Insights: github/codeql
Overview
Could not load contribution data
Please try again later
38 Pull requests merged by 23 people
-
Release preparation for version 2.14.3
#13998 merged
Aug 18, 2023 -
Java: Trust Boundary Violation Query
#13413 merged
Aug 18, 2023 -
Go: Basic Go 1.21 support
#13867 merged
Aug 18, 2023 -
C++: Accept regression in test after evaluator fix
#13996 merged
Aug 18, 2023 -
Ruby: More precise flow into splat parameters
#13938 merged
Aug 18, 2023 -
Java: limit field flow when tracking regex strings
#13916 merged
Aug 18, 2023 -
Java: Add dashes to SHA algorithm names in `Encryption.qll`
#13934 merged
Aug 17, 2023 -
Swift: fix version check macro to be lexicographic
#13988 merged
Aug 17, 2023 -
Java: Join-order fix in RangeAnalysis.
#13987 merged
Aug 17, 2023 -
C++: Add `cpp/invalid-pointer-deref` false positive
#13989 merged
Aug 17, 2023 -
C#: Adopt shared CFG construction library from shared `controlflow` pack
#13595 merged
Aug 17, 2023 -
Update CSV framework coverage reports
#13915 merged
Aug 17, 2023 -
C#: Fix `getMadRepresentationSpecific`
#13966 merged
Aug 17, 2023 -
Kotlin: Handle Kotlin 2 parents better
#13960 merged
Aug 16, 2023 -
Swift: Fix expected files after a semantic merge conflict
#13984 merged
Aug 16, 2023 -
Python/JavaScript: Shared module for serverless functions
#13729 merged
Aug 16, 2023 -
C++: Fix original delta calculation for subtraction in new range analysis
#13981 merged
Aug 16, 2023 -
C++: Update test after float128 related extractor changes
#13971 merged
Aug 16, 2023 -
C++: Support subtraction in the new range analysis
#13972 merged
Aug 16, 2023 -
Python: Relax module resolution
#13819 merged
Aug 16, 2023 -
C#: Add integration test for standalone extraction
#13744 merged
Aug 16, 2023 -
Java: automodel application mode: use endpoint class like in framework mode
#13886 merged
Aug 16, 2023 -
Go: Don't warn when Go version exactly matches go.mod
#13973 merged
Aug 15, 2023 -
C++: make cmake generation work with internal rule `cc_binary_add_features`
#13959 merged
Aug 15, 2023 -
Swift: CFG test for for-try-await
#13910 merged
Aug 15, 2023 -
C++: Remove more dataflow FPs after frontend upgrade
#13965 merged
Aug 15, 2023 -
QL language specs: declarations can shadow dbscheme types and preds
#13968 merged
Aug 15, 2023 -
Ruby: Make type tracking flow-insensitive for captured variables
#13955 merged
Aug 15, 2023 -
ReDoS: escape unicode chars in the output for the ReDoS queries
#13914 merged
Aug 15, 2023 -
Swift: 'ParsedSequence' lacks proper types and yields 'Unresolved' AST nodes
#13836 merged
Aug 15, 2023 -
Java: Support for With[out]Element for MaD.
#13546 merged
Aug 15, 2023 -
Python: fix nice locations for import aliases
#13941 merged
Aug 14, 2023 -
Ruby: Improve desugaring of `for` loops
#13937 merged
Aug 14, 2023 -
Ruby: printCfg: only show graph for selected CfgScope
#13334 merged
Aug 14, 2023 -
C++: Fix barriers in invalid pointer deref
#13725 merged
Aug 14, 2023 -
Swift: Correct the behaviour of Type.getName
#13829 merged
Aug 14, 2023 -
C#: Include ASP.NET assemblies in the standalone extraction.
#13876 merged
Aug 14, 2023 -
C#: .NET Runtime path detection (bugfix).
#13952 merged
Aug 14, 2023
22 Pull requests opened by 17 people
-
Java: Automodel Application Mode: Add Candidates for Regression Testing
#13954 opened
Aug 14, 2023 -
C#: Generate source files from cshtml files in standalone
#13957 opened
Aug 14, 2023 -
Java: Add JDK17 df-generated summary models
#13962 opened
Aug 14, 2023 -
Ruby: Remove isSplatAll
#13967 opened
Aug 15, 2023 -
Shared extractor: support file path globs
#13969 opened
Aug 15, 2023 -
C#: Compile against the reference assemblies in the standalone extractor (if possible)
#13970 opened
Aug 15, 2023 -
Ruby: Model more flow from splat arguments
#13974 opened
Aug 15, 2023 -
Python: parse mode chars should not be considered chars
#13975 opened
Aug 15, 2023 -
Java: Convert `SensitiveApi.qll` to use Models-as-Data
#13978 opened
Aug 16, 2023 -
Swift: teach autobuilder about SPM, CocoaPods, and Carthage
#13979 opened
Aug 16, 2023 -
Swift: Improvements related to the swift/cleartext-logging query.
