Collection of community-driven CodeQL query, library and extension packs

A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow

Examples of vulnerable code that can be detected by CodeQL queries.

Web and mobile application security training platform

Maven plugin parsing SARIF files created by CodeQL used for SonarQube issueReporter.

깃허브 액션 연습용 레포지토리

API Spring Boot 3 + Angular 17 para consulta de créditos: Java 21, Kafka, Docker, cobertura 90 %, CI/CD GitHub Actions.

Repo Laboratório de Experimentação de Software

It is a draft structure prepared for Spring Boot projects with JWT and others. Check the Readme for details.

CodeQL Test

🔐 Secure Spring Boot app using GitHub Copilot and GitHub Security tools (CodeQL, secret scanning, Dependabot). Includes Model, Repository, Service, and Controller layers with CI/CD and static analysis.

Full-stack contact, task, and appointment suite (Spring Boot 4.0.0 + React UI) with strict validation, defensive copies, JWT auth, JUnit 5 + AssertJ, JaCoCo and PITest, and multi-OS CI (Ubuntu and Windows on JDK 17/21) running SpotBugs, OWASP Dependency-Check, CodeQL, and ZAP, with the legacy service kept on the original-cs320 branch.