codeql

mirror of https://github.com/github/codeql.git synced 2026-04-08 08:34:02 +02:00

Author	SHA1	Message	Date
Arthur Baars	f4003406cf	Apply suggestions from code review Co-authored-by: Tom Hvitved <hvitved@github.com>	2021-10-13 15:11:04 +02:00
Arthur Baars	bf3d291a1c	Updates after codeql file sync	2021-10-13 13:24:20 +02:00
Arthur Baars	80ac05d5c6	Bump codeql submodule to 'main'	2021-10-13 13:24:08 +02:00
Arthur Baars	6a18aa4e2a	Merge pull request #348 from github/rc/3.3 Merge rc/3.3 into main	2021-10-13 13:08:55 +02:00
Arthur Baars	287046e9b0	Merge pull request #346 from github/erik-krogh/fix-primary-class-typo fix typo for getAPrimaryQlClass	2021-10-13 12:53:51 +02:00
Nick Rolfe	1c5dcecf1e	Update expected output to match getAPrimaryQlClass change	2021-10-13 12:39:13 +02:00
Erik Krogh Kristensen	e1675ff055	fix typo for getAPrimaryQlClass	2021-10-13 12:39:13 +02:00
Arthur Baars	d448e208ab	Merge pull request #347 from github/aibaars/bump-codeql Bump codeql submodule to rc/3.3	2021-10-13 12:28:17 +02:00
Arthur Baars	8ef1af9de0	Bump codeql submodule to rc/3.3	2021-10-13 12:03:49 +02:00
Andrew Eisenberg	7a0437f159	Merge pull request #343 from github/aeisenberg/defaultSuite Add defaultSuite	2021-10-12 14:26:35 -07:00
Andrew Eisenberg	d9ab13b43d	Update ql/src/qlpack.yml Co-authored-by: Arthur Baars <aibaars@github.com>	2021-10-12 13:01:03 -07:00
Andrew Eisenberg	2fca1f57c6	Add defaultSuite Also, change the dependencies to be in alignment with other standard qlpacks.	2021-10-12 21:57:53 +02:00
Arthur Baars	4e79d9fad6	Merge pull request #334 from github/RasmusWL/normalize-qlpack Packaging: Normalize src/qlpack.yml	2021-10-12 21:56:31 +02:00
Arthur Baars	bf139a09f9	Merge pull request #341 from github/rc/3.3 Rc/3.3 mergeback	2021-10-12 20:48:21 +02:00
Arthur Baars	8531174d30	Merge pull request #333 from github/hvitved/api-graphs-non-linear-rec API graphs: Avoid non-linear recursion	2021-10-12 20:24:07 +02:00
Arthur Baars	80ebfed226	Merge pull request #336 from github/improve-getTemplateFile Improve `RenderCall#getTemplateFile` performance and accuracy	2021-10-12 20:21:12 +02:00
Arthur Baars	06e91c1182	Merge pull request #322 from github/request-without-validation rb/request-without-cert-validation	2021-10-12 20:19:11 +02:00
Arthur Baars	a78ee535a0	Merge pull request #340 from github/mergeback Merge rc/3.3 into main	2021-10-12 20:16:59 +02:00
Nick Rolfe	ceef9762a7	Fix comment typo Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>	2021-10-12 17:45:34 +01:00
Arthur Baars	398ed4c0c9	Merge pull request #338 from github/aibaars/update-grammar Update tree-sitter-ruby	2021-10-12 18:39:34 +02:00
Arthur Baars	bb5da92577	Update src/unsupported_feature.rb with a feature that is still unsupported	2021-10-12 18:11:00 +02:00
Arthur Baars	8c9d3b88df	Update dbscheme stats	2021-10-12 17:48:59 +02:00
Arthur Baars	0dc3ea5ed1	Add test-cases for forward arguments and endless methods	2021-10-12 17:32:01 +02:00
Arthur Baars	e44064cda7	Add forward parameter/arguments to AST	2021-10-12 17:31:31 +02:00
