issues Search Results · repo:github/codeql language:CodeQL
Filter by
2k results
(120 ms)2k results
ingithub/codeql (press backspace or delete to remove)Description of the false positive
We get a lot of Workflow does not contain permissions alerts.
It s description states
If a GitHub Actions job or workflow has no explicit permissions set, then the ...
false-positive
h3rmanj
- 1
- Opened 7 hours ago
- #20487
Description of the false positive
CodeQL treats e.g. aws-actions/configure-aws-credentials@v5.0.0 as non-immutable although it now is.
Code samples or links to source code
The following snippet will ...
false-positive
timbru31
- Opened yesterday
- #20458
Description of the issue
- Given Rust s growing adoption in Web3 and DeFi ecosystems, I’d like to propose adding new CodeQL queries that target
recurring vulnerability patterns specific to these ...
question
ahmed-farid-dev
- 2
- Opened yesterday
- #20456
CodeQL (go/sql-injection) flags it when user input flows into any MongoDB query methods, which is great. However, there
doesn t seem to be a way to fix the alert at all. There s no specific recommendations ...
false-positive
Sinderella
- Opened yesterday
- #20455
Description of the false positive
I get false positives for the following expression (using the Python re module):
r ^(?=\[.*]$|[^][]*$)\[?[1-9]\d*(\+|-[1-9]\d*)(:[1-9]\d*(:[+*^])?)?]?$
Unmatchable ...
false-positive
sam-maloney
- 1
- Opened 3 days ago
- #20429
As the title suggests, I am currently using the tasking compiler to compile C code, but CodeQL does not support the
tasking compiler. What should I do if I want to adapt? Is there any problem?
question
PanoChao
- 4
- Opened 3 days ago
- #20428
Describe the issue
I am trying to run CodeQL scanning (default setup) on a forked repo. There are ~25k C++ source files. However, I am
facing 2 issues:
1. The GitHub Action that I triggered to start ...
Arpan3323
- 3
- Opened 6 days ago
- #20418
Add a new CodelQL query for detecting the use of non-HTTPs URLs in Rust code. That is, a query that detects when Rust
code may be accessing an http (rather than https) URL, which is likely to be a security ...
Rust
geoffw0
- Opened 7 days ago
- #20417
https://github.com/reqable/reqable-docs/blob/master/en-US%2Fcapture%2Farts%2Fchls_01.png
ziavai777
- Opened 15 days ago
- #20359
Description of the issue
I set up CodeQL scanning using default configurations in a private repository. When scanning the C# code, it reports
that it had a low quality scan due to issues, and recommends ...
question
EinarSnorrason
- 2
- Opened 15 days ago
- #20353
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip!
Restrict your search to the title by using the in:title qualifier.Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip!
Press the /
key to activate the search input again and adjust your query.