Imagine you are a developer with administrator rights on a GitHub repository. You want to automate security checks. These steps help you analyze your releases to detect potential vulnerabilities. Fortunately, your organization has subscribed to GitHub Advanced Security.
Your GHAS license allows you to perform these tasks using CodeQL.

CodeQL is a code analysis tool for your GitHub repository, designed to identify security vulnerabilities. It is available for public repositories and private repositories owned by your organization.
CodeQL supports many languages for analysis, including C/C++, Java, and Python.

🎯 Learning objectives

In this module, you will learn how to:

• Install the CodeQL command-line interface (CLI) from the GitHub CodeQL releases page
• Create a database with CodeQL to extract a relational representation of each source code file
• Run CodeQL on this database to detect issues in your source code and identify potential vulnerabilities
• Analyze the results of the CodeQL analysis using queries created by GitHub or your own custom queries

✅ Prerequisites

• Basic knowledge of GitHub Actions
• Familiarity with code analysis on GitHub
• Administrator access to a repository
• Basic knowledge of SQL, Prolog, and Datalog