hohn/codeql-lab
1
0
Fork 0
mirror of https://github.com/hohn/codeql-lab.git synced 2025-12-16 18:03:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

updates to readme

Browse Source
This commit is contained in:
Michael Hohn
2025-06-25 12:54:55 -07:00
committed by =Michael Hohn
parent 8514152429
commit 882c8facd3
1 changed files with 25 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
README.org
View File

@@ -29,16 +29,39 @@
- Simplified onboarding and reproducible setup for new contributors or - Simplified onboarding and reproducible setup for new contributors or
analysis environments. analysis environments.
* Prerequisites
Working with this repository assumes prior experience with:
- **Git, Bash, and standard Unix command-line tools**. These are used
throughout and are required for setup and day-to-day tasks.
Tools such as [[https://man.archlinux.org/man/rg.1][ripgrep]], [[https://www.gnu.org/software/bash/][GNU Bash]], and [[https://en.wikipedia.org/wiki/Grep][grep/regex workflows]] are assumed.
- **At least one supported programming language**, such as C, C++, Java,
Python, Go, or Ruby. A solid understanding of the target language is
necessary to interpret analysis results and write effective queries.
See general background on [[https://en.wikipedia.org/wiki/Programming_language][programming languages]] if needed.
- **Basic familiarity with program structure concepts**, including
[[https://en.wikipedia.org/wiki/Abstract_syntax_tree][abstract syntax trees (ASTs)]], [[https://en.wikipedia.org/wiki/Control-flow_graph][control-flow graphs (CFGs)]], and
[[https://en.wikipedia.org/wiki/Data-flow_analysis][data-flow graphs (DFGs)]]. These are core to how CodeQL models code behavior.
- **Optional but helpful**: familiarity with structural or functional
programming languages (e.g. [[https://en.wikipedia.org/wiki/Lisp_(programming_language)][Lisp]] or [[https://en.wikipedia.org/wiki/OCaml][OCaml]]) can make working with
CodeQLs query language and type system more intuitive.
See overview of [[https://en.wikipedia.org/wiki/Functional_programming][functional programming]] for related context.
* Repository Layout * Repository Layout
** Core Structure ** Core Structure
- Repository is based on: https://github.com/github/vscode-codeql-starter.git - Repository is based on: https://github.com/github/vscode-codeql-starter.git
- All development work is done on the branch: qllab - All development work is done on the branch: qllab
- CodeQL version is pinned via the `ql/` submodule: - CodeQL version is pinned via the =ql/= submodule:
: commit 4d681f05bd671f8b5e31624f16a2b4d75e61c071 (tag: codeql-cli/v2.22.0) : commit 4d681f05bd671f8b5e31624f16a2b4d75e61c071 (tag: codeql-cli/v2.22.0)
- A prebuilt CodeQL CLI binary is included: - A prebuilt CodeQL CLI binary is included:
: 1104625939 assets/codeql-osx64.zip : 1104625939 assets/codeql-osx64.zip
- Project-specific repositories can be added directly under the root. - Project-specific repositories can be added directly under the root.
Example: the C dataflow workshop in `./codeql-dataflow-sql-injection` Example: the C dataflow workshop in =./codeql-dataflow-sql-injection=
** Additional Structure Notes ** Additional Structure Notes
- The original upstream README.md is preserved at [[./README-vscode-codeql-starter.md]] - The original upstream README.md is preserved at [[./README-vscode-codeql-starter.md]]