{"id":5550,"date":"2025-07-24T13:48:45","date_gmt":"2025-07-24T13:48:45","guid":{"rendered":"https:\/\/techhub.saworks.io\/docs\/tutoriel-github\/securite-avancee-sur-github-partie-2-sur-2\/introduction\/"},"modified":"2025-07-24T13:51:19","modified_gmt":"2025-07-24T13:51:19","slug":"introduction","status":"publish","type":"docs","link":"https:\/\/techhub.saworks.io\/fr\/docs\/tutoriel-github\/securite-avancee-sur-github-partie-2-sur-2\/introduction\/","title":{"rendered":"Introduction"},"content":{"rendered":"\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\">\n<p>Imaginez que vous \u00eates un d\u00e9veloppeur avec des&nbsp;<strong>droits d\u2019administrateur<\/strong>&nbsp;sur un d\u00e9p\u00f4t GitHub. Vous souhaitez&nbsp;<strong>automatiser les v\u00e9rifications de s\u00e9curit\u00e9<\/strong>. Ces \u00e9tapes vous aident \u00e0 analyser vos versions pour d\u00e9tecter d\u2019\u00e9ventuelles vuln\u00e9rabilit\u00e9s. Heureusement, votre organisation a souscrit \u00e0&nbsp;<strong>GitHub Advanced Security<\/strong>.<br>Votre licence GHAS vous permet d\u2019effectuer ces t\u00e2ches en utilisant&nbsp;<strong>CodeQL<\/strong>.<\/p>\n\n\n\n<p><strong>CodeQL<\/strong>&nbsp;est un outil d\u2019analyse du code dans votre d\u00e9p\u00f4t GitHub, con\u00e7u pour&nbsp;<strong>identifier les vuln\u00e9rabilit\u00e9s de s\u00e9curit\u00e9<\/strong>. Il est disponible pour les&nbsp;<strong>d\u00e9p\u00f4ts publics<\/strong>&nbsp;et les&nbsp;<strong>d\u00e9p\u00f4ts priv\u00e9s appartenant \u00e0 votre organisation<\/strong>.<br>CodeQL prend en charge de nombreux langages pour l\u2019analyse, notamment&nbsp;<strong>C\/C++<\/strong>,&nbsp;<strong>Java<\/strong>&nbsp;et&nbsp;<strong>Python<\/strong>.<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83c\udfaf&nbsp;<strong>Objectifs d\u2019apprentissage<\/strong><\/h3>\n\n\n\n<p>Dans ce module, vous allez apprendre \u00e0 :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Installer l\u2019interface en ligne de commande (CLI) de CodeQL<\/strong>&nbsp;depuis la page des versions GitHub CodeQL<\/li>\n\n\n\n<li><strong>Cr\u00e9er une base de donn\u00e9es<\/strong>&nbsp;avec CodeQL pour extraire une repr\u00e9sentation relationnelle de chaque fichier source du code<\/li>\n\n\n\n<li><strong>Ex\u00e9cuter CodeQL sur cette base de donn\u00e9es<\/strong>&nbsp;pour d\u00e9tecter des probl\u00e8mes dans votre code source et identifier des vuln\u00e9rabilit\u00e9s potentielles<\/li>\n\n\n\n<li><strong>Analyser les r\u00e9sultats de l\u2019analyse CodeQL<\/strong>&nbsp;\u00e0 l\u2019aide de requ\u00eates cr\u00e9\u00e9es par GitHub ou de vos propres requ\u00eates personnalis\u00e9es<\/li>\n<\/ul>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">\u2705&nbsp;<strong>Pr\u00e9requis<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Connaissances de base sur&nbsp;<strong>GitHub Actions<\/strong><\/li>\n\n\n\n<li>Familiarit\u00e9 avec&nbsp;<strong>l\u2019analyse de code sur GitHub<\/strong><\/li>\n\n\n\n<li><strong>Acc\u00e8s administrateur<\/strong>&nbsp;\u00e0 un d\u00e9p\u00f4t<\/li>\n\n\n\n<li>Connaissances de base en\u00a0<strong><a href=\"https:\/\/en.wikipedia.org\/wiki\/SQL\">SQL<\/a><\/strong>,\u00a0<strong><a href=\"https:\/\/en.wikipedia.org\/wiki\/Prolog\">Prolog<\/a><\/strong>\u00a0et\u00a0<strong><a href=\"https:\/\/en.wikipedia.org\/wiki\/Datalog\">Datalog<\/a><\/strong><\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Imaginez que vous \u00eates un d\u00e9veloppeur avec des&nbsp;droits d\u2019administrateur&nbsp;sur un d\u00e9p\u00f4t GitHub. Vous souhaitez&nbsp;automatiser les v\u00e9rifications de s\u00e9curit\u00e9. Ces \u00e9tapes vous aident \u00e0 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":5546,"menu_order":2,"comment_status":"closed","ping_status":"closed","template":"","doc_tag":[],"doc_badge":[],"class_list":["post-5550","docs","type-docs","status-publish","hentry"],"author_avatar":"https:\/\/secure.gravatar.com\/avatar\/6a70e7c73db9f245e650948d09d74f61?s=96&d=mm&r=g","author_name":"Annick N'dri","_links":{"self":[{"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/docs\/5550"}],"collection":[{"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/types\/docs"}],"author":[{"embeddable":true,"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/comments?post=5550"}],"version-history":[{"count":0,"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/docs\/5550\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/docs\/5546"}],"wp:attachment":[{"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/media?parent=5550"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/doc_tag?post=5550"},{"taxonomy":"doc_badge","embeddable":true,"href":"https:\/\/techhub.saworks.io\/fr\/wp-json\/wp\/v2\/doc_badge?post=5550"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}