-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Insights: github/codeql
Overview
Could not load contribution data
Please try again later
31 Pull requests merged by 11 people
-
Rust: Update DotDotCheck to use getCanonicalPath
#19804 merged
Jul 25, 2025 -
Rust: Replace QL model for Clone with MaD
#20124 merged
Jul 25, 2025 -
Python: Modernise raise-not-implemented query
#20086 merged
Jul 24, 2025 -
Kotlin: Add Kotlin 2.2.20 support
#20114 merged
Jul 24, 2025 -
Python: Minor documantation updates to several quality queries
#20052 merged
Jul 24, 2025 -
Rust: Implement type inference for trait objects/
dyntypes#20084 merged
Jul 24, 2025 -
C++: Add some more Windows specific memory copy models
#20115 merged
Jul 23, 2025 -
Shared: Improve sensitive data heuristics
#20024 merged
Jul 23, 2025 -
Rust: Diff-informed queries: phase 3 (non-trivial locations)
#20081 merged
Jul 23, 2025 -
Rust: Remove sourceModelDeprecated, summaryModelDeprecated and sinkModelDeprecated
#20109 merged
Jul 23, 2025 -
C++: Add more barriers to
cpp/overrun-write#20107 merged
Jul 23, 2025 -
Rust: Type inference refactor and improve join orders
#20076 merged
Jul 23, 2025 -
Post-release preparation for codeql-cli-2.22.2
#20113 merged
Jul 23, 2025 -
Swift: Diff-informed queries: phase 3 (non-trivial locations)
#20082 merged
Jul 23, 2025 -
Release preparation for version 2.22.2
#20112 merged
Jul 23, 2025 -
Revert "Release preparation for version 2.22.2"
#20110 merged
Jul 23, 2025 -
Rust: Type inference for tuples
#20041 merged
Jul 23, 2025 -
Kotlin: Run the tests with 2.2.0
#20031 merged
Jul 22, 2025 -
Post-release preparation for codeql-cli-2.22.2
#20106 merged
Jul 22, 2025 -
Release preparation for version 2.22.2
#20105 merged
Jul 22, 2025 -
Revert "Release preparation for version 2.22.2"
#20104 merged
Jul 22, 2025 -
Rust: new query rust/hardcoded-crytographic-value
#18943 merged
Jul 22, 2025 -
Post-release preparation for codeql-cli-2.22.2
#20103 merged
Jul 22, 2025 -
Release preparation for version 2.22.2
#20100 merged
Jul 22, 2025 -
Rust: Path resolution associated type fix
#20096 merged
Jul 22, 2025 -
Revert post-release preparation for codeql-cli-2.22.2
#20099 merged
Jul 21, 2025 -
Rust: Refactor
PathTypeMention#20094 merged
Jul 21, 2025 -
Java: Update qhelp: SnakeYaml is safe from version 2.0
#20018 merged
Jul 21, 2025 -
Java: Improve more join-orders
#20092 merged
Jul 21, 2025 -
Java: Diff-informed queries: phase 3 (non-trivial locations)
#20077 merged
Jul 21, 2025 -
Java: Fix accidental CP in CFG for asserts.
#20091 merged
Jul 21, 2025
11 Pull requests opened by 7 people
-
Java: Add `previous-id` and adjust tags for `java/garbage-collection` and `java/run-finalizers-on-exit`
#20095 opened
Jul 19, 2025 -
Java: Add support to `ModuleImportDeclaration`
#20097 opened
Jul 21, 2025 -
Fix #19294, Ruby NetHttpRequest improvements
#20101 opened
Jul 21, 2025 -
Java: Add support to Compact Source Files
#20116 opened
Jul 23, 2025 -
Rust: Type inference for impl trait types with type parameters
#20119 opened
Jul 24, 2025 -
Python: Modernize Unexpected Raise In Special Method query
#20120 opened
Jul 24, 2025 -
Guards: Improve support for wrapped guards
#20121 opened
Jul 24, 2025 -
Rust: Fix type inference for trait objects for traits with associated types
#20122 opened
Jul 24, 2025 -
C++: Fix missing global variable flow
#20126 opened
Jul 25, 2025 -
Java: Improve a couple of join-orders
#20127 opened
Jul 25, 2025 -
Copilot: Remove the formatting instructions, as they're confusing CCR.
#20128 opened
Jul 25, 2025
3 Issues closed by 3 people
-
Spread unidentified
#19914 closed
Jul 26, 2025 -
Python: Aiopg.qll misses some SQL injection sinks in aiopg
#20111 closed
Jul 24, 2025 -
Rust: Remove sourceModelDeprecated, summaryModelDeprecated and sinkModelDeprecated.
#20108 closed
Jul 23, 2025
4 Issues opened by 4 people
-
CWE-918 (SSRF) - Java - False Positive Justification
#20117 opened
Jul 23, 2025 -
UnvalidatedDynamicMethodCall query does not detect flow inside try/catch
#20098 opened
Jul 21, 2025
13 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
Java: Promote Insecure Spring Boot Actuator Configuration query from experimental
#20006 commented on
Jul 19, 2025 • 3 new comments -
Update Go Path Injection Sanitizer and Sink
#20064 commented on
Jul 21, 2025 • 3 new comments -
C#: Diff-informed queries: phase 3 (non-trivial locations)
#20074 commented on
Jul 21, 2025 • 1 new comment -
CodeQL Python query runs extremely slow on medium-sized project using TaintTracking::Global
#19928 commented on
Jul 21, 2025 • 0 new comments -
False positive: Full server-side request forgery
#20093 commented on
Jul 21, 2025 • 0 new comments -
False positive - Log entries created from user input (cs/log-forging)
#15824 commented on
Jul 21, 2025 • 0 new comments -
General issue - When using `--build-mode=none`, Windows builds produce `Extraction error: 'MsvcCompiler' object has no attribute 'clangpp'`
#20071 commented on
Jul 22, 2025 • 0 new comments -
Question: C# analysis without building the code, on Azure DevOps
#16070 commented on
Jul 22, 2025 • 0 new comments -
Code scanning is waiting for results from CodeQL; CodeQL is stuck
#19671 commented on
Jul 23, 2025 • 0 new comments -
[python] The tuple (*) argument of a call cannot step to function parameter for the CommandInjectionCustomizations flow
#19900 commented on
Jul 25, 2025 • 0 new comments -
Rust: Update SqlxQuery, SqlxExecute to use getCanonicalPath
#19802 commented on
Jul 24, 2025 • 0 new comments -
Python: Modernize 4 queries for missing/multiple calls to init/del methods
#19932 commented on
Jul 24, 2025 • 0 new comments -
Go: Diff-informed queries: phase 3 (non-trivial locations)
#20075 commented on
Jul 21, 2025 • 0 new comments