Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more →
Codeql Alternatives
Similar projects and alternatives to codeql
-
Hasura
Blazing fast, instant realtime GraphQL APIs on all your data with fine grained access control, also trigger webhooks on database events.
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
-
-
-
-
checkedc
Checked C is an extension to C that lets programmers write C code with bounds checking and improved type-safety. The goal is to let people easily make their existing C code type-safe and eliminate entire classes of errors.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
-
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
-
-
-
juvix
Discontinued Juvix empowers developers to write code in a high-level, functional language, compile it to gas-efficient output VM instructions, and formally verify the safety of their contracts prior to deployment and execution.
-
c2nim
c2nim is a tool to translate Ansi C code to Nim. The output is human-readable Nim code that is meant to be tweaked by hand before and after the translation process.
-
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better codeql alternative or higher similarity.
codeql discussion
codeql reviews and mentions
Posts with mentions or reviews of codeql.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2025-02-25.
-
Automating an Open Source Project with GitHub Actions
CodeQL, for vulnerability scanning of the code. We use a configuration defined in a codeql.yml file. CodeQL is triggered upon pull requests, pushes to the main branch as well as periodically
-
Show HN: CyScout – Solidity Vulnerability Detection Powered by GitHub CodeQL
Hi everyone,
GitHub's CodeQL is a powerful semantic code analysis engine for identifying vulnerabilities across codebases. We've extended CodeQL to support Solidity, the most popular programming language for smart contracts. CodeQL enables you to query code as though it were data, and it's open-source (OSS). You can check it out here: <https://github.com/CoinFabrik/CyScout/>. The product page is available at <https://www.coinfabrik.com/products/cyscout-solidity-codeql/>.
CodeQL has its own licensing model, which you can find at https://codeql.github.com/. TL;DR: CodeQL is free for research and open-source projects.
- CodeQL
-
OpenID Connect Flows: From Implicit to Authorization Code with PKCE & BFF
The quality and security of this project are continuously checked using SonarCloud and CodeQL:
-
Show HN: GritQL, a Rust CLI for rewriting source code
apologies if this should be a discussion/issue/whatever but:
Do you envision going up against CodeQL and/or <https://www.jetbrains.com/help/qodana/about-qodana.html> by making semantic information available to the ast nodes? OT1H, I can imagine it could be an overwhelming increase in project scope, but OTOH it could also truly lead to some stunning transformation patterns
e.g. https://github.com/github/codeql/blob/v1.27.0/java/ql/exampl... or even more "textual" semantics such as
var foo = "hello".substring(1); // knowing "foo" is a String - Google Search Drops Cache Link from Search Results
-
Learn Datalog Today
While not trivial because it is not documented, you can create your a database with your own facts. Some of the extractors that create the required files are open source https://github.com/github/codeql/blob/main/ruby/extractor/sr...
- Discover vulnerabilities across a codebase with semantic code analysis engine
-
A plan for cybersecurity and grid safety
Efforts: Dependabot, CodeQL, Coverity, facebook's Infer tool, etc
- GitHub introduces CodeQL, a new tool for automated code review and vulnerability
-
A note from our sponsor - CodeRabbit
coderabbit.ai | 21 Mar 2025
Stats
Basic codeql repo stats
20
8,100
10.0
7 days ago
github/codeql is an open source project licensed under MIT License which is an OSI approved license.
The primary programming language of codeql is CodeQL.
Sponsored
CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai