Skip to content

Pull requests: github/codeql

New pull request New
Clear current search query, filters, and sorts
17 Open 181 Closed
17 Open 181 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Actions: mass enable diff-informed data flow Actions Analysis of GitHub Actions
#18346 opened Dec 20, 2024 by asgerf Contributor Draft updated Jan 23, 2025
Add Minimum Permissions Map Actions Analysis of GitHub Actions
#18517 opened Jan 16, 2025 by KyFaSt Contributor Draft updated Mar 26, 2025
7 tasks
4
actions: Add some missing permissions Actions Analysis of GitHub Actions documentation
#19357 opened Apr 23, 2025 by yoff Contributor Loading… updated Apr 29, 2025
4
Add Microsoft to trusted actions owner Actions Analysis of GitHub Actions documentation
#19450 opened May 1, 2025 by felickz Contributor Loading… updated Jun 5, 2025
3
Actions: Update reference link Actions Analysis of GitHub Actions documentation
#21295 opened Feb 8, 2026 by thatrobotdev Loading… updated Feb 8, 2026
Actions: improve improper access control query Actions Analysis of GitHub Actions documentation
#20904 opened Nov 25, 2025 by redsun82 Contributor Loading… updated Mar 3, 2026
1
5
Actions: Add taint summary for suisei-cn/actions-download-file url input Actions Analysis of GitHub Actions documentation
#21600 opened Mar 27, 2026 by XinyuZhangXvX Loading… updated Mar 27, 2026
1
Actions: Removed a false positive injection sink model for theveracode/veracode-sca action. Actions Analysis of GitHub Actions documentation
#21604 opened Mar 27, 2026 by XinyuZhangXvX Loading… updated Mar 27, 2026
3
Actions: Add new query actions/code-injection/low for code injection with step outputs Actions Analysis of GitHub Actions documentation
#20974 opened Dec 5, 2025 by owen-mc Contributor Loading… updated Mar 30, 2026
3
Actions: Add four experimental queries Actions Analysis of GitHub Actions documentation
#21624 opened Mar 31, 2026 by JamieMagee Loading… updated Apr 2, 2026
18
Actions: Add workflow_dispatch and workflow_call input sources for code injection Actions Analysis of GitHub Actions documentation
#21660 opened Apr 6, 2026 by tspascoal Contributor Loading… updated Apr 7, 2026
8
Add extra source to actions CWE-094/CodeInjectionMedium Actions Analysis of GitHub Actions documentation
#21672 opened Apr 8, 2026 by knewbury01 Contributor Loading… updated Apr 8, 2026
@knewbury01
3
Just: introduce common "verbs" Actions Analysis of GitHub Actions C# C++ documentation Go Java JS Kotlin Python Ruby Rust Pull requests that update Rust code Swift
#19978 opened Jul 4, 2025 by redsun82 Contributor Loading… updated Apr 15, 2026
5
Extend actions/unpinned-tag to analyze composite action metadata (action.yml / action.yaml) Actions Analysis of GitHub Actions documentation
#21692 opened Apr 10, 2026 by Copilot AI Loading… updated Apr 20, 2026
@oscarsj
6
Actions: Add experimental queries for AI output validation CWE 1426 Actions Analysis of GitHub Actions documentation
#21678 opened Apr 9, 2026 by data-douser Contributor Draft updated Apr 23, 2026
1
Actions: Add experimental prompt injection queries for CWE 1427 Actions Analysis of GitHub Actions documentation
#21675 opened Apr 9, 2026 by data-douser Contributor Draft updated Apr 23, 2026
2
Improve actions/ql/src/Security/CWE-829/UntrustedCheckoutX queries Actions Analysis of GitHub Actions documentation
#21715 opened Apr 15, 2026 by knewbury01 Contributor Loading… updated Apr 30, 2026
@knewbury01
11
ProTip! Mix and match filters to narrow down what you’re looking for.