CodeQL - Query language

home edit

CodeQL is a query language created in 2018 by Pavel Avgustinov.

#323on PLDB

8Years Old

4kRepos

Download source code:

git clone https://github.com/github/codeql

Homepage · Source Code

CodeQL let's you query code as if it were data.

Tags: queryLanguage
CodeQL is developed on GitHub and has 7,389 stars
There are at least 3,559 CodeQL repos on GitHub
Early development of CodeQL happened in GitHub
CodeQL is written in Java, YAML, JavaScript, Python, Markdown, C#, C++, Go, starlark, C, TypeScript, Ruby, Kotlin, reStructuredText, Swift, Rust, JSON, XML, HTML, Bourne shell, Gradle, TOML, mustache, JSX, ERB, ASP.NET, CSV, Razor, EJS, CSS, SVG, Ini, SCSS, Diff, Make, Bash, JSP, Protocol Buffers, Lua, Thrift, PowerShell, Scheme, Perl, RAML, CMake, Lisp, Vim script, XHTML, Handlebars, GraphQL, SQL, Objective-C
The Google BigQuery Public Dataset GitHub snapshot shows 23 users using CodeQL in 25 repos on GitHub
ANTLR grammar for CodeQL
Read more about CodeQL on the web: 1.

Example from the web:

from DataFlow::PathNode source, DataFlow::PathNode sink, UnsafeDeserializationConfig conf
  
          where conf.hasFlowPath(source, sink)
  
          select sink.getNode().(UnsafeDeserializationSink).getMethodAccess(), source, sink,
      "Unsafe deserialization of $@.", source.getNode(), "user input"