From 9f0d32109fbc0d882b7d867cb4c9a3d612ebcefb Mon Sep 17 00:00:00 2001
From: Mathew Payne <geekmasher@gmail.com>
Date: Tue, 21 Dec 2021 13:20:04 +0000
Subject: [PATCH] Add Ruby to gen script and exclude query

---
 .github/scripts/generate-coverage.py |   3 +-
 ruby/README.md                       |  20 ++++++
 ruby/queries.json                    | 103 +++++++++++++++++++++++++++
 ruby/suites/codeql-ruby.qls          |   3 +
 4 files changed, 128 insertions(+), 1 deletion(-)
 create mode 100644 ruby/README.md
 create mode 100644 ruby/queries.json

diff --git a/.github/scripts/generate-coverage.py b/.github/scripts/generate-coverage.py
index 167d7526de..c00b89e21d 100644
--- a/.github/scripts/generate-coverage.py
+++ b/.github/scripts/generate-coverage.py
@@ -22,6 +22,7 @@
     "java": "Java",
     "javascript": "JavaScript / TypeScript",
     "python": "Python",
+    "ruby": "Ruby",
 }
 default_suite_order = [
     "default",
@@ -211,7 +212,7 @@ def buildQueries(language: str):
     all_languages = False
     languages = []
     if not arguments.language:
-        languages = ["cpp", "csharp", "java", "javascript", "python"]
+        languages = ["cpp", "csharp", "java", "javascript", "python", "ruby"]
         all_languages = True
     else:
         languages = [arguments.language]
diff --git a/ruby/README.md b/ruby/README.md
new file mode 100644
index 0000000000..82bfe8855e
--- /dev/null
+++ b/ruby/README.md
@@ -0,0 +1,20 @@
+# Python
+
+## Queries
+<!-- AUTOMATION-QUERIES -->
+| Name | Severity | Path |
+| :--- | :------- | :--- |
+
+
+<!-- AUTOMATION-QUERIES -->
+## Query Suites
+<!-- AUTOMATION-SUITES -->
+| Name | Queries Count | Description | Path |
+| :--- | :---- | :--- | :--- |
+| `default` | 22 | Default Query Suite | `code-scanning` |
+| `extended` | 24 | Security Extended Suite | `security-extended` |
+| `quality` | 24 | Security and Quality Extended Suite | `security-and-quality` |
+| `super-extended` | 23 | Security Extended with Experimental and Custom Queries Suite | `advanced-security/codeql-queries/ruby/suites/codeql-ruby.qls@main` |
+
+
+<!-- AUTOMATION-SUITES -->
diff --git a/ruby/queries.json b/ruby/queries.json
new file mode 100644
index 0000000000..245e089df3
--- /dev/null
+++ b/ruby/queries.json
@@ -0,0 +1,103 @@
+{
+  "default": [
+    "codeql/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-918/ServerSideRequestForgery.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/ReDoS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/RegExpInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionDisabled.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-022/PathInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-611/Xxe.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-078/CommandInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-078/KernelOpen.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql",
+    "codeql/ruby/ql/src/queries/diagnostics/ExtractionErrors.ql",
+    "codeql/ruby/ql/src/queries/diagnostics/SuccessfullyExtractedFiles.ql",
+    "codeql/ruby/ql/src/queries/summary/NumberOfFilesExtractedWithErrors.ql",
+    "codeql/ruby/ql/src/queries/summary/LinesOfCode.ql",
+    "codeql/ruby/ql/src/queries/summary/NumberOfSuccessfullyExtractedFiles.ql",
+    "codeql/ruby/ql/src/queries/summary/LinesOfUserCode.ql"
+  ],
+  "extended": [
+    "codeql/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-918/ServerSideRequestForgery.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/ReDoS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/RegExpInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionDisabled.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-022/PathInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-611/Xxe.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-078/CommandInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-078/KernelOpen.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-295/RequestWithoutValidation.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql",
+    "codeql/ruby/ql/src/queries/diagnostics/ExtractionErrors.ql",
+    "codeql/ruby/ql/src/queries/diagnostics/SuccessfullyExtractedFiles.ql",
+    "codeql/ruby/ql/src/queries/summary/NumberOfFilesExtractedWithErrors.ql",
+    "codeql/ruby/ql/src/queries/summary/LinesOfCode.ql",
+    "codeql/ruby/ql/src/queries/summary/NumberOfSuccessfullyExtractedFiles.ql",
+    "codeql/ruby/ql/src/queries/summary/LinesOfUserCode.ql"
+  ],
+  "quality": [
+    "codeql/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-918/ServerSideRequestForgery.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/ReDoS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/RegExpInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionDisabled.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-022/PathInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-611/Xxe.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-078/CommandInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-078/KernelOpen.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-295/RequestWithoutValidation.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql",
+    "codeql/ruby/ql/src/queries/diagnostics/ExtractionErrors.ql",
+    "codeql/ruby/ql/src/queries/diagnostics/SuccessfullyExtractedFiles.ql",
+    "codeql/ruby/ql/src/queries/summary/NumberOfFilesExtractedWithErrors.ql",
+    "codeql/ruby/ql/src/queries/summary/LinesOfCode.ql",
+    "codeql/ruby/ql/src/queries/summary/NumberOfSuccessfullyExtractedFiles.ql",
+    "codeql/ruby/ql/src/queries/summary/LinesOfUserCode.ql"
+  ],
+  "super-extended": [
+    "codeql/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-918/ServerSideRequestForgery.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-116/BadTagFilter.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/ReDoS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/RegExpInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-1333/PolynomialReDoS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-352/CSRFProtectionDisabled.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-502/UnsafeDeserialization.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-022/PathInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-611/Xxe.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-078/CommandInjection.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-078/KernelOpen.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql",
+    "codeql/ruby/ql/src/queries/security/cwe-295/RequestWithoutValidation.ql",
+    "codeql/ruby/ql/src/queries/diagnostics/ExtractionErrors.ql",
+    "codeql/ruby/ql/src/queries/diagnostics/SuccessfullyExtractedFiles.ql",
+    "codeql/ruby/ql/src/queries/summary/NumberOfFilesExtractedWithErrors.ql",
+    "codeql/ruby/ql/src/queries/summary/LinesOfCode.ql",
+    "codeql/ruby/ql/src/queries/summary/NumberOfSuccessfullyExtractedFiles.ql",
+    "codeql/ruby/ql/src/queries/summary/LinesOfUserCode.ql"
+  ]
+}
\ No newline at end of file
diff --git a/ruby/suites/codeql-ruby.qls b/ruby/suites/codeql-ruby.qls
index 59643e05c7..5036165181 100644
--- a/ruby/suites/codeql-ruby.qls
+++ b/ruby/suites/codeql-ruby.qls
@@ -7,3 +7,6 @@
 
 - import: codeql-suites/ruby-security-extended.qls
   from: codeql/ruby-queries
+- exclude:
+    id:
+      - rb/hardcoded-credentials