Sounds good to me, looks for e.g. hard-coded access data for vulnerabilities, ...
This action runs GitHub's industry-leading static analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab.
roscha444
commented
3 years ago
Sounds good to me, looks for e.g. hard-coded access data for vulnerabilities, ...
This action runs GitHub's industry-leading static analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab.
https://github.com/github/codeql-action