hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-26 04:43:00 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ad2eaf08359ed8d9d7b0376dc5dd6ce295e25657
codeql/ruby/ql
History
Harry Maclean ad2eaf0835 Ruby: Flow for ActiveSupport String extensions 
Add taint flow summaries for ActiveSupport String extensions which
transform the string in various ways, for example `camelcase` and
`underscore`.

DCA suggests this increases the sensitivity of rb/code-injection,
catching cases such as

    params[:foo].camelcase.constantize
2022-05-24 09:35:26 +01:00
..
consistency-queries
Ruby: refactor regex libraries
2022-03-24 11:37:02 +01:00
docs
Move files to ruby subfolder
2021-10-15 11:47:28 +02:00
examples
Bump a few more versions
2022-04-08 13:01:41 -04:00
lib
Ruby: Flow for ActiveSupport String extensions
2022-05-24 09:35:26 +01:00
src
Post-release preparation for codeql-cli-2.9.2
2022-05-12 18:21:38 +00:00
test
Data flow: Do not discard call context when computing reverse lambda flow through jumps
2022-05-19 15:19:41 +02:00