Merge pull request github#11245 from erik-krogh/rb-redosMod

Ruby: use the shared regex pack
JanKallman · Nov 21, 2022 · b4661f4 · b4661f4
2 parents 01dcf6a + f6255e4
commit b4661f4
Show file tree

Hide file tree

Showing 18 changed files with 1,043 additions and 3,591 deletions.
diff --git a/.github/workflows/ruby-build.yml b/.github/workflows/ruby-build.yml
@@ -97,6 +97,7 @@ jobs:
  run: |
  codeql pack create ../shared/ssa --output target/packs
  codeql pack create ../misc/suite-helpers --output target/packs
+ codeql pack create ../shared/regex --output target/packs
  codeql pack create ql/lib --output target/packs
  codeql pack create ql/src --output target/packs
  PACK_FOLDER=$(readlink -f target/packs/codeql/ruby-queries/*)

diff --git a/ruby/ql/lib/change-notes/2022-10-31-shared-redos-pack.md b/ruby/ql/lib/change-notes/2022-10-31-shared-redos-pack.md
@@ -0,0 +1,4 @@
+---
+ category: minorAnalysis
+---
+ * The ReDoS libraries in `codeql.ruby.security.regexp` has been moved to a shared pack inside the `shared/` folder, and the previous location has been deprecated.