GitHub、CodeQL 2.23.7および2.23.8でGoとRust向け新セキュリティクエリを追加

Rust用には、クロスサイトスクリプティング検出やTLS証明書検証無効化検出などが追加された。加えて、各言語やフレームワークのサポート強化や、Mavenビルドとの互換性向上、C#やPythonなど他言語のバグ修正も行われた。
InfoQ

GitHub CodeQL Code Scanning Now Supports Setting Threat Model GitHub CodeQL Code Scanning ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
InfoWorld

GitHub makes CodeQL free for research and open source

CodeQL, a semantic code analysis engine and query tool for finding security vulnerabilities across a codebase, has been made available for free by GitHub for anyone to use in research or to analyze ...
InfoQ

GitHub Enhances CodeQL, Extends Language Support, Available Queries, and More

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Degital PR Platform

GitHub、Code Scanningの自動修正機能のパブリックベータ版の提供を開始 ...

AIを活用したソフトウェア開発者プラットフォームとして世界をリードするGitHub, Inc.(本社:米国サンフランシスコ)は ...
Computer Weekly

GitHub makes code vulnerability scanning feature public

One year after acquiring software security scanning specialist Semmle, and following a successful five-month beta process, GitHub is making its CodeQL code scanning capabilities available publicly, ...