Skip to content

/ codeql

New pull request New
117 Open 3,435 Closed
117 Open 3,435 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€
JS: Make AST classses non-abstract
JS
#4015 opened Aug 5, 2020 by erik-krogh β€’ Draft
JS: Add model for JSON.stringify() and similar JSON serializers
JS
#4014 opened Aug 4, 2020 by erik-krogh β€’ Draft
Python: Shared dataflow: Content flow
Python
#4013 opened Aug 4, 2020 by yoff β€’ Draft
JS: rename `getId()` to `getIdentifier()`
JS
#4012 opened Aug 4, 2020 by erik-krogh β€’ Draft
C#: Move ASP extraction from auto builder to `pre-finalize.{sh,cmd}`
C#
#4011 opened Aug 4, 2020 by hvitved β€’ Draft
WIP: C# AST printing
#4010 opened Aug 3, 2020 by tamasvajk β€’ Draft
[Java] Clarify Wildcard.hasUpperBound() doc
Java
#4004 opened Aug 2, 2020 by Marcono1234 β€’ Approved
3
Java: Extract module HardcodedCredentials from CWE-798
#3992 opened Jul 30, 2020 by rvermeulen β€’ Review required
5
Java: Extract bounded flow source from CWE-129
#3989 opened Jul 29, 2020 by rvermeulen β€’ Review required
Python: Dataflow, handle classes
Python
#3981 opened Jul 27, 2020 by yoff β€’ Draft 1 of 5
1
JavaScript: Make access paths more reusable
#3980 opened Jul 27, 2020 by max-schaefer β€’ Approved
4
[javascript] CodeQL query to detect if cookies are sent without the flag secure being set
JS
#3978 opened Jul 26, 2020 by dellalibera β€’ Changes requested
@esbena
25
[JS] cwe-327 (Weak or vulnerable cryptography usage) added
JS
#3977 opened Jul 26, 2020 by monkey-junkie β€’ Review required
10
Java: Insecure basic authentication
Java
#3976 opened Jul 24, 2020 by luchua-bc β€’ Approved
116
Docs: Query classification and display
#3974 opened Jul 24, 2020 by owen-mc β€’ Review required
26
Java: Move LDAP injection sinks, sanitizers, and additional taint steps to importable location
#3968 opened Jul 22, 2020 by rvermeulen β€’ Review required
Python: Add type tracker and step summary implementation.
Python
#3961 opened Jul 17, 2020 by tausbn β€’ Draft
Python: more call graph tracing
Python
#3953 opened Jul 16, 2020 by RasmusWL β€’ Review required
C#: DataSet serialization
C#
#3951 opened Jul 15, 2020 by raulgarciamsft β€’ Changes requested
64
JAVA : Add query to detect Apache Structs enabled Devmode
Java
#3945 opened Jul 12, 2020 by porcupineyhairs β€’ Review required
9
Java: add query to detect web.xml auth bypass through verb tampering
Java
#3944 opened Jul 12, 2020 by porcupineyhairs β€’ Review required
26
C#: WIP unqualify all trap ids.
#3939 opened Jul 9, 2020 by calumgrant β€’ Draft
Java: Untrusted data used in external APIs
Java
#3938 opened Jul 9, 2020 by lcartey β€’ Review required
5
C++: Alternate instruction -> operand flow
C++
#3933 opened Jul 9, 2020 by MathiasVP β€’ Review required
1
JS: rewriting DeadStoreOfProperty.ql to avoid bad worst-case runtime
JS
#3930 opened Jul 8, 2020 by erik-krogh β€’ Review required
11
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.
You can’t perform that action at this time.