Skip to content

/ codeql

New pull request New
118 Open 3,440 Closed
118 Open 3,440 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
C++: Exclude decrementing unsigned counters from inconsistentLoopDirection.ql
C++
#4023 opened Aug 6, 2020 by geoffw0 Review required
Java: remove security tag from java/integer-multiplication-cast-to-long
Java
#4022 opened Aug 6, 2020 by aibaars Review required
C++: Taint through RangeBasedForStmt (AST only)
C++
#4020 opened Aug 6, 2020 by jbj Review required
4
JS: Precise data-flow for returns from async functions
JS WIP
#4019 opened Aug 6, 2020 by erik-krogh Review required
2
C#: Improve db consistency by removing assembly id
#4017 opened Aug 5, 2020 by hvitved Draft
JS: Make AST classses non-abstract
JS
#4015 opened Aug 5, 2020 by erik-krogh Review required
JS: Add model for JSON.stringify() and similar JSON serializers
JS
#4014 opened Aug 4, 2020 by erik-krogh Approved
3
Python: Shared dataflow: Content flow
Python
#4013 opened Aug 4, 2020 by yoff Draft
JS: rename `getId()` to `getIdentifier()`
JS
#4012 opened Aug 4, 2020 by erik-krogh Draft
C#: Move ASP extraction from auto builder to `pre-finalize.{sh,cmd}`
C#
#4011 opened Aug 4, 2020 by hvitved Draft
WIP: C# AST printing
#4010 opened Aug 3, 2020 by tamasvajk Draft
[Java] Clarify Wildcard.hasUpperBound() doc
Java
#4004 opened Aug 2, 2020 by Marcono1234 Review required
5
Java: Extract module HardcodedCredentials from CWE-798
#3992 opened Jul 30, 2020 by rvermeulen Draft
10
Python: Dataflow, handle classes
Python
#3981 opened Jul 27, 2020 by yoff Draft 1 of 5
1
JavaScript: Make access paths more reusable
#3980 opened Jul 27, 2020 by max-schaefer Approved
4
[javascript] CodeQL query to detect if cookies are sent without the flag secure being set
JS
#3978 opened Jul 26, 2020 by dellalibera Changes requested
@esbena
25
[JS] cwe-327 (Weak or vulnerable cryptography usage) added
JS
#3977 opened Jul 26, 2020 by monkey-junkie Review required
10
Java: Insecure basic authentication
Java
#3976 opened Jul 24, 2020 by luchua-bc Review required
135
Docs: Query classification and display
#3974 opened Jul 24, 2020 by owen-mc Review required
26
Java: Move LDAP injection sinks, sanitizers, and additional taint steps to importable location
#3968 opened Jul 22, 2020 by rvermeulen Review required
19
Python: Add type tracker and step summary implementation.
Python
#3961 opened Jul 17, 2020 by tausbn Draft
Python: more call graph tracing
Python
#3953 opened Jul 16, 2020 by RasmusWL Review required
C#: DataSet serialization
C#
#3951 opened Jul 15, 2020 by raulgarciamsft Approved
66
JAVA : Add query to detect Apache Structs enabled Devmode
Java
#3945 opened Jul 12, 2020 by porcupineyhairs Review required
9
Java: add query to detect web.xml auth bypass through verb tampering
Java
#3944 opened Jul 12, 2020 by porcupineyhairs Review required
26
ProTip! Updated in the last three days: updated:>2020-08-04.
You can’t perform that action at this time.