CodeQL

CodeQL is a semantic code analysis engine developed by GitHub that enables developers and security researchers to query source code as data to discover vulnerabilities, perform variant analysis, and automate security checks across codebases. CodeQL supports multiple programming languages and frameworks, allowing organizations to write custom queries to identify security flaws, eradicate vulnerability variants, and integrate automated static application security testing (SAST) into continuous integration and deployment workflows.