This file is intended to be used for analyzing synthetic code samples. This configuration uses all possible queries from the CodeQL built in packs along with additional OSS queries and data extensions. It includes more queries than the standard security-experimental suite, providing a more thorough analysis at the cost of longer analysis times and potential false positives. It includes:
- queries marked as @precision: low or missing a precision
- queries marked as @problem.severity: recommendation
- queries in \experimental\ folders
- pwsh: |
Invoke-WebRequest -Uri "https://raw.githubusercontent.com/GitHubSecurityLab/CodeQL-Community-Packs/main/configs/synthetics.yml" -OutFile "$(Agent.TempDirectory)/synthetics.yml"
displayName: Copy down CodeQL Config for synthetic applications