CodeQL documentation
CodeQL resources
CodeQL overview
CodeQL guides
Writing CodeQL queries
CodeQL language guides
Reference docs
QL language reference
CodeQL standard-libraries
CodeQL query help
Source files
CodeQL repository
Academic
QL publications
CodeQL query help for C and C++
CodeQL query help for C#
CodeQL query help for GitHub Actions
CodeQL query help for Go
CodeQL query help for Java and Kotlin
CodeQL query help for JavaScript and TypeScript
CodeQL query help for Python
‘apply’ function used
‘break’ or ‘return’ statement in finally
‘import *’ may pollute namespace
‘input’ function used in Python 2
‘super’ in old style class
Accepting unknown SSH host keys when using Paramiko
An assert statement has a side-effect
Arbitrary file write during tarfile extraction
Asserting a tuple
Backspace escape in regular expression
Bad HTML filtering regexp
Binding a socket to all network interfaces
CSRF protection weakened or disabled
Clear-text logging of sensitive information
Clear-text storage of sensitive information
Code injection
Commented-out code
Comparison of constants
Comparison of identical values
Comparison using is when operands support
__eq__
Conflicting attributes in base classes
Confusing octal literal
Constant in conditional expression or statement
Construction of a cookie using user-supplied input
Cyclic import
Default version of SSL/TLS may be insecure
Deprecated slice method
Deserialization of user-controlled data
Duplicate key in dict literal
Duplication in regular expression character class
Empty except
Encoding error