-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Expand file tree
/
Copy path.CodeQL.yml
More file actions
19 lines (18 loc) · 965 Bytes
/
.CodeQL.yml
File metadata and controls
19 lines (18 loc) · 965 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# This file configures CodeQL runs and TSA bug autofiling. For more information, see:
# https://eng.ms/docs/coreai/devdiv/one-engineering-system-1es/1es-docs/codeql/troubleshooting/bugs/generated-library-code
# (Access restricted to Microsoft employees only.)
queries:
#
# REPO-WIDE RULE EXCLUSIONS
#
- exclude:
queryid:
# [Serializable] doesn't imply that a type is *safe* to [de]serialize; only that it is
# *possible* to do so. The rules below incorrectly assume we're trying to make a safety
# guarantee.
- "cs/dangerous-deserialization-routine"
- "cs/deserialization-of-pointer-type"
# We already have CodeQL + Roslyn rules running to detect usage of dangerous deserialization
# APIs. Those call sites are well-reviewed and don't benefit from extra alerts regarding
# the possibility of loading malicious code.
- "cs/deserialization-unexpected-subtypes"