{"id":13589662,"url":"https://github.com/crypto-com/cosmos-sdk-codeql","last_synced_at":"2026-01-16T15:01:14.899Z","repository":{"id":40469904,"uuid":"423690259","full_name":"crypto-com/cosmos-sdk-codeql","owner":"crypto-com","description":"A query suite for common bug patterns in Cosmos SDK-based applications","archived":false,"fork":false,"pushed_at":"2023-12-05T03:30:35.000Z","size":159,"stargazers_count":17,"open_issues_count":2,"forks_count":8,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-01-25T04:52:44.144Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"CodeQL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/crypto-com.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2021-11-02T03:06:23.000Z","updated_at":"2023-12-13T06:41:16.000Z","dependencies_parsed_at":"2023-12-05T04:39:26.557Z","dependency_job_id":null,"html_url":"https://github.com/crypto-com/cosmos-sdk-codeql","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crypto-com%2Fcosmos-sdk-codeql","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crypto-com%2Fcosmos-sdk-codeql/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crypto-com%2Fcosmos-sdk-codeql/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crypto-com%2Fcosmos-sdk-codeql/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/crypto-com","download_url":"https://codeload.github.com/crypto-com/cosmos-sdk-codeql/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223314273,"owners_count":17125042,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T16:00:32.710Z","updated_at":"2026-01-16T15:01:14.851Z","avatar_url":"https://github.com/crypto-com.png","language":"CodeQL","funding_links":[],"categories":["Testing"],"sub_categories":["Terminal Block Explorers"],"readme":"# cosmos-sdk-codeql\nA query suite for common bug patterns in Cosmos SDK-based applications.\n\n## Passive Maintenance\nThis repository is in a passive maintenance mode: it is not actively developed, but we will accept pull requests and issues. It may, however, take some time to respond.\n\n## Usage\nIn CodeQL CLI, you can download it using the following command:\n\n```bash\n$ codeql pack download crypto-com/cosmos-sdk-codeql@0.0.7\n```\n\n[See more details in the CodeQL CLI documentation](https://codeql.github.com/docs/codeql-cli/publishing-and-using-codeql-packs/).\n\nIn order to add the extra queries to the CI pipeline, you can use the `queries` or `packs` option in the CodeQL initialization:\n\n```yaml\n#...\n    # Initializes the CodeQL tools for scanning.\n    - name: Initialize CodeQL\n      uses: github/codeql-action/init@v2\n      with:\n        languages: 'go'\n        queries: crypto-com/cosmos-sdk-codeql@v0.0.7, \u003c...other queries...\u003e\n#...\n```\n\n[See more details in the GitHub Code Scanning documentation](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#running-additional-queries).\n\n## False Negatives\nThe queries have heuristics based on the usage in the Cosmos SDK codebase to reduce false positives.\nThey may, however, lead to false negatives: for example, if you used \"client\" package's code parts (that may be ignored by queries)\nin consensus-critical sections, related bugs from ignored packages may not be uncovered by queries.\nIf you are worried about false negatives in particular queries, [you can open an issue to discuss the query change](https://github.com/crypto-com/cosmos-sdk-codeql/issues/new).\nAlternatively, you can tweak the query and either execute it manually from time to time, or add the tweaked query to your CI scanning action.\n\n## False Positives\nThe queries over-approximate and may lead to false positives. If you encounter a false positive, you can do the following:\n\n1. [you can dismiss the false positive alerts in the Security tab on GitHub](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#dismissing--alerts);\n2. if see a repeating pattern of false positives, [you can open an issue to discuss the query improvement](https://github.com/crypto-com/cosmos-sdk-codeql/issues/new);\n3. alternatively, if you cannot dismiss alerts in the Security tab on GitHub, \nsome of the queries will ignore findings that have an explicit comment (starting with \"SAFE:\")\nthat explains why it is safe to ignore that bit of code. The comments can be placed either on the preceding line or on the enclosing function:\n\n```go\n// SAFE: ...explanation why findings in this function are false positives...\nfunc myFun(...) {\n   ...\n}\n\nfunc myFun2(...) {\n  ...\n  // SAFE: ...explanation why this particular finding is a false positive...\n  myVar := ...\n  ...\n}\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrypto-com%2Fcosmos-sdk-codeql","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcrypto-com%2Fcosmos-sdk-codeql","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrypto-com%2Fcosmos-sdk-codeql/lists"}