Glossary · Term

CodeQL

← all terms

Definition

Plain language

A tool that lets you search a codebase the way you'd search a database, looking for suspicious patterns.

As stated in the literature

GitHub's semantic code analysis engine that treats source code as a queryable database for finding vulnerability patterns.

Why it matters: It turns vulnerability hunting from grep-and-pray into systematic, repeatable queries over a project's actual code structure.

For example, a security team writes a CodeQL query that flags every place user input flows into a SQL string without escaping.

Heard on the show

“The authors do an analysis of four other code-graph platforms — Sourcegraph, Semgrep, CodeQL, Qodana — and argue that the same preconditions exist there.”
Episode 039 — When Smarter Agents Get Fooled by Three Extra Nodes in a Database

Mentioned in 2 episodes

  1. 039
    When Smarter Agents Get Fooled by Three Extra Nodes in a Database
  2. 014
    Why a Constrained Pipeline Beat a Full Coding Agent at Finding Bugs 30-to-1

Related concepts

Related terms