Microsoft has won praise from security researchers by making its CodeQL queries public so any organization could use the open source tools to analyze if they experienced any vulnerabilities from the SolarWinds or similar supply chain attacks.