GitHub has released a host of third-party security tools for its just-launched code-scanning feature, which helps open-source projects nix security bugs before they hit production code. GitHub Code Scanning works on top of CodeQL (Query Language), a technology that GitHub integrated into its platform after it acquired code-analysis platform Semmle in September 2019.
Read full article on ZDNet