Skip to content

codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)

Notifications You must be signed in to change notification settings

hudangwei/codemillx

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

codemillx

English | 简体中文

codemillx是一款CodeQL辅助工具,通过提取代码中的注释,并可生成codeql qll库模块。

安装

通过 go get 命令安装:

go get github.com/hudangwei/codemillx/cmd/codemillx

运行

在你的项目根目录下执行命令:

cd mywebapp && codemillx ./...

运行命令后将生成Customizations.qll文件

依赖项

codemillx生成codeql模块时会调用codeql命令进行格式化,所以依赖本地PATH中有codeql

codeql query format -qq -i Customizations.qll

如何添加代码注释

实践案例 / 推荐阅读

参考项目

About

codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages