You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We can use Codeql to evaluate the generated code snippets for security vulnerabilities. This folder contained CodeQL queries that can detect 18 out of the top 25 CWEs of 2021 in code.
### Requirements
To run this, CodeQL CLI needs to be installed on your system. The instructions to installation can be found [here](https://codeql.github.com/docs/codeql-cli/getting-started-with-the-codeql-cli/)
## Workflow of CodeQL
CodeQL treats code like data. Software vulnerabilities are found in code by executing queries (one specific software vulnerability = one specific query)
on a database representation of the code. To do so, first this database representation of the code files under scope of analysis have to be created. Then queries or query sets can be run against the database. The results of the queries will be printed to a result file.
