Identify security vulnerabilities in your codebase with CodeQL

Module
7 Units

Intermediate

DevOps Engineer

Administrator

Developer

Student

GitHub

In this module, you'll learn about CodeQL. You'll review information about how CodeQL enables you to analyze the code in your GitHub repository and identify security vulnerabilities.

Learning objectives

By the end of this module, you'll be able to:

Create a database by using CodeQL to extract a single relational representation of each source file in the codebase.
Run CodeQL in a database to find problems in your source code and find potential security vulnerabilities.
Understand CodeQL scan results using queries created by GitHub, or your own custom queries.

Prerequisites

Basic knowledge of GitHub Actions
Familiarity with GitHub code scanning
Administrative access to a repository
Familiarity with SQL, Prolog, Datalog

Introduction min
How to prepare a database for CodeQL min
Run CodeQL in a database min
Understand CodeQL results min
Troubleshoot CodeQL results min
Knowledge check min
Summary min