Code Scanning C++ with GitHub Actions

1.0C++ Team Bloghttps://devblogs.microsoft.com/cppblogNick Uhlenhuthhttps://devblogs.microsoft.com/cppblog/author/uhlenhuthn/Code Scanning C++ with GitHub Actions - C++ Team Blogrich600338<blockquote class="wp-embedded-content" data-secret="5pejHGgPGT"><a href="https://devblogs.microsoft.com/cppblog/code-scanning-with-github-actions/">Code Scanning C++ with GitHub Actions</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://devblogs.microsoft.com/cppblog/code-scanning-with-github-actions/embed/#?secret=5pejHGgPGT" width="600" height="338" title="“Code Scanning C++ with GitHub Actions” — C++ Team Blog" data-secret="5pejHGgPGT" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script type="text/javascript"> /* <![CDATA[ */ /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); //# sourceURL=https://devblogs.microsoft.com/cppblog/wp-includes/js/wp-embed.min.js /* ]]> */ </script> https://devblogs.microsoft.com/cppblog/wp-content/uploads/sites/9/2021/06/Capture.jpg23661274Last year, GitHub released code scanning, which enables developers to incorporate security checks into their CI/CD environment and developer workflow. This post demonstrates the basics of using CodeQL, the analysis engine behind code scanning, with GitHub Actions. What is CodeQL? CodeQL is an analysis engine that automates security checks by running queries against a database […]