Cake.CodeQL.Clie is a set of Cake aliases that integrate with GitHub Advanced Security (GAS). GAS uses CodeQL to find vulnerabilities in your code. The code must be hosted GitHub or GitHub Enterprise.
#addin nuget:?package=Cake.CodeQL.Cli&version=3.2.1
dotnet add package Cake.CodeQL.Cli --version 3.2.1
<PackageReference Include="Cake.CodeQL.Cli" Version="3.2.1" />Aliases
GitHub Authentication Aliases. Used mostly to get Jwt or Installation Tokens for GitHubs that need to make API Calls
General
|
Git |
Generates an installation Token for a GitHub App that can be used to make API calls as an App |
Database
|
Code |
Analyzes a CodeQL database for vunerabilities and summarizes the results in a SARIF file. Assumes the codeQL cli is installed on the host and available in the terminal path. |
|
CodeQLCreateDatabase |
Creates a CodeQL Databases that can be use for vunerability scanning. Assumes the codeQL cli is installed on the host and available in the terminal path. |
Install
|
CodeQLInstall |
Installs CodeQL on the host agent. |
Reports
|
CodeQLReportGenerate |
Generates an GitHub Advanced Security Code Scan Report |
|
CodeQLReportInstall |
Installs GitHub Advanced Security Code Scan Report cli on the host agent. |
Upload
|
CodeQLUploadResults |
Uploads the results of a CodeQL analysis in SARIF file format to GitHub or GitHub Enterprise Server. Assumes the codeQL cli is installed on the host and available in the terminal path. |