Skip to content

Instantly share code, notes, and snippets.

@flatcap

flatcap/README.md

Last active December 6, 2025 13:58
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save flatcap/fccc96ce693e06621a35d2dafa8ed2c5 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save flatcap/fccc96ce693e06621a35d2dafa8ed2c5 to your computer and use it in GitHub Desktop.
Download ZIP
code scanning
Raw
README.md

NeoMutt CodeQL Code Scanning

Last update: 2025-12-03

Download 2 pages of 100 issues

gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" "/repos/neomutt/neomutt/code-scanning/alerts?state=open&per_page=100&page=1" | json_reformat > s1.json gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" "/repos/neomutt/neomutt/code-scanning/alerts?state=open&per_page=100&page=2" | json_reformat > s2.json

Export some fields

jq '.[] | .number,.url,.rule.description,.most_recent_instance.location.path,.most_recent_instance.location.start_line,.most_recent_instance.location.start_column' s1.json > l1 jq '.[] | .number,.url,.rule.description,.most_recent_instance.location.path,.most_recent_instance.location.start_line,.most_recent_instance.location.start_column' s2.json > l2

vim quickfix list

qf.txt

117 Issues

  • 27 For loop variable changed in body
  • 26 Poorly documented large function
  • 21 Local variable address stored in non-local memory
  • 9 Year field changed using an arithmetic operation without checking for leap year
  • 8 Long switch case
  • 8 Inconsistent nullness check
  • 5 Uncontrolled data used in path expression
  • 3 Nested loops with same variable
  • 3 Futile conditional
  • 2 Time-of-check time-of-use filesystem race condition
  • 2 File created without restricting permissions
  • 2 Cleartext transmission of sensitive information
  • 1 Uncontrolled process operation
Raw
qf.txt
ncrypt/smime.c:745:11: 2 Cleartext transmission of sensitive information
ncrypt/smime.c:780:13: 3 Cleartext transmission of sensitive information
maildir/message.c:567:10: 1103 File created without restricting permissions
mh/shared.c:86:10: 691 File created without restricting permissions
compose/functions.c:649:9: 187 For loop variable changed in body
compose/functions.c:661:9: 188 For loop variable changed in body
email/parse.c:226:17: 507 For loop variable changed in body
email/parse.c:639:5: 208 For loop variable changed in body
email/parse.c:644:5: 209 For loop variable changed in body
email/rfc2047.c:385:9: 1063 For loop variable changed in body
email/rfc2231.c:117:7: 571 For loop variable changed in body
email/url.c:204:9: 572 For loop variable changed in body
imap/utf7.c:119:7: 213 For loop variable changed in body
imap/utf7.c:129:27: 214 For loop variable changed in body
imap/util.c:725:11: 1183 For loop variable changed in body
mutt/buffer.c:446:20: 932 For loop variable changed in body
mutt/file.c:1381:28: 508 For loop variable changed in body
mutt/file.c:1386:11: 509 For loop variable changed in body
mutt/path.c:80:13: 217 For loop variable changed in body
mutt/slist.c:201:7: 218 For loop variable changed in body
mutt_header.c:331:13: 510 For loop variable changed in body
ncrypt/gnupgparse.c:280:13: 223 For loop variable changed in body
ncrypt/gnupgparse.c:286:13: 224 For loop variable changed in body
ncrypt/gnupgparse.c:292:13: 225 For loop variable changed in body
ncrypt/gnupgparse.c:359:20: 226 For loop variable changed in body
ncrypt/gpgme_functions.c:198:7: 1109 For loop variable changed in body
ncrypt/gpgme_functions.c:215:9: 228 For loop variable changed in body
ncrypt/gpgme_functions.c:223:11: 573 For loop variable changed in body
ncrypt/smime.c:301:20: 231 For loop variable changed in body
nntp/complete.c:66:9: 230 For loop variable changed in body
pattern/pattern.c:117:7: 483 For loop variable changed in body
mutt/signal.c:84:3: 1190 Futile conditional
mutt/signal.c:98:5: 1189 Futile conditional
mutt/signal.c:117:3: 1188 Futile conditional
imap/imap.c:513:35: 1201 Inconsistent nullness check
imap/imap.c:1041:35: 1199 Inconsistent nullness check
imap/imap.c:1367:35: 1198 Inconsistent nullness check
imap/imap.c:1882:35: 1197 Inconsistent nullness check
imap/imap.c:2287:35: 1196 Inconsistent nullness check
imap/message.c:425:35: 1203 Inconsistent nullness check
imap/message.c:1544:35: 1202 Inconsistent nullness check
imap/message.c:1703:35: 1200 Inconsistent nullness check
alias/dlg_alias.c:240:3: 325 Local variable address stored in non-local memory
alias/dlg_query.c:317:3: 326 Local variable address stored in non-local memory
browser/dlg_browser.c:856:3: 1130 Local variable address stored in non-local memory
browser/dlg_browser.c:857:3: 1131 Local variable address stored in non-local memory
conn/dlg_verifycert.c:173:3: 331 Local variable address stored in non-local memory
editor/window.c:297:3: 1187 Local variable address stored in non-local memory
