-
###Beskrivning
Automate code analyze to discover vulnerabilities with CodeQL.
vulnerabilities will be shown in the security tab.
###Acceptance Criteria
Scanning starts with pull and push to main.
…
-
Is there a way to write parameterized queries? Say I my query is something like:
```
from string methodName, MethodDecl method
where methodName="MyFunc1"
and method.getName()=methodName
select m…
-
CodeQL does not currently support PowerShell. Given that PowerShell is quite a potent language that has been used to great effect by red team and blue team alike, this lack of functionality hurts bot…
-
-
Hi! We've recently adopted CodeQL into our system and noticed very slow analysis for one of our codebases, which consists of java + kotlin.
For comparison:
* regular build takes 20-30 minutes
* c…
-
**Description**
CodeQL is currently set to default on all of our project.
**Describe the solution you'd like**
Having everything on defaults is fine, however, there could be other functionality we're…
-
### Feature Overview
Port CodeQL fixes from `release/202311`. Make new CodeQL fixes for incoming code to `relese/202405`.
### Solution Overview
Run CodeQL and make fixes. Ideally, one CodeQL fix co…
-
## Description
The `sig-security` team announced, that licensing for Veracode will expire and a migration to CodeQL should be done.
-
Hi,
I'm trying to roll out CodeQL scanning to some of our iOS (swift) repositories and I have issues with CodeQL breaking the build steps. The same steps that succeed by themselves will fail when C…
-
**Description of the issue**
A fresh download of the CodeQL bundle shows errors when running:
```
./codeql resolve qlpacks
```
The errors shown seems to be false positives because they all se…