codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Stacked on top of https://github.com/github/codeql/pull/19719 **DO NOT MERGE YET.** I'm still testing performance and accuracy, ~and we may change behaviour so that the setting should be enabled for the main...
Stacked on top of https://github.com/github/codeql/pull/19684
Why isn't the following code recognized as a source in a global data stream? If I want to identify this source in the global data stream, how should I write...
To be reviewed by @nicolaswill.
**Description of the issue** [Our repo](https://github.com/OpenUp-LabTakizawa/robopo) uses `GitHub Actions` and `JavaScript / TypeScript` CodeQL default configuration.  In addition, these events will trigger by push and pull request.  However,...
Failing code scanning alert fixes affecting experimental crypto CPP code specifically.
**Hello CodeQL team**, I'm currently integrating CodeQL into our CI workflow for an end-to-end security test of our backend system. Here's the procedure I followed: Setup: **Downloaded the CLI:** wget...
Update `SqlxQuery`, `SqlxExecute` to use `getCanonicalPath` rather than `getResolvedPath`. At present we lose some results, presumably for similar reasons as we lose similar results in https://github.com/github/codeql/pull/19268 . I'd prefer we...
Update `DotDotCheck` to use `getCanonicalPath` rather than `getResolvedPath`. This is not working because (1) we're not finding the static targets of these method calls (presumably because type inference is not...
Several `qhelp` files have errors when running the `codeql generate query-help --format=markdown file.qhelp` command - Nested code inside ``, such as a second `` or a `` result in a...
