Ruby: Add support for Grape Framework

[felickz]

This pull request adds modeling support for the Grape Ruby API framework to the CodeQL library. It introduces a new Grape.qll library that models Grape API classes, endpoints, and sources of user input such as parameters, headers, cookies, and route parameters.

Taint Source	Description	Example Usage
params	Request parameters	params[:user_id], params['name']
headers	HTTP headers + DSL blocks	headers[:Authorization], headers do...end
cookies	HTTP cookies + DSL blocks	cookies[:session_id], cookies do...end
route_param	URL path parameters	route_param(:user_id)
request	HTTP request object	request.body.read

The changes are validated with new framework and vulnerability tests and expected outputs, and Grape is now imported in the main Ruby frameworks library.

[1/1 comp 1m6s eval 21.3s] PASSED ruby\ql\test\library-tests\frameworks\grape\Grape.ql
Cleaning out existing ruby\ql\test\library-tests\frameworks\grape\grape.testproj.
Completed in 1m35s (extract 5.1s comp 1m6s eval 22.1s).
All 1 tests passed.
...

[1/1 comp 2.7s eval 26s] PASSED ruby\ql\test\query-tests\security\cwe-089\SqlInjection.qlref
Completed in 46.3s (extract 6.5s comp 2.7s eval 26.8s).
All 1 tests passed.

Vulnerable tests verified: https://github.com/vulna-felickz/ruby-grape-sqli/blob/main/app/api/potato_api.rb

[Copilot]

Pull Request Overview

This pull request introduces comprehensive CodeQL modeling support for the Ruby Grape API framework. The implementation identifies Grape API classes, their endpoints, and various sources of user input including parameters, headers, cookies, route parameters, and request objects.

Key changes:

• New Grape.qll library with classes to model Grape API structure and taint sources
• Framework integration by importing Grape in the main Ruby frameworks library
• Comprehensive test coverage with vulnerability detection validation

Reviewed Changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
ruby/ql/lib/codeql/ruby/frameworks/Grape.qll	Core Grape framework modeling with API class detection and taint source definitions
ruby/ql/lib/codeql/ruby/Frameworks.qll	Integration of Grape framework into main Ruby frameworks library
ruby/ql/test/library-tests/frameworks/grape/Grape.ql	Query predicates for testing Grape framework modeling
ruby/ql/test/library-tests/frameworks/grape/app.rb	Test application demonstrating various Grape API patterns
ruby/ql/test/library-tests/frameworks/grape/Grape.expected	Expected test results for Grape framework modeling
ruby/ql/test/query-tests/security/cwe-089/ArelInjection.rb	Additional vulnerability test cases using Grape taint sources
ruby/ql/test/query-tests/security/cwe-089/SqlInjection.expected	Updated expected results including Grape-based SQL injection detection
ruby/ql/lib/change-notes/2025-09-15-grape-framework-support.md	Release notes documenting the new Grape framework support

[hvitved]

Thanks a lot for the contribution.

[felickz]

Thanks a lot for the contribution.

Same, appreciate the extreme review detail and code contributions to guide me in the right direction! All changes have been applied and tests to add/update coverage have been confirmed. Please re-review when you get a moment @hvitved

[hvitved]

LGTM, but we need to commit ruby/ql/test/library-tests/frameworks/grape/CONSISTENCY/VariablesConsistency.expected as well. It can be generated via

codeql test run ruby/ql/test/library-tests/frameworks/grape --consistency-queries ruby/ql/consistency-queries --learn

I have also started a final DCA run.

[felickz]

LGTM, but we need to commit ruby/ql/test/library-tests/frameworks/grape/CONSISTENCY/VariablesConsistency.expected as well. It can be generated via

codeql test run ruby/ql/test/library-tests/frameworks/grape --consistency-queries ruby/ql/consistency-queries --learn

I have also started a final DCA run.

Looks good now!