InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, ...
DataBreachToday

Bug Hunting With LLMs: Expert Tool Seeks More 'True' Flaws

Using large language models to automatically identify only real code vulnerabilities - not false positives - remains a holy ...
GitHub

testing-felickz/codeql-queries

A GitHub repository template for building custom CodeQL queries with AI assistance. This template provides a structured environment with prompts, instructions, and workflows designed to guide GitHub ...
GitHub

Architecture mismatch on macOS self-hosted runner?

My best guess is that sourcekitdInProc is an arm64 binary, while part of CodeQL still uses an x86 binary. I've also tried running this on GitHub's shared macOS runners, but they are abysmally slow and ...