The Wayback Machine - https://web.archive.org/web/20200802041413/https://github.com/github/codeql/pulls
Skip to content

/ codeql

New pull request New
121 Open 3,423 Closed
121 Open 3,423 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
C++: Add tests for taint through range-based for loops
C++
#3999 opened Jul 31, 2020 by MathiasVP Review required
C#: More type-based adjustment of library-flow access paths
C#
#3994 opened Jul 30, 2020 by hvitved Review required
Java: Extract module HardcodedCredentials from CWE-798
#3992 opened Jul 30, 2020 by rvermeulen Review required
5
Add VS Code tasks to build and test the C# bits
C#
#3991 opened Jul 30, 2020 by tamasvajk Approved
7
Java: Extract bounded flow source from CWE-129
#3989 opened Jul 29, 2020 by rvermeulen Review required
[Java] Improve InsecureJavaMail.qhelp references
#3987 opened Jul 28, 2020 by Marcono1234 Review required
Python: Dataflow, handle classes
Python
#3981 opened Jul 27, 2020 by yoff Draft 1 of 5
JavaScript: Make access paths more reusable
#3980 opened Jul 27, 2020 by max-schaefer Approved
4
[javascript] CodeQL query to detect if cookies are sent without the flag secure being set
#3978 opened Jul 26, 2020 by dellalibera Review required
2
[JS] cwe-327 (Weak or vulnerable cryptography usage) added
#3977 opened Jul 26, 2020 by monkey-junkie Review required
10
Java: Insecure basic authentication
#3976 opened Jul 24, 2020 by luchua-bc Review required
105
Docs: Query classification and display
#3974 opened Jul 24, 2020 by owen-mc Review required
26
Java: Move LDAP injection sinks, sanitizers, and additional taint steps to importable location
#3968 opened Jul 22, 2020 by rvermeulen Review required
Python: Add type tracker and step summary implementation.
Python
#3961 opened Jul 17, 2020 by tausbn Draft
Python: more call graph tracing
Python
#3953 opened Jul 16, 2020 by RasmusWL Review required
C#: DataSet serialization
C#
#3951 opened Jul 15, 2020 by raulgarciamsft Changes requested
55
Java: stack trace exposure: address false positives
Java
#3948 opened Jul 13, 2020 by aibaars Review required
1
Java: Clean up ContainerFlow: address outstanding comments
Java
#3946 opened Jul 13, 2020 by aibaars Review required
JAVA : Add query to detect Apache Structs enabled Devmode
Java
#3945 opened Jul 12, 2020 by porcupineyhairs Review required
9
Java: add query to detect web.xml auth bypass through verb tampering
Java
#3944 opened Jul 12, 2020 by porcupineyhairs Review required
26
C#: WIP unqualify all trap ids.
#3939 opened Jul 9, 2020 by calumgrant Draft
Java: Untrusted data used in external APIs
Java
#3938 opened Jul 9, 2020 by lcartey Review required
5
C++: Alternate instruction -> operand flow
C++
#3933 opened Jul 9, 2020 by MathiasVP Review required
1
JS: rewriting DeadStoreOfProperty.ql to avoid bad worst-case runtime
JS
#3930 opened Jul 8, 2020 by erik-krogh Review required
8
Java: Move `HeaderSplittingSink` and `WhitelistedSource` into importable library
Java
#3928 opened Jul 8, 2020 by rvermeulen Changes requested
12
ProTip! Mix and match filters to narrow down what you’re looking for.
You can’t perform that action at this time.