codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Bumps [github.com/gofiber/fiber/v2](https://github.com/gofiber/fiber) from 2.48.0 to 2.52.1. Release notes Sourced from github.com/gofiber/fiber/v2's releases. v2.52.1 👮 Security https://docs.gofiber.io/api/middleware/cors 🐛 Fixes Middleware/healthcheck: Not working with route group(#2863) 📚 Documentation Fix default value to...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [github.com/gofiber/fiber/v2](https://github.com/gofiber/fiber) from 2.48.0 to 2.52.1. Release notes Sourced from github.com/gofiber/fiber/v2's releases. v2.52.1 👮 Security https://docs.gofiber.io/api/middleware/cors 🐛 Fixes Middleware/healthcheck: Not working with route group(#2863) 📚 Documentation Fix default value to...
Added new library and corresponding queries for storage/logging of cleartext private data. This already exists for sensitive expressions (CWE-311) but would be helpful to have for private data as well,...
This query warns against enabling the allow_dotted_names option when registering an instance of SimpleXMLRPCServer, as this allows intruders to access your module’s global variables and may execute arbitrary code on...
Bumps [tree-sitter](https://github.com/tree-sitter/tree-sitter) from 0.20.10 to 0.21.0. Changelog Sourced from tree-sitter's changelog. [0.21.0] — 2024-02-21 Breaking Remove the apply-all-captures flag, make last-wins precedence the default by @amaanq NOTE: This change might...
No functional change: we just changed the prebuilding macOS runners.
Bumps [Newtonsoft.Json](https://github.com/JamesNK/Newtonsoft.Json) from 6.0.4 to 13.0.1. Release notes Sourced from Newtonsoft.Json's releases. 13.0.1 New feature - Add JsonSelectSettings with configuration for a regex timeout Change - Remove portable assemblies from...
Previously it was only working for non anonymous classes because it required that `getType() instanceof ParameterizedClass` which does not hold for anonymous classes.
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4. Release notes Sourced from actions/cache's releases. v4.0.0 What's Changed Update action to node20 by @takost in actions/cache#1284 feat: save-always flag by @to-s in actions/cache#1242...