github / codeql Public

Notifications You must be signed in to change notification settings
Fork 2k
Star 9.7k

Code
Issues 983
Pull requests 425
Discussions
Actions
Projects
Models
Security and quality
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Models
Security and quality
Insights

Pull requests: github/codeql

Labels 56 Milestones 8

New pull request New

425 Open 16,769 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

Java: Use fixture for filtering diagnostics Java

#21990 opened Jun 15, 2026 by jketema Contributor • Draft

QL: Convert qlref tests to inline expectations QL-for-QL

#21988 opened Jun 15, 2026 by owen-mc Contributor

Loading…

Java: Fix performance issue in type flow library Java no-change-note-required

This PR does not need a change note

#21987 opened Jun 15, 2026 by hvitved Contributor • Draft

Actions: Fix dominates() false positive in reusable workflows Actions

Analysis of GitHub Actions

documentation

#21986 opened Jun 15, 2026 by JarLob Contributor

Loading…

C#: Add Razor Page handler method parameters as remote flow sources C# documentation

#21984 opened Jun 12, 2026 by felickz Contributor

Loading…

Make alert coverage team the code owners for /actions/

#21977 opened Jun 12, 2026 by owen-mc Contributor

Loading…

Swift: Convert .qlref security query tests to inline expectation tests Swift

#21973 opened Jun 11, 2026 by Copilot AI • Draft

[WIP] Convert CodeQL .qlref tests to inline expectations

#21972 opened Jun 11, 2026 by Copilot AI • Draft

4 tasks

Fix changelog copy errors in change-notes and CHANGELOG.md files Actions

Analysis of GitHub Actions

documentation Python

#21971 opened Jun 11, 2026 by mario-campos Contributor

Loading…

Kotlin support 2.4.0 and drop 1.x test mode documentation Java Kotlin

#21970 opened Jun 11, 2026 by andersfugmann Contributor • Draft

Python: Track instance attributes through type tracking documentation Python

#21969 opened Jun 11, 2026 by Copilot AI

Loading…

Convert selected Python qlref tests to inline expectations Python

#21967 opened Jun 10, 2026 by Copilot AI • Draft

Add experimental C# query: SSRF host guard missing IPv6-transition unwrap (CWE-918/CWE-1389) C# documentation

#21964 opened Jun 10, 2026 by tonghuaroot Contributor

Loading…

Unified: More work on AST and Swift mappings no-change-note-required

This PR does not need a change note

#21962 opened Jun 9, 2026 by asgerf Contributor • Draft

Go: fix DataFlow::ResultNode and some related things documentation Go

#21957 opened Jun 8, 2026 by owen-mc Contributor

Loading…

[Javascript] Prompt Injection queries documentation javascript

Pull requests that update Javascript code

JS Python

#21953 opened Jun 8, 2026 by BazookaMusic Contributor • Draft

Kotlin: Add support for Kotlin 2.4.0 documentation Java Kotlin

#21952 opened Jun 8, 2026 by andersfugmann Contributor • Draft

Python: visit function parameter and return annotations in new CFG documentation Python

#21943 opened Jun 4, 2026 by yoff Contributor • Draft

Go: Improve precision of go/unhandled-writable-file-close documentation Go

#21940 opened Jun 4, 2026 by owen-mc Contributor

Loading…

Python: model exception edges for raise-prone expressions inside try/with Python

#21937 opened Jun 4, 2026 by yoff Contributor • Draft

YAML: Extract comments Actions

Analysis of GitHub Actions

depends on internal PR

This PR should only be merged in sync with an internal Semmle PR

javascript

Pull requests that update Javascript code

JS no-change-note-required

This PR does not need a change note

Python QL-for-QL Ruby Rust

Pull requests that update Rust code

#21935 opened Jun 3, 2026 by MathiasVP Contributor

Loading…

Shared CFG: add defaulted getWhileElse/getForeachElse to AstSig

#21931 opened Jun 2, 2026 by yoff Contributor

Loading…

Python: inline init_module_submodule_defn into ImportResolution documentation Python

#21930 opened Jun 2, 2026 by yoff Contributor

Loading…

Python: switch dataflow library to new (shared) CFG + SSA documentation Python

#21925 opened Jun 1, 2026 by yoff Contributor • Draft

Python: add new shared-SSA-backed SSA adapter (additive) documentation Python

#21923 opened Jun 1, 2026 by yoff Contributor • Draft

Previous 1 2 3 4 5 … 16 17 Next

Previous Next

ProTip! Type g i on any issue or pull request to go back to the issue listing page.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!