2815 Commits

Author	SHA1	Message	Date
Geoffrey White	90faab456d	Merge pull request #18473 from geoffw0/sensitive2 ... Improve shared sensitive data library handling of snake_case variable names	2025-01-15 18:02:33 +00:00
yoff	599411b440	Merge pull request #17787 from yoff/shared/add-location-to-typetracking-nodes ... shared: Add locations to type tracking nodes	2025-01-13 23:06:09 +01:00
Tom Hvitved	303b11ec36	Merge pull request #18298 from hvitved/rust/mad-source-sink ... Rust: Add support for MaD sources and sinks with access paths	2025-01-10 11:49:51 +01:00
Geoffrey White	f8659c0a4e	Sync identical files.	2025-01-10 10:26:13 +00:00
yoff	aca5a51a78	Merge branch 'main' into shared/add-location-to-typetracking-nodes	2025-01-08 12:47:05 +01:00
Tom Hvitved	1b31c90d26	Implement FlowSummaryImpl stubs	2025-01-06 13:26:51 +01:00
Tom Hvitved	978a816f11	Ruby: Track types in data flow	2025-01-06 13:26:10 +01:00
Geoffrey White	44a0ad2942	Update data-flow -> data flow in all versions of ConceptsShared.qll.	2024-12-12 13:36:26 +00:00
Anders Schack-Mulligen	03fdceb0fd	Merge pull request #18191 from aschackmull/dataflow/remove-deprecated-lib ... Dataflow: Delete the old configuration-class based api.	2024-12-04 11:31:46 +01:00
Anders Schack-Mulligen	8c99ad4fcb	Ruby: Remove deprecated configuration classes referencing deleted api.	2024-12-03 20:08:46 +01:00
Anders Schack-Mulligen	20f06abe6f	Ruby: Delete deprecated data flow api.	2024-12-03 14:41:14 +01:00
Tom Hvitved	fbeb6f3940	Shared: Move shared logic into FlowSummaryImpl.qll	2024-12-03 09:11:11 +01:00
Tom Hvitved	03ffaac87a	Merge pull request #17880 from hvitved/ruby/symbol-string-key-indifference ... Ruby: Do not distinguish between symbols and strings in hash keys	2024-11-01 10:43:56 +01:00
Tom Hvitved	6b60865d7e	Ruby: Do not distinguish between symbols and strings in hash keys	2024-10-31 11:42:09 +01:00
Rasmus Lerchedahl Petersen	22d621c625	shared: add locations to typetracking nodes	2024-10-16 15:16:18 +02:00
Anders Schack-Mulligen	42d35f8b9d	Ruby: Exclude some cases that are unlikely library calls.	2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen	c20f12fa6c	Add qldoc.	2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen	8eb0cb4c66	Ruby: Add tentative support for speculative taint flow.	2024-10-16 14:35:20 +02:00
Anders Schack-Mulligen	c80627a3d3	Dataflow: add plumbing for adding provenance to state-steps.	2024-10-16 14:35:18 +02:00
Geoffrey White	04c7319b6b	Merge pull request #17647 from geoffw0/warnings ... Rust: More information about extractor errors and warnings	2024-10-10 16:19:15 +01:00
Geoffrey White	7420d07935	Update ruby/ql/lib/codeql/ruby/AST.qll ... Co-authored-by: Arthur Baars <aibaars@github.com>	2024-10-10 15:54:14 +01:00
Geoffrey White	8a895740ba	Ruby: Move language specific code out of FileSystem.qll (at least for now).	2024-10-10 14:05:39 +01:00
Tom Hvitved	3a098d7449	Ruby: Adopt shared ConditionalCompletionSplitting implementation	2024-10-09 11:02:17 +02:00
