GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis (opens in new tab)

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and validators directly through "models-as-data," a move that simplifies how teams extend security analysis across their codebases. By Craig Risi