hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

839 Commits

Author SHA1 Message Date
Asger Feldthaus
2ca45ef9f9 Ruby: support BlockArgument in identifying access path 2022-03-16 12:51:14 +01:00
Nick Rolfe
94ce578ea4 Ruby: implement getComponent(n) for simple and hash-key symbols 2022-03-16 11:43:46 +00:00
Asger Feldthaus
c9355095e3 Ruby: Use Receiver instead of Argument[-1] in ActiveStorage 2022-03-16 12:37:21 +01:00
Arthur Baars
ab93b3784b Merge remote-tracking branch 'upstream/main' into incomplete-hostname 2022-03-16 12:31:12 +01:00
Asger Feldthaus
2b02a173c1 Ruby: canonicalize callables based on package;type;path instead of input;output;kind 2022-03-16 12:04:41 +01:00
Nick Rolfe
82ef2a12f6 Merge pull request #8164 from github/nickrolfe/escape_sequences 
Ruby: interpret string escape sequences in getConstantValue()
 2022-03-16 10:45:39 +00:00
Nick Rolfe
1a850028e7 Ruby: update date in changenote filename 2022-03-16 10:32:43 +00:00
Erik Krogh Kristensen
cd9d61c1fc Merge pull request #8450 from erik-krogh/importAs 
disallow lowercase import-as aliases
 2022-03-16 11:32:37 +01:00
Asger Feldthaus
33ca55770c Ruby: EntryPoint.getNode -> getANode 2022-03-16 11:02:26 +01:00
Asger Feldthaus
ecf7073bf1 Shared: codeql -> ql in code blocks 2022-03-16 11:00:24 +01:00
Erik Krogh Kristensen
89af50f6d5 rename all lower-case import-as statements 2022-03-15 14:40:38 +01:00
Jeroen Ketema
157a36bc4f Use node variable in all disjuncts 2022-03-15 11:55:35 +01:00
Jeroen Ketema
9a0e94f389 Add flow state versions of isBarrierIn, isBarrierOut, and isBarrierGuard 2022-03-15 11:55:34 +01:00
Asger Feldthaus
d628dc0b52 Ruby: sync ApiGraphModels.qll 2022-03-15 10:52:41 +01:00
Asger Feldthaus
7f8205684e Ruby: verify tokens in identifying access path 2022-03-15 10:25:59 +01:00
Asger Feldthaus
65249dabd3 Ruby: add warning for wrong number of columns in CSV row 2022-03-15 09:28:21 +01:00
Erik Krogh Kristensen
c7509c4dd3 Merge branch 'main' into deadCode 2022-03-15 09:19:14 +01:00
Asger Feldthaus
f28acbf3dc Ruby: autoformat 2022-03-15 08:15:18 +01:00
Arthur Baars
6a74e761c8 Merge pull request #8398 from github/post-release-prep/codeql-cli-2.8.3 
Post-release preparation for codeql-cli-2.8.3
 2022-03-14 21:05:09 +01:00
Asger Feldthaus
fee32d3480 Elaborate on qldoc for API::EntryPoint 2022-03-14 17:52:07 +01:00
Asger Feldthaus
be65b9bebc Ruby: remove spurious Instance token from getExtraSuccessorFromInvoke 2022-03-14 17:39:43 +01:00
Asger Feldthaus
072ad8f4a7 Ruby: add (from model) to remote flow description 2022-03-14 17:39:17 +01:00
Asger Feldthaus
37bbd46e43 Ruby: fix broken comment 2022-03-14 17:33:57 +01:00
Asger Feldthaus
c9d7651c59 Be explicit about re-exporting 2022-03-14 17:26:30 +01:00
Nick Rolfe
2a892c39ac Ruby: add change note for getConstantValue improvements 2022-03-14 15:45:58 +00:00
Nick Rolfe
6c5868cfb5 Ruby: use NumberUtils in parseInteger 
And make parse{Binary,Octal,Hex}Int hold only for values in the range
0 to 2^31-1 (incl.)
 2022-03-14 15:45:57 +00:00
Nick Rolfe
6bd9616c6e Ruby: interpret string escape sequences in getConstantValue() 2022-03-14 15:45:57 +00:00
Erik Krogh Kristensen
2250ebc5e2 remove leftover comments 2022-03-14 13:04:22 +01:00
Erik Krogh Kristensen
3bf5e06d53 delete all dead code 2022-03-14 13:03:31 +01:00
Jeroen Ketema
4c2081b7fc Merge pull request #8401 from jketema/taint-flow 
Extend taint tracking interface with flow states
 2022-03-14 12:06:10 +01:00
Erik Krogh Kristensen
bbb2847ec1 Merge pull request #8323 from erik-krogh/acronyms 
Enforcing consistent casing of acronyms
 2022-03-14 11:38:25 +01:00
Jeroen Ketema
c832b21fbe Add change notes for changes to the taint tracking library 2022-03-14 10:38:48 +01:00
Alex Ford
6eca036b44 Ruby: Add qldoc for Cryptography module (from python version) 2022-03-14 08:57:13 +00:00
Alex Ford
4234cfeeec Ruby: model CipherOperations for OpenSSL 2022-03-13 21:21:52 +00:00
Alex Ford
489391eb4c Ruby: add CryptographicOperation concept 2022-03-13 21:21:52 +00:00
Alex Ford
757aa294aa Update ruby/ql/lib/codeql/ruby/ast/internal/Scope.qll 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-03-11 14:53:02 +00:00
Arthur Baars
cf4b834536 Address comments 2022-03-11 14:25:34 +01:00
Erik Krogh Kristensen
2e2970128e fix typo in change-note 2022-03-11 13:16:34 +01:00
Erik Krogh Kristensen
b63b675169 RB: add explicit-this 
Co-authored-by: Nick Rolfe <nickrolfe@github.com>
 2022-03-11 13:16:10 +01:00
Jeroen Ketema
cd28f09ae0 Extend taint tracking interface with flow states 2022-03-11 11:50:35 +01:00
Erik Krogh Kristensen
1a275a32f7 add change-notes 2022-03-11 11:18:14 +01:00
Erik Krogh Kristensen
c2787ee18b RB: add missing QLDoc 2022-03-11 11:18:09 +01:00
Erik Krogh Kristensen
69353bb014 patch upper-case acronyms to be PascalCase 2022-03-11 11:10:33 +01:00
github-actions[bot]
3a5ebbb861 Post-release preparation for codeql-cli-2.8.3 2022-03-11 09:23:34 +00:00
github-actions[bot]
6b194bc55f Release preparation for version 2.8.3 2022-03-10 19:43:58 +00:00
Alex Ford
506989ff91 Ruby: simplify some charpreds 2022-03-10 18:27:43 +00:00
Alex Ford
25416babe0 Ruby: resolve ql/field-only-used-in-charpred alerts 2022-03-10 18:27:43 +00:00
Alex Ford
2b25765156 Format QL 2022-03-10 17:55:42 +00:00
Alex Ford
0f3cf47ca9 Ruby/JS/Py: Add "random" to the notSensitiveRegexp() heuristic 2022-03-10 17:38:52 +00:00
Alex Ford
532fc080a1 Ruby: Fix inconsistencies in checking for sensitive names in CleartextSources 2022-03-10 17:38:52 +00:00