Skip to content
Navigation Menu
Toggle navigation
Sign in
Appearance settings
Platform
AI CODE CREATION
GitHub Copilot
Write better code with AI
GitHub Copilot app
Direct agents from issue to merge
MCP Registry
New
Integrate external tools
DEVELOPER WORKFLOWS
Actions
Automate any workflow
Codespaces
Instant dev environments
Issues
Plan and track work
Code Review
Manage code changes
APPLICATION SECURITY
GitHub Advanced Security
Find and fix vulnerabilities
Code security
Secure your code as you build
Secret protection
Stop leaks before they start
EXPLORE
Why GitHub
Documentation
Blog
Changelog
Marketplace
View all features
Solutions
BY COMPANY SIZE
Enterprises
Small and medium teams
Startups
Nonprofits
BY USE CASE
App Modernization
DevSecOps
DevOps
CI/CD
View all use cases
BY INDUSTRY
Healthcare
Financial services
Manufacturing
Government
View all industries
View all solutions
Resources
EXPLORE BY TOPIC
AI
Software Development
DevOps
Security
View all topics
EXPLORE BY TYPE
Customer stories
Events & webinars
Ebooks & reports
Business insights
GitHub Skills
SUPPORT & SERVICES
Documentation
Customer support
Community forum
Trust center
Partners
View all resources
Open Source
COMMUNITY
GitHub Sponsors
Fund open source developers
PROGRAMS
Security Lab
Maintainer Community
Accelerator
GitHub Stars
Archive Program
REPOSITORIES
Topics
Trending
Collections
Enterprise
ENTERPRISE SOLUTIONS
Enterprise platform
AI-powered developer platform
AVAILABLE ADD-ONS
GitHub Advanced Security
Enterprise-grade security features
Copilot for Business
Enterprise-grade AI features
Premium Support
Enterprise-grade 24/7 support
Pricing
Search or jump to...
Search code, repositories, users, issues, pull requests...
Search syntax tips
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign in
Sign up
Appearance settings
Resetting focus
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
Uh oh!
There was an error while loading.
Please reload this page
.
github
/
codeql
Public
Notifications
You must be signed in to change notification settings
Fork
2k
Star
9.8k
Code
Issues
985
Pull requests
416
Discussions
Actions
Projects
Models
Security and quality
0
Insights
Additional navigation options
Code
Issues
Pull requests
Discussions
Actions
Projects
Models
Security and quality
Insights
Commits
Breadcrumbs
History for
codeql
javascript
ql
on
main
User selector
All users
All time
Commit history
Commits on Jul 1, 2026
Add Windows integration tests showing that subst is handled inconsistently
jketema
committed
daf97f7
Copy full SHA for daf97f7
Commits on Jun 26, 2026
Merge pull request #22036 from forks-felickz/felickz/js-angular-hostlistener-postmessage
Show description for cacdc46
asgerf
authored
cacdc46
Copy full SHA for cacdc46
Commits on Jun 25, 2026
Post-release preparation for codeql-cli-2.26.0
github-actions[bot]
committed
456e337
Copy full SHA for 456e337
Release preparation for version 2.26.0
github-actions[bot]
committed
237c563
Copy full SHA for 237c563
Commits on Jun 23, 2026
Address review: restrict @HostListener handler to window/document message targets
Show description for d1d9df7
felickz
and
Copilot
committed
d1d9df7
Copy full SHA for d1d9df7
JavaScript: Recognize Angular @HostListener('window:message') as a postMessage handler
Show description for 9bffcf8
felickz
and
Copilot
committed
9bffcf8
Copy full SHA for 9bffcf8
Commits on Jun 18, 2026
JS: Add and reclassify prompt-injection sinks for AI SDKs
