codeql
codeql copied to clipboard
github
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Hi - I am seeing a memory leak being flagged during the execution of a Rust fuzzing test, on Azure Linux 3, within a OneBranch pipeline. I have been unable...
**Description of the false positive** We get a lot of `Workflow does not contain permissions` alerts. It's description states > If a GitHub Actions job or workflow has no explicit...
Improves the detection of minified files, by classifying files with an average line length over 200 as minified. Minifiers typically compile a file to one long line, but sometimes there's...
This PR add support for Kotlin 2.3.0-Beta2. To support Kotlin 2.3.0-Beta2, and update of the `rules_kotlin` bazel package needs to be updated to 2.2.0. Unfortunatly that drops support for Kotlin...
Extends the parser and libraries to support the new t-string syntax introduced in Python 3.14 (cf. [PEP-750](https://peps.python.org/pep-0750/)) Due to the complexity of our current handling of f-strings, I opted _not_...
This query needs a rewrite to ensure good performance, but it has too few results to justify doing this.
This updates the UniversalFlow library to be overlay-aware. Since the output is semantically local, the library can restrict the global computation to target the overlay and thereby become much more...
### Description I have identified a false negative in Python DataFlow analysis where taint tracking is lost when a class is defined **inside a function**. If a tainted variable is...