#13980 opened
Aug 16, 2023 -
Dataflow: Add type-based call-edge pruning.
#13982 opened
Aug 16, 2023 -
Data flow: Earlier call-context based dispatch filtering
#13983 opened
Aug 16, 2023 -
CPP: Convert SQL tainted away from away from DefaultTaintTracking.
#13985 opened
Aug 16, 2023 -
C#: Re-factor dependency fetching into a separate project.
#13986 opened
Aug 17, 2023 -
Python: Port old experimental points-to based queries
#13990 opened
Aug 17, 2023 -
Swift: use C++20 constraints and concepts to simplify code
#13991 opened
Aug 17, 2023 -
C#: Re-factor imports.
#13995 opened
Aug 18, 2023 -
Ruby: Include more (hash) splat flow in type tracking
#13997 opened
Aug 18, 2023 -
C# Standalone: Install .NET SDK specified in `global.json`
#13999 opened
Aug 18, 2023 -
Clarify system requirements for JavaScript and TypeScript extraction
#14001 opened
Aug 18, 2023 -
Update CSV framework coverage reports
#14003 opened
Aug 19, 2023
2 Issues closed by 2 people
-
Database does not contain all the source files
#13875 closed
Aug 16, 2023
9 Issues opened by 9 people
-
`codeql query run` and `codeql database analyze` produce different results
#14002 opened
Aug 18, 2023 -
CodeQL for php
#14000 opened
Aug 18, 2023 -
C++ extractor fails to process code based on Unreal Engine
#13994 opened
Aug 18, 2023 -
Incorrect value of string literals
#13993 opened
Aug 18, 2023 -
go 1.21 support
#13992 opened
Aug 17, 2023 -
Tree-Sitter Shared Extractor doesn't support extension-less files
#13964 opened
Aug 15, 2023 -
could hasFlow support multi core?
#13963 opened
Aug 15, 2023 -
Codeql usage under arm architecture
#13953 opened
Aug 14, 2023 -
Customizing CMAKE_CXX_FLAGS is not possible with codeql-cli auto-build
#13950 opened
Aug 12, 2023
24 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
Swift: collection/tuple content for dictionary flow
#13947 commented on
Aug 17, 2023 • 15 new comments -
Create separate automodel pack
#13879 commented on
Aug 18, 2023 • 8 new comments -
Python: Flask & Django Constant Secret Key initialization
#13561 commented on
Aug 17, 2023 • 7 new comments -
JavaScript: Improve query help for `js/server-side-unvalidated-url-redirection`.
#13771 commented on
Aug 18, 2023 • 6 new comments -
Java: Understand multiple parse mode flags specified in a regular expression string
#13778 commented on
Aug 16, 2023 • 6 new comments -
Swift: dataflow for `for-in` loops
#13909 commented on
Aug 17, 2023 • 6 new comments -
Python: MaD on externals
#13935 commented on
Aug 15, 2023 • 6 new comments -
Swift: Add tests and develop command injection query
#13906 commented on
Aug 14, 2023 • 4 new comments -
Java: Add Weak Randomness Query (CWE-330/338)
#13608 commented on
Aug 16, 2023 • 3 new comments -
Java/C#: Update telemetry queries to report callables with sink/source neutrals as being supported.
#13432 commented on
Aug 18, 2023 • 2 new comments -
depends on 'codeql-python@*', but pack 'codeql-python' was not found
#13364 commented on
Aug 15, 2023 • 1 new comment -
False positive, cpp/ql/src/Security/CWE/CWE-120/BadlyBoundedWrite.ql
#13913 commented on
Aug 18, 2023 • 1 new comment -
Query help files should be identified and processed when executing codeql pack create
#13609 commented on
Aug 18, 2023 • 1 new comment -
Ruby: add seperate additional steps between `YAML.parse*` methods and `to_ruby`
#13431 commented on
Aug 15, 2023 • 1 new comment -
Python: Include all assignments in data flow paths
#13738 commented on
Aug 18, 2023 • 1 new comment -
Python: Understand multiple parse mode flags specified in a regular expression string
#13779 commented on
Aug 14, 2023 • 1 new comment -
Swift: Model withUnsafeBytes and similar closure methods
#13827 commented on
Aug 14, 2023 • 1 new comment -
Ruby: Reimplement flow through captured variables using field flow
#11725 commented on
Aug 17, 2023 • 0 new comments -
Ruby: Add Improper LDAP Authentication query (CWE-287)
#13313 commented on
Aug 16, 2023 • 0 new comments -
C++: Updates for changes in frontend
#13716 commented on
Aug 18, 2023 • 0 new comments -
Ruby: query to automatically extract type definitions from library code
#13750 commented on
Aug 18, 2023 • 0 new comments -
Introduce shared taint tracking library
#13881 commented on
Aug 18, 2023 • 0 new comments -
[Draft] [C#] Add query for Insecure Direct Object Reference
#13882 commented on
Aug 17, 2023 • 0 new comments -
Swift: Models and tests for numeric conversions
#13946 commented on
Aug 16, 2023 • 0 new comments