File tree
978 files changed
+48304
-65295
lines changed- config
- cpp
- downgrades/d77c09d8bdc172c9201dec293de1e14c931d3f05
- ql
- lib
- change-notes
- released
- semmle/code/cpp
- dataflow
- internal
- tainttracking1
- new
- exprs
- ir
- dataflow
- internal
- ssa0
- tainttracking1
- implementation
- aliased_ssa
- raw
- internal
- unaliased_ssa
- rangeanalysis/new/internal/semantic
- security/InvalidPointerDereference
- upgrades/19887dbd33327fb07d54251786e0cb2578539775
- src
- Critical
- Security/CWE
- CWE-120
- CWE-611
- change-notes
- released
- experimental/Security/CWE/CWE-193
- test
- examples/expressions
- experimental/query-tests/Security/CWE/CWE-193/pointer-deref
- library-tests
- attributes/var_attributes
- dataflow
- dataflow-edge-tests
- dataflow-tests
- fields
- smart-pointers-taint
- taint-tests
- ir
- ir
- ssa
- templates/type_instantiations
- type_sizes
- unspecified_type/types
- variables/variables
- query-tests/Security/CWE
- CWE-078/semmle/ExecTainted
- CWE-120/semmle/tests
- csharp
- extractor
- Semmle.Extraction.CSharp.Standalone
- Semmle.Util
- ql
- campaigns/Solorigate
- lib
- change-notes/released
- src
- change-notes/released
- integration-tests/all-platforms/dotnet_no_args_inject
- lib
- Linq
- change-notes
- released
- semmle/code/csharp
- dataflow
- internal
- tainttracking1
- security/dataflow
- src
- Linq
- change-notes/released
- experimental/ir/implementation
- raw
- unaliased_ssa
- test
- experimental/Security Features/CWE-759
- query-tests
- Architecture
- Dependencies/MutualDependency
- Refactoring Opportunities
- FeatureEnvy
- InappropriateIntimacy
- Bad Practices
- Comments
- CommentedOutCode
- TodoComments
- Control-Flow/ConstantCondition
- Declarations
- EmptyInterface
- LocalScopeVariableShadowsMember
- NoConstantsOnly
- TooManyRefParameters
- EmptyCatchBlock
- Implementation Hiding
- AbstractToConcreteCollection
- ExposeRepresentation
- StaticArray
- Naming Conventions
- ConfusingMethodNames
- VariableNameTooShort
- VirtualCallInConstructorOrDestructor
- CSI/CompareIdenticalValues
- Concurrency
- FutileSyncOnField
- LockOrder
- LockThis
- LockedWait
- SynchSetUnsynchGet
- UnsafeLazyInitialization
- UnsynchronizedStaticAccess
- Configuration/PasswordInConfigurationFile
- Linq
- MissedCastOpportunity
- MissedWhereOpportunity
- Security Features
- CWE-338
- CWE-798
- tools
- docs
- codeql
- codeql-for-visual-studio-code
- codeql-language-guides
- images/codeql-for-visual-studio-code
- ql-training
- cpp
- java
- query-examples
- cpp
- java
- slide-snippets
- reusables
- writing-codeql-queries
- go
- codeql-tools
- extractor
- ql
- lib
- change-notes
- released
- semmle/go
- dataflow
- internal
- tainttracking1
- frameworks
- security
- src
- InconsistentCode
- Security
- CWE-020
- CWE-022
- CWE-078
- CWE-079
- CWE-089
- CWE-190
- CWE-209
- CWE-312
- CWE-322
- CWE-326
- CWE-327
- CWE-338
- CWE-352
- CWE-601
- CWE-640
- CWE-643
- CWE-681
- CWE-918
- change-notes/released
- experimental
- CWE-090
- CWE-1004
- CWE-203
- CWE-285
- CWE-321
- CWE-327
- CWE-369
- CWE-74
- CWE-79
- CWE-807
- CWE-840
- CWE-918
- CWE-942
- Unsafe
- test
- experimental
- CWE-1004
- CWE-134
- CWE-203
- CWE-369
- CWE-74
- CWE-79
- frameworks
- CleverGo
- Fiber
- library-tests/semmle/go
- concepts/LoggerCall
- dataflow
- ArrayConversion
- ChannelField
- ExternalFlowVarArgs
- GuardingFunctions
- HiddenNodes
- InterProceduralDataFlow
- ListOfConstantsSanitizerGuards
- PromotedFields
- PromotedMethods
- TypeAssertions
- VarArgsWithFunctionModels
- VarArgs
- frameworks
- Beego
- CouchbaseV1
- Echo
- Encoding
- EvanphxJsonPatch
- Gorestful
- K8sIoApiCoreV1
- K8sIoApimachineryPkgRuntime
- Protobuf
- Revel
- SQL/go-pg
- vendor
- github.com/go-pg/pg/v10
- orm
- Spew
- StdlibTaintFlow
- Twirp
- Zap
- gqlgen
- graph
- model
- vendor
- github.com/99designs/gqlgen/graphql
- query-tests
- Diagnostics
- CONSISTENCY
- RedundantCode/CompareIdenticalValues
- Security
- CWE-089
- CWE-190
- CWE-312
- CWE-352
- CWE-601/OpenUrlRedirect
- CWE-681
- CWE-918
- vendor
- golang.org/x
- mod
- internal/lazyregexp
- modfile
- module
- semver
- sys/execabs
- tools
- go
- gcexportdata
- packages
- types/objectpath
- internal
- event/tag
- gcimporter
- gocommand
- tokeninternal
