hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-16 10:21:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make minimal changes to CodeQL docs

Browse Source
This commit is contained in:
Felicity Chapman
2021-06-04 12:59:49 +01:00
parent bd9e3d0fa9
commit 2a9904d1fd
3 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/codeql/codeql-cli/analyzing-databases-with-the-codeql-cli.rst
View File

@@ -24,11 +24,12 @@ Before starting an analysis you must:
Running ``codeql database analyze``
------------------------------------
When you run ``database analyze``, it does two things:
When you run ``database analyze``, it:
#. Executes one or more query files, by running them over a CodeQL database.
#. Interprets the results, based on certain query metadata, so that alerts can be
displayed in the correct location in the source code.
#. Reports the results of any diagnostic queries to standard output.
You can analyze a database by running the following command::
@@ -142,6 +143,13 @@ These are stored alongside the code scanning suites with names of the form: ``<l
For information about creating custom query suites, see ":doc:`Creating
CodeQL query suites <creating-codeql-query-suites>`."
Diagnostic information
......................
The code scanning query suites include additional diagnostic queries. When the database analysis is complete, the CLI generates the results file and reports any diagnostic data to standard output. If you choose to generate SARIF output, the diagnostic data is also included as `notification objects <https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317894>`__ in the SARIF file.
If the analysis found fewer results for standard queries than you expected, review the results of the diagnostic queries to check whether the CodeQL database is likely to be a good representation of the codebase that you want to analyze.
Running all queries in a directory
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4
docs/codeql/codeql-cli/using-custom-queries-with-the-codeql-cli.rst
View File

@@ -33,8 +33,8 @@ following two properties to ensure that the results are interpreted correctly:
- Query identifier (``@id``): a sequence of words composed of lowercase letters or
digits, delimited by ``/`` or ``-``, identifying and classifying the query.
- Query type (``@kind``): identifies the query is an alert (``@kind problem``)
or a path (``@kind path-problem``).
- Query type (``@kind``): identifies the query is an alert (``@kind problem``),
a path (``@kind path-problem``), or a diagnostic metric (``@kind diagnostic``).
For more information about these metadata properties, see ":ref:`Metadata for CodeQL queries
<metadata-for-codeql-queries>`" and the `Query metadata style guide