Skip to content

github/codeql-action

Folders and files

NameName
Last commit message
Last commit date
Aug 21, 2023
Aug 7, 2023
Jul 25, 2023
Apr 8, 2022
Apr 10, 2023
Aug 25, 2023
Aug 28, 2023
Aug 7, 2023
Jul 26, 2023
Aug 7, 2023
Jun 13, 2023
Aug 25, 2023
Apr 4, 2023
Mar 30, 2022
Jun 23, 2020
Nov 14, 2022
Jul 19, 2023
Jul 25, 2023
Sep 8, 2021
Nov 14, 2022
Nov 14, 2022
Aug 28, 2023
Apr 12, 2022
Apr 28, 2020
May 25, 2023
Apr 28, 2020
Aug 21, 2023
Aug 28, 2023
Aug 28, 2023
Jan 18, 2023

Repository files navigation

CodeQL Action

This action runs GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed on pull requests and in the repository's security tab. CodeQL runs an extensible set of queries, which have been developed by the community and the GitHub Security Lab to find common vulnerabilities in your code.

For a list of recent changes, see the CodeQL Action's changelog.

License

This project is released under the MIT License.

The underlying CodeQL CLI, used in this action, is licensed under the GitHub CodeQL Terms and Conditions. As such, this action may be used on open source projects hosted on GitHub, and on private repositories that are owned by an organisation with GitHub Advanced Security enabled.

Usage

We recommend using default setup to configure CodeQL analysis for your repository. For more information, see "Configuring default setup for code scanning."

You can also configure advanced setup for a repository to find security vulnerabilities in your code using a highly customizable code scanning configuration. For more information, see "Configuring advanced setup for code scanning" and "Customizing your advanced setup for code scanning."

Troubleshooting

Read about troubleshooting code scanning.

Contributing

This project welcomes contributions. See CONTRIBUTING.md for details on how to build, install, and contribute.