CodeQL
Definition
CodeQL is a semantic code analysis engine used to identify vulnerabilities and bugs in source code by querying code as if it were data. It allows developers to write custom queries to detect specific patterns and potential security issues across large codebases. CodeQL is commonly used in continuous integration pipelines to automate code review processes and enhance application security by identifying issues early in the development lifecycle.
Secure Settings Example
# Example of a GitHub Actions workflow using CodeQL for secure code analysis
name: "CodeQL Analysis"
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '0 0 * * 0'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: 'javascript,python'
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
Insecure Settings Example
# Example of a GitHub Actions workflow with insecure CodeQL configuration
name: "CodeQL Analysis"
on:
push:
branches: [ "main" ]
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
# Missing language specification can lead to incomplete analysis
languages: ''
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2