mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00

Files

Harry Maclean c97dccf0de Ruby: Add reorder as a SQL sink

In recent versions of Rails this method doesn't seem to be vulnerable,
but it may be in previous versions. There's a slight FP risk here, but
I think it is small.

2023-03-13 08:38:17 +13:00

.vscode

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

actions/create-extractor-pack

Ruby: build extractor using cross

2023-01-13 10:25:27 +01:00

autobuilder

Ruby: skip .git folder

2022-07-18 15:26:38 +02:00

doc

Move Ruby doc on db upgrades to common docs dir

2022-02-16 11:35:52 +00:00

downgrades

Ruby: Autoformat

2023-03-10 09:41:20 +01:00

extractor

Expose TRAP compression option via the new extractor options feature.

2023-03-10 19:09:51 +13:00

generator

Ruby: update tree-sitter-embedded-template

2023-02-21 13:49:33 +01:00

node-types

Ruby/QL: only create dbscheme case-splits for columns on defining tables

2022-11-23 10:00:08 +00:00

old-change-notes

Move older change notes to old-change-notes

2021-12-14 12:35:04 -05:00

Ruby: Add reorder as a SQL sink

2023-03-13 08:38:17 +13:00

scripts

Ruby: build extractor using cross

2023-01-13 10:25:27 +01:00

tools

add --working-dir to Ruby qltest.cmd to fix Windows

2023-01-16 15:37:35 +01:00

.gitattributes

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

.gitignore

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

Cargo.lock

Bump serde from 1.0.152 to 1.0.154 in /ruby

2023-03-09 04:06:43 +00:00

Cargo.toml

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

codeql-extractor.yml

Ruby: Make trap option title consistent with C#

2023-03-10 21:11:58 +13:00

Cross.toml

Ruby: add configuration for 'cross'

2022-02-11 12:50:33 +01:00

Makefile

Fix CI jobs

2021-11-23 22:03:01 +01:00

README.md

Ruby: Remove reference to LGTM

2022-12-19 15:15:43 +00:00

rust-toolchain.toml

Ruby: add configuration for 'cross'

2022-02-11 12:50:33 +01:00

README.md

Ruby analysis support for CodeQL

This directory contains the extractor, CodeQL libraries, and queries that power Ruby support in CodeQL products that GitHub makes available to its customers worldwide.

It contains two major components:

static analysis libraries and queries written in CodeQL that can be used to analyze such a database to find coding mistakes or security vulnerabilities.
an extractor, written in Rust, that parses Ruby source code and converts it into a database that can be queried using CodeQL. See Developer information for information on building the extractor (you do not need to do this if you are only developing queries).