hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 22:14:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
20f1a74202dde3697fdd2e3753e6f69eede1f9e7
codeql/ruby/ql/lib
History
Harry Maclean 20f1a74202 Ruby: Restrict GraphQL remote flow sources 
Previously we considered any splat parameter in a graphql resolver to be
a remote flow source. Now we limit that to reads of the parameter which
yield scalar types (e.g. String), as defined by the GraphQL schema.

This should reduce GraphQL false positives.
2023-09-14 12:14:56 +01:00
..
change-notes/released
Release preparation for version 2.14.3
2023-08-18 14:48:15 +00:00
codeql
Ruby: Restrict GraphQL remote flow sources
2023-09-14 12:14:56 +01:00
ide-contextual-queries
Merge pull request #13334 from aibaars/print-cfg-2
2023-08-14 18:24:20 +02:00
upgrades
Ruby: add upgrade/downgrade scripts
2023-05-22 19:37:51 +02:00
CHANGELOG.md
Release preparation for version 2.14.3
2023-08-18 14:48:15 +00:00
codeql-pack.release.yml
Release preparation for version 2.14.3
2023-08-18 14:48:15 +00:00
Customizations.qll
Ruby: Do not expose AST layer through ruby.qll
2022-09-13 19:59:56 +02:00
qlpack.lock.yml
qlpack.yml
Post-release preparation for codeql-cli-2.14.3
2023-08-28 15:53:49 +00:00
ruby.dbscheme
QL: switch to shared YAML extractor
2023-05-22 19:28:59 +02:00
ruby.dbscheme.stats
QL/Ruby: update dbscheme stats
2023-05-22 19:37:58 +02:00
ruby.qll
Address review comments
2022-09-14 15:30:51 +02:00