mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00

Files

Harry Maclean fc351fbd64 Ruby: Remove value-flow for name-matched summaries

String summaries that are identified by name only should not specify
value-preserving flow as this can cause spurious flow in cases where
they are applied to different but identically-named methods.

2022-02-24 16:15:15 +13:00

.vscode

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

actions/create-extractor-pack

Simplify cache key

2022-02-04 07:41:29 +13:00

autobuilder

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

doc

Move Ruby doc on db upgrades to common docs dir

2022-02-16 11:35:52 +00:00

downgrades

Ruby: add upgrade/downgrade scripts

2022-02-08 09:57:55 +00:00

extractor

Ruby: put AST node locations in a single table

2022-02-07 12:10:36 +00:00

generator

Ruby: make node column unique

2022-02-08 09:55:34 +00:00

node-types

Ruby: remove redundant closure

2021-12-02 16:29:59 +00:00

old-change-notes

Move older change notes to old-change-notes

2021-12-14 12:35:04 -05:00

Ruby: Remove value-flow for name-matched summaries

2022-02-24 16:15:15 +13:00

scripts

Python/Ruby: rm old prepare-db-upgrade.sh files

2022-02-16 12:21:52 +00:00

tools

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

.gitattributes

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

.gitignore

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

Cargo.lock

Ruby: update tree-sitter-ruby

2022-01-28 19:47:25 +01:00

Cargo.toml

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

codeql-extractor.yml

Move files to ruby subfolder

2021-10-15 11:47:28 +02:00

Cross.toml

Ruby: add configuration for 'cross'

2022-02-11 12:50:33 +01:00

Makefile

Fix CI jobs

2021-11-23 22:03:01 +01:00

README.md

Ruby: clean up docs

2021-10-28 12:04:48 +01:00

rust-toolchain.toml

Ruby: add configuration for 'cross'

2022-02-11 12:50:33 +01:00

README.md

Ruby analysis support for CodeQL

This directory contains the extractor, CodeQL libraries, and queries that power Ruby support in LGTM and the other CodeQL products that GitHub makes available to its customers worldwide.

It contains two major components:

static analysis libraries and queries written in CodeQL that can be used to analyze such a database to find coding mistakes or security vulnerabilities.
an extractor, written in Rust, that parses Ruby source code and converts it into a database that can be queried using CodeQL. See Developer information for information on building the extractor (you do not need to do this if you are only developing queries).