Code scanning with GitHub CodeQL
Learn how to use CodeQL, a powerful static analysis tool, to implement code scanning on GitHub.
Learning objectives
By the end of this module, you'll be able to:
- Understand CodeQL and how it analyzes code.
- Understand QL, a unique logic programming language.
- Set up CodeQL based code scanning in a GitHub repository.
- Reference a custom CodeQL query.
- Configure the language matrix in a CodeQL workflow.
- Learn how to use the CodeQL CLI to generate code scanning results and upload them to GitHub.
- Implement custom build steps.
Prerequisites
- A GitHub enterprise account with a GitHub Advanced Security license
- Necessary permissions to administrate your repository
- Knowledge of GitHub Advanced Security's code scanning feature
- Knowledge of GitHub Actions