CodeQL documentation
CodeQL resources
CodeQL overview
CodeQL guides
Writing CodeQL queries
CodeQL language guides
Reference docs
QL language reference
CodeQL standard-libraries
CodeQL query help
Source files
CodeQL repository
Academic
QL publications
CodeQL query help for C and C++
CodeQL query help for C#
CodeQL query help for GitHub Actions
CodeQL query help for Go
CodeQL query help for Java and Kotlin
CodeQL query help for JavaScript and TypeScript
CodeQL query help for Python
CodeQL query help for Ruby
Bad HTML filtering regexp
Badly anchored regular expression
CSRF protection not enabled
CSRF protection weakened or disabled
Clear-text logging of sensitive information
Clear-text storage of sensitive information
Code injection
Database query in a loop
Dependency download using unencrypted communication channel
Deserialization of user-controlled data
Download of sensitive file through insecure connection
Hard-coded data interpreted as code
Incomplete URL substring sanitization
Incomplete multi-character sanitization
Incomplete regular expression for hostnames
Incomplete string escaping or encoding