hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,614 Commits 1,672 Branches 157 Tags
c20ee76826e10318f8f39c6fae901b743c2e8254
Commit Graph

1094 Commits

Author SHA1 Message Date
Alex Ford
d55ba2542a Ruby: fix an alert 2022-02-10 18:35:22 +00:00
Erik Krogh Kristensen
02ed1ca392 add missing qldoc 2022-02-10 18:06:53 +01:00
Erik Krogh Kristensen
9739929795 convert the ruby ApiGraphs to use IPA labels 2022-02-10 17:54:19 +01:00
Alex Ford
bc53570a25 Ruby: fewer mappings from dataflow nodes to ast nodes 2022-02-10 15:58:31 +00:00
Alex Ford
7c1bd9a533 Ruby: add a test case for cleartext logging that uses NonCleartextPasswordFlow 2022-02-10 15:50:56 +00:00
Alex Ford
83a3808bbe Ruby: avoid marking mutator methods as being safe (i.e. not returning sensitive data) 2022-02-10 15:50:56 +00:00
Alex Ford
b46e4ccd71 Ruby: drop SanitizerIn from ClearTextLoggingQuery 2022-02-10 15:50:56 +00:00
Alex Ford
7b4af39315 Ruby: track masked variables potentially containing sensitive data more accurately 2022-02-10 15:50:56 +00:00
Alex Ford
59ab384825 Ruby: rb/clear-text-logging-sensitive-data - match on CFG nodes rather than AST nodes 2022-02-10 15:50:56 +00:00
CodeQL CI
a57ee019c2 Merge pull request #7819 from asgerf/asgerf/ruby-def-nodes 
Approved by hvitved
 2022-02-10 12:37:34 +00:00
Harry Maclean
d966ca8466 Ruby: recognise additional form for OpenURI 2022-02-10 15:42:15 +13:00
Harry Maclean
f30222256f Merge pull request #7061 from github/hmac/actiondispatch 
Ruby: Rails route resolution
 2022-02-10 09:46:36 +13:00
Tamás Vajk
6483a92587 Merge pull request #7865 from github/post-release-prep/codeql-cli-2.8.0 
Post-release preparation for codeql-cli-2.8.0
 2022-02-09 16:42:38 +01:00
Tom Hvitved
c695388c29 Merge pull request #7891 from hvitved/ruby/dataflow/hide-ssa-nodes 
Ruby: Hide more SSA nodes from data-flow path explanations
 2022-02-09 15:56:15 +01:00
Tom Hvitved
0bd8411cb6 Ruby: Hide more SSA nodes from data-flow path explanations 2022-02-09 15:31:10 +01:00
Rasmus Wriedt Larsen
9d5e8d5bd8 Merge pull request #7842 from RasmusWL/consistency-queires 
Misc: Streamline `consistency-queries/qlpack.yml`
 2022-02-09 13:42:18 +01:00
Nick Rolfe
1eba8277ee Merge pull request #7614 from github/nickrolfe/array_flow_summaries 
Ruby: add more Array/Enumerable flow summaries
 2022-02-09 09:57:59 +00:00
Harry Maclean
f276904fa9 Ruby: Add nomagic pragma to helper 2022-02-09 22:38:35 +13:00
Tom Hvitved
9440a45015 Merge branch 'main' into post-release-prep/codeql-cli-2.8.0 2022-02-09 09:40:33 +01:00
Harry Maclean
3206384884 Merge pull request #7824 from github/hmac/constantize 2022-02-09 08:30:21 +13:00
Tom Hvitved
b2419d60bd Merge pull request #7090 from hvitved/ruby/perf 
Ruby: Cache more predicates
 2022-02-08 20:02:33 +01:00
Alex Ford
81ed5d0ff7 Ruby: comment and node description fixes 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-02-08 18:03:29 +00:00
Tom Hvitved
3b5267eca5 Ruby: Cache DataFlow::Node::{toString,getLocation} 2022-02-08 13:03:42 +01:00
Tom Hvitved
f337459a4a Ruby: Cache capturedEntryWrite 2022-02-08 13:03:42 +01:00
Tom Hvitved
b041bc03d1 Ruby: Cache ConditionBlock::(immediately)Controls 2022-02-08 13:03:41 +01:00
Tom Hvitved
4037d1ff96 Ruby: Cache ErbDirective::getAChildStmt 2022-02-08 13:03:41 +01:00
Tom Hvitved
4c5f32ba4a Ruby: Cache exprNodeReturnedFrom 2022-02-08 13:03:31 +01:00
Tom Hvitved
45412fa17f Cache hasLocalSource 2022-02-08 13:03:27 +01:00
Nick Rolfe
8881031d0a Ruby: add upgrade/downgrade scripts 2022-02-08 09:57:55 +00:00
Nick Rolfe
2037368f62 Ruby: make node column unique 2022-02-08 09:55:34 +00:00
Asger Feldthaus
862c3b9752 Ruby: autoformat 2022-02-08 10:22:15 +01:00
Asger Feldthaus
2b36703bfb Ruby: add def= tags to API graph test 2022-02-08 10:20:25 +01:00
Asger Feldthaus
66b1c86402 Ruby: update qldoc for def predicate 2022-02-08 10:00:14 +01:00
Asger Feldthaus
9ac526be89 Ruby: change binding for getParameter/getKeywordParameter 2022-02-08 09:36:05 +01:00
Asger Feldthaus
073493bb2e Ruby: fix qldoc for getMethod 2022-02-08 09:28:07 +01:00
Harry Maclean
3031b39dc1 Ruby: prevent bad join in ActionController.qll 2022-02-08 12:10:23 +13:00
Nick Rolfe
881776a2ac Ruby: delete commented-out code 2022-02-07 12:50:06 +00:00
Nick Rolfe
e049f08c24 Ruby: update dbscheme stats 2022-02-07 12:42:34 +00:00
Nick Rolfe
b3b2bba618 Ruby: make some generated predicates final 2022-02-07 12:17:50 +00:00
Nick Rolfe
b43cc23277 Ruby: add db downgrade script 2022-02-07 12:10:36 +00:00
Nick Rolfe
e8855c3718 Ruby: add db upgrade script 2022-02-07 12:10:36 +00:00
Nick Rolfe
388d361ec3 Ruby: put AST node locations in a single table 2022-02-07 12:10:36 +00:00
Rasmus Wriedt Larsen
32cd7d6fa7 Add groups to all consistency-queries/qlpack.yml 
as discussed in PR review
 2022-02-07 11:15:48 +01:00
Tom Hvitved
dc09e87cb2 Ruby: Use SimpleSummarizedCallable in a few more places 2022-02-07 11:05:32 +01:00
github-actions[bot]
b4ab86c020 Post-release preparation for codeql-cli-2.8.0 2022-02-06 23:34:07 +00:00
Arthur Baars
ac03fab986 Merge pull request #7753 from aibaars/ruby-3.1 
Ruby 3.1 features
 2022-02-06 21:06:16 +01:00
Nick Rolfe
9744cf2457 Ruby: apply suggested simplification from review 2022-02-04 17:14:47 +00:00
Nick Rolfe
aaff3226c9 Ruby: prefer ...isInt(x) over x = ...getInt() 2022-02-04 17:10:22 +00:00
Nick Rolfe
45962f1cad Ruby: make this unique for each method 
Even when summaries are shared in a single class.
 2022-02-04 17:03:55 +00:00
Nick Rolfe
7a9ddc28bf Ruby: address some more feedback on array flow summaries 2022-02-04 16:33:27 +00:00