Cake.CodeQL.Cli

Cake.CodeQL.Clie is a set of Cake aliases that integrate with GitHub Advanced Security (GAS). GAS uses CodeQL to find vulnerabilities in your code. The code must be hosted GitHub or GitHub Enterprise.

#addin nuget:?package=Cake.CodeQL.Cli&version=4.0.1

dotnet add package Cake.CodeQL.Cli --version 4.0.1

<PackageReference Include="Cake.CodeQL.Cli" Version="4.0.1" />

Aliases

GitHub Authentication Aliases. Used mostly to get Jwt or Installation Tokens for GitHubs that need to make API Calls

General

GitHubAppInstallationToken(GitHubAppInstallationTokenToolSettings) Generates an installation Token for a GitHub App that can be used to make API calls as an App

Database

CodeQLAnalyzeDatabase(CodeQLAnalyzeDatabaseToolSettings) Analyzes a CodeQL database for vunerabilities and summarizes the results in a SARIF file. Assumes the codeQL cli is installed on the host and available in the terminal path.
CodeQLCreateDatabase(CodeQLCreateDatabaseToolSettings) Creates a CodeQL Databases that can be use for vunerability scanning. Assumes the codeQL cli is installed on the host and available in the terminal path.

Install

CodeQLInstall(CodeQLInstallToolSettings) Installs CodeQL on the host agent.

Reports

CodeQLReportGenerate(CodeQLSecurityReportToolSettings) Generates an GitHub Advanced Security Code Scan Report
CodeQLReportInstall(CodeQLReportInstallToolSettings) Installs GitHub Advanced Security Code Scan Report cli on the host agent.

Upload

CodeQLUploadResults(CodeQLUploadResultsToolSettings) Uploads the results of a CodeQL analysis in SARIF file format to GitHub or GitHub Enterprise Server. Assumes the codeQL cli is installed on the host and available in the terminal path.