Identify security vulnerabilities in your codebase by using CodeQL
In this module, you learn about CodeQL and how you can use it to analyze the code in your GitHub repository and identify security vulnerabilities.
Learning objectives
By the end of this module, you'll be able to:
- Create a database by using CodeQL to extract a single relational representation of each source file in the codebase.
- Run CodeQL in a database to find problems in your source code and find potential security vulnerabilities.
- Understand CodeQL scan results by using GitHub-created queries or your own custom queries.
Prerequisites
- Basic knowledge of GitHub Actions
- Familiarity with GitHub code scanning
- Administrative access to a repository
- Familiarity with SQL, Prolog, and Datalog