security-extended to CodeQL queries
This PR adds the
These queries are more aggressive, which means that they can raise false positives, which is why they are disabled by default. But they're also really helpful and find lots of security bugs that the standard queries don't. The standard queries don't really check much in the way of security scans, they're mostly for general code quality.
If someone can please confirm the status of them and I can flag (or the maintainer can), using those instructions.
Issues can be dismissed in a couple of ways:
As some of the issues are related to file input propagating in tooling, you can also use the "show paths" command in GitHub