-
>Location of security vulnerability : src/lib/utils.ts line 17
>
> Incomplete multi-character sanitization
>
> Severity : high
>
> Rule ID
> js/incomplete-multi-character-sanitization
>
> …
-
PR #404 and PR #405 fix a couple of CodeQL alerts, I think. After those, only a few CodeQL alerts remain....
The five "Potential use after free" alerts ([#42](https://github.com/gearman/gearmand/se…
-
Upgrade code scanning workflows to CodeQL Action v3
-
CodeQL was consistently running out of disk space, which was causing errors and blocking PRs, so I disabled it.
We need to fix the underlying issue (possibly by configuring larger runners at the or…
-
### Description
The Code QL analysis workflow keeps failing.
### Additional Information
Could be related to:
https://github.com/Azure/azure-functions-dotnet-worker/issues/2601
It could be an idea t…
-
following the outline in the suggestion to add those tools to the copier template - it should be tested first
https://github.com/DiamondLightSource/python-copier-template/issues/180
a link to…
-
[GitHub CodeQL](https://codeql.github.com/) is a tool used to analyze repositories for security vulnerabilities. It supports many languages including Go. It's free for open source projects.
-
Hi! We've recently adopted CodeQL into our system and noticed very slow analysis for one of our codebases, which consists of java + kotlin.
For comparison:
* regular build takes 20-30 minutes
* c…
-
Is there a way to write parameterized queries? Say I my query is something like:
```
from string methodName, MethodDecl method
where methodName="MyFunc1"
and method.getName()=methodName
select m…
-
CodeQL does not currently support PowerShell. Given that PowerShell is quite a potent language that has been used to great effect by red team and blue team alike, this lack of functionality hurts bot…