Conditional comments — CodeQL query help documentation CodeQL query help for C and C++ CodeQL query help for C# CodeQL query help for GitHub Actions CodeQL query help for Go CodeQL query help for Java and Kotlin CodeQL query help for JavaScript and TypeScript Access to let-bound variable in temporal dead zone Arbitrary file access during archive extraction (”Zip Slip”) Arguments redefined Arrow method on Vue instance Assignment to constant Assignment to exports variable Assignment to property of primitive value Back reference into negative lookahead assertion Back reference precedes capture group Bad HTML filtering regexp CORS misconfiguration for credentials transfer Call to eval-like DOM function Case-sensitive middleware path Clear text storage of sensitive information Clear text transmission of sensitive cookie Clear-text logging of sensitive information Client-side URL redirect Client-side cross-site scripting Client-side request forgery Code injection Comparison between inconvertible types Comparison with NaN Conditional comments Conflicting function declarations Conflicting variable initialization Creating biased random numbers from a cryptographically secure source Cross-window communication with unrestricted target origin DOM text reinterpreted as HTML Database query built from user-controlled sources Default parameter references nested function Deleting non-property Dependency download using unencrypted communication channel Dependency mismatch Deserialization of user-controlled data Direct state mutation Disabling Electron webSecurity Disabling SCE Disabling certificate validation Double compilation Double escaping or unescaping Download of sensitive file through insecure connection Duplicate ‘if’ condition Duplicate HTML element attributes Duplicate character in character class Duplicate dependency Duplicate parameter names Duplicate property Duplicate switch case Duplicate variable declaration Empty character class Empty password in configuration file Enabling Electron allowRunningInsecureContent Exception text reinterpreted as HTML Exposure of private files Expression has no effect Failure to abandon session File data in outbound network request Hard-coded data interpreted as code Host header poisoning in email generation Identical operands Ignoring result from pure array method Illegal invocation Implicit operand conversion Improper code sanitization Inclusion of functionality from an untrusted source Incompatible dependency injection Incomplete HTML attribute sanitization Incomplete URL scheme check Incomplete URL substring sanitization Incomplete multi-character sanitization Incomplete regular expression for hostnames Incomplete string escaping or encoding Inconsistent direction of for loop Inconsistent use of ‘new’ Incorrect suffix check Indirect uncontrolled command line Ineffective parameter type Inefficient regular expression Information exposure through a stack trace Insecure URL whitelist Insecure configuration of Helmet security middleware Insecure randomness Insecure temporary file Invalid prototype value Invocation of non-function JWT missing secret or public key verification Log injection Loop bound injection Loop iteration skipped due to shifting Malformed id attribute Misleading indentation after control statement Misleading indentation of dangling ‘else’ Missing ‘.length’ in comparison Missing ‘this’ qualifier Missing CSRF middleware Missing await Missing explicit dependency injection Missing exports qualifier Missing origin verification in postMessage handler Missing rate limiting Missing regular expression anchor Missing space in string concatenation Missing variable declaration Misspelled variable name Network data written to file Non-case label in switch statement Non-linear pattern Off-by-one comparison against length Overly permissive regular expression range Overwritten property Permissive CORS configuration Polynomial regular expression used on uncontrolled data Potential file system race condition Potentially inconsistent state update Property access on null or undefined Prototype-polluting assignment Prototype-polluting function Prototype-polluting merge call Reflected cross-site scripting Regular expression always matches Regular expression injection Remote property injection Repeated dependency injection Replacement of a substring with itself Resource exhaustion Resources exhaustion from deep object traversal Return statement assigns local variable Second order command injection Self assignment Semicolon insertion Sensitive cookie without SameSite restrictions Sensitive data read from GET request Sensitive server cookie exposed to the client Server crash Server-side URL redirect Server-side request forgery Shell command built from environment values Shift out of range Storage of sensitive information in build artifact Stored cross-site scripting String instead of regular expression Superfluous trailing arguments Suspicious method name declaration Syntax error Template Object Injection Template syntax in string literal Type confusion through parameter tampering Unbound back reference Unbound event handler receiver Unclear precedence of nested operators Uncontrolled command line Uncontrolled data used in path expression Unhandled error in stream pipeline Unknown directive Unmatchable caret in regular expression Unmatchable dollar in regular expression Unnecessary use of cat process Unneeded defensive code Unreachable method overloads Unreachable statement Unsafe HTML constructed from library input Unsafe code constructed from library input Unsafe dynamic method access Unsafe expansion of self-closing HTML tag Unsafe jQuery plugin Unsafe shell command constructed from library input Unsupported state update in lifecycle method Untrusted domain used in script or other content Unused index variable Unused loop iteration variable Unused or undefined state property Unused variable, import, function or class Unvalidated dynamic method call Use of AngularJS markup in URL-valued attribute Use of a broken or weak cryptographic algorithm Use of a weak cryptographic key Use of call stack introspection in strict mode Use of externally-controlled format string Use of for-in comprehension blocks Use of incompletely initialized object Use of password hash with insufficient computational effort Use of platform-specific language features Use of returnless function Useless assignment to local variable Useless assignment to property Useless comparison test Useless conditional Useless regular-expression character escape Useless return in setter Useless type test User-controlled bypass of security check Variable not declared before use Whitespace contradicts operator precedence With statement Wrong use of ‘this’ for static method XML external entity expansion XML internal entity expansion XPath injection Yield in non-generator function CodeQL query help for Python CodeQL query help for Ruby CodeQL query help for Rust CodeQL query help for Swift CodeQL CWE coverage © GitHub, Inc. Terms Privacy