codeql/ruby
Nick Rolfe af72c0848e
Merge pull request #16306 from github/nickrolfe/js-sensitive
JS: do fewer regexp matches in SensitiveActions
2024-04-24 09:49:44 +01:00
..
.vscode
actions/create-extractor-pack QL/Ruby: included shared extractor code in cache key 2023-05-22 19:28:59 +02:00
doc Ruby: Update build instructions for new extractor 2023-03-16 11:54:47 +13:00
downgrades Upgrade rules_pkg to 0.10.1. 2024-04-16 16:29:56 +02:00
extractor Ruby: Regenerate dbscheme and stats 2024-03-19 13:04:07 +01:00
old-change-notes Move older change notes to `old-change-notes` 2021-12-14 12:35:04 -05:00
ql Merge pull request #16306 from github/nickrolfe/js-sensitive 2024-04-24 09:49:44 +01:00
scripts Apply suggestions from code review 2023-10-26 17:04:51 +01:00
tools Address review, start accomodating bzlmod. 2024-02-26 11:21:23 +00:00
.gitattributes
.gitignore Ruby: Update .gitignore for moved extractor 2023-03-14 12:03:03 +13:00
BUILD.bazel Address review, start accomodating bzlmod. 2024-02-26 11:21:23 +00:00
Makefile Ruby: Rename extractor to codeql-extractor-ruby 2023-04-19 06:27:27 +00:00
README.md Ruby: Remove reference to LGTM 2022-12-19 15:15:43 +00:00
codeql-extractor.yml Add supported build modes to extractor metadata 2024-02-06 19:51:13 +00:00

README.md

Ruby analysis support for CodeQL

This directory contains the extractor, CodeQL libraries, and queries that power Ruby support in CodeQL products that GitHub makes available to its customers worldwide.

It contains two major components:

  1. static analysis libraries and queries written in CodeQL that can be used to analyze such a database to find coding mistakes or security vulnerabilities.
  2. an extractor, written in Rust, that parses Ruby source code and converts it into a database that can be queried using CodeQL. See Developer information for information on building the extractor (you do not need to do this if you are only developing queries).