https://github.com/hudangwei/codemillx

codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)
https://github.com/hudangwei/codemillx

code-scanning codeql codeql-models

Last synced: about 1 month ago
JSON representation

codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)

• Host: GitHub
• URL: https://github.com/hudangwei/codemillx
• Owner: hudangwei
• Created: 2022-03-10T08:12:56.000Z (over 2 years ago)
• Default Branch: master
• Last Pushed: 2022-03-19T03:55:01.000Z (over 2 years ago)
• Last Synced: 2024-06-20T14:30:17.789Z (3 months ago)
• Topics: code-scanning, codeql, codeql-models
• Language: Go
• Homepage:
• Size: 51.8 KB
• Stars: 205
• Watchers: 2
• Forks: 18
• Open Issues: 0
• Metadata Files:
  • Readme: README-EN.md

Awesome Lists containing this project

• awesome-hacking-lists - hudangwei/codemillx - codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法) (Go)

README

        
codemillx

===

English | [简体中文](README.md)

`codemillx` is a tool for `CodeQL`, extract the comments in the code and generate codeql module.

## Installation

To install `codemillx` use the `go get` command:

```bash

go get github.com/hudangwei/codemillx/cmd/codemillx

```

## Run

Navigate to your web application folder and execute:

```bash

cd mywebapp && codemillx ./...

```

## Requirements

To allow cqlgen to format the generated codeql, you need a recent version of the codeql cli (otherwise it will not be formatted), and have it available as codeql in your PATH.

```sh

codeql query format -qq -i Customizations.qll

```

## How to add comments in your code?

* [Declarative Comments Format](docs/comment.md)

## Usage

* [How to use `Customizations.qll` file into Github CodeQL Action](docs/codeql-action.md)

## Reference

* [codemill](https://github.com/gagliardetto/codemill)