hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 04:31:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,518 Commits 1,690 Branches 160 Tags
eddc2f30383f266121237d0565ec14ea5fb85cfe
Commit Graph

701 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
4ff823c36b Merge pull request #11366 from p-/p--ruby-kernel-open-addition 
Ruby: Add additional sinks to the `rb/kernel-open` query
 2022-12-12 15:56:01 +01:00
Harry Maclean
6c8896d83f Merge pull request #11337 from hmac/actionmailbox 
Ruby: Model ActionMailbox
 2022-12-12 10:29:23 +13:00
Peter Stöckli
d2c8e70be1 Adjust expected file for TaintStep (due to changes to File.join) 2022-12-09 09:57:19 +01:00
Tom Hvitved
35938067fe Merge pull request #11517 from aibaars/phi-reads-in-data-flow-graph 
Ruby: Include SSA "phi reads" in DataFlow::Node
 2022-12-07 18:58:44 +01:00
Arthur Baars
898a4006b0 Merge pull request #10747 from aibaars/ruby-more-flow 
Ruby: also treat included/prepended modules as subclasses
 2022-12-07 15:49:00 +01:00
Arthur Baars
d862972d5e Ruby: Add use-use stress test 2022-12-07 15:28:51 +01:00
Arthur Baars
f11f2cb1a0 Ruby: Update tests 2022-12-07 15:28:50 +01:00
Tom Hvitved
b171dc9b7b Merge pull request #11477 from hvitved/ruby/call-ctx-rewrite 
Ruby: Rework call-context sensitivity logic
 2022-12-06 07:39:29 +01:00
Arthur Baars
889eea92c2 Merge branch 'main' into ruby-more-flow 2022-12-05 11:13:46 +01:00
Arthur Baars
83423854d2 Merge pull request #11339 from aibaars/active_support_enumerable 
Ruby: Active support enumerable
 2022-12-05 11:02:19 +01:00
Asger F
2d578c1a73 Merge branch 'main' into merge-package-type-columns 2022-12-02 10:00:44 +01:00
Harry Maclean
91421528df Ruby: Update test 2022-12-01 09:01:03 +13:00
Arthur Baars
0f2cb440b0 Ruby: add flow summary for Enumerable#sole 2022-11-30 11:57:35 +01:00
Arthur Baars
5517cfa6c0 Ruby: add flow summary for Enumerable#pluck 2022-11-30 11:57:35 +01:00
Arthur Baars
207ba86d51 Ruby: add flow summary for Enumerable#pick 2022-11-30 11:57:29 +01:00
Tom Hvitved
bfbe5bdfb8 Ruby: Add data flow test that illustrates spurious flow 2022-11-30 11:01:32 +01:00
Harry Maclean
dab7970087 Ruby: Model JSON.pretty_generate 2022-11-30 13:18:45 +13:00
Harry Maclean
67257671ea Ruby: Remove redundant dataflow test 2022-11-30 13:18:44 +13:00
Harry Maclean
1bd2dd0a6e Ruby: update test fixture 2022-11-30 13:17:46 +13:00
Harry Maclean
eff763d127 Ruby: Model to_json ActiveSupport extension 2022-11-30 13:17:44 +13:00
Harry Maclean
5259d4af63 Ruby: Model various JSON methods 2022-11-30 13:15:18 +13:00
Harry Maclean
0a98559fcb Ruby: Add flow summaries for ActiveSupport::JSON 2022-11-30 13:15:16 +13:00
Harry Maclean
aed4325ee3 Ruby: Remove unused class 2022-11-30 11:50:35 +13:00
Harry Maclean
b66ea6ed72 Ruby: Simplify ActionMailbox modeling 2022-11-30 11:46:21 +13:00
Harry Maclean
71f2d8f6d8 Ruby: Model ActionMailbox#inbound_mail 2022-11-30 11:46:21 +13:00
Harry Maclean
eac5aa26ee Ruby: Model remote input for ActionMailbox 2022-11-30 11:46:21 +13:00
Harry Maclean
375403fb9d Merge pull request #11114 from hmac/case-barrier-guard-3 
Ruby: Add case string comparison barrier guard
 2022-11-30 11:21:07 +13:00
erik-krogh
0c2ff98dc2 add flow from the first splat argument to the first splat parameter 2022-11-28 09:54:05 +01:00
erik-krogh
d5725255fe add failing test for splat parameter flow 2022-11-28 09:53:03 +01:00
Alex Ford
893c8763bb Ruby: model ActiveSupport json_escape flow 2022-11-24 15:33:08 +00:00
Asger F
22316ee4fe Ruby: merge package/type columns 2022-11-23 11:17:42 +01:00
Tom Hvitved
2fac505221 Ruby: Update expected test output 2022-11-21 12:52:27 +01:00
Arthur Baars
4e88b8453a Ruby: add flow summary for Enumerable#index_with 2022-11-17 16:22:32 +01:00
Tom Hvitved
f24fa402f3 Adjust CFG 2022-11-17 10:32:28 +01:00
Harry Maclean
a6f6936719 Merge pull request #11058 from hmac/actioncontroller-logger 
Ruby: Model various ActionController methods
 2022-11-17 08:21:00 +13:00
Tom Hvitved
67b6a82cf1 Merge pull request #11198 from hvitved/ssa/expose-phi-reads 
SSA: Expose phi-read nodes
 2022-11-16 15:11:58 +01:00
Erik Krogh Kristensen
7d4ea47611 Merge pull request #10855 from erik-krogh/formatTaint 
Ruby: taint-steps for printf calls - and add a `AdditionalTaintStep` class
 2022-11-16 12:08:45 +01:00
Harry Maclean
ed3270fb04 Ruby: Update for upstream changes 2022-11-16 14:06:32 +13:00
Harry Maclean
d0521f15f1 Ruby: Update tests 2022-11-16 13:46:51 +13:00
Harry Maclean
d2c0250b41 Ruby: Model ActionDispatch::Request#body_stream 2022-11-16 13:46:51 +13:00
Harry Maclean
9f357837fa Ruby: Model send_data as an HTTP response 2022-11-16 13:46:51 +13:00
Harry Maclean
5cfc494e16 Ruby: Test render inside redirect_to 
This test shows that we correctly identify redirect_to and render calls
inside respond_to blocks.
 2022-11-16 13:46:51 +13:00
Harry Maclean
155b64d3fc Ruby: Add test for render calls 2022-11-16 13:46:51 +13:00
Harry Maclean
b7e14311be Ruby: Model ActionController logger 2022-11-16 13:46:50 +13:00
Harry Maclean
27681ac987 Ruby: Move ActionController tests to own directory 2022-11-16 13:46:49 +13:00
Tom Hvitved
67f31ffdf0 Ruby: Add tests for phi reads 2022-11-15 11:45:32 +01:00
Tom Hvitved
32f60fd112 Ruby: Add more local flow tests for use-use flow 2022-11-15 11:45:31 +01:00
Nick Rolfe
8d854e0a6b Merge pull request #11252 from github/nickrolfe/active_support_enumerable 
Ruby: add flow summary for Enumerable#index_by
 2022-11-15 10:40:42 +00:00
Nick Rolfe
83b3312467 Merge pull request #11207 from github/nickrolfe/arel-sql 
Ruby: add `SqlConstruction` concept, and implement it for calls to `Arel.sql`
 2022-11-14 10:21:37 +00:00
Nick Rolfe
0dadf0bbb4 Ruby: add flow summary for Enumerable#index_by 2022-11-14 10:01:24 +00:00