Skip to content

/ codeql

New pull request New
129 Open 4,069 Closed
129 Open 4,069 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€
Java: Fix false positive in the XXE query
Java
#4799 opened Dec 8, 2020 by joefarebrother β€’ Review required
Python: Add example FP for reflected XSS
Python
#4798 opened Dec 8, 2020 by yoff β€’ Review required
Python: Model sources from stdlib HTTP servers
Python documentation
#4797 opened Dec 8, 2020 by RasmusWL β€’ Review required
C#: Various simplifications to CFG logic
C#
#4796 opened Dec 8, 2020 by hvitved β€’ Draft
Docs: add an example .qls with a tag regex
documentation
#4793 opened Dec 7, 2020 by rdmarsh2 β€’ Review required
1
C#: Relational patterns
C# documentation
#4789 opened Dec 7, 2020 by tamasvajk β€’ Draft
2
C++: Support longer access paths in IR field flow
C++
#4784 opened Dec 5, 2020 by MathiasVP β€’ Draft
2
C++: More use of set literals.
C++
#4783 opened Dec 4, 2020 by geoffw0 β€’ Review required
8
C#: Add missing CFG edges for nested `finally` blocks
C#
#4780 opened Dec 4, 2020 by hvitved β€’ Review required
@tamasvajk
Python: Add modeling of django class based view handlers
Python documentation
#4779 opened Dec 4, 2020 by RasmusWL β€’ Review required
JS: add new prototype pollution query and reorganize
JS documentation
#4778 opened Dec 4, 2020 by asgerf β€’ Review required
22
C#: Improve CIL attribute decoding
C#
#4775 opened Dec 3, 2020 by tamasvajk β€’ Draft
JS: better support for forms in js/xss-through-dom
JS
#4774 opened Dec 3, 2020 by erik-krogh β€’ Draft 1 of 1
JS: Make SourceNode::Range non-recursive and make strings SourceNodes
JS
#4772 opened Dec 3, 2020 by asgerf β€’ Review required
3
Java: Add unsafe hostname verification query and remove existing overlapping query
Java documentation
#4771 opened Dec 2, 2020 by intrigus-lgtm β€’ Review required
8
Data flow: Cache `ParamUpdateReturnKind::getAnOutNode()`
C# C++ Java Python
#4765 opened Dec 2, 2020 by hvitved β€’ Draft
3
C#: Extract enum underlying type from IL
C# documentation
#4761 opened Dec 1, 2020 by tamasvajk β€’ Review required
10
Python: Enclosing callable for synthetic arguments
Python
#4757 opened Dec 1, 2020 by yoff β€’ Review required
2
Python: Dataflow, unpacking assignment
Python
#4752 opened Nov 30, 2020 by yoff β€’ Changes requested
2
JS: Move `js/log-injection` into non-experimental.
JS documentation
#4751 opened Nov 30, 2020 by erik-krogh β€’ Review required
2
C++: Model classes in StdString.qll.
C++
#4750 opened Nov 30, 2020 by geoffw0 β€’ Review required
1
Python: Add some command injection tests
Python
#4749 opened Nov 30, 2020 by RasmusWL β€’ Review required
2
Java: Add flow steps through methods of `java.nio.Buffer` and its subclasses
Java
#4743 opened Nov 27, 2020 by joefarebrother β€’ Review required
2
Python: Force read- and store steps to add nodes.
Python
#4737 opened Nov 27, 2020 by yoff β€’ Review required
8
Python: Untrusted data used in external APIs
Python documentation
#4735 opened Nov 26, 2020 by RasmusWL β€’ Review required
1
ProTip! no:milestone will show everything without a milestone.
You can’t perform that action at this time.