mirror of
https://github.com/github/codeql.git
synced 2026-03-30 12:18:18 +02:00
e0ba23d2c7
I think these queries have excellent results on lgtm.com. Many of the
results come from projects that use `sprintf` like it's a templating
engine, trusting that values from `argv` or `getenv` contain the correct
number of `%s`. I think we want to flag that.
The structure of the change note is modeled after 91af51cf46.