github / codeql Public

Notifications You must be signed in to change notification settings
Fork 1.9k
Star 9.4k

Code
Issues 961
Pull requests 391
Discussions
Actions
Projects
Models
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Models
Security
Insights

Pull requests: github/codeql

Labels 56 Milestones 8

New pull request New

391 Open 16,510 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

Bump github.com/go-git/go-git/v5 from 5.1.0 to 5.17.1 in /go/ql/test/library-tests/semmle/go/frameworks/Fasthttp in the go_modules group across 1 directory dependencies

Pull requests that update a dependency file

documentation Go

#21617 opened Mar 30, 2026 by dependabot bot

Loading…

Go: migrate control flow graph to shared CFG library

#21614 opened Mar 30, 2026 by Copilot AI • Draft

C#: Fix inconsistent casing of Cs/CS. C# no-change-note-required

This PR does not need a change note

#21613 opened Mar 30, 2026 by aschackmull

Loading…

C#: Taint members of types in ASP.NET user context. C#

#21612 opened Mar 30, 2026 by michaelnebel • Draft

Narrow ZipSlip sinks to file write operations, excluding read-only paths documentation Java

#21609 opened Mar 28, 2026 by MarkLee131

Loading…

Actions: Removed a false positive injection sink model for theveracode/veracode-sca action. Actions

Analysis of GitHub Actions

documentation

#21604 opened Mar 27, 2026 by XinyuZhangXvX

Loading…

Python: Port UseOfExit.ql Python

#21603 opened Mar 27, 2026 by tausbn • Draft

Python: Port ModificationOfLocals.ql Python

#21602 opened Mar 27, 2026 by tausbn • Draft

Python: Port UnusedExceptionObject.ql Python

#21601 opened Mar 27, 2026 by tausbn • Draft

Actions: Add taint summary for suisei-cn/actions-download-file url input Actions

Analysis of GitHub Actions

documentation

#21600 opened Mar 27, 2026 by XinyuZhangXvX

Loading…

C#: Simplify the ConstantCondition query. C# documentation

#21599 opened Mar 27, 2026 by aschackmull • Draft

Python: Port ShouldUseWithStatement.ql no-change-note-required

This PR does not need a change note

Python

#21598 opened Mar 27, 2026 by tausbn

Loading…

Python: Port UnreachableCode.ql Python

#21597 opened Mar 27, 2026 by tausbn • Draft

Rust: Track closure types in data flow C# DataFlow Library Rust

Pull requests that update Rust code

#21596 opened Mar 27, 2026 by hvitved • Draft

Data flow: Add hook for preventing lambda dispatch in source call contexts C# DataFlow Library no-change-note-required

This PR does not need a change note

#21592 opened Mar 26, 2026 by hvitved

Loading…

Python: Improve "bind all interfaces" query documentation Python

#21590 opened Mar 26, 2026 by tausbn

Loading…

Rust: Fix performance issue associated with neutral models no-change-note-required

This PR does not need a change note

Rust

Pull requests that update Rust code

#21587 opened Mar 26, 2026 by geoffw0 • Draft

Shared: update code comments explaining models-as-data format to include barriers and barrier guards C# C++ DataFlow Library Go Java JS no-change-note-required

This PR does not need a change note

Python Ruby Rust

Pull requests that update Rust code

Swift

#21584 opened Mar 26, 2026 by owen-mc

Loading…

Kotlin: update to 2.3.20 depends on internal PR

This PR should only be merged in sync with an internal Semmle PR

documentation Java Kotlin

#21583 opened Mar 26, 2026 by redsun82 • Draft

Go: fix bad join order Go no-change-note-required

This PR does not need a change note

#21576 opened Mar 25, 2026 by owen-mc

Loading…

Remove false positive injection sink models for docker/build-push-action and step-security/harden-runner Actions

Analysis of GitHub Actions

documentation

#21574 opened Mar 25, 2026 by redsun82

Loading…

JS: Add regression test for YAML extraction JS

#21571 opened Mar 24, 2026 by henrymercer

Loading…

C#: Replace CFG with the shared implementation C# Java

#21565 opened Mar 24, 2026 by aschackmull • Draft

Go: use shared SSA library (codeql.ssa.Ssa) documentation Go

#21554 opened Mar 23, 2026 by Copilot AI • Draft

C++: Disable cpp/implicit-function-declaration on build mode none databases C++ documentation

#21553 opened Mar 23, 2026 by geoffw0

Loading…

Previous 1 2 3 4 5 … 15 16 Next

Previous Next

ProTip! What’s not been updated in a month: updated:<2026-02-28.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!