- typeparams
- typesinternal
- javascript/ql
- lib
- change-notes/released
- semmle/javascript
- frameworks
- data/internal
- security/dataflow
- src
- Security
- CWE-730
- examples
- CWE-770/examples
- change-notes/released
- test/library-tests/frameworks/data
- java
- documentation/library-coverage
- kotlin-extractor/src/main/kotlin
- utils
- ql
- consistency-queries
- lib
- change-notes
- released
- ext
- generated
- threatmodels
- semmle/code/java
- dataflow
- internal
- tainttracking1
- dispatch
- frameworks
- javaee/ejb
- spring
- struts
- security
- src
- Metrics/Summaries
- Telemetry
- change-notes/released
- experimental/Security/CWE/CWE-078
- test
- experimental/query-tests/security
- CWE-078
- CWE-094
- CWE-1004
- CWE-470
- CWE-552
- CWE-601
- CWE-652
- ext/TopJdkApis
- library-tests
- dataflow
- capture
- field-value
- partial
- stream-read
- threat-models
- frameworks/ratpack/resources
- query-tests
- Telemetry
- AutomodelApplicationModeExtraction
- AutomodelFrameworkModeExtraction
- com/github/codeql/test
- java
- io
- nio/file
- security
- CWE-022/semmle/tests
- CWE-089/semmle/examples
- CWE-090
- CWE-311/CWE-319
- misc
- scripts
- suite-helpers
- change-notes/released
- python/ql
- lib
- change-notes
- released
- semmle/python
- dataflow/new
- internal
- tainttracking1
- essa
- frameworks
- data/internal
- security/dataflow
- src
- change-notes/released
- test
- experimental
- dataflow/typetracking
- meta
- query-tests/Security/CWE-327-UnsafeUsageOfClientSideEncryptionVersion
- library-tests
- frameworks
- aiohttp
- data
- variables/definitions
- ql
- buramu
- extractor
- ql
- src/queries/performance
- test/queries/performance/MissingNoInline
- ruby/ql
- consistency-queries
- lib
- change-notes
- released
- codeql/ruby
- ast
- internal
- controlflow
- internal
- dataflow/internal
- tainttracking1
- frameworks
- data/internal
- rack/internal
- security
- typetracking
- ide-contextual-queries
- src
- change-notes
- released
- experimental
- ldap-injection
- examples
- performance
- xpath-injection
- examples
- queries
- analysis
- variables
- test
- library-tests
- dataflow
- local
- params
- summaries
- type-tracker
- frameworks/rack
- variables
- query-tests
- experimental
- LdapInjection
- XPathInjection
- security/cwe-079
- swift
- extractor
- infra
- mangler
- translators
- trap
- integration-tests/posix-only/deduplication
- Sources/deduplication
- ql
- lib
- change-notes
- released
- codeql
- swift
- controlflow/internal
- dataflow
- internal
- tainttracking1
- elements/expr
- frameworks
- StandardLibrary
- UIKit
- regex
- internal
- security
- regex
- src
- change-notes/released
- experimental/Security/CWE-078
- queries
- Security
- CWE-116
- CWE-730
- ide-contextual-queries
- test
- extractor-tests
- generated
- decl/CapturedDecl
- expr/MethodLookupExpr/CONSISTENCY
- type
- BuiltinType
- PrimaryArchetypeType
- TupleType
- patterns/CONSISTENCY
- statements
- updates
- library-tests
- ast
- CONSISTENCY
- controlflow/graph
- dataflow
- dataflow
- CONSISTENCY
- flowsources
- CONSISTENCY
- taint
- core
- libraries
- elements/expr/assignment
- regex
- query-tests/Security
- CWE-079
- CWE-094
- CWE-116
- CWE-1333
- CWE-311
- CWE-312
- CWE-730
- CWE-757
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
978 files changed
+48304
-65295
lines changedLines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
Lines changed: 0 additions & 32 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | | - | |
3 | | - | |
4 | | - | |
5 | | - | |
6 | | - | |
7 | | - | |
8 | | - | |
9 | | - | |
10 | | - | |
11 | | - | |
12 | | - | |
13 | | - | |
14 | | - | |
15 | | - | |
16 | | - | |
17 | | - | |
18 | | - | |
19 | | - | |
20 | | - | |
21 | | - | |
22 | 2 | | |
23 | 3 | | |
24 | 4 | | |
| |||
42 | 22 | | |
43 | 23 | | |
44 | 24 | | |
45 | | - | |
46 | 25 | | |
47 | 26 | | |
48 | 27 | | |
| |||
53 | 32 | | |
54 | 33 | | |
55 | 34 | | |
56 | | - | |
57 | | - | |
58 | | - | |
59 | | - | |
60 | | - | |
61 | | - | |
62 | | - | |
63 | | - | |
64 | | - | |
65 | | - | |
66 | 35 | | |
67 | 36 | | |
68 | 37 | | |
| |||
516 | 485 | | |
517 | 486 | | |
518 | 487 | | |
519 | | - | |
520 | 488 | | |
521 | 489 | | |
522 | 490 | | |
| |||
0 commit comments