The Wayback Machine - https://web.archive.org/web/20200527013902/https://github.com/github/codeql/pulls
Skip to content

/ codeql

New pull request New
101 Open 3,111 Closed
101 Open 3,111 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
introduce type unions in the handbook
#3572 opened May 26, 2020 by ginsbach Review required
Treat `this` as a parameter in IR generation
C++
#3571 opened May 26, 2020 by rdmarsh2 Review required
@dbartol
5
C++: Fix mysprintf in taint test
C++
#3570 opened May 26, 2020 by geoffw0 Review required
C++: Taint flow consistency change for strftime
C++
#3569 opened May 26, 2020 by geoffw0 Review required
JS: Avoid string coercion in JSXName.getValue
Awaiting evaluation JS
#3568 opened May 26, 2020 by asgerf Approved
Implement `asPartialDefinition` for IR dataflow nodes
C++
#3567 opened May 26, 2020 by MathiasVP Review required
1
JS: js/xss: Sanitize attributes that cannot contain quotes
JS
#3566 opened May 26, 2020 by erik-krogh Review required 0 of 2
5
Python: Handle fabric.api.execute in command injection
Python
#3563 opened May 26, 2020 by RasmusWL Review required
JS: Don't flag optionally sanitized XSS sinks.
JS
#3560 opened May 25, 2020 by erik-krogh Review required
9
Java: CWE-273 Unsafe certificate trust
Java
#3550 opened May 24, 2020 by luchua-bc Review required
1
add support for java.io.StringWriter
#3547 opened May 22, 2020 by pwntester Approved
1
Python: How to make TaintKinds for dict subclasses
Python
#3545 opened May 22, 2020 by RasmusWL Draft
1
Java: add websocket reads as remote flow source.
Java
#3543 opened May 21, 2020 by porcupineyhairs Review required
Java : add MongoDB injection sinks
Java
#3542 opened May 21, 2020 by porcupineyhairs Review required
Java: CWE-523 Insecure HSTS configuration
Java
#3534 opened May 20, 2020 by luchua-bc Review required
C++: Remove field conflation caused by IR field flow
C++ WIP
#3532 opened May 20, 2020 by MathiasVP Review required
3
JS: Remove timeout for node --version check
JS
#3531 opened May 20, 2020 by asgerf Approved
3
C#: Fix extracted type for nested object initializers
C#
#3529 opened May 20, 2020 by hvitved Review required
@calumgrant
C#: Fix CFG for C# 6 initializers
C#
#3528 opened May 20, 2020 by hvitved Review required
@calumgrant
Python : Add Xpath injection query
Python
#3522 opened May 19, 2020 by porcupineyhairs Review required
@RasmusWL
9
Python : Add support for detecting XSLT Injection
Python
#3521 opened May 19, 2020 by porcupineyhairs Review required
@RasmusWL
3
C++: Use TaintTracking::Configuration in TaintedAllocationSize
C++
#3519 opened May 19, 2020 by rdmarsh2 Review required
8
C#: Remove more deprecated classes and predicates
C#
#3514 opened May 19, 2020 by hvitved Review required
@calumgrant
1
C#: Recognize more calls to `IHtmlHelper.Raw`
C#
#3509 opened May 19, 2020 by hvitved Changes requested
@calumgrant
4
Python: Fix django taint sinks
Python
#3503 opened May 18, 2020 by RasmusWL Review required
1 3
ProTip! Updated in the last three days: updated:>2020-05-23.
You can’t perform that action at this time.