The Wayback Machine - https://web.archive.org/web/20201204040255/https://github.com/github/codeql/pulls
Skip to content

/ codeql

New pull request New
133 Open 4,048 Closed
133 Open 4,048 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
JS: Add test case for electron.shell.openExternal sink
JS
#4776 opened Dec 3, 2020 by asgerf Approved
C#: Improve CIL attribute decoding
C#
#4775 opened Dec 3, 2020 by tamasvajk Draft
JS: better support for forms in js/xss-through-dom
JS
#4774 opened Dec 3, 2020 by erik-krogh Draft
Python: Path injection improvements
Python documentation
#4773 opened Dec 3, 2020 by RasmusWL Review required
JS: Make SourceNode::Range non-recursive and make strings SourceNodes
JS
#4772 opened Dec 3, 2020 by asgerf Review required
3
[Java] Triplicate UnsafeCert query so it can be split.
Java documentation
#4771 opened Dec 2, 2020 by intrigus-lgtm Review required
8
Update query and library links for new locations
documentation
#4768 opened Dec 2, 2020 by jf205 Review required
Data flow: Cache `ParamUpdateReturnKind::getAnOutNode()`
C# C++ Java Python
#4765 opened Dec 2, 2020 by hvitved Draft
3
JS: Merge SSTI query into js/code-injection
JS documentation
#4762 opened Dec 1, 2020 by asgerf Review required
4
C#: Extract enum underlying type from IL
C#
#4761 opened Dec 1, 2020 by tamasvajk Review required
2
C#: Improve array argument CIL extraction for attributes
C#
#4759 opened Dec 1, 2020 by tamasvajk Review required
Python: Enclosing callable for synthetic arguments
Python
#4757 opened Dec 1, 2020 by yoff Review required
2
Python: Dataflow, unpacking assignment
Python
#4752 opened Nov 30, 2020 by yoff Changes requested
2
JS: Move `js/log-injection` into non-experimental.
JS documentation
#4751 opened Nov 30, 2020 by erik-krogh Review required
1
C++: Model classes in StdString.qll.
C++
#4750 opened Nov 30, 2020 by geoffw0 Review required
1
Python: Add some command injection tests
Python
#4749 opened Nov 30, 2020 by RasmusWL Draft
Java: Improve performance of SSA.
Java
#4746 opened Nov 30, 2020 by aschackmull Review required
3
CPP: Add query for CWE-191 into experimental this reveals a dangerous comparison
C++ documentation
#4745 opened Nov 28, 2020 by ihsinme Review required
10
JavaScript: Factor out HTML extractor
JS depends on internal PR
#4744 opened Nov 27, 2020 by sauyon Review required
5
Java: Add flow steps through methods of `java.nio.Buffer` and its subclasses
Java
#4743 opened Nov 27, 2020 by joefarebrother Review required
1
C#: WIP: extract underlying enum type from CIL
C#
#4742 opened Nov 27, 2020 by tamasvajk Draft
1
Python: Force read- and store steps to add nodes.
Python
#4737 opened Nov 27, 2020 by yoff Review required
8
Python: Untrusted data used in external APIs
Python documentation
#4735 opened Nov 26, 2020 by RasmusWL Review required
1
JS: Add more models for command parsing libraries in js/indirect-command-line-injection
JS
#4733 opened Nov 26, 2020 by erik-krogh Review required
JS: Add `security` tag to js/angular/double-compilation
JS
#4732 opened Nov 26, 2020 by esbena Approved
ProTip! Type g i on any issue or pull request to go back to the issue listing page.
You can’t perform that action at this time.