codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
**Description of the false positive** CodeQL incorrectly identifies dataflow occurring from a constant value when a tuple is being destructured. **Code samples or links to source code** 
I want to know if it is possible to run queries using `query run` using gpu along with cpu, right now all my query runs run only on cpu. My...
Hi there, I'm filing this all as one bug in case they share a root cause, because it seems somewhat likely to me they all share the same root cause....
This is a proof-of-concept inline expectations query that I developed alongside the CLI implementation of test postprocessing to verify that everything works and the interface makes sense. It is not...
New version of the existing `cs/web/missing-token-validation` query that adds: 1. support for AspNetCore 2. lower tolerance for false negatives Any `POST` method without either an explicit CSRF attribute, or an...
**Description of the false positive** The ellipsis `...` (three dots) is commonly used in Python to omit bodies for type hinting declarations. Since technically a lone `...` is an expression...
**Description of the false positive** Sometimes when a variable either stores a tuple containing a password and a username and then the username is logged into a file directly after...
Hello, I am writing python queries for some libraries and I was trying to find all the types in the program and group api's which use Type X, Type Y...
