github / codeql Public

Notifications You must be signed in to change notification settings
Fork 2k
Star 9.5k

Code
Issues 976
Pull requests 392
Discussions
Actions
Projects
Models
Security and quality
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Models
Security and quality
Insights

Pull requests: github/codeql

Labels 56 Milestones 8

New pull request New

Clear current search query, filters, and sorts

85 Open 3,853 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

Actions: Add new query actions/code-injection/low for code injection with step outputs Actions

Analysis of GitHub Actions

documentation

#20974 opened Dec 5, 2025 by owen-mc Contributor

Loading…

Update supported language codes documentation

#10480 opened Sep 19, 2022 by rvermeulen Contributor

Loading…

Bump the go_modules group across 2 directories with 3 updates dependencies

Pull requests that update a dependency file

documentation Go

#20608 opened Oct 9, 2025 by dependabot Bot

Loading…

Crypto: Add BouncyCastle signatures and block cipher modes documentation Java

#20575 opened Oct 2, 2025 by nicolaswill Contributor

Loading…

Java: Improve ImportStaticTypeMember and ImportStaticOnDemand documentation Java

#10497 opened Sep 20, 2022 by Marcono1234 Contributor

Loading…

Actions: Add experimental prompt injection queries for CWE 1427 Actions

Analysis of GitHub Actions

documentation

#21675 opened Apr 9, 2026 by data-douser Contributor • Draft

[CSharp] Add Unicode Bypass Validation query, test and help file C# documentation

#12996 opened May 2, 2023 by Sim4n6 Contributor

Loading…

Go: Fix missing flow through receiver for function variable (try 2) documentation Go

#13861 opened Aug 1, 2023 by owen-mc Contributor • Draft

Docs: add an example .qls with a tag regex documentation

#4793 opened Dec 7, 2020 by rdmarsh2 Contributor

Loading…

Go: Convert models for variadic functions to use models-as-data documentation Go

#16592 opened May 25, 2024 by owen-mc Contributor • Draft

C#: Merge cs/exposure-of-private-information into cs/cleartext-storage-of-sensitive-information, C# documentation

#15379 opened Jan 19, 2024 by michaelnebel Contributor • Draft

RB: add second-order-command-injection documentation Ruby WIP

This is a work-in-progress, do not merge yet!

#11236 opened Nov 11, 2022 by erik-krogh Contributor • Draft

Actions: Add taint summary for suisei-cn/actions-download-file url input Actions

Analysis of GitHub Actions

documentation

#21600 opened Mar 27, 2026 by XinyuZhangXvX

Loading…

JS: Module system refactoring documentation JS

#20414 opened Sep 11, 2025 by asgerf Contributor • Draft

JS: Only exclude JS files in the tsconfig outDir documentation JS

#21121 opened Jan 8, 2026 by asgerf Contributor • Draft

JS: Deprecate getAnExportedSymbol() and remove DubiousImport.ql documentation JS

#20412 opened Sep 11, 2025 by asgerf Contributor • Draft

Golang - Server Side Template Injection documentation Go

#15193 opened Dec 22, 2023 by aydinnyunus Contributor • Draft

Actions: Add experimental queries for AI output validation CWE 1426 Actions

Analysis of GitHub Actions

documentation

#21678 opened Apr 9, 2026 by data-douser Contributor • Draft

C#: Add more NavigationManager models to make cs/web/unvalidated-url-redirection Blazor-aware. C# documentation

#18324 opened Dec 19, 2024 by egregius313 Contributor • Draft

1 of 3 tasks

Java: Remove experimental queries. documentation Java

#18626 opened Jan 29, 2025 by michaelnebel Contributor • Draft

C++: Block flow to integral and float types in cpp/unbounded-write C++ documentation

#16144 opened Apr 8, 2024 by MathiasVP Contributor • Draft

C#: Remove experimental queries C# documentation

#18625 opened Jan 29, 2025 by michaelnebel Contributor • Draft

RB: update the QHelp for rb/path-injection documentation Ruby

#16109 opened Apr 3, 2024 by erik-krogh Contributor • Draft

Actions: Update reference link Actions

Analysis of GitHub Actions

documentation

#21295 opened Feb 8, 2026 by thatrobotdev

Loading…

Add docs comment about deduplicating query rows documentation

#21693 opened Apr 10, 2026 by k4lizen

Loading…

Previous 1 2 3 4 Next

Previous Next

ProTip! Follow long discussions with comments:>50.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!