Module UnsafeDeserializationQuery

Provides a taint-tracking configuration for reasoning about unsafe deserialization.

Note, for performance reasons: only import this file if UnsafeDeserializationFlow is needed, otherwise UnsafeDeserializationCustomizations should be imported instead.

Import path

import codeql.ruby.security.UnsafeDeserializationQuery

Imports

UnsafeDeserializationCustomizations

Provides default sources, sinks and sanitizers for reasoning about unsafe deserialization, as well as extension points for adding your own.

Classes

Configuration

A taint-tracking configuration for reasoning about unsafe deserialization. DEPRECATED: Use UnsafeDeserializationFlow

Aliases

UnsafeCodeConstructionFlow

Taint-tracking for reasoning about unsafe deserialization.