Skip to content
New pull request New
158 Open 5,615 Closed
158 Open 5,615 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
Java: CWE-347 Query for detecting Signature Exclusion Attack with SAML assertion
documentation Java
#6935 opened Oct 22, 2021 by luchua-bc Review required
JS: Use the new instanceof syntax everywhere
JS
#6934 opened Oct 21, 2021 by erik-krogh Draft
Dataflow: Add support for call context restrictions on sources/sinks.
C# C++ Java Python
#6932 opened Oct 21, 2021 by aschackmull Review required
2
Data flow: Restrict derived flow summaries
C# Java
#6931 opened Oct 21, 2021 by hvitved Draft
JS: Skip files with unsupported file encoding
depends on internal PR JS
#6924 opened Oct 20, 2021 by asgerf Review required
3
Java: CWE-470 - Queries to detect Fragment Injection in Android applications
documentation Java
#6923 opened Oct 20, 2021 by atorralba Review required
Java: Replace @type with more specific types
documentation Java no-change-note-required
#6921 opened Oct 20, 2021 by igfoo Review required
4
[Java] JDK Collection lambda models
Java
#6917 opened Oct 19, 2021 by JLLeitschuh Approved
4
C++: Fix the two null termination queries and re-enable them.
C++ no-change-note-required
#6915 opened Oct 19, 2021 by geoffw0 Approved
10
JS: [Internal only] Add experimental libraries and queries for adaptive threat modeling
documentation JS no-change-note-required
#6907 opened Oct 18, 2021 by henrymercer Review required
7
Java: Prevent a configuration from being visible globally
Java no-change-note-required
#6888 opened Oct 14, 2021 by joefarebrother Review required
4
Docs: Updates for Ruby support
documentation
#6887 opened Oct 14, 2021 by hubwriter Review required
13
JS: add pragma[noinline] to predicates where the qldoc mentions join-order
JS
#6881 opened Oct 14, 2021 by erik-krogh Review required
JS: add explicit this to all member calls
JS no-change-note-required
#6873 opened Oct 13, 2021 by erik-krogh Review required
1
even more instanceof extensions
C# Java JS no-change-note-required Python
#6868 opened Oct 13, 2021 by ginsbach Draft
4
[Javascript] CWE-348: Client supplied ip used in security check
documentation JS
#6864 opened Oct 13, 2021 by yabeow Review required
Python: Type tracker changes
Python
#6858 opened Oct 12, 2021 by hvitved Review required
@tausbn
JS: skip pipes and other special files when determining which files to extract
JS
#6857 opened Oct 12, 2021 by erik-krogh Review required
2
Docs: Fix one-word typo
documentation
#6856 opened Oct 12, 2021 by hubwriter Review required
JS: Move cookie queries out of experimental.
Awaiting evaluation documentation JS Python WIP
#6855 opened Oct 11, 2021 by erik-krogh Draft
C++: Redesign IR dataflow using the shared SSA library
C# C++
#6825 opened Oct 6, 2021 by MathiasVP Draft
Data flow: Support hidden parameter/return nodes in subpaths predicate
C# C++ Java Python
#6824 opened Oct 6, 2021 by hvitved Review required
@aschackmull
Android: Add models for android.app.Notification builders
Java
#6823 opened Oct 6, 2021 by atorralba Review required
3
Make VS Code autoformat QL files on save
#6809 opened Oct 4, 2021 by Marcono1234 Review required
3
Android: Add androidx.slice.builders models
Java
#6801 opened Oct 4, 2021 by atorralba Review required
15
ProTip! Exclude everything labeled bug with -label:bug.