hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
52,226 Commits 1,672 Branches 157 Tags
fec80973a9425632b51a46617b74628677af0da2
Commit Graph

3172 Commits

Author SHA1 Message Date
Tom Hvitved
a5b7a0fe16 Merge pull request #12566 from hvitved/ruby/dataflow-assignments-in-paths 2023-03-24 12:31:59 +01:00
Tom Hvitved
b816c79248 Ruby: Include all assignments in data flow paths 2023-03-24 10:09:30 +01:00
Anders Schack-Mulligen
9d88f01c82 Merge pull request #12645 from aschackmull/dataflow/renaming 
Dataflow: Rename Make to Global and hasFlow to flow
 2023-03-24 08:48:31 +01:00
Anders Schack-Mulligen
d440bc2d0c Dataflow: Sync. 2023-03-23 13:40:23 +01:00
Anders Schack-Mulligen
1c1aa7ecdd Dataflow: Add change notes. 2023-03-23 13:17:36 +01:00
Anders Schack-Mulligen
d0b7ffda70 Python/Ruby/Swift: Rename references. 2023-03-23 13:06:19 +01:00
Anders Schack-Mulligen
2761aa73ca Dataflow: Sync. 2023-03-23 13:06:19 +01:00
Kasper Svendsen
ce6be1f636 Dataflow: Instantiate stage 1 access paths with proper unit type 2023-03-23 08:32:16 +01:00
Arthur Baars
65d129dee1 Merge pull request #12529 from hmac/ruby-extractor-bump-rust-version 
Ruby: Bump rust toolchain to 1.68
 2023-03-22 15:12:08 +01:00
Anders Schack-Mulligen
b2d436ccc1 Merge pull request #12533 from aschackmull/java/misc-perf 
Java/dataflow: Misc performance fixes
 2023-03-22 08:39:43 +01:00
Anders Schack-Mulligen
0d6dd7d25a DataFlow: Sync. 2023-03-21 14:27:25 +01:00
Tom Hvitved
5260d9815a Merge pull request #12582 from hvitved/ruby/element-of-type-content-set 
Ruby: Introduce `ContentSet::isElementOfType[OrUnknown]/1`
 2023-03-21 13:41:15 +01:00
Asger F
6d665da4dc Merge pull request #12570 from github/post-release-prep/codeql-cli-2.12.5 
Post-release preparation for codeql-cli-2.12.5
 2023-03-21 13:06:25 +01:00
Anders Schack-Mulligen
3876e4335f Merge pull request #12420 from kaspersv/kaspersv/dataflow-remove-alias-preds 
Dataflow: Remove revFlowAlias and revFlowApAlias predicates
 2023-03-20 16:30:15 +01:00
Alex Ford
be163cfc38 Merge pull request #12311 from maikypedia/maikypedia/ruby-ssti 
Ruby: Add Server Side Template Injection query
 2023-03-20 15:26:27 +00:00
Kasper Svendsen
1d2f1b6ae6 Address comments 2023-03-20 13:34:14 +01:00
Kasper Svendsen
e0e3a1d621 Dataflow: remove revFlowApAlias trick 2023-03-20 13:04:13 +01:00
Alex Ford
4b1171ce64 Merge branch 'main' into maikypedia/ruby-ssti 2023-03-20 09:55:53 +00:00
Tom Hvitved
a9ef3f95a2 Ruby: Introduce ContentSet::isElementOfType[OrUnknown]/1 2023-03-20 10:03:15 +01:00
Michael Nebel
37484a415f Sync files. 2023-03-20 09:38:40 +01:00
Kasper Svendsen
9630feb5e4 Dataflow: Remove revFlowAlias trick 2023-03-20 09:04:35 +01:00
Erik Krogh Kristensen
af98ceb3c3 Merge pull request #11478 from erik-krogh/more-shell-taint 
Rb: more taint-steps for shell-command-construction
 2023-03-20 08:41:22 +01:00
github-actions[bot]
981e171525 Post-release preparation for codeql-cli-2.12.5 2023-03-17 13:27:00 +00:00
Alex Ford
e84b08409c Ruby: test fixes 2023-03-17 12:08:38 +00:00
Alex Ford
c12a85b07b Ruby: autoformat 2023-03-17 11:49:10 +00:00
Alex Ford
76ed56d2b6 Ruby: typo 2023-03-17 11:40:59 +00:00
Alex Ford
ee6288173f Ruby: remove extra opening p tag 2023-03-17 11:38:49 +00:00
Alex Ford
60f313863a Merge branch 'main' into maikypedia/ruby-ssti 2023-03-17 11:31:49 +00:00
Michael Nebel
282b5d4836 Merge pull request #12538 from michaelnebel/emptypredworkaround 
DataFlow: Workaround empty predicate usage in IPA branch.
