aegilopsI open sourced a tool to create lists of repos to run GitHub CodeQL’s Multi-Repository Variant Analysis on, using a keyword search on GitHub.
It's a Bash script you can trigger with a VSCode build task. It uses the GitHub API (via the GitHub CLI) to fill a list in the VSCode settings.
It’s a stopgap before this sort of feature makes it into the product.
https://github.com/advanced-security/mrva-code-search
#MRVA #VariantAnalysis #CodeQL #GitHub #VSCode #BuildTask #SAST #VulnerabilityResearch