hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,148 Commits 1,671 Branches 157 Tags
d2603884ca34998eb1315868746aa6b4b4c6da9c
Commit Graph

704 Commits

Author SHA1 Message Date
Taus
af7f532212 Python: Fix up a bunch of function QLDoc 2022-03-07 18:59:49 +00:00
Arthur Baars
169f65526e Merge pull request #8292 from aibaars/api-graphs-private 
Ruby: ApiGraphs: use private imports
 2022-03-02 00:35:46 +01:00
Tamás Vajk
94cb5c2be4 Merge pull request #8296 from github/post-release-prep/codeql-cli-2.8.2 
Post-release preparation for codeql-cli-2.8.2
 2022-03-01 11:57:36 +01:00
github-actions[bot]
980f822983 Post-release preparation for codeql-cli-2.8.2 2022-03-01 09:24:30 +00:00
Arthur Baars
7e6ef7ac74 Ruby: ApiGraphs: use private imports 2022-03-01 10:24:19 +01:00
Arthur Baars
5ce6b847d1 Merge pull request #8166 from aibaars/regex-char-sequence-1 
Ruby/Python: regex parser: group sequences of 'normal' characters
 2022-02-28 17:47:53 +01:00
Arthur Baars
0c23f5815f Add change note 2022-02-25 18:43:43 +01:00
Arthur Baars
5044f89105 Ruby/Python re-introduce normalCharacterSequence 2022-02-25 18:43:43 +01:00
Asger F
a8bfebaeb6 Merge pull request #8149 from asgerf/shared/use-shared-access-path-syntax 
Shared: use shared access path syntax to parse arguments in CSV rows
 2022-02-25 14:04:18 +01:00
CodeQL CI
0f125d1e8a Merge pull request #8234 from asgerf/ruby/meta-queries 
Approved by nickrolfe
 2022-02-25 12:46:15 +00:00
Arthur Baars
9d9abaf1f9 Apply suggestions from code review 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2022-02-25 12:27:20 +01:00
github-actions[bot]
20fe22c8c8 Release preparation for version 2.8.2 2022-02-24 14:57:08 +00:00
Asger Feldthaus
f1bfb31403 Shared: fix typo in a comment 2022-02-23 14:13:41 +01:00
Asger Feldthaus
bb9348d77f Ruby: reject ArrayElement[-n] instead of interpreting it as ArrayElement[?] 2022-02-23 14:13:41 +01:00
Asger Feldthaus
a11c6f0f8e Ruby: use AccessPathSyntax library 2022-02-23 14:13:40 +01:00
Asger Feldthaus
5cab737ef1 Shared: sync AccessPathSyntax.qll 2022-02-23 14:13:40 +01:00
Stephan Brandauer
c17d8b145a Merge pull request #8054 from asgerf/js/split-request-forgery 
JS: split request forgery query into server-side and client-side variants
 2022-02-23 10:27:16 +01:00
Arthur Baars
69ed121ecb Ruby/Python: regex parser: group sequences of 'normal' characters 2022-02-22 16:15:33 +01:00
Asger Feldthaus
5390faeb8a Ruby: add query for measuring call graph 2022-02-22 14:42:05 +01:00
Asger Feldthaus
c7c97d5bbb Ruby: add queries for measuring taint sources and sinks 2022-02-22 14:29:47 +01:00
Asger F
02c4966109 Merge pull request #7878 from asgerf/dot-separated-access-paths 
Shared: Switch to dot-separated access paths in summary specs
 2022-02-21 13:29:09 +01:00
Alex Ford
9196b64d6e Merge pull request #8138 from github/ruby/file-write 
Ruby: Implement `FileSystemWriteAccess` concept
 2022-02-21 10:13:27 +00:00
Alex Ford
746290d903 Merge pull request #7713 from github/ruby/clear-text-logging 
Ruby: Add `rb/clear-text-logging-sensitive-data` query
 2022-02-21 10:12:33 +00:00
Asger Feldthaus
7848fcec80 Shared: sync AccessPathSyntax.qll 2022-02-21 08:21:53 +01:00
