CodeQL Code Analysis

CodeQL Code Analysis

github.com

2

About this website

CodeQL is a semantic code analysis engine developed by GitHub that enables finding security vulnerabilities by querying code as if it were data. Originally developed at Semmle (acquired by GitHub in 2020), CodeQL powers GitHub code scanning and has found thousands of vulnerabilities in open-source projects. Key features include: code as data (extracts relational data from source code creating a queryable database of functions, classes, expressions, and types), CodeQL query language (SQL-like declarative language with predicate logic, recursion, and type inference for expressing complex code patterns and data flow analysis), language support (C, C++, C#, Go, Java, JavaScript, TypeScript, Python, Ruby, Kotlin, Swift, and Objective-C), data flow analysis (taint tracking for tracing how untrusted input flows through code to dangerous sinks, detecting injection vulnerabilities), control flow analysis (path-sensitive analysis for detecting unreachable code and complex control flow vulnerabilities), security queries (over 2,000 pre-written queries covering CWE categories including SQL injection, XSS, path traversal, deserialization, SSRF, and cryptographic weaknesses), custom queries (write custom queries for project-specific security policies), CI integration (GitHub Actions integration for automatic code scanning on pull requests with differential analysis), CodeQL CLI (command-line interface for creating databases, running queries, and interpreting results), and CodeQL packs (reusable query libraries distributed via GitHub Container Registry).

Tags & Categories

Categories

Tags

Statistics

2
Views
0
Clicks
0
Like
0
Dislike

Comments

Log In to post a comment

No comments yet. Be the first!