CodeQL can scan C/C++ without a working build [Public Preview] #1085
Labels
GitHub Advanced Security (GHAS)
Product SKU: GitHub Advanced Security
preview
Feature phase: Preview
Comments
glider-bot
added
GitHub Advanced Security (GHAS)
ankneis
added
preview
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Value Prop
C/C++ project are notorious for being tricky to analyse with CodeQL. The main reason is because the tool requires a successful build in order to extract information that is needed for a scan. We are now planning to take an approach similar to Java / C# where you can analyse C/C++ code without relying on 3rd party tools to run a full build. Instead, you can use CodeQL to extract as much of the information as possible, add tolerance to errors, and continue with scans even if not all the code is extracted.
Expected Outcome
With the ability to scan C/C++ without working builds, users will be able to quickly scale CodeQL across their C/C++ repositories. As no build is required, CodeQL and default setup will roll out across your organizations without additional input needed.
The text was updated successfully, but these errors were encountered: