codeql

Open-source projects categorized as codeql
Edit details
Language: + CodeQL + TypeScript + Python + Go
Topics: code-scanning semgrep semmle-ql TypeScript AWS
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 10 codeql Open-Source Projects

  • codeql

    CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

    • Project mention: Show HN: GritQL, a Rust CLI for rewriting source code | news.ycombinator.com | 2024-03-20

    apologies if this should be a discussion/issue/whatever but:

    Do you envision going up against CodeQL and/or <https://www.jetbrains.com/help/qodana/about-qodana.html> by making semantic information available to the ast nodes? OT1H, I can imagine it could be an overwhelming increase in project scope, but OTOH it could also truly lead to some stunning transformation patterns

    e.g. https://github.com/github/codeql/blob/v1.27.0/java/ql/exampl... or even more "textual" semantics such as

      var foo = "hello".substring(1); // knowing "foo" is a String

  • secure-code-game

    A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.

    • Project mention: The GitHub Community Roundup - 2024.01.16 | dev.to | 2024-02-15

    Up your security skills with this in-repo learning experience. This season's game features five community-contributed challenges in JavaScript, Python, Go, and GitHub Actions. Start playing now.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • codeql-action

    Actions for running CodeQL analysis

  • go-ruleguard

    Define and run pattern-based custom linting rules.

  • codeql

    GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript. (by githubsatelliteworkshops)

  • codeql-coding-standards

    This repository contains CodeQL queries and libraries which support various Coding Standards.

    • Project mention: Misra C++:2023 Published | news.ycombinator.com | 2023-12-17

  • codeql

    CodeQL workshops for GitHub Universe (by githubuniverseworkshops)

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  • my-readings

    API of my readings, developed in Nest.js, MongoDB, Nginx and Dockerized

  • monorepo

    A full-stack TypeScript video board web app built on Angular and AWS (by quipt)

  • Pixeebot

    Pixeebot finds security and code quality issues in your code and inbound pull requests and creates merge-ready pull requests with recommended fixes. Pixeebot integrates with third party security tools such as Sonar, Semgrep, and CodeQL to automatically fix findings from each tool's scans.

    • Project mention: Show HN: Pixeebot – a GitHub App that fixes your Sonar findings (Java/Python) | news.ycombinator.com | 2024-03-25

    https://github.com/pixee/pygoat/pull/2/files

    The changes aren't all super fancy, but we're orienting towards solving real problems and remediating issues -- grunt work you don't want to have to do, but compliance says you should (and you probably should)!

    Right now, we fix around 25 of the things that Sonar commonly finds (and a lot more that it doesn't find!). You can see the complete list of things we fix here:

    https://docs.pixee.ai/codemods/overview/

    I'll tell you, it's so much nicer to receive PRs than tool warnings.

    To try it out:

    1. Install the Pixeebot GitHub App on a Sonar-monitored GitHub repository

      - https://github.com/apps/pixeebot

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

codeql related posts

  • Google Search Drops Cache Link from Search Results

    2 projects | news.ycombinator.com | 31 Jan 2024

  • Porsche Open Source Platform

    1 project | news.ycombinator.com | 12 Nov 2023

  • Discover vulnerabilities across a codebase with semantic code analysis engine

    1 project | news.ycombinator.com | 7 Sep 2023

  • GitHub introduces CodeQL, a new tool for automated code review and vulnerability

    1 project | /r/CKsTechNews | 20 Jan 2023

  • GitHub introduces CodeQL, a new tool for automated code review and vulnerability

    1 project | news.ycombinator.com | 20 Jan 2023

  • Blizzard has announced that the quest log cap will be increased to 35, after many years of staying capped at 25. Happy questing!

    1 project | /r/wow | 10 Dec 2022

  • Soufflé: A Datalog Synthesis Tool for Static Analysis

    5 projects | news.ycombinator.com | 30 Nov 2022
  • A note from our sponsor - SaaSHub
    www.saashub.com | 13 May 2024
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source codeql projects? This list will help you:

Project Stars
1 codeql 7,156
2 secure-code-game 1,881
3 codeql-action 1,058
4 go-ruleguard 766
5 codeql 201
6 codeql-coding-standards 107
7 codeql 91
8 my-readings 29
9 monorepo 23
10 Pixeebot -

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com