mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-11-22 23:50:19 +00:00
f0bf723424
CodeQL is a static analysis technology that was purchased by GitHub and has been tightly integrated into the platform. It's different from most other static analysis solutions because it's based on a database built from your codebase, and then language specific rules can be executed against that database. The rules are fully user extensible, and are written in a datalog/query language. The default cpp language rules coming from CodeQL will probably find some issues, the ability to easily write custom rules/queries will lend it self nicely to allowing us to validate Serenity specific semantics are followed throughout the code. References: - https://www.youtube.com/watch?v=AMzGorD28Ks - https://securitylab.github.com/tools/codeql
8 lines
298 B
YAML
8 lines
298 B
YAML
name: "SerenityOS CodeQL Config"
|
|
|
|
queries:
|
|
- uses: security-and-quality
|
|
- uses: security-extended
|
|
|
|
# Documentation for configuring CodeQL is located here:
|
|
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning
|