hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,671 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

839 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
daa96cc218 change some docstrings based on review, and make fields private 2022-02-11 10:25:54 +01:00
Erik Krogh Kristensen
6ae4652ce9 make the Impl module private again 2022-02-11 10:17:24 +01:00
Harry Maclean
017183e7f3 Merge pull request #7919 from github/hmac/open-uri 
Ruby: recognise additional form for OpenURI
 2022-02-11 14:03:26 +13:00
github-actions[bot]
f25fc70b7c Release preparation for version 2.8.1 2022-02-10 22:08:24 +00:00
Alex Ford
d55ba2542a Ruby: fix an alert 2022-02-10 18:35:22 +00:00
Erik Krogh Kristensen
02ed1ca392 add missing qldoc 2022-02-10 18:06:53 +01:00
Erik Krogh Kristensen
9739929795 convert the ruby ApiGraphs to use IPA labels 2022-02-10 17:54:19 +01:00
Alex Ford
bc53570a25 Ruby: fewer mappings from dataflow nodes to ast nodes 2022-02-10 15:58:31 +00:00
Alex Ford
83a3808bbe Ruby: avoid marking mutator methods as being safe (i.e. not returning sensitive data) 2022-02-10 15:50:56 +00:00
Alex Ford
b46e4ccd71 Ruby: drop SanitizerIn from ClearTextLoggingQuery 2022-02-10 15:50:56 +00:00
Alex Ford
7b4af39315 Ruby: track masked variables potentially containing sensitive data more accurately 2022-02-10 15:50:56 +00:00
Alex Ford
59ab384825 Ruby: rb/clear-text-logging-sensitive-data - match on CFG nodes rather than AST nodes 2022-02-10 15:50:56 +00:00
CodeQL CI
a57ee019c2 Merge pull request #7819 from asgerf/asgerf/ruby-def-nodes 
Approved by hvitved
 2022-02-10 12:37:34 +00:00
Harry Maclean
d966ca8466 Ruby: recognise additional form for OpenURI 2022-02-10 15:42:15 +13:00
Harry Maclean
f30222256f Merge pull request #7061 from github/hmac/actiondispatch 
Ruby: Rails route resolution
 2022-02-10 09:46:36 +13:00
Tamás Vajk
6483a92587 Merge pull request #7865 from github/post-release-prep/codeql-cli-2.8.0 
Post-release preparation for codeql-cli-2.8.0
 2022-02-09 16:42:38 +01:00
Tom Hvitved
0bd8411cb6 Ruby: Hide more SSA nodes from data-flow path explanations 2022-02-09 15:31:10 +01:00
Nick Rolfe
1eba8277ee Merge pull request #7614 from github/nickrolfe/array_flow_summaries 
Ruby: add more Array/Enumerable flow summaries
 2022-02-09 09:57:59 +00:00
Harry Maclean
f276904fa9 Ruby: Add nomagic pragma to helper 2022-02-09 22:38:35 +13:00
Tom Hvitved
9440a45015 Merge branch 'main' into post-release-prep/codeql-cli-2.8.0 2022-02-09 09:40:33 +01:00
Harry Maclean
3206384884 Merge pull request #7824 from github/hmac/constantize 2022-02-09 08:30:21 +13:00
Tom Hvitved
b2419d60bd Merge pull request #7090 from hvitved/ruby/perf 
Ruby: Cache more predicates
 2022-02-08 20:02:33 +01:00
Alex Ford
81ed5d0ff7 Ruby: comment and node description fixes 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-02-08 18:03:29 +00:00
Tom Hvitved
3b5267eca5 Ruby: Cache DataFlow::Node::{toString,getLocation} 2022-02-08 13:03:42 +01:00
Tom Hvitved
f337459a4a Ruby: Cache capturedEntryWrite 2022-02-08 13:03:42 +01:00
Tom Hvitved
b041bc03d1 Ruby: Cache ConditionBlock::(immediately)Controls 2022-02-08 13:03:41 +01:00
Tom Hvitved
4037d1ff96 Ruby: Cache ErbDirective::getAChildStmt 2022-02-08 13:03:41 +01:00
Tom Hvitved
4c5f32ba4a Ruby: Cache exprNodeReturnedFrom 2022-02-08 13:03:31 +01:00
Tom Hvitved
45412fa17f Cache hasLocalSource 2022-02-08 13:03:27 +01:00
Nick Rolfe
8881031d0a Ruby: add upgrade/downgrade scripts 2022-02-08 09:57:55 +00:00
Nick Rolfe
2037368f62 Ruby: make node column unique 2022-02-08 09:55:34 +00:00
Asger Feldthaus
862c3b9752 Ruby: autoformat 2022-02-08 10:22:15 +01:00
Asger Feldthaus
66b1c86402 Ruby: update qldoc for def predicate 2022-02-08 10:00:14 +01:00
Asger Feldthaus
9ac526be89 Ruby: change binding for getParameter/getKeywordParameter 2022-02-08 09:36:05 +01:00
Asger Feldthaus
073493bb2e Ruby: fix qldoc for getMethod 2022-02-08 09:28:07 +01:00
Harry Maclean
3031b39dc1 Ruby: prevent bad join in ActionController.qll 2022-02-08 12:10:23 +13:00
Nick Rolfe
e049f08c24 Ruby: update dbscheme stats 2022-02-07 12:42:34 +00:00
Nick Rolfe
b3b2bba618 Ruby: make some generated predicates final 2022-02-07 12:17:50 +00:00
Nick Rolfe
e8855c3718 Ruby: add db upgrade script 2022-02-07 12:10:36 +00:00
Nick Rolfe
388d361ec3 Ruby: put AST node locations in a single table 2022-02-07 12:10:36 +00:00
Tom Hvitved
dc09e87cb2 Ruby: Use SimpleSummarizedCallable in a few more places 2022-02-07 11:05:32 +01:00
github-actions[bot]
b4ab86c020 Post-release preparation for codeql-cli-2.8.0 2022-02-06 23:34:07 +00:00
Arthur Baars
ac03fab986 Merge pull request #7753 from aibaars/ruby-3.1 
Ruby 3.1 features
 2022-02-06 21:06:16 +01:00
Nick Rolfe
9744cf2457 Ruby: apply suggested simplification from review 2022-02-04 17:14:47 +00:00
Nick Rolfe
aaff3226c9 Ruby: prefer ...isInt(x) over x = ...getInt() 2022-02-04 17:10:22 +00:00
Nick Rolfe
45962f1cad Ruby: make this unique for each method 
Even when summaries are shared in a single class.
 2022-02-04 17:03:55 +00:00
Nick Rolfe
7a9ddc28bf Ruby: address some more feedback on array flow summaries 2022-02-04 16:33:27 +00:00
Nick Rolfe
ed00f2b0d2 Ruby: address some feedback on array flow summaries 2022-02-04 13:40:39 +00:00
Nick Rolfe
161d766ba9 Ruby: address review comments on array_flow.rb 2022-02-04 11:59:59 +00:00
Asger Feldthaus
0a0d9583b4 Ruby: rephase comment for MkDef 2022-02-04 11:37:54 +01:00