email/parse.c:257:9: 334 Local variable address stored in non-local memory
email/rfc2231.c:232:5: 336 Local variable address stored in non-local memory
email/thread.c:112:3: 527 Local variable address stored in non-local memory
history/dlg_history.c:132:3: 1132 Local variable address stored in non-local memory
imap/browse.c:165:3: 341 Local variable address stored in non-local memory
imap/browse.c:277:5: 1100 Local variable address stored in non-local memory
imap/command.c:685:3: 343 Local variable address stored in non-local memory
imap/imap.c:1308:3: 344 Local variable address stored in non-local memory
mutt/notify.c:210:3: 1110 Local variable address stored in non-local memory
mutt_thread.c:1063:5: 349 Local variable address stored in non-local memory
ncrypt/dlg_gpgme.c:233:3: 1135 Local variable address stored in non-local memory
ncrypt/dlg_pgp.c:233:3: 1133 Local variable address stored in non-local memory
ncrypt/dlg_smime.c:210:3: 1134 Local variable address stored in non-local memory
pager/dlg_pager.c:353:3: 353 Local variable address stored in non-local memory
postpone/dlg_postpone.c:223:3: 1136 Local variable address stored in non-local memory
email/parse.c:686:3: 521 Long switch case
flags.c:71:3: 575 Long switch case
muttlib.c:137:5: 1193 Long switch case
ncrypt/gnupgparse.c:172:5: 19 Long switch case
ncrypt/smime.c:2050:5: 20 Long switch case
notmuch/notmuch.c:1389:3: 21 Long switch case
pattern/compile.c:369:5: 23 Long switch case
pattern/compile.c:931:5: 692 Long switch case
postpone/postpone.c:225:24: 356 Nested loops with same variable
postpone/postpone.c:260:22: 357 Nested loops with same variable
postpone/postpone.c:297:16: 358 Nested loops with same variable
address/address.c:480:5: 577 Poorly documented large function
attach/recvattach.c:431:6: 693 Poorly documented large function
convert/content_info.c:49:6: 285 Poorly documented large function
enriched.c:120:13: 478 Poorly documented large function
envelope/window.c:502:12: 427 Poorly documented large function
handler.c:1130:12: 697 Poorly documented large function
history/history.c:203:13: 1115 Poorly documented large function
index/functions.c:1349:12: 292 Poorly documented large function
index/functions.c:1467:12: 291 Poorly documented large function
mbox/mbox.c:183:27: 293 Poorly documented large function
mutt/filter.c:62:7: 659 Poorly documented large function
mutt_thread.c:233:13: 294 Poorly documented large function
ncrypt/crypt.c:1117:5: 1104 Poorly documented large function
ncrypt/crypt.c:1241:5: 695 Poorly documented large function
ncrypt/crypt_gpgme.c:3532:14: 296 Poorly documented large function
ncrypt/pgp.c:1463:7: 295 Poorly documented large function
notmuch/notmuch.c:2253:22: 298 Poorly documented large function
pager/pager.c:132:12: 526 Poorly documented large function
pattern/exec.c:845:13: 299 Poorly documented large function
pattern/pattern.c:188:5: 1128 Poorly documented large function
pop/auth.c:523:5: 300 Poorly documented large function
recvcmd.c:949:6: 694 Poorly documented large function
send/send.c:235:12: 301 Poorly documented large function
send/send.c:1155:12: 574 Poorly documented large function
send/sendlib.c:453:14: 284 Poorly documented large function
send/smtp.c:622:12: 303 Poorly documented large function
mutt/file.c:171:18: 1207 Time-of-check time-of-use filesystem race condition
mutt/file.c:183:3: 6 Time-of-check time-of-use filesystem race condition
help.c:196:30: 1191 Uncontrolled data used in path expression
key/dump.c:199:24: 1192 Uncontrolled data used in path expression
mutt/logging.c:131:31: 1205 Uncontrolled data used in path expression
ncrypt/smime.c:1448:20: 1206 Uncontrolled data used in path expression
send/sendlib.c:113:26: 913 Uncontrolled data used in path expression
send/sendmail.c:172:14: 384 Uncontrolled process operation
expando/node_conddate.c:87:10: 1099 Year field changed using an arithmetic operation without checking for leap year
mutt/date.c:353:9: 319 Year field changed using an arithmetic operation without checking for leap year
mutt/date.c:358:9: 486 Year field changed using an arithmetic operation without checking for leap year
mutt/date.c:369:11: 321 Year field changed using an arithmetic operation without checking for leap year
mutt/date.c:383:11: 322 Year field changed using an arithmetic operation without checking for leap year
mutt/date.c:591:8: 522 Year field changed using an arithmetic operation without checking for leap year
mutt/date.c:756:8: 1114 Year field changed using an arithmetic operation without checking for leap year
pattern/compile.c:230:11: 324 Year field changed using an arithmetic operation without checking for leap year
pattern/compile.c:344:8: 323 Year field changed using an arithmetic operation without checking for leap year
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment