hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,611 Commits 1,673 Branches 157 Tags
ea4c2e432100cb15e4ad5448d02c36153a6f9f95
Commit Graph

34 Commits

Author SHA1 Message Date
erik-krogh
1a27441cfb drive-by: delete code-execution sinks from unsafe-deserialization, we risked duplicate alerts 2023-01-06 09:04:36 +01:00
Peter Stöckli
d2c8e70be1 Adjust expected file for TaintStep (due to changes to File.join) 2022-12-09 09:57:19 +01:00
Arthur Baars
d862972d5e Ruby: Add use-use stress test 2022-12-07 15:28:51 +01:00
Arthur Baars
f11f2cb1a0 Ruby: Update tests 2022-12-07 15:28:50 +01:00
Asger F
22316ee4fe Ruby: merge package/type columns 2022-11-23 11:17:42 +01:00
Tom Hvitved
32f60fd112 Ruby: Add more local flow tests for use-use flow 2022-11-15 11:45:31 +01:00
Tom Hvitved
e18442069b Ruby: Fix SSA entry definitions for self in top-level 2022-11-10 15:08:17 +01:00
Asger F
859dc7beb7 Merge pull request #11024 from asgerf/rb/data-flow-layer-capture2 
Ruby: expand DataFlow API
 2022-11-09 15:06:03 +01:00
Asger F
43769ad464 Ruby: update test output 2022-11-08 19:20:57 +01:00
Asger F
0a8f39fe96 Ruby: recover some incomplete capture flow 2022-10-31 13:33:41 +01:00
Nick Rolfe
269c27757d Ruby: include value-preserving flow in localTaintStep 2022-10-21 16:17:11 +01:00
Nick Rolfe
5319216c18 Ruby: add test of TaintTracking::localFlowStep 2022-10-21 16:04:04 +01:00
Arthur Baars
0160c374e4 Ruby: add flow summaries for Object#dup and Kernel#tap 2022-10-04 12:58:49 +02:00
Arthur Baars
09bc78eafc Ruby: local dataflow step for || and && 2022-10-04 12:58:49 +02:00
Tom Hvitved
007ab2b7ce Ruby: Do not expose AST layer through ruby.qll 2022-09-13 19:59:56 +02:00
Tom Hvitved
1e1b2e284d Ruby: Cleanup flow through self 2022-03-09 13:17:11 +01:00
Arthur Baars
0cef887683 Ruby: address comments 2022-01-24 11:27:26 +01:00
Arthur Baars
e9a01f9e8f Ruby: fix test case 2022-01-24 10:31:08 +01:00
Arthur Baars
fcec8a8388 Address comments 2022-01-24 10:31:08 +01:00
Arthur Baars
26a0167d6d Ruby: add taint step test for hash patterns 2022-01-24 10:31:06 +01:00
Arthur Baars
49c452239e Ruby: add taint steps from case value to variables in patterns 2022-01-24 10:10:22 +01:00
Tom Hvitved
8c18aaae74 Ruby: Prepare for data flow through arrays 2021-12-22 15:35:34 +01:00
Tom Hvitved
27f786b41e Merge pull request #7442 from hvitved/ruby/dataflow/keyword-params 
Ruby: Data flow for keyword arguments/parameters
 2021-12-22 15:23:22 +01:00
Arthur Baars
6c7114804e Ruby: remove CaseExprChildMapping::getBranch 2021-12-20 19:21:36 +01:00
Tom Hvitved
1e27ddf7c7 Ruby: Data flow for keyword arguments/parameters 2021-12-17 15:42:29 +01:00
Tom Hvitved
413375992d Ruby: Flatten nested statements inside desugared for loops 2021-11-17 09:05:37 +01:00
Tom Hvitved
945bb7459a Ruby: Update expected test output 2021-11-17 09:05:37 +01:00
Alex Ford
8603609698 Update test output to account for for-loop -> each desugaring 2021-11-17 09:05:36 +01:00
Harry Maclean
aa8607009b Update test fixtures 2021-10-22 10:56:34 +01:00
Harry Maclean
c437fd50a4 Update test fixtures 
Some of these look a bit suspicious, so need to double check them before
merging.
 2021-10-20 10:39:36 +01:00
Tom Hvitved
c57b7c5b2b Data flow: Restrict ExprReturnNode to nodes from the body of the callable 2021-10-18 17:01:30 +02:00
Tom Hvitved
397b8345e0 Data flow: Fix bug for sugared call arguments 2021-10-18 13:48:11 +02:00
Tom Hvitved
0de27bbc7e Data flow: Add ArgumentNode test 2021-10-18 13:47:50 +02:00
Arthur Baars
976daddd36 Move files to ruby subfolder 2021-10-15 11:47:28 +02:00