codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
This PR makes minimal changes for us to tolerate Go 1.23. Go 1.23 makes changes to how aliases are represented by the compiler. This PR modifies the extractor to extract...
Hello, I am getting some strange behavior when running one of my queries, ``` /** * @name Find all SensitiveVariableExpr instances * @description Identifies all variables that are considered SensitiveVariableExpr....
(Targeting `js/shared-dataflow-branch`) This greatly improves our ability to handle spread arguments and rest parameters, as well as `.apply()` calls and the `arguments` array. The basic idea is that each call...
We are no longer bound to the platform-specific directories, so simplify the test organization. If you don't want this change, just skip merging this PR. It's purely optional. I kept...
This PR changes the CSV framework coverage reports.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot] avatar"){kind=avatar}
- The C# hotfix is _not_ merged back into main (owner: @hvitved) - The docs hotfix is merged back into main (owner: @felicitymay) - The Go hotfix is merged back...
Adds source models for the `stdin` threat model. These models are implemented in QL instead of MaD due to limitations in MaD: - MaD does not currently handle variable arguments...
