Skip to content

Pull requests: github/codeql

New pull request New
287 Open 10,227 Closed
287 Open 10,227 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Python: Add modeling of flask.render_template_string
documentation Python
#13438 opened Jun 12, 2023 by RasmusWL Loading…
Swift: Build incompatible OS diagnostic on all platforms.
Swift
#13437 opened Jun 12, 2023 by sashabu Loading…
1
Java: Enable data flow consistency checks.
Java
#13436 opened Jun 12, 2023 by aschackmull Draft
Swift: Remove workaround for LWG/issue3657.
depends on internal PR This PR should only be merged in sync with an internal Semmle PR Swift WIP This is a work-in-progress, do not merge yet!
#13434 opened Jun 12, 2023 by sashabu Draft
Java/C#: Update telemetry queries to report callables with sink/source neutrals as being supported.
C# DataFlow Library Go Java Python Ruby Swift
#13432 opened Jun 12, 2023 by michaelnebel Draft
make seperate steps for YAML.parse* and use getAsuccessor*() to rea…
Ruby
#13431 opened Jun 12, 2023 by amammad Loading…
7
Kotlin: Avoid using deprecated APIs
Kotlin
#13427 opened Jun 9, 2023 by igfoo Loading…
1
Update inline flow tests to use parameterized module
C# Go
#13426 opened Jun 9, 2023 by jketema Draft
C++: Fix more conflation in dataflow
C++ no-change-note-required This PR does not need a change note
#13425 opened Jun 9, 2023 by MathiasVP Loading…
11
Ruby: update grammar (test)
Ruby
#13423 opened Jun 9, 2023 by aibaars Draft
Ruby: fix bug in filter_map summary
documentation Ruby
#13422 opened Jun 9, 2023 by asgerf Loading…
Post-release preparation for codeql-cli-2.13.4
C# C++ documentation Go Java JS Python Ruby
#13421 opened Jun 9, 2023 by codeql-ci Draft
@aibaars
C#: Make sure System.Private.CoreLib is added only once as a reference in standalone extraction
C#
#13420 opened Jun 9, 2023 by tamasvajk Loading…
3
Trust Boundary Violation Query
Java
#13413 opened Jun 8, 2023 by egregius313 Draft
5
Kotlin: Tweak our JSON escaping
Kotlin
#13412 opened Jun 8, 2023 by igfoo Loading…
Java: Update MaD Declarations after Triage
documentation Java
#13403 opened Jun 8, 2023 by kaeluka Loading…
19
Python: container summaries, part 3
Python
#13395 opened Jun 7, 2023 by yoff Draft
JS: remove the second argument of findByIdAndUpdate as a NoSQL sink
JS no-change-note-required This PR does not need a change note
#13381 opened Jun 6, 2023 by erik-krogh Loading…
6
JS: Fix invalid source kind in test
JS
#13380 opened Jun 6, 2023 by asgerf Loading…
Java: Improve Partial Path Traversal
Java
#13375 opened Jun 5, 2023 by JLLeitschuh Loading…
5
Java: mark MaD step sources as uninteresting to model in framework mode
Java no-change-note-required This PR does not need a change note
#13372 opened Jun 5, 2023 by kaeluka Loading…
@jhelie
3
Go: Add Improper LDAP Authentication query (CWE-287)
documentation Go
#13366 opened Jun 4, 2023 by maikypedia Loading…
Java: Model look-ahead deserializations using resolveClass
documentation Java
#13358 opened Jun 2, 2023 by jorgectf Draft
9
Swift: Improve SensitiveExprs.qll Heuristics
documentation Swift
#13354 opened Jun 2, 2023 by geoffw0 Loading…
2
Java: Adapt unsafe deserialization to SnakeYaml 2.0, which is secure by default
documentation Java
#13347 opened Jun 1, 2023 by jorgectf Loading…
8
ProTip! Exclude everything labeled bug with -label:bug.