Skip to content

Pull requests: github/codeql

New pull request New
Clear current search query, filters, and sorts
374 Open 15,462 Closed
374 Open 15,462 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Create SECURITY.dc
#3168 opened Mar 31, 2020 by wdcne Loading…
1
C++ Test PR: try replacing AST dataflow with IR dataflow in 1.24
#4526 opened Oct 20, 2020 by rdmarsh2 Draft
Release preparation for version 2.17.4 C# C++ DataFlow Library documentation Go Java JS Python Ruby Swift
#16565 opened May 22, 2024 by codeql-ci Draft
@dbartol
Release preparation for version 2.17.4 C# C++ DataFlow Library documentation Go Java JS Python Ruby Swift
#16583 opened May 23, 2024 by codeql-ci Draft
@dbartol
Merge pull request #5747 from rdmarsh2/rdmarsh2/cpp/deprecate-return-stack-allocated-object
#5750 opened Apr 22, 2021 by huzaifanabeel Loading…
1
JS: Exclude patched libraries from xml-bomb sink documentation JS Python
#20048 opened Jul 15, 2025 by Napalys Loading…
1
Java: CWE-378: Temp Directory Hijacking Race Condition Vulnerability documentation Java
#4473 opened Oct 14, 2020 by JLLeitschuh Loading…
@smowton
84
Ruby: Avoid a forced CP. no-change-note-required This PR does not need a change note Ruby
#18927 opened Mar 4, 2025 by alexet Loading…
1
Rust: Re-categorize tokio-postgres sources as remote. Rust Pull requests that update Rust code
#18752 opened Feb 12, 2025 by geoffw0 Draft
2
Add lodash GroupBy as taint step JS no-change-note-required This PR does not need a change note
#19768 opened Jun 13, 2025 by Vasco-jofra Loading…
2
Improve data flow in the async package JS no-change-note-required This PR does not need a change note
#19770 opened Jun 15, 2025 by Vasco-jofra Loading…
7
actions: Add some missing permissions Actions Analysis of GitHub Actions documentation
#19357 opened Apr 23, 2025 by yoff Loading…
4
C#: Remove experimental queries C# documentation
#18625 opened Jan 29, 2025 by michaelnebel Draft
1
Java: QL Query to Detect Security Sensitive non-CSPRNG usage Java
#2694 opened Jan 24, 2020 by JLLeitschuh Loading…
24
Added vim syntax highlighting for dbschemes
#1461 opened Jun 14, 2019 by Viddog Loading…
7
CS: Adding DecryptWithoutHash and CertificateValidationDisabled queries
#1622 opened Jul 22, 2019 by denislevin Loading…
1
C++: Improve alias analysis for indirections C++
#1736 opened Aug 14, 2019 by dave-bartolomeo Draft
8
[CPP-435] Calls to memset and ZeroMemory may be deleted by the compiler C++
#1933 opened Sep 13, 2019 by zlaski-semmle Draft
41
QL training: C++ variant analysis slide deck
#1966 opened Sep 19, 2019 by lcartey Draft
2
C++/C#: Remove Instruction::getResultType() and friends C# C++
#2217 opened Oct 28, 2019 by dave-bartolomeo Loading…
@dbartol
9
Insecure MemSet C++
#2207 opened Oct 25, 2019 by dave-bartolomeo Draft
5
C++: Use TaintTracking::Configuration in TaintedAllocationSize C++ depends on internal PR This PR should only be merged in sync with an internal Semmle PR
#3519 opened May 19, 2020 by rdmarsh2 Loading…
12
JS: add new query: js/unclosed-stream Awaiting evaluation Do not merge yet, this PR is waiting for an evaluation to finish documentation JS
#3682 opened Jun 11, 2020 by esbena Draft
2 of 3 tasks
11
Java: Arbitrary user-controlled read/write on user-controlled path Java
#3794 opened Jun 24, 2020 by intrigus-lgtm Draft
16
Python: BufferedRWPair Undefined Behavior
#3884 opened Jul 3, 2020 by dilanbhalla Loading…
10
ProTip! What’s not been updated in a month: updated:<2025-07-14.