hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-20 14:17:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
32,453 Commits 1,758 Branches 167 Tags
ea86cce4457334235cd7e6afdbf39bd4f1f95ae8
Commit Graph

604 Commits

Author SHA1 Message Date
Harry Maclean
f30222256f Merge pull request #7061 from github/hmac/actiondispatch 
Ruby: Rails route resolution
 2022-02-10 09:46:36 +13:00
Tamás Vajk
6483a92587 Merge pull request #7865 from github/post-release-prep/codeql-cli-2.8.0 
Post-release preparation for codeql-cli-2.8.0
 2022-02-09 16:42:38 +01:00
Tom Hvitved
c695388c29 Merge pull request #7891 from hvitved/ruby/dataflow/hide-ssa-nodes 
Ruby: Hide more SSA nodes from data-flow path explanations
 2022-02-09 15:56:15 +01:00
Tom Hvitved
0bd8411cb6 Ruby: Hide more SSA nodes from data-flow path explanations 2022-02-09 15:31:10 +01:00
Rasmus Wriedt Larsen
9d5e8d5bd8 Merge pull request #7842 from RasmusWL/consistency-queires 
Misc: Streamline `consistency-queries/qlpack.yml`
 2022-02-09 13:42:18 +01:00
Nick Rolfe
1eba8277ee Merge pull request #7614 from github/nickrolfe/array_flow_summaries 
Ruby: add more Array/Enumerable flow summaries
 2022-02-09 09:57:59 +00:00
Harry Maclean
f276904fa9 Ruby: Add nomagic pragma to helper 2022-02-09 22:38:35 +13:00
Tom Hvitved
9440a45015 Merge branch 'main' into post-release-prep/codeql-cli-2.8.0 2022-02-09 09:40:33 +01:00
Harry Maclean
3206384884 Merge pull request #7824 from github/hmac/constantize 2022-02-09 08:30:21 +13:00
Tom Hvitved
b2419d60bd Merge pull request #7090 from hvitved/ruby/perf 
Ruby: Cache more predicates
 2022-02-08 20:02:33 +01:00
Tom Hvitved
3b5267eca5 Ruby: Cache DataFlow::Node::{toString,getLocation} 2022-02-08 13:03:42 +01:00
Tom Hvitved
f337459a4a Ruby: Cache capturedEntryWrite 2022-02-08 13:03:42 +01:00
Tom Hvitved
b041bc03d1 Ruby: Cache ConditionBlock::(immediately)Controls 2022-02-08 13:03:41 +01:00
Tom Hvitved
4037d1ff96 Ruby: Cache ErbDirective::getAChildStmt 2022-02-08 13:03:41 +01:00
Tom Hvitved
4c5f32ba4a Ruby: Cache exprNodeReturnedFrom 2022-02-08 13:03:31 +01:00
Tom Hvitved
45412fa17f Cache hasLocalSource 2022-02-08 13:03:27 +01:00
Nick Rolfe
8881031d0a Ruby: add upgrade/downgrade scripts 2022-02-08 09:57:55 +00:00
Nick Rolfe
2037368f62 Ruby: make node column unique 2022-02-08 09:55:34 +00:00
Harry Maclean
3031b39dc1 Ruby: prevent bad join in ActionController.qll 2022-02-08 12:10:23 +13:00
Nick Rolfe
881776a2ac Ruby: delete commented-out code 2022-02-07 12:50:06 +00:00
Nick Rolfe
e049f08c24 Ruby: update dbscheme stats 2022-02-07 12:42:34 +00:00
Nick Rolfe
b3b2bba618 Ruby: make some generated predicates final 2022-02-07 12:17:50 +00:00
Nick Rolfe
b43cc23277 Ruby: add db downgrade script 2022-02-07 12:10:36 +00:00
Nick Rolfe
e8855c3718 Ruby: add db upgrade script 2022-02-07 12:10:36 +00:00
Nick Rolfe
388d361ec3 Ruby: put AST node locations in a single table 2022-02-07 12:10:36 +00:00
Rasmus Wriedt Larsen
32cd7d6fa7 Add groups to all consistency-queries/qlpack.yml 
as discussed in PR review
 2022-02-07 11:15:48 +01:00
Tom Hvitved
dc09e87cb2 Ruby: Use SimpleSummarizedCallable in a few more places 2022-02-07 11:05:32 +01:00