Show description for ea87f59
BazookaMusic
and
Copilot
committed
ea87f59
Copy full SHA for ea87f59
Commits on Jun 17, 2026
Merge branch 'main' into bazookamusic/cwe-1427
BazookaMusic
authored
57f2006
Copy full SHA for 57f2006
1. Enable inline expectations for tests
Show description for c444f41
BazookaMusic
committed
c444f41
Copy full SHA for c444f41
Fix prompt injection severity
BazookaMusic
committed
b9025a5
Copy full SHA for b9025a5
Merge branch 'main' into add-yaml-comments
MathiasVP
committed
c12cf88
Copy full SHA for c12cf88
Commits on Jun 16, 2026
Grammar
Show description for 8f965a9
BazookaMusic
and
Copilot
authored
8f965a9
Copy full SHA for 8f965a9
Fix system prompt injection description and title
Show description for d72372c
BazookaMusic
and
Copilot
authored
d72372c
Copy full SHA for d72372c
Commits on Jun 15, 2026
Merge branch 'main' into bazookamusic/cwe-1427
BazookaMusic
authored
7c11f19
Copy full SHA for 7c11f19
Commits on Jun 11, 2026
Merge branch 'main' into patch-1
mattcosta7
authored
923fe2d
Copy full SHA for 923fe2d
Merge branch 'main' into bazookamusic/cwe-1427
BazookaMusic
authored
17dbf03
Copy full SHA for 17dbf03
Update not_included_in_qls.expected for promoted prompt injection queries
Show description for ef56787
BazookaMusic
committed
ef56787
Copy full SHA for ef56787
Refine SystemPromptInjection alert message and move test to stable
Show description for 7bd5abf
BazookaMusic
committed
7bd5abf
Copy full SHA for 7bd5abf
Promote user prompt injection query to stable security
Show description for e612db2
BazookaMusic
committed
e612db2
Copy full SHA for e612db2
Commits on Jun 10, 2026
Add SsrfIpv6TransitionIncompleteGuard.ql to not_included_in_qls.expected
Show description for 4c1a005
tonghuaroot
committed
4c1a005
Copy full SHA for 4c1a005
Commits on Jun 8, 2026
Em-dash - of course :D
BazookaMusic
committed
d0ffde8
Copy full SHA for d0ffde8
Remove redundant file
BazookaMusic
committed
b6c951e
Copy full SHA for b6c951e
1. Rename AgentSDK -> AgentSdk
Show description for 2cb0851
BazookaMusic
committed
2cb0851
Copy full SHA for 2cb0851
QLDoc + include the queries in the correct expected files per query suite
BazookaMusic
committed
e370af6
Copy full SHA for e370af6
Formatting
BazookaMusic
committed
61be37d
Copy full SHA for 61be37d
Better document the new queries
BazookaMusic
committed
da05992
Copy full SHA for da05992
Commits on Jun 6, 2026
Add experimental JS query for SSRF guards missing IPv6-transition unwrap
Show description for e93bc11
tonghuaroot
committed
e93bc11
Copy full SHA for e93bc11
Commits on Jun 4, 2026
JS: Add tests.
MathiasVP
committed
e8f7454
Copy full SHA for e8f7454
JS: Add upgrade and downgrade scripts.
MathiasVP
committed
3a90e8c
Copy full SHA for 3a90e8c
JS: Support YAML comments.
MathiasVP
committed
58b1a05
Copy full SHA for 58b1a05
add openrouter support
BazookaMusic
committed
078d15e
Copy full SHA for 078d15e
Commits on May 29, 2026
Post-release preparation for codeql-cli-2.25.6
github-actions[bot]
committed
cfb18c2
Copy full SHA for cfb18c2
Release preparation for version 2.25.6
github-actions[bot]
committed
8b6f969
Copy full SHA for 8b6f969
Revert "Release preparation for version 2.25.6"
henrymercer
authored
9bc0c1b
Copy full SHA for 9bc0c1b
Commits on May 26, 2026
Merge branch 'main' into patch-1
mattcosta7
authored
2884428
Copy full SHA for 2884428
Previous
Next
You can’t perform that action at this time.