codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Override StrConst's toString to show the correct type on the AST viewer. Currently, the AST shows the type "Str", which does not exist. Fixes https://github.com/github/codeql/issues/9833.
This is an updated version of some previous hackathon work on interprocedural control flow analysis, now using parameterized modules for configuration.
I've setup basic CodeQL pipeline for python and I'm using poetry as dependency manager. What I found out is that if file `poerty.toml` with configuration below is present (venv is...
Maybe I get something wrong but I cant help myself nor find any useful hints in existing issues or documentation regarding the following case: * Taking for example a select...
Kotlin's implementation of defaults depends on the -Xjvm-default setting (or the `@JvmDefault` deprecated annotation, not implemented here): by default, actual interface class files don't use default methods, and any class...
**Description of the issue** We are running into an issue for a go repo (https://github.com/Azure/ARO-RP) where the extraction has started failing very often for both codeQL v1 and v2. The...
AspNetCore is more flexible deciding what are controllers than AspNet - https://docs.microsoft.com/en-us/aspnet/core/mvc/controllers/actions?view=aspnetcore-3.1 The controller class class doesn't have to be derived from a specific parent, it is enough to suffix...
Possible improvement to `SimpleRangeAnalysis::boolConversionLowerBound`, motivated by a recent regression in the DCA tuple sums reports for this predicate (though I think it regressed at least one more time before this)...
Hello, I've created a CodeQL database of Chromium. I've used the official tutorial from Google (https://chromium.googlesource.com/chromium/src/+/main/docs/linux/build_instructions.md). When it came to building Chromium, I've swapped the command `autoninja -C out/Default chrome`...
