Provides default sources, sinks and sanitizers for reasoning about shell command constructed from library input vulnerabilities, as well as extension points for adding your own.
Import path
import codeql.ruby.security.UnsafeShellCommandConstructionCustomizations
Imports
TypeTracking | Provides classes and predicates for simple data-flow reachability suitable for tracking types. |
Modules
UnsafeShellCommandConstruction | Module containing sources, sinks, and sanitizers for shell command constructed from library input. |