github-actions[bot]
b4ab86c020 Post-release preparation for codeql-cli-2.8.0 2022-02-06 23:34:07 +00:00
Arthur Baars
ac03fab986 Merge pull request #7753 from aibaars/ruby-3.1 
Ruby 3.1 features
 2022-02-06 21:06:16 +01:00
Nick Rolfe
9744cf2457 Ruby: apply suggested simplification from review 2022-02-04 17:14:47 +00:00
Nick Rolfe
aaff3226c9 Ruby: prefer ...isInt(x) over x = ...getInt() 2022-02-04 17:10:22 +00:00
Nick Rolfe
45962f1cad Ruby: make this unique for each method 
Even when summaries are shared in a single class.
 2022-02-04 17:03:55 +00:00
Nick Rolfe
7a9ddc28bf Ruby: address some more feedback on array flow summaries 2022-02-04 16:33:27 +00:00
Nick Rolfe
ed00f2b0d2 Ruby: address some feedback on array flow summaries 2022-02-04 13:40:39 +00:00
Nick Rolfe
161d766ba9 Ruby: address review comments on array_flow.rb 2022-02-04 11:59:59 +00:00
Rasmus Wriedt Larsen
0bcfc4b657 Ruby: Update consistency-queries/qlpack.yml 
I'm not sure whether this means the consistency queries were run using
the 0.0.1 release of the `codeql/ruby-all` qlpack, but using `"*"` at
least ensures that it is always using the version from the CodeQL repo.
 2022-02-04 12:06:50 +01:00
Harry Maclean
ab7fd89653 Merge pull request #7663 from github/hmac/api-graph-subclass 
Ruby: Add basic subclassing support to API Graphs
 2022-02-04 10:19:07 +13:00
Harry Maclean
e328c6222a Merge pull request #7797 from github/hmac/pin-rust 
Ruby: Pin Rust to 1.54
 2022-02-04 10:18:46 +13:00
Harry Maclean
912842623d Simplify cache key 2022-02-04 07:41:29 +13:00
Arthur Baars
6525035f0a Address comments 2022-02-03 13:47:03 +01:00
Tom Hvitved
6bb71f051b Merge pull request #7791 from hvitved/dataflow/inline-local-flow-star 
Data flow: Inline `local(Expr|Instruction)?(Flow|Taint)`
 2022-02-03 09:02:43 +01:00
Harry Maclean
c65ca8ff86 Model calls to constantize as code executions 
`constantize` is an ActiveSupport extension to `String` that attempts to
look up a constant with a name matching the receiver.
 2022-02-03 15:22:07 +13:00
Harry Maclean
704b58519f Ruby: Include subclasses in more API calls 
Change the behaviour of `API::getInstance()` and `API::getReturn()` to
include results on subclasses of the current API node.
 2022-02-03 11:35:59 +13:00
Harry Maclean
61cd05cfc5 Ruby: Ensure TRoute and TRouteBlock are private 2022-02-03 10:55:28 +13:00
Harry Maclean
80835a5a19 Ruby: Don't expose abstract class 
Make ActionDispatch::Route into a private class
ActionDispatch::RouteImpl, defining a new class Route which exposes the
necessary public API from RouteImpl.

Also rename getHTTPMethod to getHttpMethod.
 2022-02-03 10:41:30 +13:00
Harry Maclean
a8a7c156d0 via - update tests 2022-02-03 10:40:23 +13:00
Arthur Baars
a22868ba27 Merge branch 'main' into ruby-3.1 2022-02-02 19:00:03 +01:00
Arthur Baars
3b05cb621c Address comment 2022-02-02 14:11:45 +01:00
Arthur Baars
fdcef6225b Ruby: fix QL warnings 2022-02-02 13:29:09 +01:00
Tom Hvitved
712418e5f8 Merge pull request #7781 from hvitved/dataflow/summary-stack-bottom-less-nonlinear 
Data flow: Reduce non-linear recursion in `SummaryComponentStack::bottom`
 2022-02-02 10:35:53 +01:00