Welcome to the codeql repository!
This repository contains CodeQL queries, libraries, and scripts for analyzing source code and identifying security vulnerabilities, bugs, and code quality issues. CodeQL allows you to write queries that find patterns and problems in source code, empowering secure software development and automated code review.
- Custom CodeQL Queries: Tailored queries for finding security vulnerabilities and code smells.
- Reusable Libraries: CodeQL libraries to help you write your own queries.
- Automation Scripts: Scripts and workflows for integrating CodeQL analysis into CI/CD pipelines.
git clone https://github.com/nodoubtz/codeql.git
cd codeql-
Set up your CodeQL database for the target codebase (see CodeQL docs).
-
Run a query from the
queriesdirectory:codeql query run queries/my-query.ql --database=path/to/database
-
Review the results and iterate on your queries as needed.
.
├── queries/
│ └── [your custom CodeQL queries]
├── libraries/
│ └── [CodeQL libraries and modules]
└── scripts/
└── [helper and automation scripts]
queries/: Custom CodeQL queries for various languages and vulnerabilities.libraries/: CodeQL QL libraries for reuse in queries.scripts/: Automation scripts to assist with analysis or CI/CD integration.
Contributions are welcome! Please:
- Fork this repo and create a new branch.
- Add your queries, libraries, or scripts.
- Open a pull request with a clear description.
See CONTRIBUTING.md if available.
This project is licensed under the MIT License.
Note: Please ensure you do not include any sensitive or vulnerable code in your queries or examples.