hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,448 Commits 1,671 Branches 157 Tags
c4a385fa6a9f4b16c55c5368573e4b4bb10f7c8e
Commit Graph

4786 Commits

Author SHA1 Message Date
Nora Dimitrijević
c4a385fa6a Merge pull request #19817 from d10c/d10c/convert-tests-to-qlref 
Convert remaining `{go,swift,ruby}-code-scanning.qls` query tests to `.qlref`
 2025-06-24 16:31:13 +02:00
Nora Dimitrijević
92a48cdc2b Ruby: convert InsecureDownload test to .qlref 2025-06-24 14:57:59 +02:00
Nora Dimitrijević
e32982057c Ruby: convert CommandInjection test to .qlref 2025-06-24 14:57:54 +02:00
Nora Dimitrijević
807c7691c6 Ruby: add PrettyPrintModels test postprocessor 2025-06-24 14:57:49 +02:00
github-actions[bot]
6972c7a872 Post-release preparation for codeql-cli-2.22.1 2025-06-24 12:55:14 +00:00
github-actions[bot]
3e074b2425 Release preparation for version 2.22.1 2025-06-24 08:55:31 +00:00
Nora Dimitrijević
11bccdd753 Merge pull request #19798 from d10c/d10c/ruby/diff-informed-2 
Ruby: mass enable diff-informed data flow `none()` location overrides
 2025-06-19 14:14:39 +02:00
Tamas Vajk
e6a9ff08a3 Adjust query-suite integration test expected files 2025-06-18 13:10:34 +02:00
Tamas Vajk
40274dcd69 Add code-quality-extended query suites 2025-06-18 13:10:34 +02:00
Nora Dimitrijević
6f7e0d6bc8 Ruby: mass enable diff-informed data flow none() location overrides 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Adds `getASelected{Source,Sink}Location() { none() }` override to queries that select a dataflow source or sink as a location, but not both.
 2025-06-17 15:48:11 +02:00
Michael Nebel
08d28a5b85 Ruby: Add change-note. 2025-06-17 13:20:56 +02:00
Michael Nebel
ddc429cfeb Ruby: Update quality related tags. 2025-06-17 13:16:20 +02:00
github-actions[bot]
21463a9653 Post-release preparation for codeql-cli-2.22.0 2025-06-09 18:50:20 +00:00
github-actions[bot]
88ba02edf8 Release preparation for version 2.22.0 2025-06-09 18:14:51 +00:00
Chuan-kai Lin
631502e129 Merge branch 'main' into cklin/rc-3.18-mergeback 2025-06-09 07:19:40 -07:00
Chuan-kai Lin
89ad2b4256 Merge branch 'main' into cklin/check-diff-informed 2025-05-28 10:47:47 -07:00
Paolo Tranquilli
fd00ed502d Ruby: add compression integration test 2025-05-28 16:41:56 +02:00
Paolo Tranquilli
923a2854cb Ruby, Rust: add zstd compression option 2025-05-28 16:41:55 +02:00
github-actions[bot]
d2c6875eac Post-release preparation for codeql-cli-2.21.4 2025-05-27 18:16:21 +00:00
github-actions[bot]
bfb91e95e3 Release preparation for version 2.21.4 2025-05-27 17:22:05 +00:00
Anders Schack-Mulligen
1d30103559 SSA: Distinguish between has and controls branch edge. 2025-05-23 09:56:22 +02:00
Michael Nebel
2952c0d2b4 Merge pull request #19507 from michaelnebel/removehardcodedpassword 
Exclude some queries from query suites by lowering their precision.
