Code Scanning (CodeQL) Rule
The following rule type is available for Code Scanning (CodeQL).
stacklok/codeql_enabled
- Verifies that CodeQL is enabled for the repository
This rule allows you to monitor if code scanning via CodeQL is enabled for your repositories. CodeQL is a tool that can be used to analyze code for security vulnerabilities. It is recommended that repositories have some form of static analysis enabled to ensure that vulnerabilities are not introduced into the codebase.
For more information, see https://docs.github.com/en/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#configuring-code-scanning-for-a-private-repository
Entity
repository
Type
stacklok/codeql_enabled
Rule parameters
- None
Rule definition options
The stacklok/codeql_enabled
rule supports the following options:
languages (array)
- Only applicable for remediation. Sets the CodeQL languages to use in the workflow.- CodeQL supports
c-cpp
,csharp
,go
,java-kotlin
,javascript-typescript
,python
,ruby
,swift
- CodeQL supports
schedule_interval (string, cron format)
- Only applicable for remediation. Sets the schedule interval for the workflow.- Example:
20 14 * * 1
(every Monday at 2:20pm)
- Example: