codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Bumps the extractor-dependencies group in /go/extractor with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/tools](https://github.com/golang/tools). Updates `golang.org/x/mod` from 0.15.0 to 0.18.0 Commits c0bdc7b modfile: add API for godebug lines 6686f41 module: add COM0...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Convert sources from Chi, Echo and Elazarl to MaD. I don't believe it needs a change note.
In this PR we further narrow the C# source model generation to exclude all callables that overrides or implements something else. This is because we need to "limit" the number...
Description: I have encountered an issue when using CodeQL in Visual Studio Code, which seems to be related to the "Extension Pack for Java". Here are the details of the...
The "most expensive predicates" report had the following line on a certain database: ``` 1m15s | 11 | 37s @ 4 | ImportResolution::ImportResolution::getImmediateModuleReference/1#3553e6c0#reorder_1_0@12bb4xdo ``` Investigating further revealed the following bad...
On a certain database, the evaluator was spending 17 seconds on a single iteration, which is usually a bad sign. Looking more closely, we find the following culprit: ``` (621s)...
**Description of the issue** ## Use Case We are trying to use the dataflow analysis to get the explicitly accessed fields in a struct in Golang. To do that, we...
Polyfill.io was a popular JavaScript polyflll Content Delivery Network (CDN), used to support new web browser standards on older browsers. In February 2024 the domain was sold, and in June...
Commits: - **SimpleRangeAnalysis lib/: float -> BigInt**: library changes - **SimpleRangeAnalysis src/: float -> BigInt**: query changes - **SimpleRangeAnalysis test/: float -> BigInt**: test changes