Geoffrey White	1ea94faccf	Ruby: Make similar changes to differentiate extraction errors and warnings, and mostly restore original behaviour.	2024-10-03 17:39:56 +01:00
Geoffrey White	4c7ec59306	Ruby: Sync identical files.	2024-10-03 17:17:37 +01:00
Arthur Baars	9b8cbdad49	Add QLDoc to Diagnostics.qll	2024-09-24 17:34:30 +02:00
Chuan-kai Lin	1cd8af54f2	Merge pull request #17190 from github/cklin/diff-informed-java-queries ... Java: add support for alert location restrictions	2024-09-23 08:39:24 -07:00
Anders Schack-Mulligen	3a1e50dcf9	Dataflow: Simplify diff-informed implementation and tweak flag name.	2024-09-20 07:07:10 -07:00
Tom Hvitved	d680a549bd	Merge pull request #16936 from hvitved/csharp/ssa-integration ... C#: Adopt shared SSA data-flow integration	2024-09-17 13:45:31 +02:00
Tom Hvitved	d0eae97bcf	Address review comment	2024-09-16 14:46:23 +02:00
Chuan-kai Lin	ff78bebf19	Shared support for alert filtering	2024-09-11 13:18:26 -07:00
erik-krogh	0fdd06fff5	use my script to delete outdated deprecations	2024-09-03 20:30:58 +02:00
Tom Hvitved	b0003c0453	Ruby: Remove two redundant checks	2024-08-21 19:06:29 +02:00
Tom Hvitved	d15e1b5598	Ruby: Prevent synthetic splat matching for actual splats at same positions	2024-08-20 16:21:59 +02:00
Tom Hvitved	c4b0f81883	Ruby: Prevent positional matching when preceded by a splat	2024-08-20 16:21:58 +02:00
Tom Hvitved	20dc242830	Ruby: Rework hash splat argument/parameter matching	2024-08-20 16:21:57 +02:00
Tom Hvitved	6d4f3bd014	Ruby: Rework splat argument/parameter matching	2024-08-20 16:21:56 +02:00
Anders Schack-Mulligen	8470e91c16	Legacy Dataflow: Sync.	2024-08-20 10:07:57 +02:00
Tom Hvitved	f83df76928	Shared: Apply ShowProvenance in InlineFlowTest.qll	2024-08-13 13:34:43 +02:00
Joe Farebrother	e47d4ccb79	Merge pull request #17002 from Flying-Tom/add-get-response ... Ruby: Add get_response for Net::HTTP	2024-08-06 09:44:21 +01:00
Tom Hvitved	87c5627024	Merge pull request #16937 from hvitved/ruby/ssa-integration ... Ruby: Adopt shared SSA data-flow integration	2024-08-06 10:39:41 +02:00
Alex Ford	9fb657c4c4	Merge pull request #16781 from alexrford/rb/weak-sensitive-data-hashing ... Add `rb/weak-sensitive-data-hashing` query port	2024-07-25 14:11:42 +01:00
Anders Schack-Mulligen	7a48fe1102	Dataflow: Replace ppReprType with DataFlowType.toString.	2024-07-25 13:08:47 +02:00
Tom	f09010e79c	Update NetHttp.qll	2024-07-17 16:39:11 +08:00
Anders Schack-Mulligen	da5abc8321	Dataflow: Replace MakeSets with QlBuiltins::InternSets.	2024-07-15 13:35:57 +02:00
Tom Hvitved	9263977329	Ruby: Adopt shared SSA data-flow integration	2024-07-12 14:23:24 +02:00
Tom Hvitved	4ae8720930	SSA: Add BasicBlock.{getNode/1,length/0} to the input signature	2024-07-03 11:32:35 +02:00
Tom Hvitved	8e8100fd34	Merge pull request #16887 from hvitved/ruby/local-flow-missing-steps ... Ruby: Add missing local flow steps	2024-07-02 15:43:52 +02:00
Tom Hvitved	19e910e1b5	Merge pull request #16801 from hvitved/ruby/element-reference-block ... Ruby: Handle element references with blocks	2024-07-02 13:08:31 +02:00
Tom Hvitved	7fdc09c17f	Ruby: Add missing local flow steps	2024-07-01 19:46:40 +02:00