Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

GitHub / github / codeql

RSS Feed
#21825 -
Open 16 days ago
github
#21517 -
Open 2 months ago
github
#21506 -
Open 2 months ago
github
#21500 -
Open 2 months ago
github
#21481 -
Open 2 months ago
github
#21478 -
Open 2 months ago
github
#21480 - Bump platforms from 0.0.5 to 1.0.0
Closed 2 months ago • 2 comments
dependencies bazel
bazel:platforms 0.0.5 → 1.0.0 major
github
#21469 -
Open 2 months ago
github
#21460 -
Open 3 months ago
github
#21432 -
Open 3 months ago
github
#21436 -
Open 3 months ago
github
#21364 -
Open 3 months ago
github
#21365 - Bump the go_modules group across 3 directories with 2 updates
Open 3 months ago • 7 comments 🔒 Security
documentation dependencies Go CVE-2025-48075 CVE-2026-25882
go:golang.org/x/crypto 0.12.0 → 0.45.0 minor go:github.com/gofiber/fiber/v2 2.51.0 → 2.52.12 minor
github
#21362 -
Open 3 months ago
github
#21363 - Bump the go_modules group across 3 directories with 4 updates
Closed 3 months ago • 4 comments 🔒 Security
documentation dependencies Go CVE-2025-48075 CVE-2025-30204 CVE-2025-27144 CVE-2026-25882
go:golang.org/x/crypto 0.12.0 → 0.19.0 minor go:github.com/gofiber/fiber/v2 2.51.0 → 2.52.12 minor go:github.com/golang-jwt/jwt/v5 5.0.0 → 5.2.2 minor +1 more
github
#21300 -
Open 4 months ago
github
#21157 -
Open 4 months ago
github
#21073 - Bump org.apache.logging.log4j:log4j-core from 2.14.1 to 2.25.3 in /java/ql/test/utils/flowtestcasegenerator in the maven group across 1 directory
Closed 5 months ago • 1 comment
Java dependencies
maven:org.apache.logging.log4j:log4j-core 2.14.1 → 2.25.3 minor
github
#21028 -
Open 6 months ago
github
#20835 -
Open 6 months ago
github
#20698 -
Open 7 months ago
github
#20585 - Bump the go_modules group across 2 directories with 3 updates
Closed 8 months ago • 4 comments 🔒 Security
documentation dependencies Go CVE-2025-30204
go:golang.org/x/crypto 0.12.0 → 0.35.0 minor go:github.com/gin-gonic/gin 1.7.1 → 1.9.1 minor go:github.com/golang-jwt/jwt/v5 5.0.0 → 5.2.2 minor
github
#20527 - Bump regex from 1.11.1 to 1.11.3 in /ql
Open 8 months ago
dependencies Rust
cargo:regex 1.11.1 → 1.11.3 patch
github
#20406 - Bump golang.org/x/tools from 0.36.0 to 0.37.0 in /go/extractor in the extractor-dependencies group
Open 9 months ago
dependencies Go
go:golang.org/x/tools 0.36.0 → 0.37.0 minor
github
#20389 - Bump golang.org/x/mod from 0.27.0 to 0.28.0 in /go/extractor in the extractor-dependencies group
Merged 9 months ago • merged by mbg
dependencies Go
go:golang.org/x/mod 0.27.0 → 0.28.0 minor
github
#20388 - Bump chrono from 0.4.40 to 0.4.42 in /ql
Open 9 months ago
dependencies Rust
cargo:chrono 0.4.40 → 0.4.42 patch
github
#20372 - Bump actions/labeler from 4 to 6
Open 9 months ago
dependencies github_actions
actions:actions/labeler 4 → 6
github
#20361 - Bump actions/setup-dotnet from 4 to 5
Open 9 months ago
dependencies github_actions
actions:actions/setup-dotnet 4 → 5
github
#20313 - Bump actions/checkout from 4 to 5
Merged 9 months ago • merged by mbg
dependencies QL-for-QL github_actions
actions:actions/checkout 4 → 5
github
#20272 - Bump regex from 1.11.1 to 1.11.2 in /ql
Open 9 months ago
dependencies Rust
cargo:regex 1.11.1 → 1.11.2 patch
github
#20212 - Bump rayon from 1.10.0 to 1.11.0 in /ql
Open 10 months ago
dependencies Rust
cargo:rayon 1.10.0 → 1.11.0 minor
github
#20188 - Bump the extractor-dependencies group in /go/extractor with 2 updates
Open 10 months ago • 1 comment
dependencies Go
go:golang.org/x/mod 0.26.0 → 0.27.0 minor go:golang.org/x/tools 0.35.0 → 0.36.0 minor
github
#20175 - Bump actions/download-artifact from 4 to 5
Closed 10 months ago • 1 comment
dependencies QL-for-QL github_actions
actions:actions/download-artifact 4 → 5
github
#20035 - Bump golang.org/x/tools from 0.34.0 to 0.35.0 in /go/extractor in the extractor-dependencies group
Merged 11 months ago • 1 comment • merged by mbg
dependencies Go
go:golang.org/x/tools 0.34.0 → 0.35.0 minor
github
#20009 - Bump golang.org/x/mod from 0.25.0 to 0.26.0 in /go/extractor in the extractor-dependencies group
Open 11 months ago • 1 comment
dependencies Go
go:golang.org/x/mod 0.25.0 → 0.26.0 minor
github
#19683 - Bump the extractor-dependencies group in /go/extractor with 2 updates
Open 12 months ago • 1 comment
dependencies Go
go:golang.org/x/mod 0.24.0 → 0.25.0 minor go:golang.org/x/tools 0.33.0 → 0.34.0 minor
github
#19415 - Bump chrono from 0.4.40 to 0.4.41 in /ql
Closed about 1 year ago • 1 comment
dependencies QL-for-QL
cargo:chrono 0.4.40 → 0.4.41 patch
github
#11443 - Bump esapi from 2.2.3.1 to 2.3.0.0 in /java/ql/test/utils/flowtestcasegenerator
Closed over 3 years ago • 1 comment 🔒 Security
Java dependencies CVE-2022-24891 CVE-2022-23457
maven:esapi 2.2.3.1 → 2.3.0.0 minor
github
Repository Info

CodeQL: the libraries and queries that power security researchers around the world, as well as co...

Language: CodeQL
Stars: 9,123
Forks: 1,883
License: MIT
Dependabot Stats
Total PRs: 41
Merged PRs: 0
Avg close time: N/A
Avg comments: 0
Top Labels
dependencies (21) Go (9) github_actions (4) Rust (4) QL-for-QL (3) documentation (3) Java (2) bazel (1)