Asger Feldthaus
55ac5cb012 Shared: auto format 2022-02-21 08:21:53 +01:00
Asger Feldthaus
4985fbb526 Shared: update getSummaryCsv and related test output 2022-02-21 08:21:53 +01:00
Asger Feldthaus
dcc523a2b7 Shared: auto format 2022-02-21 08:21:53 +01:00
Asger Feldthaus
7fcbdbeada Shared: sync AccessPathSyntax.qll and FlowSummaryImpl.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
2907d53e17 Shared: sync AccessPathSyntax.qll and FlowSummaryImpl.qll 2022-02-21 08:21:52 +01:00
Asger Feldthaus
57bf0b1432 Ruby: remove support for legacy syntax 2022-02-21 08:21:51 +01:00
Asger Feldthaus
e3605eed44 Ruby: update CSV rows to dot-separated syntax 2022-02-21 08:21:50 +01:00
Asger Feldthaus
7005d53a67 Ruby: manually rewrite DigSummary access path 2022-02-21 08:16:55 +01:00
Asger Feldthaus
6dbeb81f36 Ruby: use AccessPathSyntax.qll to parse input/output summary specs 2022-02-21 08:16:55 +01:00
Harry Maclean
9a60c7e4ac Ruby: Update filename in test fixture 2022-02-21 09:43:36 +13:00
Alex Ford
6b8537c4e0 Ruby: FileSystemWriteAccess changenote 2022-02-20 20:14:01 +00:00
Alex Ford
baabe66551 Ruby: update Files.ql tests for write accesses 2022-02-20 19:28:12 +00:00
Alex Ford
12ce3d4784 Ruby: Implement FileSystemWriteAccess for IO/File API 2022-02-20 19:27:11 +00:00
Alex Ford
4f0174e89a Ruby: add FileSystemWriteAccess concept 2022-02-20 19:26:54 +00:00
Alex Ford
dd383f942f Merge remote-tracking branch 'origin/main' into ruby/clear-text-logging 2022-02-17 15:32:31 +00:00
Alex Ford
33f4fffe16 Ruby: Simplify sub!/gsub! sanitizers for cleartext logging query 2022-02-17 13:10:44 +00:00
Asger Feldthaus
69995d5750 Shared: rephrase request forgery name and description 2022-02-17 09:07:08 +01:00
Harry Maclean
bfd2c14555 Ruby: Add shim StandardLibrary.qll 
This file re-exports everything it used to define, marking each as
deprecated to warn users that they should import `Core` or `Stdlib`
instead.
 2022-02-17 20:44:04 +13:00
Harry Maclean
459f949c24 Ruby: fix old import in ActiveSupport 
codeql.ruby.frameworks.StandardLibrary is deprecated
 2022-02-17 20:44:04 +13:00
Harry Maclean
9fff2cfcff Ruby: Add missing documentation 2022-02-17 20:44:04 +13:00
Harry Maclean
546bfcb8ea Ruby: split tests to match stdlib changes 2022-02-17 20:44:04 +13:00
Harry Maclean
eb4f333c25 Ruby: Move UnknownMethodCall to ast/Call.qll 2022-02-17 20:44:04 +13:00
Harry Maclean
a397c65d36 Ruby: Split standard library modeling 
Split the classes modeling various standard library concepts into a
structured group of multiple files.

Things that are part of the core language live in framworks/core and
standard libraries (that aren't part of core) live in frameworks/stdlib.

This mirrors the structure followed by the Ruby docs
(https://docs.ruby-lang.org/en/3.1/).

Tests are split in a followup commit.
 2022-02-17 20:44:04 +13:00
Nick Rolfe
17450a5b27 Python/Ruby: rm old prepare-db-upgrade.sh files 2022-02-16 12:21:52 +00:00
Nick Rolfe
26b2012024 Move Ruby doc on db upgrades to common docs dir 
And explain downgrades
 2022-02-16 11:35:52 +00:00
Nick Rolfe
ee5068d843 Python/Ruby: forward to generic prepare-db-upgrade.sh 2022-02-16 11:03:28 +00:00