 2025-05-21 11:13:14 +02:00
Jon Janego
9d65b5f85c Merge pull request #19531 from github/changedocs-2.21.3 
Changenotes for 2.21.3
 2025-05-19 19:00:47 -05:00
Jon Janego
7570f503ce Escaping more problematic asterisks 2025-05-19 17:06:29 -05:00
Michael Nebel
dabeddb62d Add change-notes. 2025-05-19 09:26:49 +02:00
Michael Nebel
530025b7ae Update integration tests expected output. 2025-05-19 09:26:47 +02:00
Michael Nebel
03ecd24469 Lower the precision of a range of harcoded password queries to remove them from query suites. 2025-05-19 09:26:45 +02:00
Nora Dimitrijević
8a1987ab71 Merge pull request #19448 from d10c/d10c/ruby-printast-order-fix 
Ruby printAst: fix order for synth children of real parents
 2025-05-15 18:17:01 +02:00
Nora Dimitrijević
96bdfbf76b Fix inefficient pattern: if-exists -> exists-or-not-exists 2025-05-14 15:36:45 +02:00
yoff
3fa563b293 Merge pull request #19483 from yoff/ruby/more-capturedExitRead 
Ruby: More captured exit read nodes
 2025-05-14 11:35:04 +02:00
github-actions[bot]
5f9dd75d7d Post-release preparation for codeql-cli-2.21.3 2025-05-13 21:49:43 +00:00
github-actions[bot]
2de4a01c86 Release preparation for version 2.21.3 2025-05-13 21:14:27 +00:00
yoff
3fcd46ec6c Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-05-13 16:57:32 +02:00
yoff
c70fd6a58c ruby: add change note 2025-05-13 16:18:33 +02:00
yoff
774b1820c2 ruby: also insert capturedExitRead-nodes by exceptional exits 2025-05-13 15:11:00 +02:00
yoff
73bae1627b ruby: test for DeadStore and captured variables 2025-05-13 15:08:01 +02:00
yoff
a50167812d ruby: adjust precision of rb/useless-assignment-to-local 
from `medium` to `high`
 2025-05-12 23:26:21 +02:00
Nora Dimitrijević
e9d5515c3b Add change note 2025-05-02 15:47:34 -04:00
Nora Dimitrijević
83a619a532 Ruby printAst: order by line, synth index in synth parent, column, synth index in real parent 
This prevents a bunch of unrelated movements in AstDesugar.ql
 2025-05-02 15:33:04 -04:00
Nora Dimitrijević
b95092ef1c Ruby printAst: order by start line and column before synth index 
This counteracts the movement of synth children away from the node from which they take their location, following the decision to take the index of synth children of real parents into account.
 2025-05-02 15:33:02 -04:00
Nora Dimitrijević
2511f52161 Ruby printAst: fix order for synth children of real parents 
Real parents can have synthesized children, so always assigning index 0 leads to nondeterminism in graph output.
 2025-05-02 15:33:00 -04:00
Tamás Vajk
cb1c3736fe Merge pull request #19413 from tamasvajk/quality/query-suite-selector 
Add code quality suite selector and use that in the code quality suites
 2025-05-02 08:18:48 +02:00
Owen Mansel-Chan
0863c87572 Add change notes 2025-05-01 10:33:24 +01:00
Chuan-kai Lin
5bc962c429 QL tests: run with --check-diff-informed 2025-04-30 10:55:58 -07:00
Owen Mansel-Chan
cf614a596d Fix cwe tags to include leading zero 2025-04-30 16:43:03 +01:00
Jonas Jensen
c8e564b2ba Merge pull request #19416 from jbj/ruby-no-diff-informed-regex 
Ruby: disable diff-informed mode on regex queries
 2025-04-30 15:17:20 +02:00
Jonas Jensen
eb7cd3d221 Ruby: disable diff-informed mode on regex queries 
These queries were failing in `codeql test run --check-diff-informed`
because they can select locations inside the regex. Until that can be
fixed, diff-informed mode is disabled for these queries.
 2025-04-30 08:54:57 +02:00
Tamas Vajk
e9e6d68a6e Use code-quality-selectors in Ruby suite 2025-04-29 16:23:33 +02:00
Nick Rolfe
d784473dcd Merge pull request #19400 from github/nickrolfe/rb-qhelp-tweak 
Fix spelling/wording in qhelp for `rb/uninitialized-local-variable`
 2025-04-29 09:43:58 +01:00
github-actions[bot]
2e0699ab2b Post-release preparation for codeql-cli-2.21.2 2025-04-28 14:03:28 +00:00