codeql-queries
codeql-queries copied to clipboard
trailofbits
CodeQL queries developed by Trail of Bits
This PR adds a number of CodeQL queries for the GGML library used by e.g. llama.cpp and whisper.cpp.
Hello team, I've been exploring the fantastic work being done with CodeQL queries in this repository and noticed that there is a significant opportunity to extend its capabilities to Python,...
Fixes: ``` --- expected +++ actual @@ -1,3 +1,5 @@ +WARNING: type 'NamedType' has been deprecated and may be removed in future (MissingMinVersionTLS.ql:97,12-21) +WARNING: type 'NamedType' has been deprecated and...
Trying to debug some performance issues following https://github.com/trailofbits/codeql-queries/pull/14#issuecomment-2547906076 ## Testing setup: Command: ``` codeql database analyze --rerun --threads=-1 codeqldb-elasticsearch-817 java/src/security/Recursion/Recursion.ql --format=sarif-latest --output=recursion.sarif ``` Test on `elasticsearch` codebase version 8.17 (...
Use this queries: https://github.com/github/codeql/tree/main/ql/ql/src/queries/performance
Usually our rules should not produce findings in testing code. We have to check if/how official codeql rules limit results to only real code, and do the same. Otherwise we...