Like reading every recipe in a cookbook and flagging any that say "add raw chicken to the salad" — finding dangerous patterns before the dish is cooked.
CodeQL compiles the code into a database, then runs hundreds of queries to detect vulnerability patterns without executing the code.
> CodeQL initializing database for TypeScript... > Running security-extended queries (847 checks) > Found: 2 results > - sql-injection: src/routes/user.ts:24 (High) > - xss: src/templates/comment.tsx:15 (Medium) > Results uploaded to GitHub Security tab
Like reading every recipe in a cookbook and flagging any that say "add raw chicken to the salad" — finding dangerous patterns before the dish is cooked.
CodeQL compiles the code into a database, then runs hundreds of queries to detect vulnerability patterns without executing the code.
> CodeQL initializing database for TypeScript... > Running security-extended queries (847 checks) > Found: 2 results > - sql-injection: src/routes/user.ts:24 (High) > - xss: src/templates/comment.tsx:15 (Medium) > Results uploaded to GitHub Security tab
Sign in to cast your vote
Sign in to share your feedback and join the discussion.