CodeQL Extractor, Library, and Queries for Bicep configuations.
- name: Initialize and Analyze Bicep
uses: GitHubSecurityLab/codeql-extractor-bicep@v0.2.1
| Metric | Value |
|---|---|
| Total Queries | 36 |
| Covered Queries | 0 |
| Coverage Percentage | 0.0% |
| Categories | 2 |
| CWE Categories | 14 |
| Category | Covered | Total | Percentage |
|---|---|---|---|
| Diagnostics | 0 | 2 | 0.0% |
| Security | 0 | 34 | 0.0% |
| CWE | Description | Covered | Total | Percentage |
|---|---|---|---|---|
| CWE-200 | Information Exposure | 0 | 2 | 0.0% |
| CWE-272 | Least Privilege Violation | 0 | 2 | 0.0% |
| CWE-284 | Improper Access Control | 0 | 2 | 0.0% |
| CWE-295 | Improper Certificate Validation | 0 | 1 | 0.0% |
| CWE-306 | Missing Authentication | 0 | 2 | 0.0% |
| CWE-311 | Missing Encryption | 0 | 1 | 0.0% |
| CWE-319 | Cleartext Transmission | 0 | 4 | 0.0% |
| CWE-327 | Broken/Risky Crypto Algorithm | 0 | 3 | 0.0% |
| CWE-352 | Cross-Site Request Forgery | 0 | 1 | 0.0% |
| CWE-400 | Resource Exhaustion | 0 | 1 | 0.0% |
| CWE-404 | Improper Resource Shutdown | 0 | 2 | 0.0% |
| CWE-693 | Protection Mechanism Failure | 0 | 1 | 0.0% |
| CWE-798 | Hard-coded Credentials | 0 | 2 | 0.0% |
| CWE-942 | Overly Permissive CORS | 0 | 4 | 0.0% |
Last updated: 2025-06-17 15:45:17 UTC
This project is licensed under the terms of the MIT open source license. Please refer to MIT for the full terms.
To use this project for Infrastructure as Code, you will need to use CodeQL and follow all terms and conditions of the CodeQL License.
For use in private repositories and code, you will need to purchase a GitHub Advanced Security license.
Contributors are welcome! Please see the Contributing Guide for more information.
 Mathew Payne 💻 🔬 🚧 🛡️ 🤔 |
Support is via GitHub Issues or GitHub Discussions.