Skip to content

/ codeql

New pull request New
176 Open 5,262 Closed
176 Open 5,262 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
JS: add a maybePromisified predicate to API-graphs, and use it to model child_process
Awaiting evaluation JS
#6472 opened Aug 11, 2021 by erik-krogh Draft
Data flow: Add isAdditionalCallTarget
C# C++ Java Python
#6470 opened Aug 11, 2021 by hvitved Draft
C#: Do not populate unused column in folders relation
C# no-change-note-required
#6469 opened Aug 11, 2021 by hvitved Review required
Java: Promote Cleartext storage of sensitive information using SharedPreferences from experimental
documentation Java
#6468 opened Aug 11, 2021 by atorralba Review required
1
Java: add Gson support to unsafe-deserialization query
documentation Java
#6463 opened Aug 10, 2021 by smowton Approved
13
JS: support way more stuff for js/incomplete-multi-character-sanitization
Awaiting evaluation JS WIP
#6462 opened Aug 10, 2021 by erik-krogh Draft
C#: Add ServiceStack support
C# documentation
#6461 opened Aug 10, 2021 by tamasvajk Draft
1 of 4 tasks
Python: Add regex parsing consistency checks
no-change-note-required Python
#6460 opened Aug 10, 2021 by yoff Review required
7
Java: add unsafe-deserialization support for Flexjson
documentation Java
#6456 opened Aug 9, 2021 by smowton Approved
6
Add flow summaries
Python
#6455 opened Aug 9, 2021 by yoff Draft
Java: Elaborate change note a little
documentation Java no-change-note-required
#6454 opened Aug 9, 2021 by smowton Approved
Java: Add XXE sinks
documentation Java
#6453 opened Aug 9, 2021 by haby0 Review required
2
JS: Migrate to new *Query.qll convention for files only to be imported by queries
JS
#6450 opened Aug 9, 2021 by asgerf Draft
Java: An experimental query for ignored hostname verification
documentation Java
#6443 opened Aug 8, 2021 by artem-smotrakov Review required
5
Java: Unsafe deserialization: add support for Jodd JSON library
documentation Java
#6434 opened Aug 5, 2021 by smowton Review required
1
JS: Use TaintedUrlSuffix flow label to avoid FPs from $(location.hash)
documentation JS
#6433 opened Aug 5, 2021 by asgerf Approved
3
C#: Adding Membership.GeneratePassword() as a bad source of random data
C# documentation
#6425 opened Aug 5, 2021 by raulgarciamsft Review required
@tamasvajk
6
Java: Add mybatis mapper.xml sql tainted detection
Java
#6413 opened Aug 4, 2021 by Sharyie Review required
4
cpp: Add query to detect unsigned integer to signed integer conversio…
C++
#6409 opened Aug 3, 2021 by JordyZomer Changes requested
12
Track taint for CharSequence#subSequence
Java no-change-note-required
#6407 opened Aug 3, 2021 by bmuskalla Review required
5
Data flow: Use pruning to reduce call contexts
C# C++ Java no-change-note-required Python
#6404 opened Aug 3, 2021 by hvitved Review required
@aschackmull
7
JS: Add support for EJS and Mustache-style templating dialects
documentation JS:changes-sources-or-sinks JS
#6403 opened Aug 3, 2021 by asgerf Draft
Java: Create new Android Intent Redirection query
documentation Java
#6397 opened Aug 2, 2021 by atorralba Review required
24
Java: CWE-079 Query to detect XSS with JavaServer Faces (JSF)
documentation Java
#6393 opened Aug 1, 2021 by luchua-bc Review required
1
Java: Model guava cache package
documentation Java
#6387 opened Jul 29, 2021 by joefarebrother Review required
5
ProTip! Exclude everything labeled bug with -label:bug.