data-extension-create.yml
data-extension-create.yml
| Name | About | Labels | Assignees |
|---|---|---|---|
| Request new CodeQL Data Extension | Request a new CodeQL data extension (models-as-data) for an unmodeled library or framework | data-extension-create,enhancement |
Thanks for requesting a new CodeQL data extension! This template helps Copilot Coding Agent understand your requirements.
Which programming language should this data extension target?
Link to the library's source code or API documentation. A GitHub repository URL is ideal — it allows the agent to browse the source code directly to identify sources, sinks, and summaries.
Extension name (e.g., databricks-sql.model.yml). Use -.model.yml naming. If the library has multiple modules/sub-packages (e.g., library-core, library-web, library-api), create separate model files per module.
If the library has distinct modules or sub-packages, list them here. Each module may become a separate model file (e.g., library-core.model.yml, library-web.model.yml). Include the import paths or package names.
Describe the library/framework to model. What methods are sources of untrusted data? What methods are security-sensitive sinks? What methods sanitize data (barriers) or validate data (barrier guards)? All applicable model types (sourceModel, sinkModel, summaryModel, barrierModel, barrierGuardModel, typeModel, neutralModel) will be generated automatically.
Provide sample end to code that should be detected
Any other links — API docs, CWE references, related CodeQL queries, or security advisories.