forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Pull requests: trailofbits/codeql
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
Bump lodash from 4.17.23 to 4.18.1 in /javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash
dependencies
Pull requests that update a dependency file
javascript
Pull requests that update javascript code
JS
#15
opened Apr 10, 2026 by
dependabot
bot
Loading…
Bump lodash from 4.17.4 to 4.18.1 in /javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash
dependencies
Pull requests that update a dependency file
javascript
Pull requests that update javascript code
JS
#14
opened Apr 9, 2026 by
dependabot
bot
Loading…
Bump next from 15.5.10 to 15.5.14 in /javascript/ql/test/query-tests/Security/CWE-918/Request
dependencies
Pull requests that update a dependency file
javascript
Pull requests that update javascript code
JS
#13
opened Mar 21, 2026 by
dependabot
bot
Loading…
Bump google.golang.org/grpc from 1.72.0 to 1.79.3 in /go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery
dependencies
Pull requests that update a dependency file
documentation
go
Pull requests that update go code
#12
opened Mar 19, 2026 by
dependabot
bot
Loading…
Fix dependabot config: weekly schedule, cooldown, missing ecosystems
#11
opened Feb 13, 2026 by
dguido
Member
Loading…
2 tasks
Bump golang.org/x/crypto from 0.37.0 to 0.45.0 in /go/ql/test/library-tests/semmle/go/frameworks/SQL/bigquery
dependencies
Pull requests that update a dependency file
documentation
go
Pull requests that update go code
#5
opened Nov 20, 2025 by
dependabot
bot
Loading…
ProTip!
Filter pull requests by the default branch with base:main.