Nick Rolfe	ecc9f07c50	Merge pull request #311 from github/nickrolfe/oj Consider Oj.load a sink for unsafe deserialization	2021-10-12 16:17:08 +01:00
Alex Ford	e35ad020d5	ql format	2021-10-12 15:56:00 +01:00
Alex Ford	909cdacb1a	remove cast to StringlikeLiteral	2021-10-12 15:27:26 +01:00
Alex Ford	44499cab51	replace an abstract predicate	2021-10-12 15:27:10 +01:00
Alex Ford	9640af0b8c	Merge pull request #339 from github/rc-workflows enable actions workflows for rc branches	2021-10-12 12:23:47 +01:00
Alex Ford	f870c38e4c	enable actions workflows for rc branches	2021-10-12 10:47:27 +01:00
Alex Ford	48f3d48a11	add some test cases for checking against spurious flow into ERB templates	2021-10-12 10:37:22 +01:00
Arthur Baars	2a7f3fbfaf	Add upgrade script	2021-10-12 11:36:10 +02:00
Nick Rolfe	8e14b6582d	Remove unused predicate	2021-10-11 18:15:41 +01:00
Alex Ford	7270fe0ee7	slightly limit viable template files from render calls	2021-10-11 17:12:08 +01:00
Alex Ford	cdfee1f27d	better RenderCall#getTemplateFile performance and accuracy	2021-10-11 16:46:10 +01:00
Rasmus Wriedt Larsen	bca1cb141c	Packaging: Normalize src/qlpack.yml Port of 4) from https://github.com/github/codeql/pull/6605 > Dependencies from query packs to other packs are always "*" since these dependencies are always from source and we should get the latest. Compare with [C++ change](https://github.com/github/codeql/pull/6605/files#diff-0236560ca1b9c19eb7c74d8bfecd1c78005e762122f8bcdaee9eb9b20460bf9c).	2021-10-11 14:36:14 +02:00
Arthur Baars	fac4df203a	Update tree-sitter-ruby	2021-10-11 12:53:16 +02:00
Tom Hvitved	98d1ee5178	API graphs: Avoid non-linear recursion	2021-10-11 12:01:33 +02:00
Nick Rolfe	f500e5b2d7	Use Expr::getValueText	2021-10-08 16:41:06 +01:00
Calum Grant	958fbc7992	Merge pull request #316 from github/calumgrant/readme Update README.md	2021-10-08 10:36:07 +01:00
Alex Ford	9dedb0540e	Merge pull request #312 from github/rb/stored-xss-1 Implement `rb/stored-xss` query	2021-10-08 10:33:11 +01:00
Alex Ford	16ab4da812	Update ql/lib/codeql/ruby/security/XSS.qll Co-authored-by: Harry Maclean <hmac@github.com>	2021-10-07 20:03:07 +01:00
Nick Rolfe	eafe22ef93	Merge remote-tracking branch 'origin/main' into nickrolfe/oj	2021-10-07 16:40:36 +01:00
Arthur Baars	2a32b59840	Merge pull request #331 from github/aibaars/remove-unsafe Remove use of 'unsafe'	2021-10-07 16:58:59 +02:00
Alex Ford	de01770612	update test output	2021-10-07 15:50:35 +01:00
Arthur Baars	439d873564	Remove use of 'unsafe'	2021-10-07 16:38:29 +02:00
Alex Ford	168e67dd6d	deduplicate `string constantQualifiedName(ConstantWriteAccess)` as `string ConstantWriteAccess#getQualifiedName`	2021-10-07 15:30:36 +01:00
Alex Ford	5b38e06765	Rename `ActiveRecordModelClass#methodMayAccessField()` as `ActiveRecordModelClass#getAPotentialFieldAccessMethod()`	2021-10-07 15:30:36 +01:00
Alex Ford	3bdc680434	Drop a comment that is no longer relevant	2021-10-07 15:30:36 +01:00
Alex Ford	8262247ed7	Minor simplification of finderMethodName predicate	2021-10-07 15:30:36 +01:00

1 2 3 4 5 ...

1435 Commits