issues Search Results · repo:github/codeql language:CodeQL
Filter by
2k results
(76 ms)2k results
ingithub/codeql (press backspace or delete to remove)Dear CodeQL Team,
I hope this message finds you well. I have a question regarding efficiently identifying subclasses of an abstract class
in the CodeQL source code. Specifically:
For an abstract class ...
question
MagicXiaoBai1
- 1
- Opened yesterday
- #20125
Description of the false positive
CWE-918 (SSRF) finding is triggered when input parameters are eventually appended to a URL used to make outbound calls
to external systems in the source code.
In the ...
false-positive
gautamkct
- 1
- Opened 3 days ago
- #20117
When analyzing Python code for potential SQL injection vulnerabilities using CodeQL, I noticed that some sink points
related to aiopg are not recognized within the current CodeQL library.
import asyncio ...
question
- 1
- Opened 3 days ago
- #20111
Remove the sourceModelDeprecated, summaryModelDeprecated and sinkModelDeprecated extensible predicates from CodeQL for
Rust. They are defined in rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll ...
Rust
geoffw0
- Opened 3 days ago
- #20108
While investigating another problem involving CodeQL, I switched from the default setup to the advanced setup. This
resulted in the creation of a .github/workflows/codeql.yml.
Later, I switched back to ...
question
jyio-va
- 4
- Opened 5 days ago
- #20102
Hi CodeQL team 👋
I m currently building some training challenges for developers to help them identify insecure dynamic method calls. I
designed one of the exercises based on the UnvalidatedDynamicMethodCall ...
question
fguisso
- 1
- Opened 5 days ago
- #20098
Description of the false positive
I have seen alerts for Full server-side request forgery (id: py/full-ssrf), even though the code has a valid mitigation
in place. CodeQL also isn t recognizing other ...
false-positive
markdboyd
- 1
- Opened 8 days ago
- #20093
Description of the issue
As suggested here : https://github.com/github/codeql/issues/8689#issuecomment-3032839302
I am trying to start using --build-mode:none via codeQl CLI using the following commands ...
question
szigetics
- 5
- Opened 9 days ago
- #20071
Description of the issue
!-- Please explain briefly what is the problem. If it is about a GitHub project, please include its URL. --
As of today CodeQL successfully catches usages of the dangerous APIs ...
question
thomasleplus
- 3
- Opened 10 days ago
- #20070
Kophyo-rgh311
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip!
Press the /
key to activate the search input again and adjust your query.Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip!
Restrict your search to the title by using the in:title qualifier.