What is CodeQl?
Is a vulnerability scanner found and used by Security Researchers and GitHub Security Lab. It is basically a code vulnerability scanner. However, CodeQl is neither run Static Analysis that perform by text parsing nor Dynamic Analysis that require to run the code. CodeQl is a semantic analysis that understand what the code does and how is the flow of the code look like from a security level view. Finally it alert the owner of the repository when it sees a code that violate a set of rules identified by those researcher as form of queries.
The researcher who crafted these queries usually don’t get paid by the vulnerability they found but by the query that they submit. These queries are offered free of charged to all Github users. These queries are categorized by programming languages and detects various types of vulnerability.
- Create a public repository
- Go to
Action
section - Then from the Security section press on the Configure CodeQL
- Fix the configuration to match you preference including the programming language
- Finally Commit
The main repo for CodeQl in GitHub:
The repo for the CodeQl’s plugin : [starter]
Configuring private vulnerability reporting for a repository