https://github.com/eshanized/cogitsec
https://github.com/eshanized/cogitsec
Last synced: about 1 year ago
JSON representation
- Host: GitHub
- URL: https://github.com/eshanized/cogitsec
- Owner: eshanized
- License: mit
- Created: 2025-04-25T12:01:50.000Z (about 1 year ago)
- Default Branch: master
- Last Pushed: 2025-04-25T13:26:08.000Z (about 1 year ago)
- Last Synced: 2025-04-25T13:26:12.589Z (about 1 year ago)
- Language: Rust
- Size: 141 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 3
-
Metadata Files:
- Readme: .github/README.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: .github/SECURITY.md
Awesome Lists containing this project
README
# CodeQL Security Scanning
This directory contains configuration for GitHub CodeQL scanning, which is used to identify vulnerabilities and security issues in the codebase.
## Workflows
- **codeql-analysis.yml**: Runs automatic code scanning for Rust code to detect security vulnerabilities.
## What CodeQL Scans For
The CodeQL analyzer searches for various security issues, including:
- Memory safety issues
- Buffer overflow vulnerabilities
- Use-after-free bugs
- Path traversal vulnerabilities
- SQL/Command injection vectors
- Data flow problems
- Resource leaks
- Best practice violations
## How to View Results
After the CodeQL workflow runs, you can view the results in the "Security" tab of the GitHub repository. Navigate to:
1. Security tab
2. Code scanning alerts
3. Filter for specific types of issues or severity levels
## Local Analysis
If you want to run CodeQL analysis locally, you'll need:
1. The CodeQL CLI tool (https://github.com/github/codeql-cli-binaries)
2. The CodeQL standard libraries (https://github.com/github/codeql)
## Additional Resources
- [CodeQL Documentation](https://codeql.github.com/docs)
- [GitHub Code Scanning Documentation](https://docs.github.com/en/code-security/code-scanning)
- [GitHub Advanced Security](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security)