hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 22:14:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
081c1201edd177cbfa7d049e99db823210fc8784
codeql/ruby
History
Harry Maclean 081c1201ed Ruby: Make csrf query more specific 
CSRF protection only needs to be explicitly enabled on Rails
applications < 5.2 _or_ those that don't include a `load_defaults` call
with a version >= 5.2.
2024-02-23 11:13:17 +00:00
..
.vscode
Move files to ruby subfolder
2021-10-15 11:47:28 +02:00
actions/create-extractor-pack
QL/Ruby: included shared extractor code in cache key
2023-05-22 19:28:59 +02:00
doc
Ruby: Update build instructions for new extractor
2023-03-16 11:54:47 +13:00
downgrades
Ruby: Fix upgrade delete directives
2024-01-05 14:21:52 -08:00
extractor
Ruby: update tree-sitter-ruby
2024-01-05 14:33:14 +01:00
old-change-notes
Move older change notes to old-change-notes
2021-12-14 12:35:04 -05:00
ql
Ruby: Make csrf query more specific
2024-02-23 11:13:17 +00:00
scripts
Apply suggestions from code review
2023-10-26 17:04:51 +01:00
tools
Ruby: Update scripts for merged extractor
2023-04-07 15:49:17 +08:00
.gitattributes
Move files to ruby subfolder
2021-10-15 11:47:28 +02:00
.gitignore
Ruby: Update .gitignore for moved extractor
2023-03-14 12:03:03 +13:00
codeql-extractor.yml
Add supported build modes to extractor metadata
2024-02-06 19:51:13 +00:00
Makefile
Ruby: Rename extractor to codeql-extractor-ruby
2023-04-19 06:27:27 +00:00
README.md
Ruby: Remove reference to LGTM
2022-12-19 15:15:43 +00:00

README.md

Ruby analysis support for CodeQL

This directory contains the extractor, CodeQL libraries, and queries that power Ruby support in CodeQL products that GitHub makes available to its customers worldwide.

It contains two major components:

  1. static analysis libraries and queries written in CodeQL that can be used to analyze such a database to find coding mistakes or security vulnerabilities.
  2. an extractor, written in Rust, that parses Ruby source code and converts it into a database that can be queried using CodeQL. See Developer information for information on building the extractor (you do not need to do this if you are only developing queries).