Securing CodeQL queries using Semgrep (opens in new tab)

(semgrep.dev)

11 pointsbrandonspark2y ago2 comments

2 comments

2 comments · 1 top-level

ajbt2001282y ago· 1 in thread

Can CodeQL queries be insecure? This makes sense as a linter, but not sure about the security value proposition.

Edit: missed what day it is

I mean, it's arguably a security concern if you're not catching the mistakes you intended to catch.

j / k navigate · click thread line to collapse