06-27 10:01:40 -04:00
Nick Rolfe
280c959dc8 Merge branch 'main' into nickrolfe/pathname 2022-06-27 11:11:17 +01:00
Asger F
09476d1c13 Ruby: fix deprecation warning 2022-06-27 10:01:37 +02:00
Harry Maclean
101111bd2f Merge pull request #9574 from hmac/hmac/action-cable-logger 
Ruby: More Rails modeling
 2022-06-27 19:56:54 +12:00
Asger F
d6fd43fe12 Merge pull request #9364 from asgerf/ruby/api-graph-api 
Ruby: API graph renaming an documentation
 2022-06-27 08:54:24 +02:00
Brandon Stewart
29e73e1a04 Update ActiveRecord.qll 2022-06-24 15:35:36 -04:00
Brandon Stewart
463c096d4c Update ActiveRecord.qll 2022-06-24 15:33:02 -04:00
Brandon Stewart
2047954013 Merge branch 'main' into patch-1 2022-06-24 15:30:11 -04:00
Brandon Stewart
ff9a7244c2 Update ActiveRecord.qll 2022-06-24 15:28:09 -04:00
Nick Rolfe
c1515db09c Ruby: modeling of some file-related concepts for the Pathname class 2022-06-24 14:14:07 +01:00
Nick Rolfe
03d0f66247 Ruby: add flow summaries for Pathname class 2022-06-24 14:14:06 +01:00
Brandon Stewart
caeef68bde Update ActiveRecord.qll 2022-06-23 12:31:05 -04:00
Brandon Stewart
173bea2579 Update ActiveRecord.qll 2022-06-23 12:18:26 -04:00
Brandon Stewart
fa622f551a Update ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
 2022-06-23 12:16:50 -04:00
Anders Schack-Mulligen
dc517a758e Autoformat 2022-06-23 14:44:40 +02:00
Anders Schack-Mulligen
4a317a25d3 Dataflow: Sync. 2022-06-23 14:34:52 +02:00
Rasmus Wriedt Larsen
3248f7b423 Merge pull request #9649 from RasmusWL/certificate-modeling 
Python/JS/Ruby: Ignore common words (like certain) as sensitive data source
 2022-06-23 12:04:58 +02:00
Rasmus Wriedt Larsen
2ce4b7b9fc SensitiveDataHeuristics: sync 2022-06-22 11:05:14 +02:00
Anders Schack-Mulligen
df6d68b215 Merge pull request #9618 from aschackmull/dataflow/deprecate-barrierguard-class 
Dataflow: Deprecate BarrierGuard class
 2022-06-22 10:44:08 +02:00
Michael Nebel
24ba5cc06e Merge pull request #9025 from michaelnebel/csharp/generatedrefactor 
C#: Provenance column in Models as Data CSV format.
 2022-06-22 10:34:31 +02:00