 2023-03-17 10:29:19 +01:00
Tom Hvitved
d146d816a9 Ruby: Fix semantic merge conflict 2023-03-17 09:59:44 +01:00
Tom Hvitved
e69e90db4a Ruby: Remove some redundant super type qualifiers 2023-03-17 09:32:13 +01:00
Tom Hvitved
75746cbacc Merge pull request #12549 from hvitved/ruby/ssa-write-access 
Ruby: `Ssa::WriteDefinition::getWriteAccess` should return a CFG node
 2023-03-17 09:31:14 +01:00
Tom Hvitved
ee01e9ab35 Merge pull request #12554 from hvitved/ruby/clear-text-logging-hashes 
Ruby: Rely on built-in hash-flow in clear text storage query
 2023-03-17 09:21:11 +01:00
Harry Maclean
2c63dbad67 Merge pull request #11954 from hmac/sinatra 
Ruby: Model Sinatra
 2023-03-17 10:46:52 +13:00
Maiky
37e42bb05b Missing markdown extension 2023-03-16 20:45:35 +01:00
Maiky
a229f7a832 Solve merge conflict and add a change note 2023-03-16 16:15:02 +01:00
Tom Hvitved
f35fb13723 Add change note 2023-03-16 15:18:47 +01:00
Tom Hvitved
9d3863eccc Ruby: Rely on built-in hash-flow in clear text storage query 2023-03-16 14:55:06 +01:00
Tom Hvitved
ae10e6e08f Ruby: Add a test that shows FP/FN for clear text logging query 2023-03-16 14:38:45 +01:00
Jeroen Ketema
66b03dbd1d Apply suggestions from code review 2023-03-16 14:29:16 +01:00
Jeroen Ketema
e7079b35bc Apply suggestions from code review 2023-03-16 14:28:17 +01:00
Michael Nebel
3fea9e4d0b Sync files. 2023-03-16 14:12:29 +01:00
github-actions[bot]
fe4d27e8cc Release preparation for version 2.12.5 2023-03-16 12:58:50 +00:00
Tom Hvitved
1d0b3d4112 Ruby: Ssa::WriteDefinition::getWriteAccess should return a CFG node 2023-03-16 11:28:24 +01:00
Tom Hvitved
a13b6ed230 Merge pull request #12536 from hvitved/dataflow/call-enclosing-callable-consistency-check 
Data flow: Add consistency check for `DataFlowCall::getEnclosingCallable`
 2023-03-16 10:19:42 +01:00
Rasmus Wriedt Larsen
b3a49ab143 Merge pull request #12467 from RasmusWL/kwargs-parameter-position-fixup 
Python/Ruby: Use new parameter position for synthetic hash-splat instead
 2023-03-16 09:52:46 +01:00
Tom Hvitved
9f798902bd Data flow: Add consistency check for DataFlowCall::getEnclosingCallable 2023-03-16 08:40:53 +01:00
Harry Maclean
0eb0c26b72 Ruby: Add some documentation 
This is primarily to bust the build cache.
 2023-03-16 12:24:47 +13:00
Harry Maclean
907fbeaae8 Ruby: Update build instructions for new extractor 2023-03-16 11:54:47 +13:00
Harry Maclean
01a85164ee Ruby: Bump rust toolchain to 1.68 2023-03-16 11:54:47 +13:00